[Dovecot] Audit log?
Bjørn T Johansen
btj at havleik.no
Fri Dec 21 13:04:47 EET 2007
On Thu, 20 Dec 2007 18:42:01 +0200
Timo Sirainen <tss at iki.fi> wrote:
> On Thu, 2007-12-20 at 13:18 +0100, Bjørn T Johansen wrote:
> > Yes, I know about those but I was kind of hoping to see failed authentications in some logs without enabling debug logging,
> > like if I use PAM authentication....
>
> auth_verbose=yes enables logging failed logins.
>
That did the trick... thx... :)
If I only had learned regexp like I have been meaning too for many years now, this would have been a piece of cake but...
Does anyone use Dovecot together with fail2ban? If so, could any one share the failregex they are using? (A)
(or perhaps someone could create a regexp that recognize a line like this:
dovecot: Dec 21 11:58:07 Info: auth(default): sql(btj at havleik.no,85.19.143.23): Password mismatch
)
BTJ
More information about the dovecot
mailing list