-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/28/2013 09:08 AM, wkaha@yahoo.com wrote:
Hi Marco
when running dovecot -a you will find auth_*
I think you could you auth_verbose_passwords to fit your needs.
thanks. I've already tried this, but it doesn't log the password on successful logins, only when there is password missmatch:
from the conf / manual: " # In case of password mismatches, log the attempted password. Valid values are # no, plain and sha1. sha1 can be useful for detecting brute force password # attempts vs. user simply trying the same password over and over again. #auth_verbose_passwords = no "
any other ideas? :)
all the best
On 28.08.2013, at 08:57, Marco Fretz wrote:
Hi everyone,
I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all successful logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be fine, too.
I need this for the migration from the current mail server (using proprietary hashing to store passwords) to a new postfix / dovecot base mail system.
I played around with "auth_debug_passwords" and all debug / logging options I found in the manual. Nothing logs successful login plaintext passwords.
Any hint welcome.
Thanks a lot, Marco
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSHaM2AAoJEKxm7Ju3UATuaDcQAIIisd1T999xbuP8fBP19gAV c0/rMGZxy69P2QLp7Y3Lwn6LXXeAiICFWRBtXkoOsVzGXazM+IB6OMr2H3Xa/37v kyO3nfS9+nD3crzPIVM6pQKnDH5ON8Jwr1Y7pufnwb5cvxZzrcB4hZk+dFcLu9eN wwAAB0mRuT1b3gqnX8rtVqqDQPF+vgefrEDEDxysO7fq7I+RlWsbHDKV4porGkd8 3mf+PoQ+QmStgMyVh906taGpainYaARe0O5yoeAO/5/jTOODrzT6vcwv4ffDcp/p NGZUtpomPw9+C4/BXBwPPlYcUNCktaxpVFp5LyBnOLs9WckDZzNpzD0m/HjvFmEI WvgFh3QPK1APTKwsLD1YArfHGqs7/tJRhPDPTI9oO7Y55WP6hJvMNNji0eihDwoG SO7dQkfs/3jIx0AwNN/2M/cT/zBTCPsuqyhAimRMStxR/TYbp9pXxBwAjRv16NS5 NwoL0nXnyPUt+l3deYiYF+wMJG8LVVn11UXTrwEJ7hzIfkiOs9EHKAdKznw74ryl FaqVL3D52cLdYUpfVVj1GaLQT+eIxP9uRbzIKLGzTR6bYWYX4W3YwflicPt9HozH 5H/1eiXXbEu44/h5jbZ2+AAncwsLomBC5fJYRiyZVZcXSozpRFhKkk5q7LSwZtVM WgX/qVgpWSKAsuTPbgtG =C9DH -----END PGP SIGNATURE-----