On Mon, Nov 03, 2008 at 05:49:09PM +0200, Scott Ryan wrote:
> Hi all. I have a requirement where I need to pop accounts from a
> qmail-ldap pop3 server. Problem is, I do not have the user's password.
> I have the md5 encrypted userpassword and I would like to know if it
> possible to do some sort of cleartext comparison.
> I have -DCLEARTEXTPASSWORD enabled in the makefile and i have
> controls/ldaprebind set to 0.
>
> I am having no joy though and hoped that someone may be able to shed
> some light on this;
>
> # telnet 192.168.222.57 110
> Trying 192.168.222.57...
> Connected to 192.168.222.57.
> Escape character is '^]'.
> +OK <[EMAIL PROTECTED]>
> user scottlryan
> +OK
> pass {MD5}9mwh9qnYO6cB6IVNYhfc1A==
> -ERR authorization failed
> Connection closed by foreign host.
>
This will not work. Clear-text passwords are not allowed to start with
{CIPHER} markers. Because those will force the algorithm (in your case
MD5).
--
:wq Claudio
