Le 10 juil. 2013 à 21:41, Timo Sirainen a écrit :
On 10.7.2013, at 22.39, Daniel Parthey wrote:
So it would have to disable logging also for the logout message after login.. Can those load balancers be configured to send these kind of extra XCLIENT/ID commands? Is it really worth the effort that it really works in enough systems?
No. It does simple TCP connects, doesn't know about IMAP at all and won't send any string, it just checks if the TCP port is available. Would it be a problem to remove the log message altogether, at least for trusted IPs or make it a warning, not an error. What is so bad with TCP connects/disconnects without any IMAP traffic, especially when they originate from trusted IPs?
They are regular info messages, not errors or warnings..
Really, I'm not sure it is the role of Dovecot to bother with such things. As a mail-related software, it is essential to know it will report any potentially useful info.
So, if the admin ins't interested in info messages emitted by Dovecot, just filter those messages at the logging system level; no need to have Dovecot implement sophisticated logging policies.
If Nagios insists on natively perform incomplete logins, it isn't Dovecot's responsibility to try to filter such log messages on the basis of sophisticated rules: on the contrary, such messages are useful to understand that something is worth a deeper investigation than just asking Dovecot to implement more complexity for more than probably futile reasons.
If a device or a surveyor software behaves like an attacker, couldn't be argued that the device or the surveyor software is somehow flawed, instead of asking Dovecot to hide those flaws?
Axel