Isn't this patch logging to syslog? I ask this because most people log using the splogger utility, and I try to avoid using syslog. Isn't there a way (patch) to let qmail-popup log to stderr itself? Only the exit codes from checkpassword are significant, and they are interpreted in qmail-popup.c Franky > ---------- > From: Jon Rust[SMTP:[EMAIL PROTECTED]] > Sent: Thursday, November 18, 1999 1:17 AM > To: [EMAIL PROTECTED] > Subject: Re: How to log the qmail-pop3d connection > > If you want username/password logging (including failed logins, with > the bad password), Paul Gregg's implementation of checkpoppasswd does > this. Obviously once they're logged in, it's under control of pop3d, > so you won't get any thing beyond user and pass. Note that logging > bad passwords could be considered a security risk. > > Here's an example, 1 succeed and 1 fail: > > Nov 17 15:21:03 mail0 checkpoppasswd: POP3 connect from > unknown@localhost [127.0.0.1] > Nov 17 15:21:03 mail0 checkpoppasswd: pop3checkpasswd: POP3 user > jsmith : /var/qmail/popboxes/vcnet-/jsmith logged in from > unknown@localhost [127.0.0.1] > > Nov 17 16:12:17 mail0 checkpoppasswd: POP3 connect from > unknown@localhost [127.0.0.1] > Nov 17 16:12:17 mail0 checkpoppasswd: pop3checkpasswd: FAILED: jsmith > [jsmith] - password incorrect (bad_pass_here) from unknown@localhost > [127.0.0.1] > > Find it at: > > http://www.tibus.net/pgregg/projects/ > > jon > > At 11:00 AM +1100 11/18/99, Marc-Adrian Napoli wrote: > >Hi all, > > > >Regarding pop-3d. > > > >> Yea but the original post wanted to record cmd's, kinda like tcpservers > -v > >> option. Sure you can sniff and dump etc, but nothing built in (aka > fool > >> proof). > > > >I asked this question a while back, and found out that there is no way. > :( > > > >tcpserver -v won't give you anything useful when running pop-3d. > Therefore > >piping the output through splogger (and consequently syslog) gives you > >nothing, i am logging mail.* in syslog and get nothing. (i've tried!) > > > >The only way is for someone to edit some source code of pop-3d to spit > out > >some info. (Or as mentioned, use tcpdump for this sort of thing.. but > this > >will most definitely not giev useful information about incorrect > passwords > >etc). > > > >Anyone already done this? > > > >Regards, > > > >Marc-Adrian Napoli > >Connect Infobahn Australia > >+61 2 92811750 >
