From ee4345cfc93747587608f0a87497123a6cacb946 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Mon, 30 Jun 2014 03:34:50 +0200
Subject: Log SASL usernames for longer, but don't include mail.log into
 syslog.

---
 roles/common/files/etc/logrotate.d/fripost-mail | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'roles/common/files/etc/logrotate.d')

diff --git a/roles/common/files/etc/logrotate.d/fripost-mail b/roles/common/files/etc/logrotate.d/fripost-mail
index 9ed2617..4fc1a85 100644
--- a/roles/common/files/etc/logrotate.d/fripost-mail
+++ b/roles/common/files/etc/logrotate.d/fripost-mail
@@ -15,3 +15,20 @@
 		invoke-rc.d rsyslog rotate > /dev/null
 	endscript
 }
+
+# Keep a mapping Postfix's message ID -> SASL username for a month, to
+# find authors of potential abuse emails (if we are shown the header of
+# such emails.)
+/var/log/mail.sasl
+{
+	rotate 4
+	weekly
+	missingok
+	notifempty
+	compress
+	delaycompress
+	sharedscripts
+	postrotate
+		invoke-rc.d rsyslog rotate > /dev/null
+	endscript
+}
-- 
cgit v1.2.3