Trying to track down an unusual problem so thought I'd post here what I've tested and found as somebody might be able to shed some light on it/confirm what I've found.
Changing the password to a mailbox by going "Email Mailbox", clicking on a mailbox and typing a new password in.
Firstly tried changing it to a 'xxxxxxxxx1' length password.
Password hash in database appeared to change.
Tried an auth using perl encoding:
perl -MMIME::Base64 -e 'print encode_base64("user\@domain.co.uk\0user\@domain.co.uk\0xxxxxxxxx1");'
And pushed that to SMTP:
telnet localhost 25
AUTH PLAIN xxx
(Where xxx is obviously the hash I got from the perl Base64 encode). And the password worked.
I then changed the password again to 'tester1'.
Again encoded it and tested via SMTP, password failure.
I then tried the first password again, and to my surprise that authenticated.
It seems to take 2 attempts via the web interface to force a password change, even though the DB appears to change each time.
Am I missing something here?
Basic setup: Ubuntu 11.04 server with postfix/SASL auth via mysql (standard setup). Pretty much base setup.