The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Reading dovcot unmatched entries log

Discussion in 'E-mail Discussions' started by AthensMatt, Feb 26, 2016.

  1. AthensMatt

    AthensMatt Member

    Joined:
    Mar 24, 2015
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Athens
    cPanel Access Level:
    Root Administrator
    Good morning all,

    I'm struggling to figure out what a log is telling me. I have a lot of unmatched entries similar to this example:
    dovecot: imap(__cpanel__service__auth__imap__08_LONG_STRING_OF_ALPHANUMERICS_): Logged out in=11, out=434, bytes=11/434: 1 Time(s)

    Obviously I changed the identifier to "LONG_STRING_OF_ALPHANUMERICS" because I'm not sure if it's safe to post it.

    Is there a way to read this and identify which account or domain is creating this unmatched entries log??

    Thanks,

    Matt
     
  2. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    249
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    yes, it will show the authentication id's in the logs. You can track with that.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. gn0s1s

    gn0s1s Member

    Joined:
    Mar 2, 2016
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Cambodia
    cPanel Access Level:
    Root Administrator
    While I love this check, it spams the Logwatch with unmatched entries and will definitely cause many system administrators to begin ignoring Logwatch entirely (which is a Bad Thing™). There have been patches out there which solve similar issues, so it shouldn't be impossible to make these Unmatched Entries go away. Any advice on how to do so would be appreciated, since it's cPanel's service that is generating the log spam.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    There are no native features that will ignore access attempts from Chkservd at this time, but it's a good idea for a feature request:

    Submit A Feature Request

    Feel free to post the URL to the feature request once it's approved so others can vote and add their feedback to it.

    Thank you.
     
  6. gn0s1s

    gn0s1s Member

    Joined:
    Mar 2, 2016
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Cambodia
    cPanel Access Level:
    Root Administrator
    I edited:
    Code:
    /etc/logwatch/conf/ignore.conf
    To include the following:
    Code:
    dovecot: imap\(__cpanel__service__auth__imap__
    ChkServd spam gone, for now. Solution found here, among others.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page