Different auth logging with cache lookup. (OPEN)
Eikås Arvid
arvid.eikas at telenor.no
Tue Feb 22 12:52:55 UTC 2022
No, the problem is the logging of the cache lookup with password mismatch. (release 2.3.17)
We missing client IP and user in the cache lookup logging.
auth-worker(1676266): Info: conn unix:auth-worker (pid=1675846,uid=97): auth-worker<2>: Password mismatch (given password: xxxx)
Arvid
-----Original Message-----
From: Aki Tuomi <aki.tuomi at open-xchange.com>
Sent: tirsdag 22. februar 2022 09:15
To: Eikås Arvid <arvid.eikas at telenor.no>; dovecot at dovecot.org
Subject: Re: Different auth logging with cache lookup. (OPEN)
> On 22/02/2022 09:42 Eikås Arvid <arvid.eikas at telenor.no> wrote:
>
>
> dovecot-2.3.5 and centos 7
> User and IP are logged in both scenarios.
> auth-worker(26145): sql(user,1.1.1.1,<XXXXXXXX>): Password mismatch
> auth-worker(13380): cache(user at online.no,1.1.1.1): Password mismatch
>
>
>
>
> dovecot-2.3.17 and rhel 8
> Feb 03 14:42:53 auth-worker(1676266): Info: conn unix:auth-worker
> (pid=1675846,uid=97): auth-worker<1>: sql(user,127.0.0.1,<XXXXXXXX>):
> Password mismatch (given password: xxxx) Feb 03 14:43:48
> auth-worker(1676266): Info: conn unix:auth-worker
> (pid=1675846,uid=97): auth-worker<2>: Password mismatch (given
> password: xxxx)
>
> User and IP is not logged in cache lookup.
> Is this a design change or a unplanned change?
>
> Any ide when it was changed?
Looks more like 2.3.5 is incorrectly checking both cache and sql?
Aki
More information about the dovecot
mailing list