On an Ubuntu Server 12.04 system with Dovecot 2.0.19 I am having some
trouble with the Dovecot passwords. I am finding this in the logs when
I unsuccessfully try to log in:
Jul 07 08:13:25 auth-worker: Debug:
pam(user at someDomain.com,212.
179.241.14): lookup service=dovecot
Jul 07 08:13:25 auth-worker: Debug:
pam(user at someDomain.com,212.179.241.14): #1/1 style=1 msg=Password:
Jul 07 08:13:27 auth-worker: Info:
pam(user at someDomain.com,212.179.241.14): pam_authenticate() failed:
Authentication failure (password mismatch?) (given password: 12345)
Jul 07 08:13:29 auth: Debug: client out: FAIL 2 user=user at someDomain.com
Jul 07 08:13:29 pop3-login: Info: Disconnected (auth failed, 2
attempts): user=<user at someDomain.com>, method=PLAIN,
rip=212.179.241.14, lip=10.138.11.251
This is not the real password, but an example to show that I think
that there is an issue:
$ /usr/bin/doveadm pw -u user at someDomain.com -s DIGEST-MD5
Enter new password: # Here I have typed "12345"
Retype new password: # Here I have typed "12345"
{DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc
$ printf "12345" | md5sum
827ccb0eea8a706c4c34a16891f84e7b -
$
Shouldn't that password match the md5sum check? Also, might I have the
file formats wrong?
$ cat passwd
user at someDomain.com::5000:5000::/var/mail/vhosts/someDomain.com/user
$ cat shadow
user at someDomain.com:{DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc
$
Note that testing in Telnet fails the password as well, both when
specifying the user without a domain and with a domain:
$ telnet mail.someDomain.com 143
Trying x.x.x.x...
Connected to mail.someDomain.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN] Dovecot ready.
a login user 12345
a NO [AUTHENTICATIONFAILED] Authentication failed.
e logout
* BYE Logging out
e OK Logout completed.
Connection closed by foreign host.
$ telnet mail.someDomain.com 143
Trying x.x.x.x...
Connected to mail.someDomain.com.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN] Dovecot ready.
a login user at someDomain.com 12345
a NO [AUTHENTICATIONFAILED] Authentication failed.
* BAD Error in IMAP command received by server.
e logout
* BYE Logging out
e OK Logout completed.
Connection closed by foreign host.
Thanks!
--
Dotan Cohen
http://gibberish.co.il
http://what-is-what.com