Interested...
--
Doug Lumpkin
[EMAIL PROTECTED]
----- Original Message -----
From: Benjamin de los Angeles Jr. <[EMAIL PROTECTED]>
To: Jon Rust <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, November 17, 1999 5:48 PM
Subject: Re: How to log the qmail-pop3d connection
>
> I have a patch that additionally logs the number of e-mails and
> their total size, this happens just before you download/view/delete
> your e-mails. Message me if anyone is interested.
>
> On Wed, 17 Nov 1999, Jon Rust wrote:
>
> > If you want username/password logging (including failed logins, with
> > the bad password), Paul Gregg's implementation of checkpoppasswd does
> > this. Obviously once they're logged in, it's under control of pop3d,
> > so you won't get any thing beyond user and pass. Note that logging
> > bad passwords could be considered a security risk.
> >
> > Here's an example, 1 succeed and 1 fail:
> >
> > Nov 17 15:21:03 mail0 checkpoppasswd: POP3 connect from
> > unknown@localhost [127.0.0.1]
> > Nov 17 15:21:03 mail0 checkpoppasswd: pop3checkpasswd: POP3 user
> > jsmith : /var/qmail/popboxes/vcnet-/jsmith logged in from
> > unknown@localhost [127.0.0.1]
> >
> > Nov 17 16:12:17 mail0 checkpoppasswd: POP3 connect from
> > unknown@localhost [127.0.0.1]
> > Nov 17 16:12:17 mail0 checkpoppasswd: pop3checkpasswd: FAILED: jsmith
> > [jsmith] - password incorrect (bad_pass_here) from unknown@localhost
> > [127.0.0.1]
> >
> > Find it at:
> >
> > http://www.tibus.net/pgregg/projects/
> >
> > jon
> >
> > At 11:00 AM +1100 11/18/99, Marc-Adrian Napoli wrote:
> > >Hi all,
> > >
> > >Regarding pop-3d.
> > >
> > >> Yea but the original post wanted to record cmd's, kinda like
tcpservers -v
> > >> option. Sure you can sniff and dump etc, but nothing built in (aka
fool
> > >> proof).
> > >
> > >I asked this question a while back, and found out that there is no way.
:(
> > >
> > >tcpserver -v won't give you anything useful when running pop-3d.
Therefore
> > >piping the output through splogger (and consequently syslog) gives you
> > >nothing, i am logging mail.* in syslog and get nothing. (i've tried!)
> > >
> > >The only way is for someone to edit some source code of pop-3d to spit
out
> > >some info. (Or as mentioned, use tcpdump for this sort of thing.. but
this
> > >will most definitely not giev useful information about incorrect
passwords
> > >etc).
> > >
> > >Anyone already done this?
> > >
> > >Regards,
> > >
> > >Marc-Adrian Napoli
> > >Connect Infobahn Australia
> > >+61 2 92811750
> >
> >
>
>
