Jump to content

[Resolved] Changed password -- half right


Recommended Posts

Having searched for some time, I came upon

Webmail/Options/Mail Management/Spamcop Tools/Select your email forwarding, change your password or mail reports.

and changed my password at approximately 15:00 UTC 24 April 2006 (yesterday)

The new password allows me to login in to Webmail and "Report spam" but using it in .fetchmailrc doesn't work, giving "Authorization failure" -- everything else is the same as before, just the password has changed.

The old password doesn't work either.

Some details:

old password length: 24, character set uppercase, lowercase, digits and punctuation

new password length: 29, character set uppercase, lowercase, digits, space and one other punctuation character

just in case either the length or the character set has any effect.

In both cases the password is enclosed in '' (single quotes) in .fetchmailrc

Link to comment
Share on other sites

Have you tried to POP your account from any other software? There was a service mentioned here recently (mail2web.com) which allows you to use POP to view your messages. If that works with your new password (it is the same account so I don't see how they could have different passwords) then the problem is on the fetchmailrc side. If it does not work, try resetting your password a little shorter and trying again (or removing the space). If there is a limit, it would be good to enter into the FAQ here.

Link to comment
Share on other sites

I would suspect the 'space' in the password. It is highly likely that a space could be interpreted as a string terminator. Some non-alpha characters such as punctuation can also be interpreted as string terminators.

I would agree with Steve, try resetting the password to something without a space and for a start drop the punctuation character as well.

If that works then reinsert the space and try again. Then reinsert the punctuation character and try. That should identify whether both or either of these characters is the cause.

You may also find that the passwords are not case sensitive.

Andrew

Link to comment
Share on other sites

Don't you mean " the passwords ARE case sensitive"?

42315[/snapback]

No, I think he meant what he said and meant the fact the OP is using both cases is not relevant. However, I believe he is wrong in that statement as my password is defintely case sensitive.

Link to comment
Share on other sites

No, I think he meant what he said and meant the fact the OP is using both cases is not relevant.  However, I believe he is wrong in that statement as my password is defintely case sensitive.

42317[/snapback]

Well, to clarify, this is what I was attempting to say in a very clumsy way and that switching to all lower case in the first instance might remove all possibilities of confusion. But, instead, I created confusion :rolleyes:

Andrew

Link to comment
Share on other sites

Many thanks for your replies and a thousand apologies to all.

fetchmail now doesn't like being run as root and .fetchmailrc had been copied to <user> -- and this little fact forgotten :(

The wrong .fetchmailrc was being changed so POP didn't work but logging in to Webmail or Report spam did.

However, some things were unearthed in the investigations which you may find interesting or useful :rolleyes:

Webmail and Report spam login _do_ distinguish case in passwords but POP is _not_ case-sensitive.

The RFC for POP3 (1939) says about the PASS command

PASS string

...

Since the PASS command has exactly one argument, a POP3

server may treat spaces in the argument as part of the

password, instead of as argument separators.

The server that SpamCop uses appears to be "Courier Mail Server" -- the current stable version is 0.53.1 (http://www.courier-mta.org/), it seems that courier-0.53.1/imap/pop3login.c processes the PASS string and (line 408) 'p=strtok(0, "\r\n");' appears to allow spaces -- as well as any punctuation character other than Carriage Return or Line Feed.

It also uppercases all input strings before processing them (lines 278-286).

Experimentation shows that the new password (which caused all this) is accepted :D

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...