On 08/28/2013 10:36 AM, wkaha@yahoo.com wrote:
Maybe you can find a way in this direction
This looks interesting. Looks like I could automate also a lot of other stuff this way, e.g. imap syncing accounts to new server, etc.
I found out that "auth_debug_passwords=yes" does log passwords (also successful logins) in proxy mode. But it does not in normal imap/pop server mode, or I did something wrong...
It logs something like this: Aug 28 11:13:03 barney dovecot: auth: Debug: client out: OK#0111#011user=marco@example.com#011host=imap.example.com#011nologin#011proxy#011pass=CLEARPASWORD
where CLEARPASWORD is the plain text password.that's pretty much what I need. but using some postlogin script might be the more beautiful way...
thanks you all for the responses.
all the best
On 28.08.2013, at 09:14, Marco Fretz wrote:
On 08/28/2013 09:08 AM, wkaha@yahoo.com wrote:
Hi Marco
when running dovecot -a you will find auth_*
I think you could you auth_verbose_passwords to fit your needs.
thanks. I've already tried this, but it doesn't log the password on successful logins, only when there is password missmatch:
from the conf / manual: "
In case of password mismatches, log the attempted password. Valid
values are
no, plain and sha1. sha1 can be useful for detecting brute force
password
attempts vs. user simply trying the same password over and over again.
#auth_verbose_passwords = no "
any other ideas? :)
all the best
On 28.08.2013, at 08:57, Marco Fretz wrote:
Hi everyone,
I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all
successful
logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be fine, too.
I need this for the migration from the current mail server (using proprietary hashing to store passwords) to a new postfix / dovecot base mail system.
I played around with "auth_debug_passwords" and all debug / logging options I found in the manual. Nothing logs successful login plaintext passwords.
Any hint welcome.
Thanks a lot, Marco