Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

courierpassd(8) [debian man page]

COURIERPASSD(8) 						  Authentication						   COURIERPASSD(8)

NAME

       courierpassd - change passwords from across the network using the Courier authentication library

SYNOPSIS

       courierpassd [-hV] [-s SERVICE] [--stderr]

       courierpassd -s, --service SERVICE

       courierpassd --stderr

       courierpassd -h, --help

       courierpassd -V, --version

DESCRIPTION

       courierpassd  allows users to change their passwords from remote locations using the Courier authentication library. Usernames can be up to
       64 characters long while passwords can be up to 128 characters long.

       courierpassd uses the poppassd protocol for obtaining authentication tokens from the network. courierpassd is intended to  be  run  from  a
       super-server such as tcpserver or xinetd.

       The  service  specified	by the -s switch will depend on the particular authentication modules installed. Often 'login' will be appropriate
       but other possibilities include 'imap' and 'pop3'. This value defaults to 'login'. See the Courier documentation for a further  explanation
       of this switch.

       The  minimum  uid  that	courierpassd  will  attempt to change a password for can be set at compile time using the configure option --with-
       minuid.	courierpassd will refuse to change the password of a user whose uid is below this value. The default  value  is  100.  This  value
       should never be set to 0 as this would allow root's password to be changed from a remote location.

       A  second  configure  option,  --with-badpassdelay,  can be used to set the delay in seconds that courierpassd sleeps after an unsuccessful
       password change attempt. This feature is designed to make brute force attacks against passwords harder to perform. The default value is 3.

LOGGING

       Logging is done to syslog by default or to stderr if the --stderr switch is used.  courierpassd logs all password change  attempts  whether
       they are successful or not.

       courierpassd  does  certain  checks  on command line arguments so it is important to put --stderr first in the argument list if it is to be
       used in order for these checks to be logged properly.

EXAMPLE CLIENT-SERVER CONVERSATION
       All messages passed between server and client are text based allowing a client session to be easily mimicked  with  telnet.  Using  telnet,
       changing a user's password would look like this:

	    Connected to localhost.localdomain (127.0.0.1).
	    Escape character is '^]'.
	    200 courierpassd 1.1.2 hello, who are you?

	    user <username>

	    200 Your password please.

	    pass <current password>
	    200 Your new password please.

	    newpass <new password>

	    200 Password changed, thank-you.

	    quit

	    200 Bye.

	    Connection closed by foreign host.

BUGS

       If you've found a bug in courierpassd, please report it to freeware@arda.homeunix.net

SEE ALSO

       http://www.courier-mta.org/authlib/

       http://echelon.pl/pubs/poppassd.html

AUTHOR

       courierpassd was written by Andrew St. Jean

       Courier authentication library was written by Sam Varshavchik

       poppassd was written by Pawel Krawczyk based on an ealier version written by John Norstad, Roy Smith and Daniel L. Leavitt

GNU
/Linux							    20 Jan 2005 						   COURIERPASSD(8)

Check Out this Related Man Page

COURIERPOP3D(8) 					      Double Precision, Inc.						   COURIERPOP3D(8)

NAME

       courierpop3d - The Courier POP3 server

SYNOPSIS

       /usr/sbin/couriertcpd {-nodnslookup} {-stderr=syslog} {110} {/usr/lib/courier/courier/courierpop3login} [modules...]
			     {/usr/lib/courier/courier/courierpop3d} {./Maildir}

DESCRIPTION

       This is a simple POP3 server for Maildirs.

	   Note
	   The couriertcpd, courierpop3login, and courierpop3d modules may be installed elsewhere than indicated here.

       courierpop3login is usually started by couriertcpd. It already expects that a POP3 client is connected to standard input and output,
       presumably via a network socket.  courierpop3login reads the POP3 userid and password, then runs the authentication modules. The remaining
       arguments are passed along as arguments to modules.

       modules is one or more authentication modules (see the authlib(7)[1] manual page).

       Each authentication modules runs the program specified by its first argument, allowing the authentication modules to be chained. The last
       program in the chain is courierpop3d , which provides the actual POP3 service. In accordance with the authentication protocol, as described
       in authlib(7)[1] courierpop3d reads file descriptor 3 to see if the userid/password has been succesfully validated. If not, courierpop3d
       terminates.

       Otherwise, courierpop3d expects to be already running under the appropriate user and group id, with its current directory set to the
       account's home directory.

       The first order of business is to find the account's Maildir. If the environment variable MAILDIR is set, that's where we go. That should
       be the pathname to the account's Maildir. The environment variable MAILDIR may be set by the authentication module. If MAILDIR is not set,
       courierpop3d uses its first argument. Usually, the default maildir is $HOME/Maildir, therefore the first argument to courierpop3d is
       "./Maildir".

SEE ALSO

       authlib(7)[1], userdb(8)[2].

AUTHOR

       Sam Varshavchik
	   Author

NOTES

	1. authlib(7)
	   [set $man.base.url.for.relative.links]/authlib.html

	2. userdb(8)
	   [set $man.base.url.for.relative.links]/userdb.html

Courier Mail Server						    04/04/2011							   COURIERPOP3D(8)
Man Page