On 08/28/2013 10:36 AM, [email protected] wrote: > Maybe you can find a way in this direction > > http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes
This looks interesting. Looks like I could automate also a lot of other stuff this way, e.g. imap syncing accounts to new server, etc. I found out that "auth_debug_passwords=yes" does log passwords (also successful logins) in proxy mode. But it does not in normal imap/pop server mode, or I did something wrong... It logs something like this: Aug 28 11:13:03 barney dovecot: auth: Debug: client out: OK#0111#[email protected]#011host=imap.example.com#011nologin#011proxy#011pass=CLEARPASWORD where CLEARPASWORD is the plain text password.that's pretty much what I need. but using some postlogin script might be the more beautiful way... thanks you all for the responses. > > all the best > > > On 28.08.2013, at 09:14, Marco Fretz wrote: > >> > On 08/28/2013 09:08 AM, [email protected] wrote: > >>> Hi Marco > >>> > >>> when running dovecot -a you will find > >>> auth_* > >>> > >>> I think you could you auth_verbose_passwords to fit your needs. > > thanks. I've already tried this, but it doesn't log the password on > successful logins, only when there is password missmatch: > > from the conf / manual: > " > # In case of password mismatches, log the attempted password. Valid > values are > # no, plain and sha1. sha1 can be useful for detecting brute force > password > # attempts vs. user simply trying the same password over and over again. > #auth_verbose_passwords = no > " > > any other ideas? :) > > >>> > >>> all the best > >>> > >>> > >>> > >>> > >>> On 28.08.2013, at 08:57, Marco Fretz wrote: > >>> > >>>> > >>> Hi everyone, > >>> > >>> I want to use dovecot as a IMAP and POP3 proxy in front of our current > >>> E-Mail hosting server to log the plain text passwords of all > successful > >>> logins for migration reasons. Actually I don't need the password > to see > >>> in plain text, storing them as SHA256-CRYPT (or something dovecot can > >>> use later for auth) hash in a file or DB would be fine, too. > >>> > >>> I need this for the migration from the current mail server (using > >>> proprietary hashing to store passwords) to a new postfix / dovecot > base > >>> mail system. > >>> > >>> I played around with "auth_debug_passwords" and all debug / logging > >>> options I found in the manual. Nothing logs successful login plaintext > >>> passwords. > >>> > >>> Any hint welcome. > >>> > >>> Thanks a lot, > >>> Marco > >>> > >>>> > >>> > >> >
