• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Plesk 11 Unable to allow the use of short mail names for POP3/IMAP accounts

EMerkel

New Pleskian
Hi I am using Plesk 11 and running into the following problem when I try to make changes to the mail server settings. Any change I try to make the panel gives me the following error.

Unable to allow the use of short mail account names for POP3/IMAP accounts. There are mail accounts matching the encrypted passwords.

This server hosts a bunch of domains migrated from Plesk 7 and 9.5 servers and a lot of these users are using short names so changing to long names would be a huge support burden to change. Based on other forum posts, I went into the Plesk 11 database and found a bunch of mail redirects that had blank passwords which I fixed but the problem persisted. On Plesk 11 all of the passwords are encrypted so I am having problems trying to determine what the duplicate username/passwords are. I did go back into the old servers which show the passwords unencrypted and I've not been able to find any duplicates either. I also did a sort on the encrypted password on plesk 11 and there are no duplicates but obviously plesk is look at the unencrypted password so this was kinda pointless but I felt it was worth a shot.

Is there any other way on Plesk 11 to troubleshoot this to find out what the offending accounts are? Obviously the Plesk panel has a way to check this since it throws up the error. Parallels or anyone else have suggestions on how to tackle this?

I know you can go ahead and set it to long names to make the change and then go into the database and reset plesk to use short names but I would rather have a fully functioning panel without having to use this hack.

Thanks,
Eric
 
The problem with short names is that password is used to distinguish [email protected] from [email protected]

Unfortunately there are probably no way to get exact conflicts out of Plesk - the validation process is optimized for performance the way it doesn't need to get exact conflicting pair to know there are some.

The best I could recommend now is to forcedly reset pasword into unique value for all accounts with matching short name.
 
The problem with short names is that password is used to distinguish [email protected] from [email protected]

Unfortunately there are probably no way to get exact conflicts out of Plesk - the validation process is optimized for performance the way it doesn't need to get exact conflicting pair to know there are some.

The best I could recommend now is to forcedly reset pasword into unique value for all accounts with matching short name.

There are way too many emails to do this so let me ask what my second best option would be to get RBL's turned on.

Option 1) Change the server to use only long names in the control panel and then make the other changes I want. Then when done do the following:

mysql> UPDATE misc set val='enabled' where param='allow_short_pop3_names';

Restart Plesk

Option 2) Modify the xinetd.conf settings for smtp_psa and smtps_psa to add the RBL's and restart qmail? If I can't change any email settings these configuration files should not get regenerated right?

Lastly, since Plesk obviously has code that checks for duplicates, perhaps they could create a utility for customers that run into this issue to identify the offending usernames/passwords. Or perhaps not lock out other email setting changes but just warn the user that there could be issues. Just a suggestion.


Thanks,
Eric
 
Hi Eric,

After reviewing the code, it appears that actually there is no way to discover duplicating login/password in case of encrypted passwords and thus short names are blocked ONCE there is a conflicting name (1) and encrypted passwords are enabled (2).

Since passwords cannot be used for distinguishing users, your only solution could be to rename all conflicting mailboxes into unique short names. i.e. [email protected] and [email protected]

The following query should obtain conflicting names:
SELECT m1.mail_name, d.name FROM mail m1, mail m2, domains d WHERE d.id=m1.dom_id AND m1.id<>m2.id AND m1.mail_name=m2.mail_name;

While suggested Option 2 may work temporarily, it will break not only on mail configuration change, but also on domain renaming or Plesk upgrade. Thus not recommended.
 
Back
Top