On 10/06/15 12:00 +0200, Patrick Wagner wrote:
I'm in the process of migrating a postfix + cyrus-sasl auth installation from Ubuntu 12.04 to CentOS 7 and noticed that my system journal gets flooded with auth.debug syslog messages generated by the auxprop sql module. Such as: Oct 05 11:55:01 mail postfix/smtpd[5883]: sql auxprop plugin using mysql engine Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin Parse the username sasl-user Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin try and connect to a host Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin trying to open db 'postfix' on host '127.0.0.1:3306' Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin create statement from userPassword sasl-user mail.domain
I've taken the issue to the postfix-users list at first [1] and in the meantime also found hints on this cyrus-sasl list and Viktor Dukhovni eventually confirmed that the postfix callback is indeed ignored because the log() calls do not include the connection handle, see: http://marc.info/?l=postfix-users&m=144408276316379&w=2 And proposed path by Viktor Dukhovni (for the SQL module only) http://marc.info/?l=postfix-users&m=144408506116930&w=2 I take this to mean that using cyrus-sasl with SQL backend will create a LOT of noise on every distribution that utilizes systemd and its journal? [1] http://marc.info/?l=postfix-users&m=144404104202153&w=2
Do you have a 'log_level' specified in your postfix sasl smtpd.conf file? If so, see the sasl.h header file in the source for what the different values should produce in your output. The shotgun approach for reducing the impact on your syslog is to modify your syslog daemon configuration to disregard auth.debug (auth.*). -- Dan White
