Problem:
Using MySQL storage for the user and password db with MD5-CRYPT hashes,
Dovecot fails to successfully authenticate when the MD5-CRYPT or MD5
settings are specified as default_pass_scheme in dovecot-mysql.conf.
Dovecot /does/ successfully authenticate against MD5-CRYPT hashes when
default_pass_scheme is set to CRYPT, which according to the docs should
be DES encryption. (I do not know whether or not CRYPT actually works
with DES hashes.)
I am positive that I am using MD5-CRYPT hashes, as I have dropped in
hashes from a Qmail/Vpopmail vpasswd file and they work with the CRYPT
setting in Dovecot, as do hashes generated using htpasswd -nmb.
Test system:
Ubuntu Server 7.10, amd64
Dovecot 1.0.5 (from Ubuntu repositories)
Postfix 2.4.5 (from Ubuntu repositories)
Demonstration:
# cat /etc/dovecot/dovecot-mysql.conf
driver = mysql
connect = dbname=redacted user=redacted host=127.0.0.1 password=redacted
default_pass_scheme = MD5-CRYPT
password_query = SELECT password FROM mailbox WHERE username = '%u'
user_query = SELECT maildir, 105 AS uid, 114 AS gid FROM mailbox WHERE
username = '%u'
# htpasswd -nmb user password
user:$apr1$bZQl//..$2IPoOibTBaqpG7pPFigOy/
# mysql -u postfix -p
mysql> use redacted;
Database changed
mysql> update userdb set
password='$apr1$bZQl//..$2IPoOibTBaqpG7pPFigOy/' where username='user';
Query OK, 1 rows affected (0.00 sec)
mysql>quit
Bye
# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Dovecot ready.
a login user password
a NO Authentication failed.
a logout
* BYE Logging out
a OK Logout completed.
Connection closed by foreign host.
# replace MD5-CRYPT CRYPT -- /etc/dovecot/dovecot-mysql.conf
# /etc/init.d/dovecot restart
* Restarting IMAP/POP3 mail server
dovecot
[ OK ]
# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Dovecot ready.
a login user password
a OK Logged in.
a logout
* BYE Logging out
a OK Logout completed.
Connection closed by foreign host.
