On 4/25/2017 7:00 PM, Jobst Schmalenbach wrote:
Is it possible on to log a bit more detail when auth failure occurs when using
saslauthd?
saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp]
[realm=DELETED] [mech=pam] [reason=PAM auth error]
What I want is the IP address and if possible the incorrect password (just to
see how far they are off).
Is this possible?
what protocol are these users connecting with thats using saslauthd
? http or smtp or imap or what? I'm pretty sure that by the time
you've gotten down to the SASL layer, saslauthd has no clue what iP
address the client request originated from, so logging the IP of the
failed request had best be done at a higher layer.
--
john r pierce, recycling bits in santa cruz
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos