Products Downloads Prices Support Company

Poppassd - Installation and Management Guide

Poppassd is a program that changes system passwords thus allowing users to change their mail passwords.  Poppassd was orginal created before one of our product called NetAuth.  NetAuth takes care of password changing, and some other mail features for users and admins.  We suggest that if you are using DMail (our mail server) then you should use NetAuth. For more information about NetAuth see the URL:

http://www.netwinsite.com/netauth

If you are using any other mail server you can still use NetAuth with the unix/nt system password external modules that are available, or you can setup and install poppassd.

This guide is intended for system administrators who want to setup poppassd so that the users can change their passwords.

Poppassd works in conjunction with a CWMail/DMailWeb, your Mail server and your system.  Poppassd will only work if your mail system uses the systems username and password to verify the users.

The following sections describe:


Unix Installation

First you will need to download the poppassd.c click on the link below:

Download File (unix)

poppassd.c

You will need to install poppassd on the same machine that is running your mail server.  Follow these steps to install poppassd. 
Note: To install poppassd you must be a super user (or equalivent).

Step 1.    Double Checking The Source

The popassd.c has been provided for you to double check that no hacking code has been added to breach your security.  I suggest that you take a good look at the code and try to understand what it is doing.

On some machines you may need to make some slight changes to make poppassd work on your system.

Step 2.    Building and Copying Poppassd

The next step is to compile the poppassd.c, the following command should work on most unix systems.

gcc poppassd.c -o poppassd

or

cc poppassd.c -o poppassd

If you receive the following Error:

poppassd.c: In function `chkPass':
poppassd.c:811: warning: passing arg 1 of `strcmp' makes pointer
        from integer wi thout a cast /tmp/cca050571.o:
In function 'chkPass': /tmp/cca050571.o(.text+0xeba):
        undefined reference to `crypt'

Then you will need to compile using the following line:

gcc poppassd.c -o poppassd -lcrypt

For some AIX systems you might have to compile using the following:

gcc poppassd.c -I /usr/local/src/bison-1.22 -o poppassd

Now you have to copy the executable into the following directory:

/usr/local/bin

Note that the owner and group should always be root.  To ensure other users cannot change system passwords.

Step 3.    Informing System of Poppassd

CWMail/DMailWeb is expecting poppassd to be setup on port 106, using TCP protocol. This is done by editing '/etc/services' and adding the follow line:

   poppassd    106/tcp

The file '/etc/inetd.conf' will need to be updated to accept poppassd. The following line will need to be added.

poppassd stream tcp nowait root /usr/local/bin/poppassd poppassd

You will then need to do a:

Kill -HUP inetd

to the inetd process.  This restarts inetd so activating the poppassd service.

Step 4.    Double Checking that the poppassd is working.

To check to see if the poppassd is working you will need to open a telnet session and connect to the machine that has the poppassd, on port 106.

If you get the following prompt then poppassd is correctly working.

200 machine_name popassd v1.4 hello, who are you?


NT Installation

First you will need to download the nt_poppassd.zip click on the link below:

Download File (nt)

nt_poppassd.zip

You will need to install poppassd on the same machine that is running the mail server.  Follow these steps to install poppassd. : To install poppassd you must be an administrator.

Step 1.    Double Checking The Source

The nt_popassd.c has been provided for you to double check that no hacking code has been added to breach your security. I suggest that you take a good look at the code and try to understand what it is doing.

On some machines you might need to make some slight changes to make poppassd work on your system.

Step 2.    Building and Copying Poppassd

Now you may want to compile nt_poppassd.c yourself, or you can use the precompiled nt_poppassd.exe.  How you compile will depend totally on your C compiler.

NOTE: you have to include the libarary:   wsock32.lib

Now you have to copy the executable into the following directory:

\winnt\system32\

Step 3.    Informing System of Poppassd

CWMail/DMailWeb is expecting poppassd to be setup on port 106, using TCP protocol. This is done by setting the compiled program as a Service. A program call:

addsvr.exe

was provided in the archive. This file will make nt_poppassd.exe into a service by typing the following line:

addsvc -add poppassd nt_poppassd.exe "poppassd -- Changing Passwords"

To remove the Service type the following

addsvc -del poppassd

Once setup goto the service's panel
        (ie start -> settings -> control pannel -> services)

Select the labeled "poppassd -- Changing Passwords" and click on the 'startup' button. Change the 'Log On As' to 'This Account' and select an account that is allowed to change passwords. (ie administractor account).

Step 3.    Double Checking that the poppassd is working.

To check to see if the poppassd is working you will need to open a telnet session and connect to the machine that has the poppassd, on port 106.

If you get the following prompt then poppassd is correctly working.

200 popassd v1.0 hello, who are you?


How Poppassd Works

Poppassd is setup on port 106. When connecting to the port 106 of the machine the operating system runs poppassd like an FTP server.

Poppassd prompts the user (CWMail/DMailWeb) for their usename, password and the new password. Depending on whether or not these are correct will depend whether or not the new password is used. On some unix systems there are restrictions on the passwords that are allowed, if such an error occurs it will be sent back to the user.

eg.    500 it's WAY too short
        500 it is based on a dictionary word

The server's responses should be like an FTP server's responses 1xx for in progress, 2xx for success, 3xx for more information needed, 4xx for temporary failure, and 5xx for permanent failure. Putting it all together, here's a sample conversation:

S: 200 machine_name popassd v1.4 hello, who are you?\r\n
E: user yourloginname\r\n
S: 200 your password please.\r\n
E: pass yourcurrentpassword\r\n
S: 200 your new password please.\r\n
E: newpass yournewpassword\r\n
S: 200 Password changed, thank-you.\r\n
E: quit\r\n
S: 200 Bye-bye\r\n
S: <closes connection>
E: <closes connection>

Poppassd is run as root so that it can change the password for the users. It first checks that the username and password are correct, then using the 'passwd' it changes the users password.