Loading ...
Sorry, an error occurred while loading the content.
 

Re: Show username for "SASL LOGIN authentication failed:"?

Expand Messages
  • Charles Marcus
    ... How old? Anyway, I just went back and looked, and I believe to get the username you also have to add: protocol smtp { auth_verbose = yes } But mine is
    Message 1 of 24 , Jun 10, 2013
      On 2013-06-10 4:57 PM, Bogdan Enache <enachebogdan@...> wrote:
      > Hi.
      >
      > On 09.06.2013 18:12, Charles Marcus wrote:
      >> On 2013-06-09 10:34 AM, Zhang Huangbin <zhbmaillistonly@...> wrote:
      >>> On Sunday, June 9, 2013 at 10:09 PM, Charles Marcus wrote:
      >>>> Dovecot uses login_log_format_elements to determine what it logs for
      >>>> login attempts... you'll find the variables it supports here:
      >>>>
      >>>> http://wiki2.dovecot.org/Variables?highlight=%28login_log_format_elements%29
      >>>>
      >>>>
      >>>> Mine (which logs the username) looks like:
      >>>>
      >>>> login_log_format_elements = user=<%u> method=%m rip=%r lport=%{lport}
      >>>> mpid=%e %c session=<%{session}>
      >>> This works for IMAP/POP3/Managesieve services provided by Dovecot, and
      >>> logged in Dovecot log file, but it won't appear in Postfix/Dovecot
      >>> log files for
      >>> SMTP service.
      >> Hmmm... well, I definitely see the usernames on my system
      >> (postfix+dovecot) for both successful and unsuccessful logins...
      >>
      >> successful login:
      >>
      >> 2013-06-09T10:50:38-04:00 myhost postfix-587/smtpd[5807]: E9482B73AF4:
      >> client=client.example.com[192.168.1.110], sasl_method=PLAIN,
      >> sasl_username=myuser@...
      >>
      >> bad password:
      >>
      >> 2013-06-09T11:02:38-04:00 myhost postfix-587/smtpd[5903]: connect from
      >> myclient.example.com[###.###.###.###]
      >> 2013-06-09T11:02:38-04:00 myhost dovecot: auth-worker(5904):
      >> sql(validuser@...,###.###.###.###): Password mismatch
      >>
      >> invalid username:
      >>
      >> 2013-06-09T11:01:45-04:00 myhost postfix-587/smtpd[5903]: connect from
      >> myclient.example.com[###.###.###.###]
      >> 2013-06-09T11:01:50-04:00 myhost dovecot: auth-worker(5904):
      >> sql(invaliduser@...,###.###.###.###): unknown user
      >>
      >> So, it is possible...
      >>
      > I just enabled "login_log_format_elements" as:
      > login_log_format_elements = user=<%u> method=%m rip=%r lport=%{lport}
      > service=%s mpid=%e %c session=<%{session}>
      >
      > I get more info than usual (service, mpid, session) but still nothing
      > for smtp. Clearly, I'm missing something. Probably my dovecot/postfix
      > combo is too old.

      How old?

      Anyway, I just went back and looked, and I believe to get the username
      you also have to add:

      protocol smtp {
      auth_verbose = yes
      }

      But mine is 2.1.16, soon to be 2.2...

      --

      Best regards,

      Charles
    • Charles Marcus
      ... sorry - that needs to be added to your dovecot config, not postfix... ;) -- Best regards, Charles
      Message 2 of 24 , Jun 10, 2013
        On 2013-06-10 5:25 PM, Charles Marcus <CMarcus@...> wrote:
        > On 2013-06-10 4:57 PM, Bogdan Enache <enachebogdan@...> wrote:
        >> Hi.
        >>
        >> On 09.06.2013 18:12, Charles Marcus wrote:
        >>> On 2013-06-09 10:34 AM, Zhang Huangbin <zhbmaillistonly@...>
        >>> wrote:
        >>>> On Sunday, June 9, 2013 at 10:09 PM, Charles Marcus wrote:
        >>>>> Dovecot uses login_log_format_elements to determine what it logs for
        >>>>> login attempts... you'll find the variables it supports here:
        >>>>>
        >>>>> http://wiki2.dovecot.org/Variables?highlight=%28login_log_format_elements%29
        >>>>>
        >>>>>
        >>>>>
        >>>>> Mine (which logs the username) looks like:
        >>>>>
        >>>>> login_log_format_elements = user=<%u> method=%m rip=%r lport=%{lport}
        >>>>> mpid=%e %c session=<%{session}>
        >>>> This works for IMAP/POP3/Managesieve services provided by Dovecot, and
        >>>> logged in Dovecot log file, but it won't appear in Postfix/Dovecot
        >>>> log files for
        >>>> SMTP service.
        >>> Hmmm... well, I definitely see the usernames on my system
        >>> (postfix+dovecot) for both successful and unsuccessful logins...
        >>>
        >>> successful login:
        >>>
        >>> 2013-06-09T10:50:38-04:00 myhost postfix-587/smtpd[5807]: E9482B73AF4:
        >>> client=client.example.com[192.168.1.110], sasl_method=PLAIN,
        >>> sasl_username=myuser@...
        >>>
        >>> bad password:
        >>>
        >>> 2013-06-09T11:02:38-04:00 myhost postfix-587/smtpd[5903]: connect from
        >>> myclient.example.com[###.###.###.###]
        >>> 2013-06-09T11:02:38-04:00 myhost dovecot: auth-worker(5904):
        >>> sql(validuser@...,###.###.###.###): Password mismatch
        >>>
        >>> invalid username:
        >>>
        >>> 2013-06-09T11:01:45-04:00 myhost postfix-587/smtpd[5903]: connect from
        >>> myclient.example.com[###.###.###.###]
        >>> 2013-06-09T11:01:50-04:00 myhost dovecot: auth-worker(5904):
        >>> sql(invaliduser@...,###.###.###.###): unknown user
        >>>
        >>> So, it is possible...
        >>>
        >> I just enabled "login_log_format_elements" as:
        >> login_log_format_elements = user=<%u> method=%m rip=%r lport=%{lport}
        >> service=%s mpid=%e %c session=<%{session}>
        >>
        >> I get more info than usual (service, mpid, session) but still nothing
        >> for smtp. Clearly, I'm missing something. Probably my dovecot/postfix
        >> combo is too old.
        >
        > How old?
        >
        > Anyway, I just went back and looked, and I believe to get the username
        > you also have to add:
        >
        > protocol smtp {
        > auth_verbose = yes
        > }
        >
        > But mine is 2.1.16, soon to be 2.2...
        >

        sorry - that needs to be added to your dovecot config, not postfix... ;)

        --

        Best regards,

        Charles
      Your message has been successfully submitted and would be delivered to recipients shortly.