On Thu, May 4, 2006 1:04 pm, Edward Chase wrote:
I've been working with a new CentOS installation and this is my first experience with dovecot. I would like dovecot to provide more logging, however I'm not finding much on how to alter it's logging.
http://wiki.dovecot.org/DovecotFeatures speaks of having Logging Control.
From: Ryan Kolak [mailto:ryank@rkware.com]
What sort of logging were you looking to do? I went through the code and looked at it a little bit, and eventually gave up because I didn't have enough time.
I was trying to log the bandwidth used by the connection for accounting purposes.
Ryan
Here's an example of what I see with qualcomm popper.
May 5 07:20:22 postoffice qpopper[8770]: [ID 702911 mail.notice] Stats: popuser 91 2173068 116 2543535 10.1.2.3 10.1.2.3
This is telling me that popuser checked mail. The qpopper removed 91 messages / 2173068 bytes from the mailbox, leaving 116 messages / 2173068 bytes. And the operation was done by the machine at 10.1.2.3
I'm not sure why the double IP address. I've never seen them differ.
What helps here is when a user calls with issues, I can say that "your right at your storage quota and your machine appears to be configured to leave some/all of your mail on the server." The difference between "some" and "all" would obvously be the machine configure to leave all mail on server would never be removing anything with each round of POP.
I would also hope that attempts to do POP with bad username/password combos would be logged w/ at least the username showing up.
qpopper's version of this type of logging:
May 3 09:14:03 postoffice qpopper[20215]: [ID 702911 mail.notice] sophisticate11 at 10.1.2.3 (10.1.2.3): -ERR [AUTH] Password supplied for "sophisticate11" is incorrect.
Heck in this case it's really a bad username, qpopper just knows that the username/password combo is not valid.
Dovecot may do the bad password logging. This system hasn't been running long enough for me to notice that yet.
Thanks.