Results 1 to 4 of 4
  1. #1

    Minimum length Username?

    I have a problem with authenticating to my courier imap server when the user name is less than 5 characters.

    Running Debian
    Vpopmail
    Administering through qmailadmin
    Testing using squirrelMail

    Any ideas anyone. Is this some weird security feature?

  2. #2
    Join Date
    Jan 2005
    Location
    Chicago
    Posts
    226
    It's not a courier issue- it's probably with whatever authentication method you are using.

    I was able to create a single character names for use with Courier on FreeBSD, with the user created as a shell user.

    What method is Courier using to authenticate the users? Can you create such a short username with a shell account?
    Ken

    CROWHOST hosting+colocation services | 877-CROWHOST | support at crowhost.com
    Independent remote-hands serving all Chicago data centers

  3. #3
    Thanks


    authdaemonrc

    ##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
    #
    # Copyright 2000-2001 Double Precision, Inc. See COPYING for
    # distribution information.
    #
    # authdaemonrc created from authdaemonrc.dist by sysconftool
    #
    # Do not alter lines that begin with ##, they are used when upgrading
    # this configuration.
    #
    # This file configures authdaemond, the resident authentication daemon.
    #
    # Comments in this file are ignored. Although this file is intended to
    # be sourced as a shell script, authdaemond parses it manually, so
    # the acceptable syntax is a bit limited. Multiline variable contents,
    # with the \ continuation character, are not allowed. Everything must
    # fit on one line. Do not use any additional whitespace for indentation,
    # or anything else.

    ##NAME: authmodulelist:0
    #
    # The authentication modules that are linked into authdaemond. The
    # default list is installed. You may selectively disable modules simply
    # by removing them from the following list. The available modules you
    # can use are: authcustom authcram authuserdb authvchkpw authldap

    authmodulelist="authuserdb authvchkpw"

    ##NAME: authmodulelistorig:1
    ##NAME: authmodulelistorig:1
    #
    # This setting is used by Courier's webadmin module, and should be left
    # alone

    authmodulelistorig="authuserdb authvchkpw"

    ##NAME: daemons:0
    #
    # The number of daemon processes that are started. authdaemon is typically
    # installed where authentication modules are relatively expensive: such
    # as authldap, or authmysql, so it's better to have a number of them running.
    # PLEASE NOTE: Some platforms may experience a problem if there's more than
    # one daemon. Specifically, SystemV derived platforms that use TLI with
    # socket emulation. I'm suspicious of TLI's ability to handle multiple
    # processes accepting connections on the same filesystem domain socket.
    #
    # You may need to increase daemons if as your system load increases. Symptoms
    # include sporadic authentication failures. If you start getting
    # authentication failures, increase daemons. However, the default of 5
    # SHOULD be sufficient. Bumping up daemon count is only a short-term
    # solution. The permanent solution is to add more resources: RAM, faster
    # disks, faster CPUs...

    daemons=5

    ##NAME: version:0
    #
    # When you have multiple versions of authdaemond.* installed, authdaemond
    # just picks the first one it finds. Set "version" to override that.
    # For example: version=authdaemond.plain

    version=""

    ##NAME: authdaemonvar:0
    #
    # authdaemonvar is here, but is not used directly by authdaemond. It's
    # used by various configuration and build scripts, so don't touch it!

    authdaemonvar=/usr/lib/courier-imap/var/authdaemon


    Not sure if this config file helps?

  4. #4
    Join Date
    Jan 2005
    Location
    Chicago
    Posts
    226
    Here's what's important- this line:

    authmodulelist="authuserdb authvchkpw"

    In this case, courier will try to authenticate a user against authuserdb, and if that fails it will try authvchkpw

    We still don't know which is really being used and why it's failing. Try more verbose logging. Add this line to your imapd config file

    DEBUG_LOGIN=2

    As it says in the embedded docs, this will log password info. Tailing your imapd logfile, usually maillog will show how and why thing are failing when users log in.

    I'm not sure what your two authentication methods are, but they may generate logs as well. It's one of them that doesn't like short usernames or passwords. Look at their docs, or try to enable more extensive logging from them.
    Ken

    CROWHOST hosting+colocation services | 877-CROWHOST | support at crowhost.com
    Independent remote-hands serving all Chicago data centers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •