[Dovecot] Logging and libwrap

Timo Sirainen tss at iki.fi
Mon Nov 1 16:38:34 EET 2004 

On 29.10.2004, at 15:38, Jesse wrote:

> a) PAM_RHOST patch
> Back in July, dean gaudet helpfully posted a patch to dovecot 
> PAM_RHOST the remote IP. Is this going to be included in the main 
> dovecot tree? It seems like a worthwhile addition. The more 
> informative and concise the logging the better.

This feature is already in 1.0-tests, and I don't really want to 
release any more 0.99.x releases unless really needed.

> b) Better logging
> Is it possible to get logging of when a client connects and 
> disconnects? I'm very used to seeing this information and it's  very 
> useful for debugging user sessions. It's frustrating not being able to 
> easily tell whether a user has opened a connection.
>
> Really many of the log messages could be more verbose. For instance, 
> on disconnect, I see
>     imap-login: Disconnected [ip.here]
> but the username they were logged in as isn't included. It would be 
> nice to have that rather than having to dig back for a login message 
> with the same IP. Heck, even the pid isn't logged. That would be nice 
> too.

With 1.0-tests auth_verbose = yes gives better logging and allows you 
to log PID for each line.

The "Disconnected" line is written only when a user connected, but 
didn't log in. There is no logout-line after a successful login.

Anyway, better and more configurable logging is planned..

> c) libwrap
> Any chance of getting libwrap support built into dovecot?

I had thought about that before, but haven't bothered to implement it 
yet.

> Right now I'm running dovecot out of xinetd, so that I can see when 
> tcp connections are opened, and take advantage of tcpwrappers. But 
> this causes the problem that dovecot thinks all connections come from 
> the local host. Correlating logins to IPs gets to be a lot of hassle, 
> with the information divided over so many lines, while needing 
> multiple ways to track which messages from xinetd, dovecot and pam 
> match each other.

Hmm. Why does it do that? I thought the real socket was passed to 
Dovecot, so the remote address would be correct. Unless you're doing 
some kind of proxying in the middle?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20041101/ab810d50/attachment-0001.bin>

More information about the dovecot mailing list