Email password issue...

N

NickRac

Verified User
Joined
May 24, 2003
Messages
22
Location
Connecticut
I'm not sure if this is a universal problem or not but on the server I use DirectAdmin on there seems to be something odd about using your password to access email via POP3

When I access email and it requests my password I'll type "blahblah"(my pretend password)and I'll be able to send and recieve the email...but if I type something like "blahblah1" or even something long like "blahblah028439478543789765764574574876476789" I can still send and recieve the email...I don't know if this is a local thing or a widespread DA problem but if it is the later of the two, something should be done.

Nick
 
I'm posting to refresh the thread, hopefully DA tech support will see it this time.

This could be an artifact of how the passwords are encoded. There are two methods of creating passwords, and the old one limits the password to the first eight characters. The newer one allows up to 256 characters if I remember correctly.

Okay, DA tech support? How do you encode the passwords?

Jeff
 
Hello,

Thanks for the bump.

If you've authenticated once with the first password, the da-popb4smtp program will store your IP for 30 minutes, so no authentication is required at all during that time for smtp... meaning you could send mail with a different password as long as your IP is in /etc/virtual/pophosts ... now if you say you can download pop emails using a different password.. I'm not too sure there.. vm-pop3d has it's own authentication checking.

The encryption used is the standard md5 encryption using crypt().

You can double check your password using php from ssh by running:
Code: 
#php
<?
echo crypt("yourpass","cryptedpass");
?>
ctrl-d
ctrl-d
If the password is correct, it should spit out an exact copy of the crypted password from /etc/virtual/domain.com/passwd.

John
 
You must log in or register to reply here.
Back
Top