[Dovecot] Logging authentication failures when Dovecot's auth service used to authenticate postfix smtpd

MV mvfreelancer at gmail.com
Fri Feb 28 01:40:43 UTC 2014


Hello,

tl;dr: Is there a way to get dovecot's auth to log failed smtp
authentications without having to switch on "auth_verbose"?
postfix version 2.11.0 and dovecot version 2.2.12

I'm currently migrating my postfix+courier to postfix+dovecot and so
far it's working as expected. Except for logging smtp login failures.

Despite Postfix logging successful authentications (see sample below),
it doesn't log failed smtp logins.
Feb 25 22:28:53 mailer2 postfix/submission[20274]: C981B20198:
client=A-B-C-D.*****.net[A.B.C.D]:63107, sasl_method=PLAIN,
sasl_username=joe at example.net

And since my postfix setup authenticates virtual users through
Dovecot's auth, I thought maybe dovecot could report smtp login
failures the same way it reports imap and pop3 login failures.
Below is a sample extracted from "info_log_path" after several imap
and pop3 login failures. (Obviously the IP 255.... is made up and
irrelevant for this mater).

# begin extract "/var/log/dovecot-info.log"
2014-02-27 21:14:26 auth: Info:
passwd-file(joe at example.net,255.255.255.255,<Y0lbzmnzfwAuQV80>):
Password mismatch
2014-02-27 21:16:46 auth: Info:
passwd-file(foobar,255.255.255.255,<Y0lbzmnzfwAuQV80>): unknown user
2014-02-27 21:52:00 auth: Info:
passwd-file(foo at example.net,255.255.255.255,<0Su6VGrzGwAuQV80>):
unknown user
2014-02-27 21:53:35 auth: Info:
plain(?,255.255.255.255,<0Su6VGrzGwAuQV80>): Empty username
2014-02-27 21:53:55 auth: Info:
plain(?,255.255.255.255,<0Su6VGrzGwAuQV80>): Username character
disallowed by auth_username_chars: 0x5c (username: \0)
2014-02-27 22:08:05 auth: Info: plain(?,255.255.255.255): invalid input
2014-02-27 22:09:36 auth: Info:
passwd-file(joe at example.net,255.255.255.255): Password mismatch
2014-02-27 22:09:53 auth: Info: login(?,255.255.255.255): Empty username
# end extract

I've tried adding "-L -o info_log_path=/var/log/dovecot-info.log" to
the both auth and auth-worker services but that yield nothing.

----------------------%<--------------------------------

auth_mechanisms = plain login
auth_verbose = yes
base_dir = /var/run/dovecot/
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "

passdb {
  args = scheme=CRYPT username_format=%u /etc/dovecot/virtual_users
  driver = passwd-file
}

userdb {
  args = username_format=%u /etc/dovecot/virtual_users
  default_fields = uid=vmail gid=vmail
  driver = passwd-file
  override_fields = home=/home/vmail/%d/%u
  result_failure = return-fail
  result_internalfail = return-fail
}

service auth-worker {
  executable = auth -w -L -o info_log_path=/var/log/dovecot-info.log
}

service auth {
  executable = auth -L -o info_log_path=/var/log/dovecot-info.log
  unix_listener /var/spool/postfix/private/dovecot-auth {
    group = postfix
    user = postfix
    mode = 0660
  }
}

service lmtp {
  executable = lmtp -L -o info_log_path=/var/log/dovecot-info.log
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    user = postfix
    mode = 0660
  }
}

---------------------->%--------------------------------


The relevant postfix config is ...

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
virtual_transport = lmtp:unix:private/dovecot-lmtp


More information about the dovecot mailing list