Code: Select all
sed -i "1s|^|mail_plugins = \$mail_plugins mail_log notify\n|" /etc/dovecot/dovecot.confCode: Select all
cat <<EOF >/etc/dovecot/conf.d/90-plugin.conf
##
## Plugin settings
##
# All wanted plugins must be listed in mail_plugins setting before any of the
# settings take effect. See <doc/wiki/Plugins.txt> for list of plugins and
# their configuration. Note that %variable expansion is done for all values.
plugin {
#setting_name = value
# Events to log. Defined in src/plugins/mail-log/mail-log-plugin.c - also available: flag_change save mailbox_create
# autoexpunge is included in expunge
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
# Also available: Defined in src/plugins/mail-log/mail-log-plugin.c - flags vsize from subject
mail_log_fields = uid box msgid from subject
# Don't log fields that require opening the email (v2.2.28+).
#mail_log_cached_only = yes
}
EOF
Code: Select all
systemctl restart dovecotCode: Select all
grep 'delete' /var/log/dovecot.logCode: Select all
grep 'box=Trash' /var/log/dovecot.logCode: Select all
Oct 12 13:35:54 imap([email protected])<8293><sYkky9TqQ95dV0dK>: Info: delete: box=Trash, uid=98, msgid=<CAE0E5YAbtVmVmYnnmskYBqEg74ZfKKQDm99+8E1LZ3bPDwNmNg@mail.gmail.com>, from=KOPAONIK APARTMAN <XXXXXX[email protected]>, subject=Kopaonik; Najava zakupa 12.10.2022.To find IP address of this session:
Code: Select all
grep 'sYkky9TqQ95dV0dK' /var/log/dovecot.logCode: Select all
Oct 12 13:35:45 imap-login: Info: Login: user=<[email protected]>, method=PLAIN, rip=93.87.71.74, lip=XX.XX.XXX.XX, mpid=8293, TLS, session=<sYkky9TqQ95dV0dK>Code: Select all
rip=93.87.71.74