search

zone-eu / zone-mta

📤 Modern outbound MTA cross platform and extendable server application
European Union Public License 1.2
599 stars 96 forks source link

Missing session-id in logs after authentication #296

Open matteomattei opened 2 years ago

matteomattei commented 2 years ago

Hello, for legal compliance all smtp logs must contain a unique string from the initial smtp connect to the end of all deliveries. This is what postfix does for example with the session-id and also dovecot for what regards pop/imap communication.

This is an extract of the logs of a Zone-Mta for a very simple delivery from the smtp connection up to the final delivery:

Feb  3 10:54:16 stg-smtp02 zone-mta[9509]: info SMTP/feedertls/9538 CONNECTION id=hqrnsxavtse7rske src=[192.168.103.36]:44882
Feb  3 10:54:16 stg-smtp02 zone-mta[9509]: info SMTP/feedertls/9538 AUTHSUCCESS id=hqrnsxavtse7rske user="matteo.mattei@example.com" src=[192.168.103.36] proto=PLAIN

// the following log line has been added in the smtp:data hook to join sessionid and envelopeid
Feb  3 10:54:16 stg-smtp02 zone-mta[9509]: info sessionid=hqrnsxavtse7rske envelope-id:17ebf018c77000b160

Feb  3 10:54:17 stg-smtp02 zone-mta[9509]: info Queue/9538 17ebf018c77000b160 QUEUED (message-id=<1e2863b2-8f7c-0a6f-c2ec-42e332605af0@example.com> from=matteo.mattei@example.com to=matteo.mattei@otherdomain.com src=192.168.103.36 subject=Test body=290 md5=d61ed6d67701)
Feb  3 10:54:17 stg-smtp02 zone-mta[9509]: info Sender/default/9555[2] 17ebf018c77000b160.001 CONNECTING domain=otherdomain.com port=25
Feb  3 10:54:17 stg-smtp02 zone-mta[9509]: info Sender/default/9555[2] 17ebf018c77000b160.001 CONNECTED domain=otherdomain.com mx=mx01.otherdomain.com[xxx.xxx.xxx.xxx] src=stg-smtp02.myserver.com[xxx.xxx.xxx.xxx]
Feb  3 10:54:17 stg-smtp02 zone-mta[9509]: info DKIM 17ebf018c77000b160.002 Added DKIM key for example.com <1e2863b2-8f7c-0a6f-c2ec-42e332605af0@example.com>
Feb  3 10:54:19 stg-smtp02 zone-mta[9509]: info Sender/default/9555[2] 17ebf018c77000b160.001 ACCEPTED from=matteo.mattei@example.com to=matteo.mattei@otherdomain.com src=185.97.218.206 mx=mx01.otherdomain.com[185.97.217.85] id=<1e2863b2-8f7c-0a6f-c2ec-42e332605af0@example.com> (250 ok 1643882059 qp 24602)
Feb  3 10:54:24 stg-smtp02 zone-mta[9509]: info Sender/default/9555[2] 17ebf018c77000b160.001 SMTPCLOSE [54t7cZgLcgc] Connection closed response="250 ok 1643882059 qp 24602"

You can see that the first two lines reports the session-id (hqrnsxavtse7rske) but it disappears in the next logs. In fact, after the authentication, the only quantity which is logged in every line becomes the envelope-id (17ebf018c77000b160).

I created a custom log in the smtp:data hook to join the session-id and the envelope-id but it is not a big deal also because I don't know how much the envelope-id is unique and also because an eventual software which parses the logs has to implement a custom logic to match the two quantities to extract a whole delivery message attempt.

Do you have a plan to add something like this? I would expect the session id is reported in every line (and so written to mongodb) even after the authentication stage.

matteomattei commented 2 years ago

Pull request created: #290

matteomattei commented 2 years ago

Can you consider to merge/review/rework the pull request #290? Just to know... because if you intend to import this functionality in the main stream ok, otherwise I need to use my separate fork since I need to be compliant with the regulations in term of traceability.