On Thu, 20 Dec 2007 18:42:01 +0200 Timo Sirainen <[EMAIL PROTECTED]> wrote:
> On Thu, 2007-12-20 at 13:18 +0100, Bjørn T Johansen wrote: > > Yes, I know about those but I was kind of hoping to see failed > > authentications in some logs without enabling debug logging, > > like if I use PAM authentication.... > > auth_verbose=yes enables logging failed logins. > That did the trick... thx... :) If I only had learned regexp like I have been meaning too for many years now, this would have been a piece of cake but... Does anyone use Dovecot together with fail2ban? If so, could any one share the failregex they are using? (A) (or perhaps someone could create a regexp that recognize a line like this: dovecot: Dec 21 11:58:07 Info: auth(default): sql([EMAIL PROTECTED],85.19.143.23): Password mismatch ) BTJ
