1

Topic: How to setup pam.d POPPASSD to work with iredmail

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS 6.4
- Related log if you're reporting an issue:
====

I am using AfterLogic as a webmail client and my users would like to be able to change their passwords within this.  Afterlogic says it will use POPPASSD for password changes, so I am attempting to install it but am having issues with the pam.d poppassd config file.  I'm not sure the best way to set this up as I'm very green in how pam.d works. I've tried a number of configurations, but everytime I run poppassd it will not accept my old password.  Here is what is in my /etc/pam.d/poppassd file currently:

auth required /lib64/security/pam_unix_auth.so shadow nullok
account required /lib64/security/pam_unix_acct.so
password required /lib64/security/pam_cracklib.so retry=3
password required /lib64/security/pam_unix_passwd.so use_authtok nullok

Here is what Poppassd tells me - I am using the correct password for the account:

200 poppassd v1.8.5 hello, who are you?
user marcus@******.ca
200 Your password please.
pass ******
500 Old password is incorrect.

I've confirmed that the .so modules do exist in these locations.  I think the issue is that it needs to get the password from mySQL and I'm unsure how to get it to communicate with that.  I've been googling for hours and after trying numerous variations for pam.d I am giving up!  If anyone can point me in the right direction I'd be grateful!

2

Re: How to setup pam.d POPPASSD to work with iredmail

1) You should ask support from AfterLogic, it's their product. iRedMail doesn't ship it and we don't know how it works at all.
2) Am i right that poppassd is used to change password for system users, not user stored in SQL/LDAP?

3

Re: How to setup pam.d POPPASSD to work with iredmail

Zhang,
Thanks for the quick response.  I think you may be right that poppassd is meant only for system users - likely no way for it to work with AfterLogic (which is a beautiful webmail client FYI - perhaps a bit too basic though).  I'll await a response from AfterLogic, thanks for your feedback!