I think it is pretty standard security to be strict on username/password and case. What is wrong with just telling your users that the username and password is case sensitive?
You can modify the html template (in the template directory) with a statement. Is the problem that your users have some with upper case usernames/passwords? PS. I think your emails are in html or something, people will not respond to those. Sam -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of George Leatherman Sent: Tuesday, June 29, 2004 2:09 PM To: [EMAIL PROTECTED] Subject: Upper Case NOT Allowed in UserName Authentication Howdy, I've installed the latest tmda and tmda-cgi with Blue patch on a Linux9.1 machine. I use /etc/tmda mode 400 for plaintext username/password authentification - simple enough but ALL username/password combinations MUST be in lower case before it is authenticated. Any username/password charactures in UPPER case results in WRONG PASSWORD with the source message of Username z2ycrnuc not found in system. str='getpwnam(): name not found: z2ycrnuc' The username I inputed was Z2yCRnuc I've tried checkpassword-pam also "/var/qmail/bin/checkpassword-pam -slogin" This reports the same after recompiling. Using checkpassword with POP3 I do get authenticated. Is there a workaround or am I not seeing something I should? I appreciate your help with this great program and any comments with be absorbed too! George _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
