strange login/password problem

Karthikeyen karthikeyen.smv at gmail.com
Wed Aug 22 23:50:53 EDT 2007 

Use testsaslauthd and check what you have observed is true. Then check the
password policy of the pam module for sasl and the authentication system
with which sasl works for authentication.

If your observation is not true, then it is the situation where you use one
authentication system(linux passwd file) which can give green signal to
access services like pop3 or the other authentication system(LDAP, with sasl
for smtp authentication) gives the green signal to authenticate a user to
use system services like pop3 or smtp.

In that case you find a way to synchronize user information in both ldap and
Linux passwd file whenever you allow passwd change via horde. Else work with
the PAM modules settings for both ldap and Linux password file
authentication should be necessary for a successful session initiation to
access system services like pop3 and smtp.

Hope I am not confusing.
Muthu

-----Original Message-----
From: cyrus-sasl-bounces at lists.andrew.cmu.edu
[mailto:cyrus-sasl-bounces at lists.andrew.cmu.edu] On Behalf Of Philippe
Trolliet
Sent: Wednesday, August 22, 2007 8:38 PM
To: Cyrus-Sasl
Subject: strange login/password problem

hi,
i have a strange login problem on my mailserver and i don´t know what it is.
i assume that it has something to do with saslauthd.
here my problem:
this morning a user said that he can use 2 different passwords for his
account. he was using the horde webclient to login. horde itself is
configured to use imp (imap) for authentication.
he used the following 2 passwords:
	keht77&0nme
	keht77&0nba
first i thought that it has something to do with horde. so i created an imap
connection in outlook to test if this just works with horde. i used both
passwords for receiving (imap) and sending (smtp with authentication) mail.
both passwords worked fine.
now i think that it has something to do with saslauthd or the '&'-character
in the password. it doesn´t matter which characters follow the string
"keht77&0". it accepts everything. it has nothing to do with a maximum of 8
characters for passwords because my own is longer than 8 characters and i
have to supply the whole password string.
i also tried to change the password to "keht77&0nme" directly on the
database with phpmyadmin. but this didn´t change anything.

saslauthd is started with the -c option to cache user credentials because
the swap space on the mailserver went out auf space and so it crashed. it
uses pam to authenticate and pam itself is configured to search for the
login credentials in a mysql database.

i hope that i haven´t forgot anything and that anybody can help me.

regards
philippe

More information about the Cyrus-sasl mailing list