-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 30 Jan 2014, Reindl Harald wrote:
Am 30.01.2014 12:04, schrieb Arkadiusz Miśkiewicz:
On Thursday 30 of January 2014, Reindl Harald wrote:
Am 30.01.2014 10:50, schrieb Arkadiusz Miśkiewicz:
mail_log_events is nice addition but how to log who exactly triggered
particular event? For example 5 users from 5 IP addresses uses single
imap user/mailbox.
One of them deletes email and I'm logging delete related events. The only
logged thing is:
dovecot: imap(user): delete: box=INBOX, uid=673287, msgid=<some@thing>,
size=1230
which tells me nothing about who triggered it actually (note all 5 users
were logged in at deletion time)
How to solve this problem?
do not share user-logins
I'm not sharing. Customers are.
don't do that for any service, not only mail
That impossible to make.
Customer creates login "abc" on my server and gives it to 10 employees to
watch that mailbox.
10 employees log in to that single accound and do some actions. One of them is
"bad" and deletes important mail. I want to be able to figure which one.
I have no control over customers. Also I see no sensible reason to disallow
such work style
than your answer to them is simply "i can't tell who did what" as long
they insist on that work style - how is that your problem?
(Y)
@Arkadiusz, please tell us, if 10 people use the same account name and
password, how would you as a server behind the internet with a human
brain differ those 10 individuals?
The only idea I, personally, have is the IP address: Do they connect from
different IP addresses _all_ the time? No NAT involved? Do you know who
uses which IP address _all_ the time? If so, Dovecot logs the IP address
during login and you can associate a PID with an IP address, IMHO you can
add the remote IP address to the log string. Check out the variables page
in the Wiki.
But, frankly, _if_ you have someone, who is >>"bad" and deletes important
mail<<, you should see >>sensible reason to disallow such work style<<.
The next time you see yet another IP address and don't know the user
again.
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUuo7dXD1/YhP6VMHAQJdBAf8CEvum1A4mZsCj2I1bJbEalvNupHJl6UQ
SwXmpXa42ldOcg5UDbUG6Xy/PyBzHjGGwFsCA6feFBwDoigM9M0kXJNFw5gfrmk5
cUzAQVEMHGrWNDD/fj9I/7JmBds8/bO7sziPPwwnNtlzva98dwG9RlNdFF09+FcR
TxHq9q8RRgFtWKvh0LtmIcGdJ3+YDTA4I/pZKGKeVXLnsb8+4f1Ep0W2PSMg75Dy
nZ82+CKTwgzROrCMEdAFhIYJTJMDmVd939539Dexp94KsuPhkIKEF59q4NOfvZ0V
OLiymyCGf3DgeCySxONU/E55ihD3RTQX3wmNk10rNOPAKD3Tg4kP0g==
=6ok/
-----END PGP SIGNATURE-----
