By default, saslauthd caches credentials. The cache and timeout are set by the -c and -t command line options.
You can disable caching by removing the -c from /etc/default/saslauthd, or adjust the timeout from the default 28800 seconds by adding -t to it. ** Information type changed from Private Security to Public ** Changed in: cyrus-sasl2 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu. https://bugs.launchpad.net/bugs/1396568 Title: saslauthd allow authentication after user deletion until it is restarted Status in cyrus-sasl2 package in Ubuntu: Invalid Bug description: as per subject it is possible to login to saslauthd with a deleted user credentials, until the saslauthd daemon is restarted. this is the output of swaks, after the user "test" deletion: swaks -a -tls -q AUTH -s localhost -au Username: test Password: test === Trying localhost:25... === Connected to localhost. <- 220 mail.csc.it ESMTP Exim 4.71 Wed, 26 Nov 2014 12:44:01 +0100 -> EHLO server-name-removed <- 250-server-name-removed Hello localhost [127.0.0.1] <- 250-SIZE 52428800 <- 250-PIPELINING <- 250-STARTTLS <- 250 HELP -> STARTTLS <- 220 TLS go ahead === TLS started w/ cipher DHE-RSA-AES256-SHA ~> EHLO server-name-removed <~ 250-server-name-removed Hello localhost [127.0.0.1] <~ 250-SIZE 52428800 <~ 250-PIPELINING <~ 250-AUTH PLAIN LOGIN <~ 250 HELP ~> AUTH LOGIN <~ 334 VXNlcm5hbWU6 ~> dGVzdA== <~ 334 UGFzc3dvcmQ6 ~> dGVzdA== <~ 235 Authentication succeeded ~> QUIT <~ 221 server-name-removed closing connection === Connection closed with remote host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1396568/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp