I've made a unix-socket auth setup, by looking at the examples here: https://doc.dovecot.org/configuration_manual/authentication/dict/#complete-e...

I need to ship the plain password to the socket as well, so i have simply added %w to the lookup key, like so:

key = passdb/U=%u P=%w

My problem is, that if the socket connection is down for whatever reason, dovecot will write the entire message above - including the plaintext password - into the logfile.

May 25 11:17:48 imap-1 dovecot: auth-worker(32690): Error: dict-client: Lookup 'shared/passdb/U=john.doe@example.com P=john123 failed: net_connect_unix(/var/run/dovecot/doveauthdsocket) failed: Connection refused (reply took 0.000 secs (0.000 in dict wait, 0.000 in other ioloops, 0.000 in locks)) May 25 11:17:48 imap-1 dovecot: auth-worker(32690): Error: dict( john.doe@example.com,8.8.4.4,): Failed to lookup key shared/passdb/U=john.doe@example.com P=john123

Can i disable dict client logging? Or can i structure my dict request in a different way to avoid this logging, while still getting the complete user-name and plaintext password shipped over the socket?

$ dovecot --version 2.2.36 (1f10bfa63)