Attached is the patch for pop_parse.c to implement behavior a)
Already I'm seeing a ton of log messages now after implementing this
patch. However, we have over 40,000 mail users and so far I'm noticing
about 10 users with constant problems relating to the pass command.
What do you want to bet they all run Outlook or Outlook Express?
With this patch, 'pass' and 'pass ' will return the too few arguments
error. pass with two or more spaces will return the password error and
disconnect the session.
On Fri, Jun 01, 2001 at 08:30:41AM -0500, Michael Smith wrote:
> I just ran across this problem yesterday with an outlook customer
> as well. Somewhere between 3.x and 4.x some logic changed
> somewhere that is now behaving in a very broken manner, IMO.
>
> Now, I'm not sure what the intended behavior is. Should it
> a) return the too few arguments error? or
> b) check the blank password against the users password and
> return an incorrect password error?
>
>
> I'm not sure which would be the correct behavior. I know how to
> implement a) very easily. Haven't figured out b) yet. If qualcomm would
> be so kind as to tell us which behavior is correct, I'll see about
> whipping up a patch.
>
> On Tue, May 29, 2001 at 03:36:10PM +0200, Eric Luyten wrote:
> > We upgraded Qualcomm popper version 3.1.2 to 4.0.2 last Friday
> > and had to help a number of Outlook Express users (other admins
> > have already posted the same on this mailing list).
> >
> > In a number of cases (all ?) the situation could be normalised by
> > entering the user password in the appropriate OE configuration panel.
> >
> > We found that a combination of empty password field and a checked
> > "remember password" box makes the client exhibit different behaviour
> > with Qpopper 4 server versus version 3.
> >
> > Small illustration :
> >
> > % telnet XXXX pop3
> > Trying [SNIP]...
> > Connected to XXXX.
> > Escape character is '^]'.
> > +OK QPOP (version 3.1.2) at XXXX starting.
> > user joeuser<CR>
> > +OK Password required for joeuser.
> > pass<CR> [several seconds wait]
> > -ERR [AUTH] Password supplied for "joeuser" is incorrect.
> > +OK Pop server at XXXX signing off.
> > Connection closed by foreign host.
> >
> > % telnet YYYY pop3
> > Trying [SNIP]...
> > Connected to YYYY.
> > Escape character is '^]'.
> > +OK Qpopper (version 4.0.2) at YYYY starting.
> > user joeuser<CR>
> > +OK Password required for joeuser.
> > pass<CR> [several MINUTES wait]
> > -ERR POP timeout from YYYY
> > +OK Pop server at YYYY signing off.
> > Connection closed by foreign host.
> >
> >
> >
> > Other data :
> > both servers are Solaris 7, shadow password files
> > Qpopper was compiled in server mode, no APOP or Kerberos, no TLS
> > (de)selecting "chunky-writes" makes no difference
> >
> > Hope this helps,
> > Eric Luyten, Computing Centre VUB/ULB.
> >
> > P.S. Moving from Qpopper 3 to 4 makes for half the CPU utilisation
> > and 60% less I/O on the mail spool partitions.
> > Great job, Randall et al.
>
> --
> Michael Smith ... We build e-business infrastructure solutions
> SysAdmin, DataFoundry.net ... www.datafoundry.net
--
Michael Smith ... We build e-business infrastructure solutions
SysAdmin, DataFoundry.net ... www.datafoundry.net
