Is there any way to log/see protocol level commands for a mailbox which is not under user.* ?
brong at fastmail.fm
Thu Mar 13 20:07:52 EDT 2008
On Thu, Mar 13, 2008 at 11:57:31AM +0100, Ciprian Marius Vizitiu wrote:
> Hi listers,
> It's written in the manuals that by creating a folder under
> /var/lib/imap/log/username Cyrus will log at protocol level details for
> "username". Question: how can I do the same for a mailbox which is above
> user.* level? Of course I could enable logging for all users =:-o and then
> try to correlate those logs but I thought I should ask.
> Background: on a perfectly functioning Cyrus IMAP some of my users are...
> abusing one common IMAP folder in subtle ways so I just want to be able to
> catch the offenders that's why I'm only interested in the "COPY" and/or
> "APPEND" commands.
My "Auditlog" patches would probably be pretty handy for that! You
would get log entries for every append and copy, associated via
sessionid to a login event. You'll need both:
(and you'll have to build cyrus from source or a custom package for
your packaging system as appropriate)
you also need to add 'auditlog: yes' to the imapd.conf.
More information about the Info-cyrus