Topic: Log auth failures

What is the simplest way to log POP and SMTP auth failures?

Some spam bots found some mailboxes that are surprising, and I'm curious as to how they were identified.

I either have a server where persistent access has been established or they are doing some type of mailbox enumeration attack, but my default logging level wasn't catching it.

I've created some nearly impossible to find mailboxes, so we'll see if those get found or not.

But I want to up the authentication logging.



Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.


Re: Log auth failures

What kind of "auth failure" are we talking about? Default Dovecot config should be enough.