dovecot allowing any password

Discussion in 'Installation/Configuration' started by woozyerdaddee, Jul 20, 2006.

  1. woozyerdaddee

    woozyerdaddee New Member

    I have dovecot installed to run the imap/pop side of my email server (with virtual hosting). The problem I am encountering is as long as the person has a legit virtual mailbox, it allows anything as the password. Here is my dovecot.conf:

    base_dir = /var/run/dovecot/
    protocols = imap pop3 imaps pop3s
    ssl_disable = no
    ssl_cert_file = /etc/postfix/ssl/server.crt
    ssl_key_file = /etc/postfix/ssl/server.key
    ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
    ssl_parameters_regenerate = 24
    log_path = /var/log/dovecot
    info_log_path = /var/log/
    login_dir = /var/run/dovecot/login
    login_chroot = yes
    login = imap
    login_executable = /usr/lib/dovecot/imap-login
    login_user = dovecot
    login = pop3
    login_executable = /usr/lib/dovecot/pop3-login
    verbose_ssl = yes
    valid_chroot_dirs = /var/spool/vmail
    default_mail_env = maildir:/var/spool/vmail/%d/%n
    imap_executable = /usr/lib/dovecot/imap
    pop3_executable = /usr/lib/dovecot/pop3
    auth = default
    auth_mechanisms = plain digest-md5
    auth_userdb = passwd-file /etc/dovecot/users
    auth_passdb = passwd-file /etc/dovecot/passwd
    auth_executable = /usr/lib/dovecot/dovecot-auth
    auth_user = root
    auth_verbose = yes

    Here is the "passwd" file:

    # Virtual Users Passwords
    [email protected]::$1$WW8U2exN$6OZPhyJz5JSDijoipZjurl
    [email protected]::$1$HEXJlljE$Upc279qHenYFBYflaossk/

    the "user" file:

    # Virtual User Accounts
    [email protected]::1000:1000::/var/spool/vmail/
    [email protected]::1000:1000::/var/spool/vmail/

    The passwords are MD5 encoded, generated by

    Help? Thanks!
  2. falko

    falko Super Moderator ISPConfig Developer

    What's in your mail log when you try to fetch emails?

Share This Page