A BUGNOTE has been added to this bug. ====================================================================== http://dbmail.org/mantis/bug_view_advanced_page.php?bug_id=0000183 ====================================================================== Reported By: OutboundIndex Assigned To: ====================================================================== Project: DBMail Bug ID: 183 Category: Database layer Reproducibility: always Severity: major Priority: normal Status: new ====================================================================== Date Submitted: 22-Mar-05 22:45 CET Last Modified: 21-Apr-05 10:40 CEST ====================================================================== Summary: delivery to users with no alias is case sensitive Description: In bug report 159 (which appears to have been removed from the bugtracker?) I reported a problem with delivery and aliases. That issue was of course resolved. The patch however has created a bug which I am reporting now:
Mail addressed to [EMAIL PROTECTED] or [EMAIL PROTECTED] arrives fine to recipient IF: alias: [EMAIL PROTECTED] deliver_to (any user) BUT Mail addressed to [EMAIL PROTECTED] IS NOT delivered to [EMAIL PROTECTED] IF there is no alias, just a user account named [EMAIL PROTECTED] Mail addressed to [EMAIL PROTECTED] IS delivered to [EMAIL PROTECTED] if there is no alias. Thus, with a redundant alias - case insensitive Without a redundant aliase - delivery address is treated as case sensitive. ====================================================================== ---------------------------------------------------------------------- OutboundIndex - 23-Mar-05 00:28 CET ---------------------------------------------------------------------- I stated the wrong version. We have version 2.0.3 plus the alias related patch for bug 159, debian pkg. Paul called it 2.0.4 at the time but was asked to revert the version number lower. ---------------------------------------------------------------------- aaron - 21-Apr-05 10:40 CEST ---------------------------------------------------------------------- The issue is that the user's table delivery uses auth_user_exists() to look up the user. This is a case-sensitive function. We could make this function case-insensitive, which would also serve to prevent creating usernames that differ only in case, which is potentially a problem if the deliveries are not case sensitive. Password checking occurs in auth_user_validate, which does and should continue to require proper case in both the username and password. Bug History Date Modified Username Field Change ====================================================================== 22-Mar-05 22:45OutboundIndex New Bug 23-Mar-05 00:28OutboundIndex Bugnote Added: 0000626 21-Apr-05 10:40aaron Bugnote Added: 0000665 ======================================================================
