dovecot - Jul 2006 - pop3s Authentication Issues, Continued

Fellow Dovecot'ers.

	I tried something tonight that I should have done a while back: Turned on
verbose logging in the authentication section. I'm still unable to get the
mail client I'm experimenting with (Pegasus) to complete a pop3s connection,
in that I still get an indication of a failed password.

	However, at least I'm a little closer to understanding the failure itself.
Please note what came up in /var/log/maillog.

Jul 13 22:41:25 featherweb dovecot: auth(default): client in: AUTH      1      
PLAIN   service=POP3    secured lip=192.168.42.130      rip=192.168.42.40      
resp=AGt5cnJpbgBocDIxZHZlbTcJul 13 22:41:25 featherweb dovecot: auth(default):
cache(kyrrin at bluefeathertech.com,192.168.42.40): User unknown
Jul 13 22:41:26 featherweb dovecot: auth(default): client out: FAIL     1      
user=kyrrin at bluefeathertech.com

	More specifically: Take a good hard look at the end of the second line.

	Why in the Multiverse would the thing consider me an unknown user? Unless
it's not really checking /etc/passwd at all...?

	Excerpt from dovecot.conf follows.

-=-=-=-=-=-=-=-=-

auth default {
  # Space separated list of wanted authentication mechanisms:
  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
  mechanisms = plain login
  passdb passwd {
  }
  userdb passwd {
  }
  socket listen {
        client {
        path = /var/spool/postfix/private/auth
        mode = 0660
        user = postfix
        group = postfix
  }
 }
}


	As a point of interest, SENDING mail via a secure connection (SMTP AUTH via
STARTTLS) is working quite well.

	I'm beginning to think that the OpenSSL installation isn't
authenticating properly...?

	Insights welcome. Thanks much.


-=-=-=-=-=-=-=-=-=-=-=-
Bruce Lane, Owner & Head Hardware Heavy,
Blue Feather Technologies -- http://www.bluefeathertech.com
kyrrin (at) bluefeathertech do/t c=o=m
"If Salvador Dali had owned a computer, would it have been equipped with
surreal ports?"

I may be tired or something but you are wanting it to query /etc/passwd, 
correct?  If so, then wouldn't the username just be kyrrin?  Well, I 
might be tired...anyway, shot in the dark...good night!

Bruce Lane wrote:
> Fellow Dovecot'ers.
>
> 	I tried something tonight that I should have done a while back: Turned on
verbose logging in the authentication section. I'm still unable to get the
mail client I'm experimenting with (Pegasus) to complete a pop3s connection,
in that I still get an indication of a failed password.
>
> 	However, at least I'm a little closer to understanding the failure
itself. Please note what came up in /var/log/maillog.
>
> Jul 13 22:41:25 featherweb dovecot: auth(default): client in: AUTH      1  
PLAIN   service=POP3    secured lip=192.168.42.130      rip=192.168.42.40      
resp=AGt5cnJpbgBocDIxZHZlbTc> Jul 13 22:41:25 featherweb dovecot:
auth(default): cache(kyrrin at bluefeathertech.com,192.168.42.40): User unknown
> Jul 13 22:41:26 featherweb dovecot: auth(default): client out: FAIL     1  
user=kyrrin at bluefeathertech.com
>
> 	More specifically: Take a good hard look at the end of the second line.
>
> 	Why in the Multiverse would the thing consider me an unknown user? Unless
it's not really checking /etc/passwd at all...?
>
> 	Excerpt from dovecot.conf follows.
>
> -=-=-=-=-=-=-=-=-
>
> auth default {
>   # Space separated list of wanted authentication mechanisms:
>   #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
>   mechanisms = plain login
>   passdb passwd {
>   }
>   userdb passwd {
>   }
>   socket listen {
>         client {
>         path = /var/spool/postfix/private/auth
>         mode = 0660
>         user = postfix
>         group = postfix
>   }
>  }
> }
>
>
> 	As a point of interest, SENDING mail via a secure connection (SMTP AUTH
via STARTTLS) is working quite well.
>
> 	I'm beginning to think that the OpenSSL installation isn't
authenticating properly...?
>
> 	Insights welcome. Thanks much.
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Bruce Lane, Owner & Head Hardware Heavy,
> Blue Feather Technologies -- http://www.bluefeathertech.com
> kyrrin (at) bluefeathertech do/t c=o=m
> "If Salvador Dali had owned a computer, would it have been equipped
with surreal ports?"
>
>   
-- 
James Bowling
<james at jamesbowling.com>