26 May
2020
26 May
'20
1:25 p.m.
I've made a unix-socket auth setup, by looking at the examples here: https://doc.dovecot.org/configuration_manual/authentication/dict/#complete-e...
I need to ship the plain password to the socket as well, so i have simply added %w to the lookup key, like so:
key = passdb/U=%u P=%wMy problem is, that if the socket connection is down for whatever reason, dovecot will write the entire message above - including the plaintext password - into the logfile.
May 25 11:17:48 imap-1 dovecot: auth-worker(32690): Error: dict-client:
Lookup 'shared/passdb/U=john.doe@example.com P=john123 failed:
net_connect_unix(/var/run/dovecot/doveauthdsocket) failed: Connection
refused (reply took 0.000 secs (0.000 in dict wait, 0.000 in other ioloops,
0.000 in locks))
May 25 11:17:48 imap-1 dovecot: auth-worker(32690): Error: dict(
john.doe@example.com,8.8.4.4,): Failed to lookup key
shared/passdb/U=john.doe@example.com P=john123
Can i disable dict client logging? Or can i structure my dict request in a different way to avoid this logging, while still getting the complete user-name and plaintext password shipped over the socket?
$ dovecot --version 2.2.36 (1f10bfa63)