[Dovecot] Dovecot under brute force attack - nice attacker

Cédric Laruelle laruellec at aiderdonner.com
Fri Jun 5 11:58:52 EEST 2009


I'm not sure I got everything here... Actually, I said it was a problem for
me, but it's not really.
Indeed, by just changing the setting auth_verbose to yes (but leaving
auth-debug to no), I get a line like
	auth-worker(default): pam(USER,HOST): pam_authenticate() failed:
Authentication failure (password mismatch?)
without any extra log information I don't need (only auth_debug would
produce such info).
This log is perfectly catchable by fail2ban or any other system.

So to me, the only "problem" is the documentation as mentioned initially by
Henri which says :
	# More verbose logging. Useful for figuring out why authentication
isn't
	# working.
	auth_verbose = yes

Am I missing something ?

Cédric



More information about the dovecot mailing list