Is there any way to log/see protocol level commands for a mailbox which is not under user.* ?

Bron Gondwana brong at
Thu Mar 13 20:07:52 EDT 2008

On Thu, Mar 13, 2008 at 11:57:31AM +0100, Ciprian Marius Vizitiu wrote:
> Hi listers, 
> It's written in the manuals that by creating a folder under
> /var/lib/imap/log/username Cyrus will log at protocol level details for
> "username". Question: how can I do the same for a mailbox which is above
> user.* level? Of course I could enable logging for all users =:-o and then
> try to correlate those logs but I thought I should ask. 
> Background: on a perfectly functioning Cyrus IMAP some of my users are...
> abusing one common IMAP folder in subtle ways so I just want  to be able to
> catch the offenders that's why I'm only interested in the "COPY" and/or
> "APPEND" commands. 

My "Auditlog" patches would probably be pretty handy for that!  You
would get log entries for every append and copy, associated via
sessionid to a login event.  You'll need both:

cyrus-sessionid-2.3.11.diff and


(and you'll have to build cyrus from source or a custom package for
your packaging system as appropriate)

you also need to add 'auditlog: yes' to the imapd.conf.


More information about the Info-cyrus mailing list