i used testsaslauthd to check if it works with saslauthd too. it worked. it doesn´t matter what is after the "keht77&0"-string. here the commands i used: $ testsaslauthd -u user@xxxxxxxxxx -p "keht77&0kkkk" -s <tested services: imap, smtp, pop> or $ testsaslauthd -u user@xxxxxxxxxx -p "keht77&0kfdkdoe" -s <tested services: imap, smtp, pop> for every command i get 0: OK "Success." here my pam configuration: - saslauthd is configured to use pam - all user information is stored in a mysql database - following pam modules are configured to lookup the user credentials from mysql-db: - imap - pop - sieve - smtp - smtp.postfix - smtp.postfis every service has the following configuration: auth sufficient pam_mysql.so user=<some-user> passwd=<password> host=localhost db=<db-name> table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time account required pam_mysql.so user=<some-user> passwd=<password> host=localhost db=<db-name> table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time i don´t know why but logging doesn´t work. the table where all the log information should be stored is empty. regards philippe > -----Original Message----- > From: Karthikeyen [mailto:karthikeyen.smv@xxxxxxxxx] > Sent: Donnerstag, 23. August 2007 05:51 > To: 'Philippe Trolliet'; 'Cyrus-Sasl' > Subject: RE: strange login/password problem > > > Use testsaslauthd and check what you have observed is true. Then check the > password policy of the pam module for sasl and the authentication system > with which sasl works for authentication. > > If your observation is not true, then it is the situation where > you use one > authentication system(linux passwd file) which can give green signal to > access services like pop3 or the other authentication > system(LDAP, with sasl > for smtp authentication) gives the green signal to authenticate a user to > use system services like pop3 or smtp. > > In that case you find a way to synchronize user information in > both ldap and > Linux passwd file whenever you allow passwd change via horde. > Else work with > the PAM modules settings for both ldap and Linux password file > authentication should be necessary for a successful session initiation to > access system services like pop3 and smtp. > > Hope I am not confusing. > Muthu > > -----Original Message----- > From: cyrus-sasl-bounces@xxxxxxxxxxxxxxxxxxxx > [mailto:cyrus-sasl-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf Of Philippe > Trolliet > Sent: Wednesday, August 22, 2007 8:38 PM > To: Cyrus-Sasl > Subject: strange login/password problem > > hi, > i have a strange login problem on my mailserver and i don´t know > what it is. > i assume that it has something to do with saslauthd. > here my problem: > this morning a user said that he can use 2 different passwords for his > account. he was using the horde webclient to login. horde itself is > configured to use imp (imap) for authentication. > he used the following 2 passwords: > keht77&0nme > keht77&0nba > first i thought that it has something to do with horde. so i > created an imap > connection in outlook to test if this just works with horde. i used both > passwords for receiving (imap) and sending (smtp with > authentication) mail. > both passwords worked fine. > now i think that it has something to do with saslauthd or the > '&'-character > in the password. it doesn´t matter which characters follow the string > "keht77&0". it accepts everything. it has nothing to do with a > maximum of 8 > characters for passwords because my own is longer than 8 characters and i > have to supply the whole password string. > i also tried to change the password to "keht77&0nme" directly on the > database with phpmyadmin. but this didn´t change anything. > > saslauthd is started with the -c option to cache user credentials because > the swap space on the mailserver went out auf space and so it crashed. it > uses pam to authenticate and pam itself is configured to search for the > login credentials in a mysql database. > > i hope that i haven´t forgot anything and that anybody can help me. > > regards > philippe > > > > __________ NOD32 2477 (20070823) Information __________ > > This message was checked by NOD32 antivirus system. > http://www.eset.com > >