[BlueOnyx:08319] Re: pop password problems

[Michael Stauber]

Hi Roy,

> No luck. I deleted both files and the same users are still having issues.
> They can login via shell/webmail, but no pop. It seems like new users have
> the problem as fast as I can reset passwords. 

It would be interesting to see what /var/log/messages, /var/log/secure and 
/var/log/maillog say about this. Without some more info about the nature of 
the problem it's just guesswork.

For example it could very well be that the problem is "user made". Imagine 10 
people using to POP emails off your server from the same office. So they all 
connect from the same corporate IP. If one of them has his email client 
configured incorrectly and repeatedly authenticates with the wrong 
credentials, Dovecot and/or PAM_ABL will impose a temporary block of the IP. 
Which then affects all 10 people using the same IP. When you then ask around 
they all scream "No, can't be!", until after a lot of more digging from your 
end it turns out one of them also once set up his W-LAN capable phone to check 
for emails (not only the workstation) and the phone is still using an old 
password that's no longer valid.

So my suggestion would be to check the above mentioned logfiles for more 
pointers to see which IP and/or username is causing this and then take it from 
there.

The following commands may help:

cat /var/log/messages|grep fail
cat /var/log/secure|grep fail
cat /var/log/maillog|grep dovecot|grep fail

They grep the three logfiles for the string "fail", which (among other things) 
is usually found in login related events where an authentication failure 
happens. 

-- 
With best regards

Michael Stauber