Displaying 3 results from an estimated 3 matches for "unknownpassword".
2018 Mar 22
2
why is dovecot "Allowing any password"
...r a SAML2 authenticated SOGo webmail logon.
In these scenarios, SOGo uses the 127.0.0.1 connection, to logon to
imap. Since it does know the username.
I guess a better solution would be for SOGo to be able to do
'transformations' to the username/password, to change the regular
username/unknownpassword into username*master/masterpassword, and get
rid of the 127.0.0.1 passwordless listener.
Right?
But SOGo doesn't do that. (afaik)
MJ
2018 Mar 22
0
why is dovecot "Allowing any password"
...ebmail logon.
>
> In these scenarios, SOGo uses the 127.0.0.1 connection, to logon to
> imap. Since it does know the username.
>
> I guess a better solution would be for SOGo to be able to do
> 'transformations' to the username/password, to change the regular
> username/unknownpassword into username*master/masterpassword, and get
> rid of the 127.0.0.1 passwordless listener.
>
> Right?
>
> But SOGo doesn't do that. (afaik)
>
> MJ
I would recommend using master password (that is, replace nopassword=y
with password=staticpassword). I know that from localho...
2018 Mar 22
5
why is dovecot "Allowing any password"
On 03/21/2018 10:34 PM, @lbutlr wrote:
> The question is does it allow remote users to login with no password?
Yes, and the answer is: no.
> If not, then the message ie nearly notification that login without a password is potentially possible.
Yes, but a worrying one. That's why i decided to post here.
> I have no idea why you would have nopassword=y set in the first place, so it