On Thu, 1 Jun 2006, Guillaume Filion wrote:
> [EMAIL PROTECTED] a écrit :
> > I'm basically using auth_flat_file for AUTH CRAM-MD5 and AUTH
> > LOGIN (it's the latter that's showing the problem right now), and a custom
> > password lookup.
>
> AFAIK, AUTH LOGIN uses $passclear, not $passHash.
>
> So if you want to use CRAM-MD5 and LOGIN, you need to deal with both
> $passclear and $passHash.
>
> Hope this helps,
Yes, it certainly does. I've been printing the wrong information
to the log file all along! Turns out that I was printing out the local
(correct) password instead of either the cleartext or hashed password that
was sent. Now that the account has started to be used again, today, I see
that the user changed her AUTH password in Outlook, not understanding that
her password is the same for AUTH, POP, and web access, and must be
changed on the mail system.
