|
|
|
|
|
|
|
| |
|
|||||
| |
|
|
|
|
|
|
| |
||||||
Poppassd is a program that changes system passwords thus allowing users to change their mail passwords. Poppassd was orginal created before one of our product called NetAuth. NetAuth takes care of password changing, and some other mail features for users and admins. We suggest that if you are using DMail (our mail server) then you should use NetAuth. For more information about NetAuth see the URL:
If you are using any other mail server you can still use NetAuth with the unix/nt system password external modules that are available, or you can setup and install poppassd.
This guide is intended for system administrators who want to setup poppassd so that the users can change their passwords.
Poppassd works in conjunction with a CWMail/DMailWeb, your Mail server and your system. Poppassd will only work if your mail system uses the systems username and password to verify the users.
The following sections describe:
First you will need to download the poppassd.c click on the link below:
|
Download File (unix) |
| poppassd.c |
You will need to install poppassd on the same machine that is running your
mail server. Follow these steps to install poppassd.
Note: To install poppassd you must be a super user (or equalivent).
Step 1. Double Checking The Source
The popassd.c has been provided for you to double check that no hacking code has been added to breach your security. I suggest that you take a good look at the code and try to understand what it is doing.
On some machines you may need to make some slight changes to make poppassd work on your system.
Step 2. Building and Copying Poppassd
The next step is to compile the poppassd.c, the following command should work on most unix systems.
gcc poppassd.c -o poppassd
or
cc poppassd.c -o poppassd
If you receive the following Error:
poppassd.c: In function `chkPass':
poppassd.c:811: warning: passing arg 1 of `strcmp' makes pointer
from integer wi thout a cast /tmp/cca050571.o:
In function 'chkPass': /tmp/cca050571.o(.text+0xeba):
undefined reference to `crypt'Then you will need to compile using the following line:
gcc poppassd.c -o poppassd -lcrypt
For some AIX systems you might have to compile using the following:
gcc poppassd.c -I /usr/local/src/bison-1.22 -o poppassd
Now you have to copy the executable into the following directory:
/usr/local/bin
Note that the owner and group should always be root. To ensure other users cannot change system passwords.
Step 3. Informing System of Poppassd
CWMail/DMailWeb is expecting poppassd to be setup on port 106, using TCP protocol. This is done by editing '/etc/services' and adding the follow line:
poppassd 106/tcp
The file '/etc/inetd.conf' will need to be updated to accept poppassd. The following line will need to be added.
poppassd stream tcp nowait root /usr/local/bin/poppassd poppassd
You will then need to do a:
Kill -HUP inetd
to the inetd process. This restarts inetd so activating the poppassd service.
Step 4. Double Checking that the poppassd is working.
To check to see if the poppassd is working you will need to open a telnet session and connect to the machine that has the poppassd, on port 106.
If you get the following prompt then poppassd is correctly working.
200 machine_name popassd v1.4 hello, who are you?
First you will need to download the nt_poppassd.zip click on the link below:
|
Download File (nt) |
| nt_poppassd.zip |
You will need to install poppassd on the same machine that is running the mail server. Follow these steps to install poppassd. : To install poppassd you must be an administrator.
Step 1. Double Checking The Source
The nt_popassd.c has been provided for you to double check that no hacking code has been added to breach your security. I suggest that you take a good look at the code and try to understand what it is doing.
On some machines you might need to make some slight changes to make poppassd work on your system.
Step 2. Building and Copying Poppassd
Now you may want to compile nt_poppassd.c yourself, or you can use the precompiled nt_poppassd.exe. How you compile will depend totally on your C compiler.
NOTE: you have to include the libarary: wsock32.lib
Now you have to copy the executable into the following directory:
\winnt\system32\
Step 3. Informing System of Poppassd
CWMail/DMailWeb is expecting poppassd to be setup on port 106, using TCP protocol. This is done by setting the compiled program as a Service. A program call:
addsvr.exe
was provided in the archive. This file will make nt_poppassd.exe into a service by typing the following line:
addsvc -add poppassd nt_poppassd.exe "poppassd -- Changing Passwords"
To remove the Service type the following
addsvc -del poppassd
Once setup goto the service's panel
(ie start -> settings -> control pannel -> services)Select the labeled "poppassd -- Changing Passwords" and click on the 'startup' button. Change the 'Log On As' to 'This Account' and select an account that is allowed to change passwords. (ie administractor account).
Step 3. Double Checking that the poppassd is working.
To check to see if the poppassd is working you will need to open a telnet session and connect to the machine that has the poppassd, on port 106.
If you get the following prompt then poppassd is correctly working.
200 popassd v1.0 hello, who are you?
Poppassd is setup on port 106. When connecting to the port 106 of the machine the operating system runs poppassd like an FTP server.
Poppassd prompts the user (CWMail/DMailWeb) for their usename, password and the new password. Depending on whether or not these are correct will depend whether or not the new password is used. On some unix systems there are restrictions on the passwords that are allowed, if such an error occurs it will be sent back to the user.
eg. 500 it's WAY too short
500 it is based on a dictionary word
The server's responses should be like an FTP server's responses 1xx for in progress, 2xx for success, 3xx for more information needed, 4xx for temporary failure, and 5xx for permanent failure. Putting it all together, here's a sample conversation:
S: 200 machine_name popassd v1.4 hello, who are you?\r\n
E: user yourloginname\r\n
S: 200 your password please.\r\n
E: pass yourcurrentpassword\r\n
S: 200 your new password please.\r\n
E: newpass yournewpassword\r\n
S: 200 Password changed, thank-you.\r\n
E: quit\r\n
S: 200 Bye-bye\r\n
S: <closes connection>
E: <closes connection>
Poppassd is run as root so that it can change the password for the users. It first checks that the username and password are correct, then using the 'passwd' it changes the users password.