I'm using syslog-ng but I would think this king a configuration would be made in the server itself not the logging system...
I guess I was wrong...
Thank you for your reply, I will analyse.
Update:
I managed to find what I wanted, but I can see all the passwords, I would be nice to only check the wrong ones.
/etc/courier-imap/authlib/authdaemonrc
I gess I will only activate de DEBUG LEVEL 2 when I see brute force attacks and want to investigate.
Once again, thank you
Last edited by Cidi Rome; 06-28-2014 at 01:21 PM.
|