Log authentication attempts
Aki Tuomi
aki.tuomi at dovecot.fi
Mon Jun 12 17:12:21 EEST 2017
> On June 12, 2017 at 3:39 PM "j.emerlik" <j.emerlik at gmail.com> wrote:
>
>
> We alse have same problem, now we are running Dovecot 2.2.30.2 and also use
> Dovecot SASL for SMTP authentication (postfix 2.11).
> We need to save all failed login attempts to database as source IP address,
> username and date and time but post-login script can do this but only after
> successful login. Failed login attempts information may be useful in the
> fight with bruteforce attacks.
> It's possible to execude some script after failed login ("Password
> mismatch") ?
>
> Regards,
> Jacek
You can try to do this using our auth policy API. See https://wiki2.dovecot.org/Authentication/Policy
It will report both successful and unsuccessful authentication with fields you specify.
Aki
More information about the dovecot
mailing list