Poppassd server on NT version Rumi, January 9, 2009 Finally got the Poppasswd on NT. It’s essential for 2 mailing systems: Surgemail mail server (http://www.netwinsite.com) Horde for windows version on webmail password change! Actually looking for it for Horde password change application. Few notes from the developer site- This guide is intended for system administrators who want to setup poppassd so that the users can change their passwords. Poppassd will only work if your mail system uses the systems username and password to verify the users. NT Installation First you will need to download the nt_poppassd.zip click on the link below: Download ou will need to install poppassd on the same machine that is running the mail server. Follow these steps to install poppassd. : To install poppassd you must be an administrator. Step 1. Double Checking The Source The nt_popassd.c has been provided for you to double check that no hacking code has been added to breach your security. I suggest that you take a good look at the code and try to understand what it is doing. On some machines you might need to make some slight changes to make poppassd work on your system. Step 2. Building and Copying Poppassd Now you may want to compile nt_poppassd.c yourself, or you can use the precompiled nt_poppassd.exe. How you compile will depend totally on your C compiler. NOTE: you have to include the libarary: wsock32.lib Now you have to copy the executable into the following directory: \winnt\system32\ Step 3. Informing System of Poppassd CWMail/DMailWeb is expecting poppassd to be setup on port 106, using TCP protocol. This is done by setting the compiled program as a Service. A program call: addsvr.exe was provided in the archive. This file will make nt_poppassd.exe into a service by typing the following line: addsvc -add poppassd nt_poppassd.exe “poppassd — Changing Passwords” To remove the Service type the following addsvc -del poppassd Once setup goto the service’s panel (ie start -> settings -> control pannel -> services) Select the labeled “poppassd — Changing Passwords” and click on the ‘startup’ button. Change the ‘Log On As’ to ‘This Account’ and select an account that is allowed to change passwords. (ie administractor account). Step 3. Double Checking that the poppassd is working. To check to see if the poppassd is working you will need to open a telnet session and connect to the machine that has the poppassd, on port 106. If you get the following prompt then poppassd is correctly working. 200 popassd v1.0 hello, who are you? How Poppassd Works Poppassd is setup on port 106. When connecting to the port 106 of the machine the operating system runs poppassd like an FTP server. Poppassd prompts the user (CWMail/DMailWeb) for their usename, password and the new password. Depending on whether or not these are correct will depend whether or not the new password is used. On some unix systems there are restrictions on the passwords that are allowed, if such an error occurs it will be sent back to the user. eg. 500 it’s WAY too short 500 it is based on a dictionary word The server’s responses should be like an FTP server’s responses 1xx for in progress, 2xx for success, 3xx for more information needed, 4xx for temporary failure, and 5xx for permanent failure. Putting it all together, here’s a sample conversation: S: 200 machine_name popassd v1.4 hello, who are you?\r\n E: user yourloginname\r\n S: 200 your password please.\r\n E: pass yourcurrentpassword\r\n S: 200 your new password please.\r\n E: newpass yournewpassword\r\n S: 200 Password changed, thank-you.\r\n E: quit\r\n S: 200 Bye-bye\r\n S: <closes connection> E: <closes connection> Poppassd is run as root so that it can change the password for the users. It first checks that the username and password are correct, then using the ‘passwd’ it changes the users password. Administrations Configurations (Windows)