On 11/20/2016 01:39 PM, L. D. James wrote:
Thanks for the detailed explanation. The "-v" argument works fine.
Also, I'll study the SASL protocol for more details of it's usage.
I used to see the failed usernames in the past. Don't know when it
stopped. But this information is invaluable for identifying which of
our users are having login problems and knowing which connections to
block to our server.
-- L. James
On 11/20/2016 11:32 AM, Wietse Venema wrote:
L. D. James:
There are a large number of authentication failures on my system. Is
there a debugging switch or configuration setting where I can set it to
show the userID that is failing? It shows the UserID that successfully
logs in.
SASL is a family of authentication protocols, implemented by a SASL
library (Cyrus SASL) or authentication server (Dovevot).
Postfix does not understand the SASL protocols. Any logging for
failed login details is up to the SASL library or the authentication
server.
Postfix has logged the following on behalf of the Cyrus SASL library:
Nov 20 03:33:06 ubuntuserver postfix/smtpd[25549]: warning: SASL
authentication failure: Password verification failed
where the "Password verification failed" was provided by the Cyrus
SASL library.
As you see, the library does not provide the login name as part of
the login failure message.
You may see more SASL-related logging by setting the smtpd -v command
line option in master.cf.
Wietse
Wietse, thank you thank you again for your help in providing me with the
valuable information. Studying the "SASL" documentations, it turns out
that the names are logged in the "/var/log/auth.log" file. It appears
that, that is where I had been seeing the information some time ago. I
thought I had been seeing it in the mail.log file.
Have a nice day!
-- L. James
--
L. D. James
[email protected]
www.apollo3.com/~ljames
