On Thu, 20 Dec 2007 18:42:01 +0200 Timo Sirainen tss@iki.fi wrote:
On Thu, 2007-12-20 at 13:18 +0100, Bjørn T Johansen wrote:
Yes, I know about those but I was kind of hoping to see failed authentications in some logs without enabling debug logging, like if I use PAM authentication....
auth_verbose=yes enables logging failed logins.
That did the trick... thx... :)
If I only had learned regexp like I have been meaning too for many years now, this would have been a piece of cake but...
Does anyone use Dovecot together with fail2ban? If so, could any one share the failregex they are using? (A) (or perhaps someone could create a regexp that recognize a line like this:
dovecot: Dec 21 11:58:07 Info: auth(default): sql(btj@havleik.no,85.19.143.23): Password mismatch
)
BTJ