dovecot, LMTP: why logging?

On one ISPConfig host dovecot logs the below messages, logwatch pesters me every day about these.
What are they and why log them? It looks to me the message is delivered to INBOX, so all is OK, or what?

Code:

--------------------- Dovecot Begin ------------------------

 
 Dovecot IMAP and POP3 Successful Logins: 4
 
 Dovecot disconnects: 614 Total
 
 **Unmatched Entries**
    dovecot: lmtp([email protected])<15394><K2awHCgcMWAiPAAA3Nupqw>: sieve: msgid=<01020177bfd594f6-75aa038a-a39d-4b98-bb13-c349c0f0493b-000000@eu-west-1.amazonses.com>: stored mail into mailbox 'INBOX': 1 Time(s)
    dovecot: lmtp([email protected])<22419><ITjYHa44MWCTVwAA3Nupqw>: sieve: msgid=<yT7wLj-HHrtCfd-p9AnKAos2IbYggxFOoZ-It17hHSk.5wEdKGeoLaCTL5xCG27czsvqMXBG4a3dN95YpM3h9ac@grandslice.cyou>: stored mail into mailbox 'INBOX': 1 Time(s)
    dovecot: lmtp([email protected])<23627><dkIXOCm6MGBLXAAA3Nupqw>: sieve: msgid=<mihqxEUmPzH8rkDm2R9vKqmqArYt_Xj_7bIzBB_yP2E.wKafhrDh70kNueV-Mt3X9pYJRS6b5yIxu92k-K0-9cA@matchpanic.cyou>: stored mail into mailbox 'INBOX': 1 Time(s)
    dovecot: lmtp([email protected])<24552><AF17FZ5AMWDoXwAA3Nupqw>: sieve: msgid=<[email protected]>: stored mail into mailbox 'INBOX': 1 Time(s)
    dovecot: lmtp([email protected])<25190><fDtUCDHBMGBmYgAA3Nupqw>: sieve: msgid=<92svXBxKRylhb9GF6mnmPbz-XB61q0BBmcA-fD2OVqI.HkyoWYXqpGxuezPhIDz4CmV93WiVc6bfrL22K-3IseM@chalkbuild.cyou>: stored mail into mailbox 'INBOX': 1 Time(s)

Code:

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Debian GNU/Linux 10 (buster)
 
[INFO] uptime:  14:03:45 up 25 days, 21:32,  1 user,  load average: 0,10, 0,06, 0,02
 
[INFO] memory:
              total        used        free      shared  buff/cache   available
Mem:          1,9Gi       519Mi       737Mi        53Mi       738Mi       1,2Gi
Swap:         1,3Gi       644Mi       648Mi
 
[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.2.2


##### VERSION CHECK #####

[INFO] php (cli) version is 7.3.27-1~deb10u1
[INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.40-0+deb8u2

##### PORT CHECK #####

Also the php-cgi is PHP 5.6, I do not know why. Have tried to change it.

 

I had some time to dig deeper in this, and seems it is a known bug in Debian 10. Dovecot version in Debian buster changed format of those log lines, and logwatch in buster was not modified accordingly.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941032
It looks to me this is fixed in later versions of logwatch. Fix is not backported to buster, though.

 

FWIW: These messages first appeared in logwatch around end november / beginning december on both an Ubuntu 14.04 and a CentOS 7 system I maintain. Both hosts do not have Dovecot 2.3 (Centos 7 currently has 2.2.36 and Ubuntu 14.04 LTS ESM has 2.2.9, both distro patched obviously) and logwatch on both is 7.4.0 based.

I dived into the ispconfig created backups of these hosts and compared the /etc just before and after those dates. There are changes in dovecot and postfix configuration regarding lmtp on both hosts. They both got an upgrade to Ispconfig version 3.2.1, were the configuration files were rewritten and the systems got rebooted (to check if the persistent configuration is correct).

So it is a change by ispconfig that triggered the change in logging, not a dovecot version upgrade.

 

@basmevissen may be on the right track. I copied logwatch filter from latest Debian testing to local configuration, but I still got the spurious messages to logwatch report. The new filter did accommodate the added text in the log line, but that was enought to fix the problem. It is possible I messed up the configuration change, did not find a way to test it easily.