On 23/03/2022 19.30, mj wrote:
Op 23-03-2022 om 12:29 schreef Aki Tuomi:
1. Try hashing possible password candidates and compare
2. Temporarily log everyone's passwords and then sanitize logs after you're
done.
No way to enable that option for a single user.
While there is no way to enable that option for a single user, setting the
following:
auth_debug = yes
auth_debug_passwords = yes
Will enable it for all users. Possibly your concern is that you don't want to
see legitimate users' passwords? In which case, you can rest assured that you
only see the FAILED passwords for all users, not the CORRECT ones.
If you decide this is something you want to do, then you can find the culprits by
grepping for "MD5" in the dovecot log, and then revert your configuration when
you've collected enough info.
P.
