[Dovecot] Authentication and the wrong mailbox?
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this. One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.
Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
-- Richard West $14.95 Registrations mailto:rwest@wesmo.com Wesmo Computer Services .com .net .org .tv .cc http://www.wesmo.com Full Domain & Web Hosting .BIZ .INFO & MORE!!
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this. One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.
Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
Really?? I have to tell you, it's scary!
We're using 0.99.13, the RPM that came with FC3. I tried to build the latest version using the SRPM (with some minor modifications), but encountered problems there..
Yes, I'm authenticating against LDAP via NSS (through PAM)...
Native LDAP authentication, eh? Hrmm... How difficult is that to set up?
-Rich
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this. One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.
Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
Yep, that's *exactly* the setup we have.
It's very easy... just a configuration change.
Rich West wrote:
Really?? I have to tell you, it's scary!
We're using 0.99.13, the RPM that came with FC3. I tried to build the latest version using the SRPM (with some minor modifications), but encountered problems there..
Yes, I'm authenticating against LDAP via NSS (through PAM)...
Native LDAP authentication, eh? Hrmm... How difficult is that to set up?
-Rich
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this.
One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
*whew* That's comforting, actually, to know that it wasn't just me. :)
I've done the same.. created a dovecot-ldap.conf and updated the dovecot.conf accordingly.
A restart of dovecot, and it is happily running. Hopefully, we won't see this problem again!
Thanks for your help! -Rich
Yep, that's *exactly* the setup we have.
It's very easy... just a configuration change.
Rich West wrote:
Really?? I have to tell you, it's scary!
We're using 0.99.13, the RPM that came with FC3. I tried to build the latest version using the SRPM (with some minor modifications), but encountered problems there..
Yes, I'm authenticating against LDAP via NSS (through PAM)...
Native LDAP authentication, eh? Hrmm... How difficult is that to set up?
-Rich
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this. One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.
Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
On Sat, Apr 09, 2005 at 12:48:57PM -0400, Rich West wrote:
*whew* That's comforting, actually, to know that it wasn't just me. :)
I've done the same.. created a dovecot-ldap.conf and updated the dovecot.conf accordingly.
I've been running dovecot (.99.x) authenticating directly against ldap for about a year and a half, and this has never happened. Without the intermediary, you should be fine.
Perhaps these will help in future:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154314 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154315
On 9.4.2005, at 19:00, Josh Burley wrote:
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this. One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.
Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
One can hope!
Just curious, the patch that you put up there, is that ONLY performed when the connection is established via PAM?
-Rich
Perhaps these will help in future:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154314 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154315
On 9.4.2005, at 19:00, Josh Burley wrote:
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this.
One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
No, PAM doesn't have anything to do with the problem. pam_ldap is working just fine. The check is done when userdb=passwd.
On Sat, 2005-04-09 at 15:22 -0400, Rich West wrote:
One can hope!
Just curious, the patch that you put up there, is that ONLY performed when the connection is established via PAM?
-Rich
Perhaps these will help in future:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154314 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154315
On 9.4.2005, at 19:00, Josh Burley wrote:
We had the same problem when we converted.
What version of dovecot are you using? What are you authenticating against? LDAP?
I had been authenticating via nss to LDAP. I switched to the LDAP native authentication and have not had the problem since.
Rich West wrote:
I just migrated from UW-imap to dovecot last night. After some tweaking of the dovecot.conf file, disabling xinetd's entries, firing up the dovecot daemon, and copying the .mailboxlist to .subscriptions for all users, things looked to be going just fine!
I received a call this morning from a user stating that they had all of *my* emails in *their* inbox! They don't know when it happened as their machine POP's email off every 5-10 minutes or so, but we were able to isolate it to a 8hr period last night.
Further investigation showed that at some time through the evening, dovecot freaked out during the authentication phase and for some bizzare reason, when the user connected via POP3, they were able to download all of my inbox!
Additionally, by the time I was looking in to it, NO users could authenticate via dovecot, and, hence, no one had access to email.
Restarting dovecot resolved the issue, but I have my doubts about it being truly resolved.
I'm going to run some tests (what little I can think of), but this is the first time I have ever experienced a situation such as this.
One thing for UW is that this situation never happened, and I've only had dovecot running for about 13hrs.Any ideas as to how or why this may have happened, and how it can be prevented, would be wonderful.
-Rich
participants (4)
-
Bob Hall
-
Josh Burley
-
Rich West
-
Timo Sirainen