Hi,
I have a setup with Dovecot handling a few virtual domains delivering mails to both local Unix account mailboxes and seperate mailboxes for virtual users defined in a MySQL database. A quick overview of the configuration shows two passdb definitions:
auth default { mechanisms = plain login
passdb pam { args = dovecot }
passdb sql { args = /etc/dovecot/dovecot-sql.conf }
userdb passwd { args = mail=maildir:~/Maildir blocking=yes }
userdb static { args = uid=vmail gid=mail home=/var/spool/vmail/%d/%n allow_all_users=yes }
user = root
socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = mail } client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } !include_try /etc/dovecot/auth.d/*.auth }
When a virtual user defined in the MySQL database tries to log in using IMAP or SMTP I always get auth failures logged in the system logs. Entries are like this:
Aug 21 06:25:36 roadrunner dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=luser@mydomain.com rhost=85.224.xx.xx
I assume these failures comes form the fact that PAM doesn't recognize the virtual users and Dovecot continues to the SQL passdb entry. As a result I get a _lot_ of auth failures in the logs.
I have tried to come up with a way where the auth failures from PAM arent't logged if the the SQL authenication is successful. Is this possible or are there any other recommended ways to handle this?
/PH
-- Per-Henrik Lundblom email: ph@whatever.nu phone: +46 733 207126 webpage: www.whatever.nu