Package: dbmail Priority: wishlist Tags: patch Please make dmail log information about failed login attempts, which make a recognizing possible of brute force attacks.
-- Kind Regards, Michael Mende
#! /bin/sh /usr/share/dpatch/dpatch-run ## 05_pop3_imap_log_failed_login_attempts.dpatch by Michael Mende <[EMAIL PROTECTED]> ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: Get more information about failed login attempts @DPATCH@ diff -urNad dbmail-2.2.3/pop3.c.orig dbmail-2.2.3/pop3.c --- dbmail-2.2.3/pop3.c 2007-03-23 11:40:00.000000000 +0100 +++ dbmail-2.2.3/pop3.c.orig 2007-03-23 11:41:00.000000000 +0100 @@ -384,7 +384,7 @@ session->SessionResult = 3; return -1; case 0: - TRACE(TRACE_ERROR, "user [%s] tried to login with wrong password", session->username); + TRACE(TRACE_ERROR, "user [%s] coming from [%s] tried to login with wrong password", session->username, ci->ip_src); g_free(session->username); session->username = NULL; @DPATCH@ diff -urNad dbmail-2.2.3/dbmail-imapsession.c dbmail-2.2.3/dbmail-imapsession.c.orig --- dbmail-2.2.3/dbmail-imapsession.c 2007-02-08 13:52:22.000000000 +0100 +++ dbmail-2.2.3/dbmail-imapsession.c.orig 2007-03-23 12:15:32.000000000 +0100 @@ -1393,7 +1393,7 @@ sleep(2); /* security */ /* validation failed: invalid user/pass combination */ - TRACE(TRACE_MESSAGE, "user (name %s) login rejected", username); + TRACE(TRACE_MESSAGE, "user (name %s) coming from [%s] login rejected", username, self->ci->ip_src); dbmail_imap_session_printf(self, "%s NO login rejected\r\n", self->tag); return 1;
signature.asc
Description: Digital signature