failed login message

Gedalya gedalya at gedalya.net
Tue Nov 25 10:54:49 UTC 2014


On 11/25/2014 04:49 AM, 24x7server at 24x7server.net wrote:
> thanks for your reply
>
> i intentionaly put the wrong password and checked the dovecot log and the message i got was
>
> # tail -f /var/log/dovecot.log | grep "xxx at yyy.com"
> Nov 25 08:47:46 imap-login: Info: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx at yyy.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1,
> secured, session=<xObTWqYIwgB/AAAB>
>
> but in the squirrelmail login page instead of the message "unknown user or password incorrect" i get the message
>
> ERROR: Connection dropped by IMAP server.
> Query: LOGOUT
>
>
> in my old server where it is working correctly dovecot logs shows the error
>
> Nov 25 14:46:12 imap-login: Info: Aborted login (auth failed, 1 attempts): user=<"xxx at yyy.com">, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
>
> and squirrelmail gives the error : "unknown user or password incorrect" which is correct.
>
> is there any other place i need to check or some other config file (either squirrelmail or dovecot) that i need to modify
>
> could you kindly guide me
>

1. Please carefully read http://dovecot.org/mailinglists.html
2. Please carefully follow the instructions at 
http://dovecot.org/mailinglists.html. In your case, post full details 
for both servers.
3. Try to manually log in to both servers using e.g. telnet in order to 
see any differences in the way they respond.
Something like

$ telnet 192.168.9.11 143
Trying 192.168.9.11...
Connected to 192.168.9.11.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE 
IDLE STARTTLS LOGINDISABLED] Dovecot ready.
1 login gedalya 1234
* BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but 
your client did it anyway. If anyone was listening, the password was 
exposed.
1 NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure 
(SSL/TLS) connections.
2 logout
* BYE Logging out
2 OK Logout completed.
Connection closed by foreign host.

(that's how it responds in my specific case as I disallow plaintext login)

Or if you need TLS (like me):

$ openssl s_client -starttls imap -quiet -connect 192.168.9.11:143
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate 
Signing, CN = StartCom Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
. OK Pre-login capabilities listed, post-login capabilities have more.
1 login gedalya 1234
1 NO [AUTHENTICATIONFAILED] Authentication failed.
2 logout
* BYE Logging out
2 OK Logout completed.



More information about the dovecot mailing list