On 07-07-11 10:51, Jorge Bastos wrote:
> Howdy,
>
> Paul,
> Sorry to bring this to the -dev mailing list.
> So, this means that the "[" char cannot be used in password's?
>
> I ask this, 'cause if it's true, to fix a software I have to manage users
> accounts/change password's.
It only works if the password containing any of []() is quoted by the
imap client or if the client uses AUTHENTICATE LOGIN instead of LOGIN -
since AUTHENTICATE LOGIN encodes the username and password in base64.
So: it is only a problem if the client sends unquoted login credentials.
This means you need to check what clients are used. Since this bug was
reported by the roundcube community, you may be affected.
--
________________________________________________________________
Paul J Stevens pjstevns @ gmail, twitter, skype, linkedin
* Premium Hosting Services and Web Application Consultancy *
www.nfg.nl/i...@nfg.nl/+31.85.877.99.97
________________________________________________________________
_______________________________________________
Dbmail-dev mailing list
Dbmail-dev@dbmail.org
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail-dev
