We use Courier for our POP3 and IMAP server. It's great and works wonderfully with our OpenLDAP directory server. Today we had a problem pop up with a user who couldn't log in and get his mail. It took me the better part of the day to figure it out.
Here's the symptoms:
Connected to mail.example.com.
Escape character is '^]'.
+OK Hello there.
+OK Password required.
Connection closed by foreign host.
Not really informative, is it. Not even a goodbye. The log file was only slightly more helpful:
Jun 18 15:47:55 core3 courierpop3login: chdir: No such file or directory
My first thought, and the answer I found on Google, was to check for the Maildir in the user's home directory. It looked good, but I recreated it just to be sure. Permissions? Yup, look good too. Exim was even able to deliver mail to it, so I knew the directory was okay.
Maybe the home directory from LDAP is incorrect, has extra characters (null, space, etc.) in it. So I reset the homeDirectory attribute. Nope. Maybe recreating the whole record would do it. Nope. I compared to other confirmed working accounts and everything checked out.
At this point I fired off an email to the Courier mailing list figuring I needed some brighter minds to investigate. Just after doing that, I found an email on sourceforge which provided the final clue.
What was it? Well, the mail server is also our web server. I would have argued against such a setup had I been around at the time. You can see the problems it causes. Well, all the web hosting accounts have a user defined in /etc/passwd. So did this user. Courier was using PAM to authenticate to /etc/passwd before hitting LDAP. Why? I have no idea.
We toyed with the idea of modifying the imap and pop3 configurations for PAM, but Kevin was concerned that it would break something. Seeing some of the other bandaid solutions around here, I wouldn't be surprised. In the end, we deleted the user's /etc/passwd account because the home directory specified didn't even exist! No wonder Courier was so upset.