[Dovecot] dovecot auth is case insensitive, but fs is sensitive :)

[Benny Pedersen]

others have found this problem ?

this possible bug can be used by user in that way that one password  
login can use 2 maildirs in filesystem effitively give them all space  
qoutas and lost of other goodies

so to speak:

foo at example.com with a password can login with fOO at example.com and  
fOo at example.com

add more chars to get more mailbox :/

confirms ?

i found the problem when i had horde installed

dovecot 1.1.7

-- 
xpoint
-------------- next part --------------
# 1.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.30-gentoo-r5 x86_64 Gentoo Base System release 1.12.11.1 ext3
base_dir: /var/run/dovecot/
protocols: pop3 imap managesieve pop3s imaps
ssl_listen: *
ssl_ca_file: /etc/ssl/certs/ca-certificates.crt
ssl_cert_file: /etc/ssl/private/home_server.pem
ssl_key_file: /etc/ssl/private/home_privatekey.pem
ssl_cipher_list: ALL:!LOW
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
login_executable(managesieve): /usr/libexec/dovecot/managesieve-login
login_greeting_capability(default): yes
login_greeting_capability(imap): yes
login_greeting_capability(pop3): no
login_greeting_capability(managesieve): no
login_processes_count: 2
login_max_processes_count: 10
first_valid_uid: 125
last_valid_uid: 125
first_valid_gid: 125
last_valid_gid: 125
mail_location: maildir:/home/vmail/%d/%u/.maildir
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_executable(managesieve): /usr/libexec/dovecot/managesieve
mail_plugins(default): quota imap_quota
mail_plugins(imap): quota imap_quota
mail_plugins(pop3): quota
mail_plugins(managesieve): 
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(managesieve): /usr/lib64/dovecot/managesieve
imap_client_workarounds(default): outlook-idle
imap_client_workarounds(imap): outlook-idle
imap_client_workarounds(pop3): 
imap_client_workarounds(managesieve): 
pop3_lock_session(default): no
pop3_lock_session(imap): no
pop3_lock_session(pop3): yes
pop3_lock_session(managesieve): no
pop3_client_workarounds(default): 
pop3_client_workarounds(imap): 
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
pop3_client_workarounds(managesieve): 
sieve_storage(default): 
sieve_storage(imap): 
sieve_storage(pop3): 
sieve_storage(managesieve): /home/vmail/%d/%u/.sieve
sieve(default): 
sieve(imap): 
sieve(pop3): 
sieve(managesieve): /home/vmail/%d/%u/.dovecot.sieve
namespace:
  type: private
  inbox: yes
  list: yes
  subscriptions: yes
auth default:
  mechanisms: plain login
  worker_max_count: 4
  passdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  userdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 438