PWD Module

Password Modification Protocol (poppwd) Configuring the PWD module Providing Access to the Server CLI The CommuniGate PWD module implements a poppwd server for TCP/IP networks. The poppwd protocol allows a client (mailer) application to connect to the Server computer and specify the user (account) name and the password. If access to the specified user account is granted, the mailer application sends the new password to the Server, and the server updates the user password in the user account information data. The PWD module also provides access to the Server Command Line Interface (CLI)

Password Modification Protocol (poppwd)

Since CommuniGate Pro supports 2 passwords per account, the PWD module can be used to modify them both. If the "old" password specified by a mail client matches the user's Server OS password on the server computer, the "new" password is stored as the user's Server OS password (this feature is not available on some platforms).

If the specified "old" password matches the password set in the user's Account Settings, the new password is stored in the Account Settings.

The PWD module checks the Can Modify Password Account Settings option and refuses to modify an account password if this option is disabled.

The PWD module supports the clear text authentication method, and it also supports the secure APOP and SASL AUTH authentication methods.

When used in a Cluster environment, the PWD module can update passwords on other servers.

Configuring the PWD module

Use a Web browser to configure the PWD module. Open the Access page in the WebAdmin Settings section.

Serving PWD Clients
Log: Crashes OnlyFailuresMajor & FailuresProblemsLow LevelAll Info   Channels: off1351025501002505001000 listener

Log

Use this setting to specify what kind of information the PWD module should put in the Server Log. Usually you should use the Major (password modification reports) or Problems (non-fatal errors) levels. But when you experience problems with the PWD module, you may want to set the Log Level setting to Low-Level or All Info: in this case protocol-level or link-level details will be recorded in the System Log as well. Since the poppwd sends passwords in the clear text format, setting the Log to these setting for long periods of time can become a security hole, if the Log file can be copied from the Server computer.

The PWD module records in the System Log are marked with the PWD tag.

channels

When you specify a non-zero value for the TCP/IP Channels setting, the PWD module creates a so-called "listener" on the specified port. The module starts to accept all PWD connections that mail clients establish in order to updates password data. This setting is used to limit the number of simultaneous connections the PWD module can accept. If there are too many incoming connections open, the module will reject new connections, and the user should retry later.
If the number of channels is set to zero, the PWD module closes the listener and releases (unbinds from) the TCP port.

listener

By default, the PWD module Listener accepts clear text connections on the TCP port 106. Follow the listener link to tune the PWD Listener.

Providing Access to the Server CLI

As soon as a PWD user is authenticated, the Server Command Line Interface (CLI) commands are accepted. See the Command Line Interface chapter for the details.