Loggin original ip address in relay connection

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Loggin original ip address in relay connection

Emanuel
Hi,  i use exim locally, with an smarthost through Postfix. It's
possible add in the log the real IP the real client?

Actually i only see the IP of the relay connection.

Nov 27 10:23:59 smarthost01 postfix/cleanup[18611]: 0F4F8180058A1:
warning: header From: Emanuel <[hidden email]> from
server.backend[172.17.110.155]; from=<> to=<[hidden email]>
proto=ESMTP helo=<c001-dr.dattaweb.com>

Regards.!!


Reply | Threaded
Open this post in threaded view
|

Re: Loggin original ip address in relay connection

Wietse Venema
Emanuel:
> Hi,? i use exim locally, with an smarthost through Postfix. It's
> possible add in the log the real IP the real client?
>
> Actually i only see the IP of the relay connection.

The remote client IP address is in the Received: header that EXIM
has added. Use a Postfix header_checks rule to log that specific
Received: header. I am not familiar with the detailed format of
EXIM headers, but you should have plenty examples :-)

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Loggin original ip address in relay connection

Emanuel
Hello everyone, Thanks for the reply.

i try to use this rule in the header_checks, but only log the local IP
from the computer or device.

header_checks

/^X-Originating-IP:/ WARM

Any ideas??

El 27/11/19 a las 12:26, Wietse Venema escribió:

> Emanuel:
>> Hi,? i use exim locally, with an smarthost through Postfix. It's
>> possible add in the log the real IP the real client?
>>
>> Actually i only see the IP of the relay connection.
> The remote client IP address is in the Received: header that EXIM
> has added. Use a Postfix header_checks rule to log that specific
> Received: header. I am not familiar with the detailed format of
> EXIM headers, but you should have plenty examples :-)
>
> Wietse
--
Reply | Threaded
Open this post in threaded view
|

Re: Loggin original ip address in relay connection

Wietse Venema
Wietse:
> The remote client IP address is in the RECEIVED: HEADER that EXIM
> has added. Use a Postfix header_checks rule to log that specific
> RECEIVED: HEADER. I am not familiar with the detailed format of
> EXIM headers, but you should have plenty examples :-)

Emanuel:
> header_checks
>
> /^X-Originating-IP:/ WARM

You need to log the RECEIVED: header.

/^Received: whatever EXIM puts here/ WARN

Perhaps:

/^Received: from \[.+\] \(helo=egonzalez\.dat\)/ WARN

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Loggin original ip address in relay connection

Emanuel
In reply to this post by Wietse Venema

Hello everyone.!

I solved with this rule:

/^Received: .*/    WARN

Regards,

El 27/11/19 a las 12:26, Wietse Venema escribió:
Emanuel:
Hi,? i use exim locally, with an smarthost through Postfix. It's 
possible add in the log the real IP the real client?

Actually i only see the IP of the relay connection.
The remote client IP address is in the Received: header that EXIM
has added. Use a Postfix header_checks rule to log that specific
Received: header. I am not familiar with the detailed format of
EXIM headers, but you should have plenty examples :-)

	Wietse
--
envialosimple.com
Emanuel Gonzalez
IT / Departamento Emails
[hidden email]
www.envialosimple.com
by donweb
 
Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son confidenciales, de uso exclusivo para el destinatario del mismo. La divulgación y/o uso del mismo sin autorización por parte de DonWeb.com queda prohibida.
DonWeb.com no se hace responsable del mensaje por la falsificación y/o alteración del mismo.
De no ser Ud el destinatario del mismo y lo ha recibido por error, por favor, notifique al remitente y elimínelo de su sistema.
Confidentiality Note: This message and any attachments (the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited by DonWeb.com.
DonWeb.com shall not be liable  for the message if altered or falsified.
If you are not the intended addressee of this message, please cancel it immediately and inform the sender
Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem conter dados confidenciais ou privilegiados.
Se você os recebeu por engano ou não é um dos destinatários aos quais ela foi endereçada, por favor destrua-a e a todos os seus eventuais anexos ou copias realizadas, imediatamente.
É proibida a retenção, distribuição, divulgação ou utilização de quaisquer informações aqui contidas.
Por favor, informenos sobre o recebimento indevido desta mensagem, retornando-a para o autor.