Tickets :: [#10453] POP3 Login with wrong user or password

6.0.0-alpha14

7/2/25

Summary	POP3 Login with wrong user or password
Queue	IMP
Queue Version	5.0.10
Type	Bug
State	Resolved
Priority	2. Medium
Owners	slusarz (at) horde (dot) org
Requester	netwalker (at) lanparty-nrw (dot) de
Created	08/24/2011 (5061 days ago)
Due
Updated	08/24/2011 (5061 days ago)
Assigned
Resolved	08/24/2011 (5061 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch	No

08/24/2011 04:36:44 PM	Michael Slusarz	Assigned to Michael Slusarz State ⇒ Resolved Priority ⇒ 2. Medium

08/24/2011 04:36:28 PM	Git Commit	Comment #2	Reply to this comment
Changes have been made in Git for this ticket: ~~Bug #10453~~: Ignore unknown authentication methods; otherwise, they give false positive when authenticating 3 files changed, 11 insertions(+), 5 deletions(-) http://git.horde.org/horde-git/-/commit/8a74526ed0307e61a4e3b4f3ff0d3114c059d87b

08/24/2011 09:41:29 AM	netwalker (at) lanparty-nrw (dot) de	Comment #1 Priority ⇒ 3. High Patch ⇒ No Milestone ⇒ Queue ⇒ IMP Due ⇒ 08/31/2011 Summary ⇒ POP3 Login with wrong user or password Type ⇒ Bug State ⇒ Unconfirmed	Reply to this comment
I update my IMP with Bugfix from ~~Ticket 10450~~ thank you now i can see the mails. But i cannot understand why i can login with wrong userinfo or password. I activate logging in horde to get the following info: 2011-08-24T10:04:21+02:00 NOTICE: HORDE [imp] Login success for m333h (Horde user m333h) [192.168.1.174] to {91.194.132.21:110 [pop]} [pid 27165 on line 179 of "/www/php/horde/imp/lib/Auth.php"] ? a parsing error? after the [-err] [quit] the imp client sees the [ok] response? ------------------------------ S (1314173046,3): +OK Hello there. C (1314173046,3): CAPA S (1314173046,43): +OK Here's what I can do: S (1314173046,43): SASL PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256 S (1314173046,43): TOP S (1314173046,43): USER S (1314173046,43): LOGIN-DELAY 10 S (1314173046,43): PIPELINING S (1314173046,43): UIDL S (1314173046,43): IMPLEMENTATION Courier Mail Server S (1314173046,43): . C (1314173046,43): [AUTH PLAIN Command - username: m333h] S (1314173051,5): -ERR Authentication failed. C (1314173051,5): AUTH LOGIN S (1314173051,58): + VXNlcm5hbWU6 C (1314173051,58): bTMzM2g= S (1314173051,63): + UGFzc3dvcmQ6 C (1314173051,63): [AUTH LOGIN Command - password] S (1314173056,68): -ERR Authentication failed. C (1314173056,68): AUTH CRAM-MD5 S (1314173056,7): + PENGRkIyMjZGNjRCOEVCQ0QwODg3Nzc1MzA5RTdBRDMyQG1haWwyMT4= C (1314173056,7): [CRAM-MD5 Response] S (1314173061,76): -ERR Authentication failed. C (1314173061,79): QUIT S (1314173061,83): +OK Better luck next time. ------------------------------ S (1314173062,24): +OK Hello there. C (1314173062,24): STAT S (1314173062,27): -ERR Invalid command. C (1314173062,27): STAT S (1314173062,32): -ERR Invalid command. C (1314173062,33): STAT S (1314173062,35): -ERR Invalid command. C (1314173062,38): QUIT S (1314173062,4): +OK Better luck next time. My Configuration: Authentification: $conf['auth']['admins'] = array('test@example.com'); $conf['auth']['checkip'] = true; $conf['auth']['checkbrowser'] = true; $conf['auth']['alternate_login'] = false; $conf['auth']['redirect_on_logout'] = false; $conf['auth']['list_users'] = 'input'; $conf['auth']['params']['app'] = 'imp'; $conf['auth']['driver'] = 'application'; backend in imp is pop3 if i try the same with the imap backend it works