Extract TLS undecided policy from 'postfix_tls'

Author: whyscream

50-filter-postfix.conf

@@ -297,6 +297,9 @@ filter {
             "postfix_delay_transmission", "float",
             "postfix_postscreen_violation_time", "float"
         ]
+        gsub => [
+            # rewrite some extracted values
+            "postfix_tls_policy_undecided", "\?", "true"
+        ]
     }
 }
-

postfix.grok

@@ -122,7 +122,8 @@ POSTFIX_VERIFY_CACHE cache %{DATA} (?<postfix_verify_cleanup_type>(full|partial)
 POSTFIX_LOCAL_DELIVERY %{POSTFIX_KEYVALUE} status=%{STATUS_WORD:postfix_status}( \(%{GREEDYDATA:postfix_local_response}\))?
 
 # TLS features
-POSTFIX_TLS_FEATURES %{STATUS_WORD:postfix_tls_security_level}(:%{STATUS_WORD:postfix_tls_downgrade_level})?
+POSTFIX_TLS_POLICY_UNDECIDED \?
+POSTFIX_TLS_FEATURES %{STATUS_WORD:postfix_tls_security_level}(:%{STATUS_WORD:postfix_tls_downgrade_level})?(%{POSTFIX_TLS_POLICY_UNDECIDED:postfix_tls_policy_undecided})?
 
 # aggregate all patterns
 POSTFIX_SMTPD %{POSTFIX_SMTPD_CONNECT}|%{POSTFIX_SMTPD_DISCONNECT}|%{POSTFIX_SMTPD_LOSTCONN}|%{POSTFIX_SMTPD_NOQUEUE}|%{POSTFIX_SMTPD_PIPELINING}|%{POSTFIX_TLSCONN}|%{POSTFIX_WARNING}|%{POSTFIX_SMTPD_PROXY}|%{POSTFIX_KEYVALUE}

test/tls_features_0009.yaml

@@ -0,0 +1,5 @@
+pattern: "^%{POSTFIX_TLS_FEATURES}$"
+data: "may?"
+results:
+    postfix_tls_security_level: may
+    postfix_tls_policy_undecided: "?"

test_pipeline.sh

@@ -23,7 +23,7 @@ perform_cleanup() {
 trap perform_cleanup INT TERM
 
 echo Preparing input data
-echo "postfix/smtp[123]: 7EE668039: to=<admin@example.com>, relay=127.0.0.1[127.0.0.1]:2525, delay=3.6, delays=0.2/0.02/0.04/3.3, dsn=2.0.0, tls=dane:none/!requiretls:nostarttls, status=sent (250 2.0.0 Ok: queued as 153053D)" > "$INPUT"
+echo "postfix/smtp[123]: 7EE668039: to=<admin@example.com>, relay=127.0.0.1[127.0.0.1]:2525, delay=3.6, delays=0.2/0.02/0.04/3.3, dsn=2.0.0, tls=dane?, status=sent (250 2.0.0 Ok: queued as 153053D)" > "$INPUT"
 
 echo Preparing pipeline config
 cat > "$PIPELINE" << EOF