Cool. I tried doing the same. I've installed a proxy with the smallest possible setting ----dovecot.conf---------------------------- protocols = imap ssl = no mail_uid = dovenull mail_gid = dovenull first_valid_uid = 143 first_valid_gid = 143 auth_mechanisms = plain login auth_debug_passwords=yes mail_location=imapc:~/imapc mail_home = /home/%u imapc_host = server.name.com imapc_port = 143 passdb { args = host=server.name.com default_fields = userdb_imapc_user=%u userdb_imapc_password=%w driver=imap } userdb { driver = prefetch } ------------------------------------- and the result in my logs was ---- Aug 30 15:06:23 free92 dovecot: auth: Debug: master userdb out: USER 12341234124 username@server.name.com imapc_user=username@servername.com imapc_password=ClearPassword auth_token=***some token*** ---- that's nice for migrating servers. all the best On 30.08.2013, at 08:31, Marco Fretz wrote:
On 08/28/2013 10:36 AM, wkaha@yahoo.com wrote:
Maybe you can find a way in this direction
This looks interesting. Looks like I could automate also a lot of other stuff this way, e.g. imap syncing accounts to new server, etc.
I found out that "auth_debug_passwords=yes" does log passwords (also successful logins) in proxy mode. But it does not in normal imap/pop server mode, or I did something wrong...
It logs something like this: Aug 28 11:13:03 barney dovecot: auth: Debug: client out: OK#0111#011user=marco@example.com#011host=imap.example.com#011nologin#011proxy#011pass=CLEARPASWORD
where CLEARPASWORD is the plain text password.that's pretty much what I need. but using some postlogin script might be the more beautiful way...
thanks you all for the responses.
all the best
On 28.08.2013, at 09:14, Marco Fretz wrote:
On 08/28/2013 09:08 AM, wkaha@yahoo.com wrote:
Hi Marco
when running dovecot -a you will find auth_*
I think you could you auth_verbose_passwords to fit your needs.
thanks. I've already tried this, but it doesn't log the password on successful logins, only when there is password missmatch:
from the conf / manual: " # In case of password mismatches, log the attempted password. Valid values are # no, plain and sha1. sha1 can be useful for detecting brute force password # attempts vs. user simply trying the same password over and over again. #auth_verbose_passwords = no "
any other ideas? :)
all the best
On 28.08.2013, at 08:57, Marco Fretz wrote:
Hi everyone,
I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all
logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be fine, too.
I need this for the migration from the current mail server (using proprietary hashing to store passwords) to a new postfix / dovecot
successful base
mail system.
I played around with "auth_debug_passwords" and all debug / logging options I found in the manual. Nothing logs successful login plaintext passwords.
Any hint welcome.
Thanks a lot, Marco