[Dovecot] Logging authentication failures when Dovecot's auth service used to authenticate postfix smtpd
MV
mvfreelancer at gmail.com
Fri Feb 28 01:40:43 UTC 2014
Hello,
tl;dr: Is there a way to get dovecot's auth to log failed smtp
authentications without having to switch on "auth_verbose"?
postfix version 2.11.0 and dovecot version 2.2.12
I'm currently migrating my postfix+courier to postfix+dovecot and so
far it's working as expected. Except for logging smtp login failures.
Despite Postfix logging successful authentications (see sample below),
it doesn't log failed smtp logins.
Feb 25 22:28:53 mailer2 postfix/submission[20274]: C981B20198:
client=A-B-C-D.*****.net[A.B.C.D]:63107, sasl_method=PLAIN,
sasl_username=joe at example.net
And since my postfix setup authenticates virtual users through
Dovecot's auth, I thought maybe dovecot could report smtp login
failures the same way it reports imap and pop3 login failures.
Below is a sample extracted from "info_log_path" after several imap
and pop3 login failures. (Obviously the IP 255.... is made up and
irrelevant for this mater).
# begin extract "/var/log/dovecot-info.log"
2014-02-27 21:14:26 auth: Info:
passwd-file(joe at example.net,255.255.255.255,<Y0lbzmnzfwAuQV80>):
Password mismatch
2014-02-27 21:16:46 auth: Info:
passwd-file(foobar,255.255.255.255,<Y0lbzmnzfwAuQV80>): unknown user
2014-02-27 21:52:00 auth: Info:
passwd-file(foo at example.net,255.255.255.255,<0Su6VGrzGwAuQV80>):
unknown user
2014-02-27 21:53:35 auth: Info:
plain(?,255.255.255.255,<0Su6VGrzGwAuQV80>): Empty username
2014-02-27 21:53:55 auth: Info:
plain(?,255.255.255.255,<0Su6VGrzGwAuQV80>): Username character
disallowed by auth_username_chars: 0x5c (username: \0)
2014-02-27 22:08:05 auth: Info: plain(?,255.255.255.255): invalid input
2014-02-27 22:09:36 auth: Info:
passwd-file(joe at example.net,255.255.255.255): Password mismatch
2014-02-27 22:09:53 auth: Info: login(?,255.255.255.255): Empty username
# end extract
I've tried adding "-L -o info_log_path=/var/log/dovecot-info.log" to
the both auth and auth-worker services but that yield nothing.
----------------------%<--------------------------------
auth_mechanisms = plain login
auth_verbose = yes
base_dir = /var/run/dovecot/
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
passdb {
args = scheme=CRYPT username_format=%u /etc/dovecot/virtual_users
driver = passwd-file
}
userdb {
args = username_format=%u /etc/dovecot/virtual_users
default_fields = uid=vmail gid=vmail
driver = passwd-file
override_fields = home=/home/vmail/%d/%u
result_failure = return-fail
result_internalfail = return-fail
}
service auth-worker {
executable = auth -w -L -o info_log_path=/var/log/dovecot-info.log
}
service auth {
executable = auth -L -o info_log_path=/var/log/dovecot-info.log
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
user = postfix
mode = 0660
}
}
service lmtp {
executable = lmtp -L -o info_log_path=/var/log/dovecot-info.log
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
user = postfix
mode = 0660
}
}
---------------------->%--------------------------------
The relevant postfix config is ...
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
virtual_transport = lmtp:unix:private/dovecot-lmtp
More information about the dovecot
mailing list