Log authentication attempts
Gregory Sloop
gregs at sloop.net
Mon Jun 12 17:20:17 EEST 2017
>> On June 12, 2017 at 3:39 PM "j.emerlik" <j.emerlik at gmail.com> wrote:
>> We alse have same problem, now we are running Dovecot 2.2.30.2 and also use
>> Dovecot SASL for SMTP authentication (postfix 2.11).
>> We need to save all failed login attempts to database as source IP address,
>> username and date and time but post-login script can do this but only after
>> successful login. Failed login attempts information may be useful in the
>> fight with bruteforce attacks.
>> It's possible to execude some script after failed login ("Password
>> mismatch") ?
>> Regards,
>> Jacek
AT> You can try to do this using our auth policy API. See
AT> https://wiki2.dovecot.org/Authentication/Policy
If you do get this working [logging failed auth's] I'd personally be very interested in your script so we could reproduce it in our environment too. If you'd be willing to share, I'd be grateful. [I'm pretty sure others would be too.]
-Greg
More information about the dovecot
mailing list