dovecot - Jun 2005 - strip realms and force lowercasing of usernames?

Is it possible for dovecot to strip realms and force lowercasing of usernames?

We have a lot of dumb customers who try logging in to pop3 with crap like 
UsERNAmE and bla at nonexistentdomain.com. All our usernames are lowercase 
and we have no realms. Trying to get hundreds of customers to fix this is 
hard and is a significant and costly support burden.

It would be nice if dovecot could handle this in some way.

-Dan

Dan Hollis wrote:
> Is it possible for dovecot to strip realms and force lowercasing of
usernames?
> 
> We have a lot of dumb customers who try logging in to pop3 with crap like 
> UsERNAmE and bla at nonexistentdomain.com. All our usernames are lowercase 
> and we have no realms. Trying to get hundreds of customers to fix this is 
> hard and is a significant and costly support burden.
> 
> It would be nice if dovecot could handle this in some way.
> 
> -Dan
> 
Hi Dan,

In your default_mail_env if you use %n instead of %u you will get the 
domains stripped.  As for lowercase that is a feature I would like to 
see, I will see if I can code it tonight.

Regards
Andrew

-- 
Andrew Hutchings (A-Wing)
Linux Guru - Netserve Consultants Ltd. - http://www.domaincity.co.uk/
Admin - North Wales Linux User Group - http://www.nwlug.org.uk/
BOFH excuse 370: Virus due to computers having unsafe sex.

On Tue, 7 Jun 2005, Dan Hollis wrote:
> Is it possible for dovecot to strip realms and force lowercasing of
usernames?
> 
> We have a lot of dumb customers who try logging in to pop3 with crap 
> like UsERNAmE and bla at nonexistentdomain.com. All our usernames are 
> lowercase and we have no realms. Trying to get hundreds of customers to 
> fix this is hard and is a significant and costly support burden.
> 
> It would be nice if dovecot could handle this in some way.
One solution would be to run an POP/IMAP proxy - perdition is capable of 
doing this, for example.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

On Tue, 2005-06-14 at 03:16 -0700, Dan Hollis wrote:
> > PAM module only works for PAM passdb, Dovecot still does userdb lookup
> > from /etc/passwd or wherever you have it.
> 
> PAM should be given a chance to modify the username dovecot uses to do the 
> userdb lookup with.
Hmm. I remembered PAM wouldn't allow that, but looks like it does.
Changed CVS version to support that now (non-tested though, but doesn't
at least break the normal behavior).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20050614/97d44948/attachment-0001.bin>

On Tue, 14 Jun 2005, Timo Sirainen wrote:
> On Tue, 2005-06-14 at 03:16 -0700, Dan Hollis wrote:
> > > PAM module only works for PAM passdb, Dovecot still does userdb
lookup
> > > from /etc/passwd or wherever you have it.
> > PAM should be given a chance to modify the username dovecot uses to do
the
> > userdb lookup with.
> Hmm. I remembered PAM wouldn't allow that, but looks like it does.
> Changed CVS version to support that now (non-tested though, but doesn't
> at least break the normal behavior).
I've thought some more about writing a PAM module, but what's the 
solution for people who don't have pam and _must_ authenticate from 
/etc/passwd,shadow (getpwnam, getspnam)?

Seems to me the only truly universal solution is to do this inside 
dovecot. It already has code to mangle the username with modifiers for 
mailspool location, so applying the same code to allow modifying username 
would seem to be a logical and consistent extension of existing dovecot 
behavior.

-Dan

I don't know C or C++ but here's the patch I wrote for lowercase auth on
test69. Hopefully it's a starting point for anyone who wants to try and
tackle this but well beyond my abilities.

Jeff Graves, MCSA
Customer Support Engineer
Image Source, Inc.
10 Mill Street
Bellingham, MA 02019

508.966.5200 - Phone
508.966.5170 - Fax
jeff at image-src.com - Email
www.image-src.com

-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On
Behalf Of Peter Evans
Sent: Wednesday, June 15, 2005 8:33 PM
To: dovecot at dovecot.org
Subject: Re: [Dovecot] strip realms and force lowercasing of usernames?


Dan Hollis (test3943395 at anime.net) wrote:
> So that's three people then. me, jeff graves and peter hessler. More
than
> two :-)
 
> What's the exact 'minimum required users for a feature' number?
:-)
	Feel free to code it yourself and submit a patch to Timo.
	I guess you want to start with 1.0-test-reallybignumber
	as a base.

	If I had the energy, I might do this.

	P

-------------- next part --------------
A non-text attachment was scrubbed...
Name: dovecot-auth-case.patch
Type: application/octet-stream
Size: 364 bytes
Desc: not available
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20050616/0fd4df8c/attachment-0001.obj>

Jeff Graves wrote:
> I don't know C or C++ but here's the patch I wrote for lowercase
auth on
> test69. Hopefully it's a starting point for anyone who wants to try and
> tackle this but well beyond my abilities.
> 
Actually, I've discovered this isn't necessary. You can use

auth_username_translation = 
AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz

in Dovecot 1.0 stable/tests.

It's no help for stripping domains though, but solves my problem 
authenticating against AD via PAM but using userdb=passwd (AD isn't 
case-senstive).

Best Wishes,
Chris

-- 
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK              Fax: +44 (0)118 975 3094