On Wed, Feb 04, 2009 at 08:52:10AM -0200, Eduardo M KALINOWSKI wrote:
Josh Gentry wrote:
Hi. I'm new to Dovecot and about to start using it in production. In the config file, I set the option, auth_debug_passwords, to yes. I do not see any failed passwords logged, however. It did cause more verbose authentication logging, but failed passwords are still hidden.
That option is not for logging passwords, but to ease problem investigation in case something is not working as it should.
Well, its both, right. It's for logging the incorrect password when authentication fails. We are an ISP, we do a LOT of email, and password problems are major tech support load. Being able to tell the customer that, yes, they have their caps lock on cause I can see they are sending the password in all caps, would be a big help. We do the same thing with RADIUS logging, and its very useful.
Thanks,
Josh
-- Josh Gentry help@swcp.com * jgentry@swcp.com * 505-232-7992 Customer service in the 21st century.