Excellent. That did it, thanks! David
On 4/22/26 10:40 PM, Aki Tuomi via dovecot wrote:
Use post-login rawlogs.
rawlog_dir = %{home}/rawlogs
then make the rawlogs directory with mode 0777, and when you want to stop rawlogging, either remove the directory, or make it unwritable to dovecot mail process.
Aki
On 23/04/2026 02:51 EEST David Koski via dovecot <dovecot@dovecot.org> wrote:
Hello,
I am able to get Pre-login Rawlog to log to /var/run/dovecot/login/rawlogs as per:
https://doc.dovecot.org/2.4.3/core/admin/rawlog.html
But this only works with a telnet session locally. Outlook does nothing. I can see the encrypted traffic in ngrep, however. Nothing is logged to the rawlog using Outlook, only with telnet.
Also, it logs no IMAP commands after login. Note that this telnet session is local so it allows plain text. The section "rawlog Binary" says rawlog_dir is preferred??? Not sure how it will allow me to log IMAP commands other than pre-login. But I gave it a shot and got no output to %{home}/rawlog in spite of creating the directory. No error seen in any dovecot log with debugging enabled. No indication of a problem with journalctl. I tried to remove the "-R" from "exectuable = imap-login -R rawlogs" with no discernible change in outcome. I see this option document nowhere and it seems superfluous.
Also note that in the "Pre-login Rawlog" section it says: "SSL/TLS sessions are currently not decrypted to rawlogs". It seems ambiguous as it implies no logging is decrypted.
All I really want to do is see the IMAP commands when accessing dovecot from a host not on the local network to troubleshoot Outlook interactions with dovecot. I have no option for having Outlook on the same network as dovecot with this deployment. ngrep would be great if only dovecot would allow unencrypted IMAP.
Regards, David Koski dkoski@sutinen.com
David Koski dkoski@sutinen.com
On 4/21/26 1:10 AM, David via dovecot wrote:
Hello, I don't know about actually fully disabling SSL requirements but I do know that dovecot supports logging everything in an IMAP session if that would also help. [1]https://doc.dovecot.org/2.4.3/core/admin/rawlog.html [2]https://doc.dovecot.org/2.4.3/core/summaries/settings.html#rawlog_dir Best, David On 2026-04-21, 01:44 David Koski via dovecot <dovecot@[3]dovecot.org> wrote: Hello, In spite of: ssl = no auth_allow_cleartext = yes ..in a telnet session, I get: * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS LOGINDISABLED AUTH=GSSAPI AUTH=CRAM-MD5] Dovecot (Debian) ready. a1 login ln@[4]zample.com <super-secret> * BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed. a1 NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections. I need to see the network traffic to troubleshoot the way Outlook 2019 handles IMAP folders. Regards, David Koski dkoski@[5]sutinen.com _______________________________________________ dovecot mailing list -- dovecot@[6]dovecot.org To unsubscribe send an email to dovecot-leave@[7]dovecot.orgReferences
Visible links 1. https://doc.dovecot.org/2.4.3/core/admin/rawlog.html 2. https://doc.dovecot.org/2.4.3/core/summaries/settings.html#rawlog_dir 3. http://dovecot.org/ 4. http://zample.com/ 5. http://sutinen.com/ 6. http://dovecot.org/ 7. http://dovecot.org/
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org