[Dovecot] Authentication and the wrong mailbox?
Josh Burley
jburley at kuci.org
Sat Apr 9 19:00:33 EEST 2005
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating
against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native
authentication and have not had the problem since.
Rich West wrote:
> I just migrated from UW-imap to dovecot last night. After some
> tweaking of the dovecot.conf file, disabling xinetd's entries, firing
> up the dovecot daemon, and copying the .mailboxlist to .subscriptions
> for all users, things looked to be going just fine!
>
> I received a call this morning from a user stating that they had all
> of *my* emails in *their* inbox! They don't know when it happened as
> their machine POP's email off every 5-10 minutes or so, but we were
> able to isolate it to a 8hr period last night.
>
> Further investigation showed that at some time through the evening,
> dovecot freaked out during the authentication phase and for some
> bizzare reason, when the user connected via POP3, they were able to
> download all of my inbox!
>
> Additionally, by the time I was looking in to it, NO users could
> authenticate via dovecot, and, hence, no one had access to email.
>
> Restarting dovecot resolved the issue, but I have my doubts about it
> being truly resolved.
>
> I'm going to run some tests (what little I can think of), but this is
> the first time I have ever experienced a situation such as this. One
> thing for UW is that this situation never happened, and I've only had
> dovecot running for about 13hrs.
>
> Any ideas as to how or why this may have happened, and how it can be
> prevented, would be wonderful.
>
> -Rich
>
>
>
More information about the dovecot
mailing list