Author Topic: Roundcube incorrect IMAP credentials given as config-test input.  (Read 366 times)

Offline danielthedev

  • Newbie
  • *
  • Posts: 2
I have recently set up a standalone dovecot/postfix mail server that works perfectly.
Nevertheless, when I tried to install RounCube on my Apache2 webserver, I encountered a lot of problems.
First, the SMTP config test client certificate was causing an error, which I solved.
But the IMAP config test wasn't working at all, I've tried many settings but none of them worked.
Then I enabled dovecot debug-mode, which indicated that RoundCube was passing incorrect login credentials to the server.
The correct credentials are as follows: ('contact@mydigifit.nl', '*********').

Code: [Select]
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: Module loaded: /usr/lib/dovecot/modules/auth/lib20_auth_var_expand_crypt.so
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: conn unix:auth-worker (pid=16591,uid=110): Server accepted connection (fd=13)
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: conn unix:auth-worker (pid=16591,uid=110): Sending version handshake
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: conn unix:auth-worker (pid=16591,uid=110): auth-worker<1>: Handling PASSV request
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: pam(edd,212.70.149.71): Performing passdb lookup
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: pam(edd,212.70.149.71): lookup service=dovecot
Oct 16 10:02:30 mydigifit dovecot: auth-worker(16600): Debug: pam(edd,212.70.149.71): #1/1 style=1 msg=Password:
Oct 16 10:02:32 mydigifit dovecot: auth-worker(16600): pam(edd,212.70.149.71): pam_authenticate() failed: Authentication failure (Password mismatch?) (given password: edd@123)
Oct 16 10:02:32 mydigifit dovecot: auth-worker(16600): Debug: pam(edd,212.70.149.71): Finished passdb lookup
Oct 16 10:02:32 mydigifit dovecot: auth-worker(16600): Debug: conn unix:auth-worker (pid=16591,uid=110): auth-worker<1>: Finished
Oct 16 10:02:32 mydigifit dovecot: auth: Debug: pam(edd,212.70.149.71): Finished passdb lookup
Oct 16 10:02:32 mydigifit dovecot: auth: Debug: auth(edd,212.70.149.71): Auth request finished
Oct 16 10:02:34 mydigifit postfix/smtps/smtpd[14610]: warning: unknown[212.70.149.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 16 10:02:34 mydigifit dovecot: auth: Debug: client passdb out: FAIL#01182#011user=edd#011original_user=edd@mydigifit.nl
Oct 16 10:02:35 mydigifit postfix/smtps/smtpd[14610]: lost connection after AUTH from unknown[212.70.149.71]
Oct 16 10:02:35 mydigifit postfix/smtps/smtpd[14610]: disconnect from unknown[212.70.149.71] ehlo=1 auth=0/1 rset=1 commands=2/3



As you can see in the logs down below, you can clearly see that the email has changed to 'edd@mydigifit.nl', and the same goes for the password.
Can anyone explain to me what is happening and give advice of how to resolve this issue?
« Last Edit: October 16, 2021, 04:24:56 AM by danielthedev »

Offline JohnDoh

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2,638
Re: Roundcube incorrect IMAP credentials given as config-test input.
« Reply #1 on: October 16, 2021, 04:53:34 AM »
The logs show a connection request from IP 212.70.149.71 but in the Roundcube screenshot you show you are connecting to localhost so that does not match up.

Unless you have configured handling for it then SSL connections from Roundcube to localhost are always going to fail as the certificate cannot be verified. There is a little more info here https://github.com/roundcube/roundcubemail/wiki/FAQ#problems-connecting-imapsmtp-server-via-ssltls
Roundcube Plugins: Contextmenu, SpamAssassin Prefs, and moreā€¦

Offline danielthedev

  • Newbie
  • *
  • Posts: 2
Re: Roundcube incorrect IMAP credentials given as config-test input.
« Reply #2 on: October 16, 2021, 05:37:17 AM »
The logs show a connection request from IP 212.70.149.71 but in the Roundcube screenshot you show you are connecting to localhost so that does not match up.

Unless you have configured handling for it then SSL connections from Roundcube to localhost are always going to fail as the certificate cannot be verified. There is a little more info here https://github.com/roundcube/roundcubemail/wiki/FAQ#problems-connecting-imapsmtp-server-via-ssltls

Yes, I figured out it was a brute-force client who was forcing all possibilities.
I changed the ip to mydigifit.nl which should work since I tested it on both Outlook and Gmail.
But now I received this error, and there is no syslog or auth trace in the log files.
However, the SMTP server does seem to accept the connection.






# UPDATE

I solved the issue by providing the domain that does not point to localhost (/etc/hosts) but to the ip of the VPS instead.
Then I encountered the SSL issue but solved by adding
Code: [Select]
$config['imap_conn_options'] = array(
  'ssl' => array(
    'verify_peer'  => false,
    'verify_peer_name' => false,
   'allow_self_signed' => true
  ),
);
« Last Edit: October 16, 2021, 06:21:17 AM by danielthedev »