thr3ads.net - dovecot - [Dovecot] pop3-login: auth failure -- due to number as first character in login name [Apr 2010]

If this information is useful, please help other people find it:
Share via:

dovecot mail list account

2010-Apr-27 23:44 UTC

[Dovecot] pop3-login: auth failure -- due to number as first character in login name

Seem to have found a error in version 1.2.6 regarding usernames having a number
as the first character. Customers with a number as the first character in thier
user name can not login via pop3 clients. However they can login through our
webmail interface. If we remove the number from the username then the customer
can login.


# 1.2.6: /etc/dovecot.conf
# OS: Linux 2.6.31.12-desktop-3mnb x86_64 Mandriva Linux 2010.0
protocols: pop3
ssl_listen: *
ssl_cert_file: /etc/pki/tls/certs/dovecot.pem
ssl_key_file: /etc/pki/tls/private/dovecot.pem
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable: /usr/lib64/dovecot/pop3-login
mail_privileged_group: mail
mail_location: mbox:~/mail:INBOX=/home/mail/%u
mail_executable: /usr/lib64/dovecot/pop3
mail_plugin_dir: /usr/lib64/dovecot/modules/pop3
pop3_uidl_format: %08Xv%08Xu
lda:
  postmaster_address: postmaster at example.com
auth default:
  mechanisms: plain login
  verbose: yes
  passdb:
    driver: pam
  userdb:
    driver: passwd
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
plugin:
  quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95
  quota_warning2: storage=80%% /usr/local/bin/quota-warning.sh 80

Timo Sirainen

2010-Apr-29 18:00 UTC

head link

[Dovecot] pop3-login: auth failure -- due to number as first character in login name

On Tue, 2010-04-27 at 16:44 -0700, dovecot mail list account
wrote:> Seem to have found a error in version 1.2.6 regarding usernames having a
number as the first character. Customers with a number as the first character in
thier user name can not login via pop3 clients. However they can login through
our webmail interface. If we remove the number from the username then the
customer can login.
Set auth_debug=yes. What does Dovecot log when such user tries to log
in? It's possible that the bug is in PAM/NSS plugin instead of Dovecot,
anyway most likely some code somewhere assumes that if name begins with
a digit it's UID number rather than username.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20100429/9901a63e/attachment-0002.bin>

Apparently Analagous Threads

Search for more seemingly similar threads

dovecot - Apr 2010 - pop3-login: auth failure -- due to number as first character in login name

[Dovecot] pop3-login: auth failure -- due to number as first character in login name

[Dovecot] pop3-login: auth failure -- due to number as first character in login name

Apparently Analagous Threads