POP3 authentication problem. Please Help.

Sergey Merkuriev sergey at maks.net
Wed Oct 2 07:54:34 EDT 2002 

Hello,

I found why not work POP3 and ask strange authentification. I added two
paramters into imap.conig:

sasl_minimum_layer: 0
sasl_auto_transition: no

Thanks what answern on my email.

~ Sergey Merkuriev

> > > Have trouble with POP3 it not work properly. I have two users: user1
and
> > > user2. The user1 have imap account and can login into IMAP server but
> > can't
> > > login into POP3 server and user2 cant login into POP3 server. The
files
> > > user1 and user2 exists in the directory /var/spool/email. There is log
> > > strange records from pop3d.
> > >
> > > Have IMAP and POP3 Server.
> > >
> > > /usr/local/sbin/saslauthd -a shadow
> > >
> > > imap.conf
> > >
> > > configdirectory: /var/imap
> > > partition-default: /var/spool/imap
> > > admins: cyrus root
> > > srvtab: /var/imap/srvtab
> > > sievedir: /var/sieve
> > > allowanonymouslogin: no
> > > sasl_pwcheck_method: saslauthd
> > > allowplaintext: yes
> > >
> > > cyrus.conf
> > > ...
> > > imap          cmd="imapd" listen="imap" prefork=0
> > > pop3          cmd="pop3d" listen="pop3" prefork=0
> > >
> > > auth.log:
> > > ....
> > > Oct  1 22:38:16 abtweb pop3d[29440]: could not find auxprop plugin,
was
> > > searching for '[all]'
> > > Oct  1 22:38:16 abtweb pop3d[29440]: could not find password
> > >
> > > ./pop3test -u user2 localhost
> > >
> > > S: +OK abtweb Cyrus POP3 v2.1.9 server ready
> > <2878525666.1033498506 at abtweb>
> > > C: CAPA
> > > S: +OK List of capabilities follows
> > > S: EXPIRE NEVER
> > > S: LOGIN-DELAY 0
> > > S: TOP
> > > S: UIDL
> > > S: PIPELINING
> > > S: RESP-CODES
> > > S: AUTH-RESP-CODE
> > > S: USER
> > > S: IMPLEMENTATION Cyrus POP3 server v2.1.9
> > > S: .
> > > Please enter your password:
> > > C: APOP root 8cec702222679eae661ac964b834e1d8
> > > S: -ERR [AUTH] authenticating: another step is needed in
authentication
> > > Authentication failed. generic failure
> > > Security strength factor: 0
> >
> > Try:
> >
> > ./pop3test -u user2 -m user localhost
> >
> > The fact that pop3d is advertising APOP (with a challenge in the banner)
> > without auxprop being available is a bug.  I'll look into it.
>
> After thinking about this some more, this isn't a bug at all (perhaps the
error
> is misleading however).  Any time that a client/server tries to use a
> non-plaintext mechanism (APOP, CRAM-MD5, etc), the mechanism will try to
lookup
> the password in sasldb2.
>
> Unfortunately for you, pop3test always tries to use the strongest
mechanism
> advertised by the server, so it tried APOP.
>
> You can disable APOP when you compile SASL, but perhaps we need a runtime
> configure option as well.

More information about the Info-cyrus mailing list