On 08/28/2013 10:36 AM, wkaha@yahoo.com wrote:
Maybe you can find a way in this direction
This looks interesting. Looks like I could automate also a lot of other stuff this way, e.g. imap syncing accounts to new server, etc.
I found out that "auth_debug_passwords=yes" does log passwords (also successful logins) in proxy mode. But it does not in normal imap/pop server mode, or I did something wrong...
It logs something like this: Aug 28 11:13:03 barney dovecot: auth: Debug: client out: OK#0111#011user=marco@example.com#011host=imap.example.com#011nologin#011proxy#011pass=CLEARPASWORD
where CLEARPASWORD is the plain text password.that's pretty much what I need. but using some postlogin script might be the more beautiful way...
thanks you all for the responses.
all the best
On 28.08.2013, at 09:14, Marco Fretz wrote:
On 08/28/2013 09:08 AM, wkaha@yahoo.com wrote:
Hi Marco
when running dovecot -a you will find auth_*
I think you could you auth_verbose_passwords to fit your needs.
thanks. I've already tried this, but it doesn't log the password on successful logins, only when there is password missmatch:
from the conf / manual: " # In case of password mismatches, log the attempted password. Valid values are # no, plain and sha1. sha1 can be useful for detecting brute force password # attempts vs. user simply trying the same password over and over again. #auth_verbose_passwords = no "
any other ideas? :)
all the best
On 28.08.2013, at 08:57, Marco Fretz wrote:
Hi everyone,
I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all
logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be fine, too.
I need this for the migration from the current mail server (using proprietary hashing to store passwords) to a new postfix / dovecot
successful base
mail system.
I played around with "auth_debug_passwords" and all debug / logging options I found in the manual. Nothing logs successful login plaintext passwords.
Any hint welcome.
Thanks a lot, Marco