why is dovecot "Allowing any password"

@lbutlr kremels at kreme.com
Wed Mar 21 23:34:13 EET 2018


On 2018-03-21 (14:15 MDT), mj <lists at merit.unu.edu> wrote:
> 
> Even when the connection is denied because of a wrong password, the message "Allowing any password" is showing up in the logs.


The question is does it allow remote users to login with no password?

If not, then the message ie nearly notification that login without a password is potentially possible.

I have no idea why you would have nopassword=y set in the first place, so it seems the simplest way to eliminate this problem is to take that out and have a secure environment for sending mail.



-- 
They say whisky'll kill you, but I don't think it will I'm ridin' with
you to the top of the hill



More information about the dovecot mailing list