add two new log levels for tracing sensitive auth protocol messages, and bulk data messages

named "traceauth" and "tracedata". with this, you can (almost) enable trace logging without fear of logging sensitive data or ddos'ing your log server. the caveat is that the imap login command has already printed the line as regular trace before we can decide it should not be. can be fixed soon.
2025-07-10 07:54:40 +03:00 · 2023-02-03 20:33:19 +01:00
parent ae60cdac7e
commit ffb2a10a4e
10 changed files with 173 additions and 61 deletions
--- a/config/doc.go
+++ b/config/doc.go
@ -13,8 +13,10 @@ describe-static" and "mox config describe-domains":
 	# mox.conf.
 	DataDir:

-	# Default log level, one of: error, info, debug, trace. Trace logs full SMTP and
-	# IMAP protocol transcripts, which can be a large amount of data.
+	# Default log level, one of: error, info, debug, trace, traceauth, tracedata.
+	# Trace logs SMTP and IMAP protocol transcripts, with traceauth also messages with
+	# passwords, and tracedata on top of that also the full data exchanges (full
+	# messages), which can be a large amount of data.
 	LogLevel:

 	# Overrides of log level per package (e.g. queue, smtpclient, smtpserver,