Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 15th April 2012, 18:32
andyb2000 andyb2000 is offline
Junior Member
 
Join Date: Feb 2012
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default SASL auth - mailbox possible bug?

Hi folks,
Trying to track down an unusual problem so thought I'd post here what I've tested and found as somebody might be able to shed some light on it/confirm what I've found.

Changing the password to a mailbox by going "Email Mailbox", clicking on a mailbox and typing a new password in.

Firstly tried changing it to a 'xxxxxxxxx1' length password.
Password hash in database appeared to change.
Tried an auth using perl encoding:

Code:
perl -MMIME::Base64 -e 'print encode_base64("user\@domain.co.uk\0user\@domain.co.uk\0xxxxxxxxx1");'
And pushed that to SMTP:

Code:
telnet localhost 25
EHLO me
AUTH PLAIN xxx
(Where xxx is obviously the hash I got from the perl Base64 encode). And the password worked.

I then changed the password again to 'tester1'.
Again encoded it and tested via SMTP, password failure.
I then tried the first password again, and to my surprise that authenticated.

It seems to take 2 attempts via the web interface to force a password change, even though the DB appears to change each time.

Am I missing something here?

Basic setup: Ubuntu 11.04 server with postfix/SASL auth via mysql (standard setup). Pretty much base setup.
Reply With Quote
Sponsored Links
  #2  
Old 15th April 2012, 18:36
andyb2000 andyb2000 is offline
Junior Member
 
Join Date: Feb 2012
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Ah,
You know what. I think I've just found it. saslauthd uses caching

Code:
/usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
Which the man page states:
Quote:
-c Enable cacheing of authentication credentials
So that could be the issue here, if so apologies for the wasted time here! I'll continue debugging but think thats it!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig3 won't start after update Cracklefish Installation/Configuration 15 28th February 2012 14:11
Mail hold in Q fisherofer Installation/Configuration 1 5th February 2012 13:29
SquirrelMail login not working glenneh Installation/Configuration 13 9th April 2011 20:01
Cannot login to SquirrelMail sellotape Installation/Configuration 13 26th October 2010 11:03
proFTPd passive mode problems bisbell Server Operation 8 6th August 2008 21:12


All times are GMT +2. The time now is 18:23.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.