[Dovecot] mysql authentication

Justin Finkelstein dovecot at seriouslogic.co.uk
Mon Aug 15 15:27:43 EEST 2005


I hadn't set the default_pass_scheme. Thanks for pointing that out!

j.

-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org] On
Behalf Of Timo Sirainen
Sent: 15 August 2005 10:11
To: Justin Finkelstein
Cc: dovecot at dovecot.org
Subject: Re: [Dovecot] mysql authentication


On 15.8.2005, at 11:33, Justin Finkelstein wrote:

> 	SELECT clear AS password FROM users LEFT JOIN domains ON
> domains.domain_id = users.domain_id WHERE domain="%d" AND 
> username="%d" AND users.enabled = 1 AND domains.enabled = 1

So the password is in cleartext? Have you changed default_pass_scheme 
to plain?

> 	dovecot-auth: mysql(justin at redwiredesign.co.uk): Password mismatch
>
> Is there a way that I can see how dovecot's doing the comparison? I 
> have set the following in dovecot.conf:

No. I think it's maybe a bit too much to log passwords.. It's usually 
just that the scheme is wrong anyway.

> I've read the wiki on raw logging, but I don't know: (a) how to enable 
> this through the port (b) whether this is even applicable as 
> apparently all it
> logs is the imap traffic.

Rawlog isn't able to log preauthentication traffic.




More information about the dovecot mailing list