Question about password field in passwd-file

[Aki Tuomi]

you can add nopassword attribute to the end. See https://wiki.dovecot.org/PasswordDatabase/ExtraFields

---Aki TuomiDovecot oy
-------- Original message --------From: J Doe <general at nativemethods.com> Date: 07/07/2018  02:39  (GMT+02:00) To: dovecot at dovecot.org Subject: Question about password field in passwd-file 
Hello,

I have a question regarding the password field of the passwd-file [1].

According to the wiki, the password field assumes a {SCHEME} of CRYPT when the {SCHEME} is not prefixed
to this field.

So, a passwd-file like:

    user:password: . . .

… is equivalent to:

    user:{CRYPT}password: . . .

Does that mean an example passwd-file with NEITHER {SCHEME} or password, like:

    user at example.com:: . . . (note no scheme or password specified between colons)

…means that the user at example.com user does not have any valid crypted password and therefore the
user at example.com user cannot be authenticated ?

For example, if I use doveadm to create a null CRYPT password:

    $ sudo doveadm pw -s CRYPT -p “” -u user at example.com

… gives the result:

    {CRYPT}txR1JRq9140Qk

… which differs from the example password field having NEITHER {SCHEME} or password, like:

    user at example.com:: . . .

… so if I attempt to logon using a null password for user at example.com when nothing is specified in the
password field for the passwd-file:

    /etc/dovecot/passwd
        user at example.com:: . . .

    $ sudo doveadm auth test user at example.com
    password:
    passdb: user at example.com auth failed 

… it is impossible to logon as user at example.com with ANY PASSWORD and/or a NULL password ?

Thanks,

- J

Sources:

    [1] https://wiki2.dovecot.org/AuthDatabase/PasswdFile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180707/b0f57db7/attachment.html>