I had the same issue - Dovecot has it's own method of updating
lastauth and doesn't put the IP address in the field, but 'pop' or
'imap'. I'd rather have the IP. It was easier to just write my own
postauth script.
I've added a 'type' field so I can keep track of pop/imap/smtp
separately, you probably don't want to use that, as the default
vpopmail install assumes only 1 lastauth record per username.
service pop3 { executable = /usr/local/libexec/dovecot/pop3 pop-postlogin }
service pop-postlogin { executable = script-login /usr/local/etc/dovecot/lastauth-pop.sh user = vpopmail }
service imap-postlogin { executable = script-login rawlog /usr/local/etc/dovecot/lastauth-imap.sh user = vpopmail } service imap { executable = /usr/local/libexec/dovecot/imap imap-postlogin }
lastauth-imap.sh: #!/bin/sh /usr/local/etc/dovecot/lastauth-imap.pl & exec "$@"
lastauth-pop.sh: #!/bin/sh /usr/local/etc/dovecot/lastauth-pop.pl & exec "$@"
lastauth.pl (softlinked as lastauth-pop.pl/lastauth-imap.pl) #!/usr/bin/perl -w ## ## Update LastAuth from Dovecot ## use strict; use DBI;
my $key; my ($username, $domain) = split(/@/,$ENV{USER}); my $remote_ip = $ENV{IP}; my $authtype = "pop/imap";
if (index($0,"imap") != -1) { $authtype = "dovecot-imap"; } if (index($0,"pop") != -1) { $authtype = "dovecot-pop"; }
my $driver = DBI->install_driver('mysql');
my $dbh = DBI->connect('DBI:mysql:vpopmail:localhost','user','pass'); die "Unable to Connect $DBI::errstr\n" unless (defined $dbh);
#$ENV{PATH} = "/bin:/usr/bin:/usr/local/bin:.";
#my $update_data = $dbh->prepare(q{REPLACE into lastauth set user = ?,
domain = ?, remote_ip = ?, timestamp = ?, type = ? });
#my
$num_rows=$update_data->execute($username,$domain,$remote_ip,time,$authtype);
my $update_data = $dbh->prepare(q{REPLACE into lastauth set user = ?,
domain = ?, remote_ip = ?, timestamp = ? });
my $num_rows=$update_data->execute($username,$domain,$remote_ip,time);
$dbh->disconnect;
Rick
Quoting "mailing@securitylabs.it" <mailing@securitylabs.it>:
Hello, I'm migrating many accounts to a new server with vpopmail
5.4.33 and dovecot 2.0.11.I've already vpopmail 5.4.32 and dovecot 1.2.16 on others servers
running without problems.With dovecot 2.0.11 my lastauth file is not updated. This file
usually is update on any access (smtp, pop3, imap) with the client's
IP, for every mailbox. Now it's updated only when a client
authenticate itself via SMTP (smtp-auth with qmail + vpopmail), and
not with imap/pop3 access.My conf:
# 2.0.11: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.1 auth_cache_negative_ttl = 2 mins auth_cache_size = 1000 M auth_cache_ttl = 2 mins auth_mechanisms = plain cram-md5 apop auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@& disable_plaintext_auth = no first_valid_uid = 89 last_valid_uid = 95 lock_method = dotlock log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = Server ready. mail_fsync = never mail_gid = vchkpw mail_location = maildir:~/Maildir mail_privileged_group = vchkpw mail_uid = vpopmail namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = webmail=127.0.0.1 driver = vpopmail } plugin/mail_log_events = delete expunge plugin/mail_log_group_events = plugin/quota = maildir plugin/quota_rule = ?:storage=0 pop3_uidl_format = %f protocols = imap pop3 service auth { unix_listener auth-userdb { group = vchkpw mode = 0600 user = vpopmail } } service imap-login { client_limit = 256 process_limit = 128 process_min_avail = 3 service_count = 1 } service imap { drop_priv_before_exec = yes process_limit = 256 vsz_limit = 256 M } service pop3-login { client_limit = 256 process_limit = 128 process_min_avail = 3 service_count = 1 } service pop3 { drop_priv_before_exec = yes process_limit = 256 vsz_limit = 256 M } ssl_cert = </usr/local/etc/dovecot/dovecot.crt ssl_key = </usr/local/etc/dovecot/dovecot.key userdb { args = quota_template=quota_rule=*:backend=%q driver = vpopmail } protocol imap { mail_max_userip_connections = 10 mail_plugins = " notify quota imap_quota mail_log" }