having problems with Argon

Adam Gold awg1 at gmx.com
Fri Sep 28 04:24:26 EEST 2018


Hello everyone.  I'm close to completing my first build of a mail server 
- Postfix, Dovecot, Postgres (I know, sounds like overkill), Rspamd with 
Redis and Unbound (please infer a mega lack of experience disclaimer).  
The model is standalone internet with remoted sasl-authenticated 
clients.

Throughout the process I've been having consistent problems with user 
password authentication.  Both when I began when I was only using flat 
files and now with pgsql, more often than not my username (full email 
address) and password combo have been rejected.  The postfix logs 
started with fairly innocent 'failed login' messages and eventually 
reached the "you don't own this email address, you're a spammer" level.  
Dovecot has been consistent with "auth: Debug: client passdb out: FAIL" 
messages.

Before I looked at this issue specifically, my guess was it came from a 
Postfix restriction but having spent quite a while going through it 
today, I don't think that's where it lies.

Finally I went back to basics and changed an account password to 
{PLAIN}12345 and what do you know - effortless success!  Previously I'd 
been using mainly argon, ssha512 sha512-crypt and a few others.  My 
passwords are strong (well in excess of 20 characters, 'randomly' 
generated).  I spent this afternoon narrowing down the hashes and while 
I haven't finished, the only one I couldn't get to work with 12345 was 
argon.

I also noticed that the wiki says the 2I and 2ID versions of Argon are 
available, doveadm pw always returned a "does not exist" error when I 
tried to use 2ID.

I'm using Dovecot version 2.3.2.1 (0719df592)



More information about the dovecot mailing list