similar to: Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password

Hi friends, I am migrating imap-courier to dovecot, I use openbsd+postfix+imap-courier, and now I'm trying to run openbsd+opensmtpd+dovecot. In the beginning it was a little traumante but it works OpenSMTPD correctly. Now I have configured dovecot, and I hope that your backend authorization is the same database that was used imap-courier. In /var/log/maillog receipt the following error

Problem: Using MySQL storage for the user and password db with MD5-CRYPT hashes, Dovecot fails to successfully authenticate when the MD5-CRYPT or MD5 settings are specified as default_pass_scheme in dovecot-mysql.conf. Dovecot /does/ successfully authenticate against MD5-CRYPT hashes when default_pass_scheme is set to CRYPT, which according to the docs should be DES encryption. (I do not

Hi, I read a lot of howto's and I got problems with LDAP and Dovecot to work together. I'm using: Gentoo Linux 2008.0 hardened Dovecot 1.1.7 Kernel 2.6.26 OpenLDAP 2.3.43 My dovecot-ldap.conf is: uris = ldaps://auth.mydomain.com:636 auth_bind = yes auth_bind_userdn = uid=%u,ou=People,dc=mydomain,dc=com ldap_version = 3 base = ou=People,dc=mydomain,dc=com deref = never scope = subtree

'afternoon list! I use mysql as userdb, which contains two type of password schemes: DES and MD5-CRYPT. I read there : http://wiki.dovecot.org/Authentication/PasswordSchemes that both are supported by dovecot. Unfortunately, dovecot keeps saying: Not a valid MD5-CRYPT or PLAIN-MD5 password when looking for a user with DES encrypted password. Is dovecot able to recognize password

I use dovecot 1.0rc25 in dovecot.conf: auth default { mechanisms = LOGIN CRAM-MD5 DIGEST-MD5 PLAIN APOP passdb sql { args=/etc/dovecot-crammd5.conf } passdb sql { args=/etc/dovecot-sql.conf } userdb sql { args=/etc/dovecot-sql.conf } } in dovecot-sql.conf: driver = mysql connect = host=/var/run/mysql/mysql.sock port= dbname=mail user=vmailuser password=vmailpassword password_query = SELECT clear

I config postfix+mysql+dovecot for SASL SMTP autentication. It works if set: default_pass_scheme = PLAIN and store plain-text password in mysql I'm change default_pass_scheme = PLAIN with default_pass_scheme = PLAIN-MD5 an store password in mysql with md5('passwd') and dovecotpw -s PLAIN-MD5 -p test {PLAIN-MD5} and md5("test") = 098f6bcd4621d373cade4e832627b4f6 but

On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: > Hello, > > I am wondering which variant is more secure for user authentication and > password scheme. Basically I am looking at both variants: > > 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism > 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism > > In my opinion the option 2)

Am 06.12.2014 um 06:56 schrieb Jan Wide?: > If you add disable_plaintext_auth=yes ssl=required settings, then > dovecot will drop authentication without STARTTLS. But damage will be > done, client will send unencrypted (or in this scenario MD5 or SHA512 > hash) login/password no, damage will *not* be done STARTTLS happens in context of connect and *log before* any authentication is

Hi, i am running dovecot 2.0.11 (with mysql backend) and until now using PLAIN-MD5 as pass default_pass_scheme everything was working fine. However i wanted to change the pass_scheme to something stronger than plain-md5, so i started by reading the wiki. I found this: http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes But when i comment out "default_pass_scheme" and i create the

Hello, I am wondering which variant is more secure for user authentication and password scheme. Basically I am looking at both variants: 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism In my opinion the option 2) should be safer although it is using PLAIN auth mechanism. Of course I would always use STARTTLS and

Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>: > >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash)

i use last dovecot rc23 with users/passwords in mysql 1) How can i define a sql query for each auth mechanism ? 2)Why i can't set "default_pass_scheme = login" in my dovecot-sql.conf? : dovecot: Feb 21 09:46:22 Info: auth(default): client in: AUTH 1 PLAIN service=IMAP secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFkaUBhZHJpYW4uZXUAcGFyb2xh dovecot: Feb 21

On 12/06/2014 02:35 AM, Nick Edwards wrote: > On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password

Hi List. I've got a dovecot running with mysql. All my users data are there. But I intend to use MD5 instead of clear passwords at MySQL. Someone can help-me? []s; Andrey Here's my dovecot-mysql.conf: # Dovecot queries db_host = localhost db_unix_socket = /var/lib/mysql/mysql.sock db_port = 3306 db = mail db_user = my_conn_user db_passwd = my_conn_passwd # # Pehapes i need to

Hi, Long story short I've got a fully functional Dovecot IMAP instance and I am now looking to upgrade some perimiter authenticated SMTP relays to authenticate against the Dovecot instance. Trouble is that I am seeing errors such as "auth: Warning: sql: Ignoring changed user_query in /etc/dovecot/local_sql_users.conf, because userdb sql not used." in my Postfix server logs and not

Hello everyone, I'm trying to make dovecot do user authentication against a SQL database. The passwords (managed by Django) are stored as salted SHA1 encoded in hex. I monkey patched Django's password method so that the password hash is made with <password><salt> (Django does <salt><password>, the patched method was verified to return same value as

After I found out that {CRYPT} doesn't support passwords longer than 8 characters, I decided to switch over to MD5 for user passwords in my LDAP database. However, while I have no problem with Postfix + SASL, Dovecot fails to authenticate. Relevant bits from /etc/dovecot-ldap.conf: user_attrs = mailAddress,,,,, # The search string is identical to what's found in /etc/saslauthd.conf:

Hello list, Still need your help configuring proxy infrastructure. Today, I really struggle configuring master passwords forwarding. What I want: master user can connect to any other account, on proxy. Could please somebody help me, I read both articles about this on wiki, but still can't connect :( What I did: on proxy: auth_master_user_separator=* passdb sql { args =

Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf

Hello! I'm storing passwords as MD5 hashes in a MySQL database and have specified "default_pass_scheme = PLAIN-MD5" in dovecot-sql.conf. Can Dovecot append or prepend a salt to a password before hashing them? Because without salt the plaintext passwords can be restored from the MD5 hashes using rainbow tables. Greetings Steffen Weber