[Dovecot] Dovecot under brute force attack - nice attacker
Cédric Laruelle
laruellec at aiderdonner.com
Fri Jun 5 11:58:52 EEST 2009
I'm not sure I got everything here... Actually, I said it was a problem for
me, but it's not really.
Indeed, by just changing the setting auth_verbose to yes (but leaving
auth-debug to no), I get a line like
auth-worker(default): pam(USER,HOST): pam_authenticate() failed:
Authentication failure (password mismatch?)
without any extra log information I don't need (only auth_debug would
produce such info).
This log is perfectly catchable by fail2ban or any other system.
So to me, the only "problem" is the documentation as mentioned initially by
Henri which says :
# More verbose logging. Useful for figuring out why authentication
isn't
# working.
auth_verbose = yes
Am I missing something ?
Cédric
More information about the dovecot
mailing list