poppassd - Password change server for Eudora and NUPOP mail clients
DESCRIPTION
poppassd
runs from inetd and listens on TCP port 106 by default. Its sole purpose
in life is to engage in short FTP-like conversations from client applications
and execute (or deny) remote password changes via the PAM facilities
configured in /etc/pam.d/poppassd. The conversation looks something like this:
200 poppassd v1.8.4 hello, who are you?
user adconrad
200 Your password please.
pass foo
200 Your new password please.
newpass bar
200 Password changed, thank-you.
quit
200 Bye.
As can be seen from the example above, unencrypted passwords are transmitted
over the network. Because of this, it is recommended that you use this
daemon only for local loopback password changing (for instance, from Perl,
Python, or PHP web applications on the same server) and block all non-local
access to port 106, either via tcpwrappers (/etc/hosts.deny) or with appropriate
firewall rules.
If sending unencrypted passwords over the wire doesn't bug you terribly much
(as in the case of an ISP with hundreds of POP3 mail accounts), this daemon
can provide a simple way for some of your clients (those running mail clients
that actually support this protocol) to easily change their passwords.
FILES
/etc/pam.d/poppassd
Contains the PAM configuration for poppassd. By default on Debian, it
merely includes the common-auth and common-password files, which should
work in most cases. If this doesn't cut it for your site, tailor to
suit.