[Dovecot] Logging authentication failures?

[dri]

I use a script that watches log files looking for failed ssh login attempts and adds firewall rules when there are enough login failures within a certain amount of time.  I would like to apply this to Dovecot to automatically firewall attackers trying to brute-force an IMAP account.  Is there a way to make Dovecot log authentication failures (I'm running 1.0.rc10)?  In other words, can I configure Dovecot to put something in the log the instant "NO Authentication failed" is sent to the IMAP user?

With "auth_verbose = yes" I can see individual authentication mechanisms fail, but I have multiple passdb sections so a failure in one mechanism doesn't mean a complete login failure.  Thus, configuring the script to watch for individual mechanism failures may result in the firewalling of legitimate users.

Thanks for any info!