Re: [Dovecot] Authentication Error Message formats

Wed, 29 Oct 2008 08:13:41 -0700 

Charles Marcus wrote:
> On 10/29/2008, Albert E. Whale ([EMAIL PROTECTED]) wrote:
>   
>> When a user fails authentication, or a user does not exist, it appears
>> that the same message is used for these events.
>>     
>
> When asking for help, it is always a good idea to provide some basic
> info... in  this case, sample log entries from failed events, and output
> of dovecot -n?
>
>   
Thank Charles, my apologies.

Here is the Logging info:

Oct 29 09:43:12 192.168.50.5 dovecot: pop3-login: Aborted login (auth
failed, 1 attempts): user=<darrel>, method=PLAIN, rip=217.168.145.51,
lip=66.207.133.234
Oct 29 09:43:15 192.168.50.5 dovecot: auth-worker(default):
pam(darrel,217.168.145.51): pam_authenticate() failed: Authentication
failure
Oct 29 09:43:17 192.168.50.5 dovecot: pop3-login: Aborted login (auth
failed, 1 attempts): user=<darrel>, method=PLAIN, rip=217.168.145.51,
lip=66.207.133.234
Oct 29 09:43:20 192.168.50.5 dovecot: auth-worker(default):
pam(darrel,217.168.145.51): pam_authenticate() failed: Authentication
failure
Oct 29 09:43:22 192.168.50.5 dovecot: pop3-login: Aborted login (auth
failed, 1 attempts): user=<darrel>, method=PLAIN, rip=217.168.145.51,
lip=66.207.133.234

And my dovecot.conf is attached.

BTW, these entries are samples of invalid users.

-- 
Albert E. Whale, CHS CISA CISSP
Sr. Security, Network, Risk Assessment and Systems Consultant
------------------------------------------------------------------------
ABS Computer Technology, Inc. <http://www.ABS-CompTech.com> - Email,
Internet and Security Consultants
SPAMZapper <http://www.Spam-Zapper.com> - No-JunkMail.com
<http://www.No-JunkMail.com> - *True Spam Elimination*.

ns6.ABS-CompTech.com root
[/root] dovecot -n
# 1.1.4: /etc/dovecot.conf
base_dir: /var/run/dovecot/
protocols: imap pop3
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
login_greeting: SpamZapper Email ready.
mail_max_userip_connections(default): 10
mail_max_userip_connections(imap): 10
mail_max_userip_connections(pop3): 3
verbose_proctitle: yes
mail_privileged_group: mail
mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u
mail_debug: yes
mmap_disable: yes
mail_nfs_storage: yes
mail_nfs_index: yes
lock_method: dotlock
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
pop3_uidl_format(default): %08Xu%08Xv
pop3_uidl_format(imap): %08Xu%08Xv
pop3_uidl_format(pop3): %08Xv%08Xu
auth default:
  username_format: %Lu
  verbose: yes
  debug: yes
  passdb:
    driver: passwd-file
    args: /home/dovecot.passwd
  passdb:
    driver: pam
  userdb:
    driver: passwd-file
    args: /home/dovecot.passwd
  userdb:
    driver: passwd

Reply via email to