L. D. James:
> There are a large number of authentication failures on my system. Is
> there a debugging switch or configuration setting where I can set it to
> show the userID that is failing? It shows the UserID that successfully
> logs in.
SASL is a family of authentication protocols, implemented by a SASL
library (Cyrus SASL) or authentication server (Dovevot).
Postfix does not understand the SASL protocols. Any logging for
failed login details is up to the SASL library or the authentication
server.
Postfix has logged the following on behalf of the Cyrus SASL library:
Nov 20 03:33:06 ubuntuserver postfix/smtpd[25549]: warning: SASL
authentication failure: Password verification failed
where the "Password verification failed" was provided by the Cyrus
SASL library.
As you see, the library does not provide the login name as part of
the login failure message.
You may see more SASL-related logging by setting the smtpd -v command
line option in master.cf.
Wietse
