Sendmail – Logging Auth Information

Problem: the sendmail default logging configuration does not log per message auth info which I neeed (i.e. I want to know which user/authmethod was used for a certain message id). Following a tip from this entry, I ended up with the following cf lines:

LOCAL_CONFIG
Klog syslog
 # This works
HSubject: $>+LogSubject
 # this does not
HX-Authost: ${mail_host}
HX-Authost: $>+LogAuthAuthor

LOCAL_RULESETS

SLogSubject
R$* $: $(log Subject: $1 authenticated-by: $&{auth_type}, $&{auth_authen}, $&{auth_ssf}, $&{auth_author}, $&{mail_mailer}, $&{mail_host}, $&{mail_addr} $) $1

SLogAuthAuthor
R$* $: $(log Authenticated-by: $1 $&{auth_type}, $&{auth_authen}, $&{auth_ssf}, $&{auth_author}, $&{mail_mailer}, $&{mail_host}, $&{mail_addr} $) $1

The first one yields (in maillog):

sendmail[10814]: r2DEJl9P010814: Subject:the Subject.authenticated by:PLAIN,auser,0,,esmtp,example.com.,someone@example.com

The second:

sendmail[10814]: r2DEJl9P010814: Authenticated-by:example.com.,,,,esmtp,example.com.,auser@example.com

It does therefore appear that the {auth_xxxx} macro are empty when the second rule fires… but they are not. In fact I can log them if I put them on the H line instead:

HX-Authost: ${mail_host} ${auth_type} ${auth_authen} ${auth_ssf} ${auth_author}
HX-Authost: $>+LogAuthAuthor1

Except I do not want to do this because I would be sending out auth information where I only want to log it. In fact the entire solution is coyote ugly, not to mention horribly kludgey, and I would welcome a better one (one that does not begins with "change MTA"-I am perfectly happy with sendmail)

Please note that raising LogLevel to 10 and above (as has been suggested) appears not to cut it because the auth information is logged once per session (i.e. at login), while what I want is having it in message context.

Cheers,
alf