You can switch to oauth2 and then each device will have a unique client id that you can use to identify the culprit.
On Tuesday, 25/06/2024 at 07:29 Eirik Rye via dovecot wrote:
I am running Dovecot 2.3.21. One client has multiple computers in
LAN, connecting to my server with a static IP. One or several computers in that LAN keep logging in with failed password, but the Dovecot log only shows the public static IP, like
On 2024-06-25 12:00, hp--- via dovecot wrote: their this
Jun 25 10:39:20 server-name dovecot[689]: imap-login: Disconnected: Connection closed (auth failed, 2 attempts in 62 secs): user=, method=PLAIN, rip=client-public-IP, lip=server-IP, TLS, session=
I tried to enable debug, but there is no more information about the
LAN
IP or computer names. Is there any setting which helps me with that purpose? So it will be much easier to locate the failed computers in that LAN?
Technically, there's no way for Dovecot to know what the client's LAN IP address is, at least not without the client providing this information
(which it won't).
Some IMAP clients send IMAP ID commands to the server. This usually includes the name (e.g. "iPhone Mail", "Microsoft Outlook", etc) and version of the client, and you can have Dovecot log this to your log by setting the option:
imap_id_log = *
This might help you identify the misconfigured clients.
Not all clients send IMAP ID commands though, and some clients only send it *after* authenticating, in which case you won't see it in your situation.
- Eirik
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org