[Dovecot] Logging pre-rewrite user ID for application-specific passwords

Timo Sirainen tss at iki.fi
Sun Sep 22 01:42:53 EEST 2013

On 27.8.2013, at 1.08, Steven Murdoch <steven.murdoch at cl.cam.ac.uk> wrote:

> I have set up Dovecot v2.2.5 with application-specific passwords, along the lines of this blog post (http://www.dgsiegel.net/news/2013_05_21-application_specific_passwords_for_dovecot).
> My users file looks like:
> user-foo:{BLF-CRYPT}$2...:42:42::/home/user::allow_nets= user=user
> user-bar:{BLF-CRYPT}$2...:42:42::/home/user::user=user
> user:{BLF-CRYPT}$2...:42:42::/home/user::nologin
> In this way, user-foo can log in with one password (but only from localhost), user-bar can log in from any host with a different password, but both actually being treated as the same user.
> When these users log in through, the log entries look like:
> Aug 26 23:03:01 hostname dovecot: imap-login: Login: user=<user>, method=PLAIN, rip=, lip=, mpid=12345, TLS
> Whereas I would like to see the original user name (prior to the re-write), i.e. user-foo and user-bar so I can keep track of which user names are in use and from where.
> Is there some way to do this? I couldn't see any of the variables being suitable.

Added: http://hg.dovecot.org/dovecot-2.2/rev/a32eea97afc1

So you can use %{orig_user} in login_log_format_elements.

More information about the dovecot mailing list