[Dovecot] cram-md5 problem

Richard Stockton dovecot at richardleestockton.org
Fri Jan 30 03:07:15 EET 2009 

Hi Timo,  (just realized your reply was CCed to the list)

At 04:28 PM 1/29/2009, you wrote:
>On Jan 29, 2009, at 7:22 PM, Richard Stockton wrote:
>
>>I just updated to dovecot 1.1.10 from 1.1.2 and now anyone using
>>cram-md5 can't get authenticated.  I am using mysql for passwords
>>(in plain text) and home directories.
>
>Set auth_debug_passwords=yes. What does it log when logging in with
>CRAM-MD5? (And try with a temporary password that you can change
>afterwards.)

Here's an example I just pulled from the logs.

dovecot: Jan 29 16:35:03 Info: auth-worker(default): 
sql(jennshinjo,xx.xx.xx.xx): SELECT home, uid, gid FROM users WHERE 
username = 'jennshinjo' AND domain = ''
dovecot: Jan 29 16:35:03 Info: auth(default): 
prefetch(jennshinjo,xx.xx.xx.xx): success
dovecot: Jan 29 16:35:03 Info: auth(default): master out: 
USER  1490    jennshinjo      home=j/e/jennshinjo/Maildir/ 
uid=5000        gid=5000        home=j/e/jennshinjo/Maildir/ 
uid=5000        gid=5000
dovecot: Jan 29 16:35:03 Info: pop3-login: Internal login failure 
(auth failed, 1 attempts): user=<jennshinjo>, method=CRAM-MD5, 
rip=xx.xx.xx.xx, lip=10.255.0.11


>Also show your dovecot-sql.conf and dovecot -n output.


:> more /usr/local/etc/dovecot-sql.conf
driver = mysql
connect = host=10.211.1.3 dbname=mail user=postfix password=p0stf1x9
default_pass_scheme = PLAIN
password_query = SELECT password, home as userdb_home, 5000 as 
userdb_uid, 5000
as userdb_gid FROM mailbox where userid = '%n'


:> dovecot -n
# 1.1.10: /usr/local/etc/dovecot.conf
# OS: Linux 2.6.18-128.el5 i686 Red Hat Enterprise Linux Server 
release 5.3 (Tikanga) ext3
base_dir: /var/run/dovecot/
log_path: /var/log/pop.log
info_log_path: /var/log/dovecot-info.log
protocols: imap imaps pop3 pop3s
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
ssl_listen(default): *:993
ssl_listen(imap): *:993
ssl_listen(pop3): *:995
ssl_cert_file: /etc/ssl/certs/server.crt
ssl_key_file: /etc/ssl/private/server.key
ssl_cipher_list: ALL:!LOW:!SSLv2
disable_plaintext_auth: no
verbose_ssl: yes
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
login_greeting: Dovecot on mail-pop01.xxxxx.com ready.
verbose_proctitle: yes
mail_location: maildir:/mail/%h:INDEX=MEMORY
mmap_disable: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugins(default): mail_log
mail_plugins(imap): mail_log
mail_plugins(pop3):
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
mail_log_max_lines_per_sec: 0
auth default:
   mechanisms: plain cram-md5
   debug_passwords: yes
   process_size: 1024
   passdb:
     driver: sql
     args: /usr/local/etc/dovecot-sql.conf
   userdb:
     driver: sql
     args: /usr/local/etc/dovecot-sql.conf
   userdb:
     driver: prefetch


I appreciate your help.
Thanks.
  - Richard

More information about the dovecot mailing list