Sorry for the missing subject.
>Hi,
>
>I use a OpenLDAP for authentication. To authenticate a full DN as the user
>name must be used, like "cn=jim,ou=users,dc=example,dc=com". There are several
>domains, like example2.com and example3.com. I want to use Dovecot with ldap
>and >authentication binds. For testing I use "auth_bind_userdn =
>cn=%n,ou=users,dc=%d" and the user name must provide as
>"j...@example,dc=com". To allow the special chars ("=,") in user name, I
>extend "auth_username_chars".
>Now my questions. Exists a real chance to attack the ldap directory with the
>extended "auth_username_chars"? And it's possible to use authentication binds
>with the regular "auth_username_chars" and a provided user names like
>>"j...@example.com" in my special ldap directory structure?
>
>Thanks in advance
>- Patrick
