I noticed that Roundcube is automatically lowercasing usernames when the
first login fails. In program/include/rcmail.php (0.7.2),
if ($imap_login = $this->imap->connect($host,
$username_lc,
$pass
$imap_port,
$imap_ssl))
$username = $username_lc;
I think there's a bug here: the Roundcube user that gets created in the
database uses the original capitalization.
As an example, our IMAP server is Dovecot and our accounts are
case-sensitive. That means user(a)example.com != USER(a)example.com, for
better or worse. We've got $rcmail_config['login_lc'] = false.
I've just created an IMAP account for roundcube(a)viabit.com. If I go to
log in to Roundcube -- and do so as ROUNDCUBE(a)viabit.com -- the login
fails. So, the username gets silently lowercased and the second try
succeeds transparently to the user. But, the user in the Roundcube
database has the capitalization that I entered:
roundcube=# select username from users order by user_id DESC limit 1;
username
----------------------
ROUNDCUBE(a)viabit.com
(1 row)
If I now log in with the correct capitalization, a second user is created:
roundcube=# select username from users order by user_id DESC limit 2;
username
----------------------
roundcube(a)viabit.com
ROUNDCUBE(a)viabit.com
(2 rows)
This has confused a few of our users, because they see different stuff
when they use a different capitalization to log in. My intent was that
this should fail; that's why our IMAP server is case-sensitive in the
first place. As far as our IMAP server is concerned, roundcube@ and
ROUNDCUBE@ are two completely different people, so a client should not
assume that they're the same under any circumstances. But in any case,
if you *do* assume that they're the same, then they should share the
same contacts, settings, etc.