12 Jun
2017
12 Jun
'17
5:12 p.m.
On June 12, 2017 at 3:39 PM "j.emerlik" j.emerlik@gmail.com wrote:
We alse have same problem, now we are running Dovecot 2.2.30.2 and also use Dovecot SASL for SMTP authentication (postfix 2.11). We need to save all failed login attempts to database as source IP address, username and date and time but post-login script can do this but only after successful login. Failed login attempts information may be useful in the fight with bruteforce attacks. It's possible to execude some script after failed login ("Password mismatch") ?
Regards, Jacek
You can try to do this using our auth policy API. See https://wiki2.dovecot.org/Authentication/Policy
It will report both successful and unsuccessful authentication with fields you specify.
Aki