Provided by: courierpassd_1.1.2-3_amd64 bug

NAME

       courierpassd  -  change passwords from across the network using the Courier authentication
       library

SYNOPSIS

       courierpassd [-hV] [-s SERVICE] [--stderr]

       courierpassd -s, --service SERVICE

       courierpassd --stderr

       courierpassd -h, --help

       courierpassd -V, --version

DESCRIPTION

       courierpassd allows users to change  their  passwords  from  remote  locations  using  the
       Courier  authentication library. Usernames can be up to 64 characters long while passwords
       can be up to 128 characters long.

       courierpassd uses the poppassd protocol  for  obtaining  authentication  tokens  from  the
       network.  courierpassd  is  intended  to  be  run from a super-server such as tcpserver or
       xinetd.

       The service specified by the -s  switch  will  depend  on  the  particular  authentication
       modules  installed.  Often  'login'  will  be  appropriate but other possibilities include
       'imap' and 'pop3'. This value defaults to 'login'. See the  Courier  documentation  for  a
       further explanation of this switch.

       The  minimum  uid  that  courierpassd  will attempt to change a password for can be set at
       compile time using the configure option --with-minuid.  courierpassd will refuse to change
       the password of a user whose uid is below this value. The default value is 100. This value
       should never be set to 0 as this would allow root's password to be changed from  a  remote
       location.

       A  second  configure  option, --with-badpassdelay, can be used to set the delay in seconds
       that courierpassd sleeps after an unsuccessful password change attempt.  This  feature  is
       designed  to  make  brute  force  attacks against passwords harder to perform. The default
       value is 3.

LOGGING

       Logging is done to syslog by default  or  to  stderr  if  the  --stderr  switch  is  used.
       courierpassd logs all password change attempts whether they are successful or not.

       courierpassd  does  certain  checks  on  command  line arguments so it is important to put
       --stderr first in the argument list if it is to be used in order for these  checks  to  be
       logged properly.

EXAMPLE CLIENT-SERVER CONVERSATION

       All  messages passed between server and client are text based allowing a client session to
       be easily mimicked with telnet. Using telnet, changing a user's password would  look  like
       this:

            Connected to localhost.localdomain (127.0.0.1).
            Escape character is '^]'.
            200 courierpassd 1.1.2 hello, who are you?\r\n
            user <username>\r\n
            200 Your password please.\r\n
            pass <current password>
            200 Your new password please.\r\n
            newpass <new password>\r\n
            200 Password changed, thank-you.\r\n
            quit\r\n
            200 Bye.\r\n
            Connection closed by foreign host.

BUGS

       If you've found a bug in courierpassd, please report it to freeware@arda.homeunix.net

SEE ALSO

       http://www.courier-mta.org/authlib/

       http://echelon.pl/pubs/poppassd.html

AUTHOR

       courierpassd was written by Andrew St. Jean

       Courier authentication library was written by Sam Varshavchik

       poppassd was written by Pawel Krawczyk based on an ealier version written by John Norstad,
       Roy Smith and Daniel L. Leavitt