Use testsaslauthd and check what you have observed is true. Then check the password policy of the pam module for sasl and the authentication system with which sasl works for authentication. If your observation is not true, then it is the situation where you use one authentication system(linux passwd file) which can give green signal to access services like pop3 or the other authentication system(LDAP, with sasl for smtp authentication) gives the green signal to authenticate a user to use system services like pop3 or smtp. In that case you find a way to synchronize user information in both ldap and Linux passwd file whenever you allow passwd change via horde. Else work with the PAM modules settings for both ldap and Linux password file authentication should be necessary for a successful session initiation to access system services like pop3 and smtp. Hope I am not confusing. Muthu -----Original Message----- From: cyrus-sasl-bounces@xxxxxxxxxxxxxxxxxxxx [mailto:cyrus-sasl-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf Of Philippe Trolliet Sent: Wednesday, August 22, 2007 8:38 PM To: Cyrus-Sasl Subject: strange login/password problem hi, i have a strange login problem on my mailserver and i don´t know what it is. i assume that it has something to do with saslauthd. here my problem: this morning a user said that he can use 2 different passwords for his account. he was using the horde webclient to login. horde itself is configured to use imp (imap) for authentication. he used the following 2 passwords: keht77&0nme keht77&0nba first i thought that it has something to do with horde. so i created an imap connection in outlook to test if this just works with horde. i used both passwords for receiving (imap) and sending (smtp with authentication) mail. both passwords worked fine. now i think that it has something to do with saslauthd or the '&'-character in the password. it doesn´t matter which characters follow the string "keht77&0". it accepts everything. it has nothing to do with a maximum of 8 characters for passwords because my own is longer than 8 characters and i have to supply the whole password string. i also tried to change the password to "keht77&0nme" directly on the database with phpmyadmin. but this didn´t change anything. saslauthd is started with the -c option to cache user credentials because the swap space on the mailserver went out auf space and so it crashed. it uses pam to authenticate and pam itself is configured to search for the login credentials in a mysql database. i hope that i haven´t forgot anything and that anybody can help me. regards philippe