v3 Breaking Changes: log files about postal HOT 11 CLOSED

We are using the syslog logging driver provided by docker directly,
https://docs.docker.com/config/containers/logging/configure/#supported-logging-drivers

Below example will produce log files in /var/log/docker/postal-smtp.log

docker-compose.yml

smtp:
    image: ghcr.io/postalserver/postal:3.1.1
    command: postal smtp-server
    network_mode: host
    cap_add:
      - NET_BIND_SERVICE
    volumes:
      - /opt/postal/config:/config
    restart: always
    logging:
      driver: syslog
      options:
        tag: "postal-smtp"   

and fail2ban:

jail.local:

[POSTAL]
enabled  = true
port     = 25
filter   = postal
maxretry = 3
findtime = 3600
logpath  = /var/log/docker/postal-smtp.log

filter.d > postal.conf

[Definition]
failregex = (.*)WARN   Authentication failure for <HOST>

ignoreregex =

from postal.

Do feel free to start a discussion under Feature Requests to add support for brute force protection directly in the SMTP server.

This is functionality I would like to see without needing to use fail2ban.

from postal.

correct way would be a docker-compose.override.yml

This works well. I don't know why I haven't thought about this before. I will update the docs to include this for those who might find it useful.

Edit: added to the docs: https://docs.postalserver.io/features/logging#redirecting-logs-to-the-host-syslog

from postal.

DELETED

my bad
works well

from postal.

@McPizza0
try: postal stop and then postal start (postal restart does not work)

from postal.

correct way would be a docker-compose.override.yml with the following contents:

version: "3.9"
services:
  smtp:
    logging:
      driver: syslog
      options:
        tag: "postal-smtp"

can also be done via the docker daemon /etc/docker/daemon.json but this would change logging for all containers on the server, which may not be desirable.

from postal.

Logging to files within containers is not a good practice and not supported in v3 - as you have found.

Docker itself will store these logs to a file on the host machine with appropriate rotation. You should look at ingesting these logs. You can find the path to a container's log file using something like this.

docker inspect --format='{{.LogPath}}' name-of-container

from postal.

@erichk4 tried this, didnt output any logs
will try doing a fresh install

from postal.

If you can avoid making changes to your docker-compose.yml it will make upgrades easier. These configuration options should be able to be made globally which may be sufficient to redirect the logs. I haven't tried though.

(If you do apply it globally then you'll need to restart Docker itself.)

from postal.

@adamcooke you want this in the guide (fail2ban) ?

from postal.

We are using the syslog logging driver provided by docker directly, https://docs.docker.com/config/containers/logging/configure/#supported-logging-drivers

Below example will produce log files in /var/log/docker/postal-smtp.log

docker-compose.yml

smtp:
    image: ghcr.io/postalserver/postal:3.1.1
    command: postal smtp-server
    network_mode: host
    cap_add:
      - NET_BIND_SERVICE
    volumes:
      - /opt/postal/config:/config
    restart: always
    logging:
      driver: syslog
      options:
        tag: "postal-smtp"   

and fail2ban:

jail.local:

[POSTAL]
enabled  = true
port     = 25
filter   = postal
maxretry = 3
findtime = 3600
logpath  = /var/log/docker/postal-smtp.log

filter.d > postal.conf

[Definition]
failregex = (.*)WARN   Authentication failure for <HOST>

ignoreregex =

Don't work in Debian 12. Debian 12 don't have syslog. It use journalctl to manage log.

from postal.