Cryus IMAP accepts any password!

Michuki Mwangi michuki at
Tue Mar 29 11:35:04 EST 2005

Dear list members,

I seem to have the most bizarre situation on my new setup.

FreeBSD 5.3
Cyrus-imap2 2.2.8
Cyrus-saslauthd 2.1.19_1
Postfix - 2.1.4
Squirrelmail - 1.4.3a

Setup and delivery is fine.I can check mail from the respective accounts
created in mysql and cyradm with *ANY* PASSWORD!. in this case i have tried
both through Webmail (Squirrelmail) and mail client.

I can see the following from messages log

Mar 29 19:16:23 mail pop3[868]: starttls: TLSv1 with cipher RC4-MD5 (128/128 bits new) no authentication
Mar 29 19:16:23 mail pop3[868]: login: [x.x.x.x] info PLAIN+TLS User logged in

I thought that my setup was wrong so i tried to debug by putting a wrong
username or password or DB in the /etc/pam.d/pop and imap files

Well i can see that an sql error is generated in auth.log as follows.

Mar 29 19:15:25 mail saslauthd[569]: pam_mysql: MySQL err Access denied for user: 'xxx'@'localhost' to database 'mail'
Mar 29 19:15:32 mail saslauthd[565]: pam_mysql: MySQL err Access denied for user: 'xxx'@'localhost' to database 'mail'

however am still able to check mail through the webclient or Kmail.

My /etc/pam.d/imap & pop files are as follows.
# auth
#auth           required          no_warn
#auth           sufficient             no_warn try_first_pass
#auth           sufficient              no_warn try_first_pass
#auth           required             no_warn try_first_pass
auth sufficient user=xxxxxx passwd=xxxxx host=localhost db=mail tabl
e=accountuser usercolumn=username passwdcolumn=password crypt=0
account required user=xxxxxx passwd=xxxxx host=localhost db=mail tab
le=accountuser usercolumn=username passwdcolumn=password crypt=0

imap.conf file has the following options uncommented from the default settings.

configdirectory: /var/imap
partition-default: /home/mail
allowanonymouslogin: no
allowplaintext: yes
timeout: 30
poptimeout: 10
admins: cyrus
reject8bit: no
sieveusehomedir: false
sievedir: /home/sieve
sendmail: /usr/sbin/sendmail
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN LOGIN

Where am i  going wrong?


Cyrus Home Page:
Cyrus Wiki/FAQ:
List Archives/Info:

More information about the Info-cyrus mailing list