changing email password for users

Discussion in 'Feature Requests' started by Ovidiu, May 21, 2009.

  1. Ovidiu

    Ovidiu Active Member

    anyone able or interested in making a how-to using this plugin: http://squirrelmail.org/plugin_view.php?id=25 for squirrelmail?

    seeing squirrelmail comes recommended with ispcfg3 it would be great if users could change their email passwords.

    what about the big players here? how do you solve this for your email users?

    my few users are upset about not being able to change their passwords :-(
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    On most systems the owner of the website (client) manages the passwords for his email accounts and not the email user itself.
     
  3. Ovidiu

    Ovidiu Active Member

    ok, I understand that point of view, but still if someone has a couple of minutes, maybe he can check the config file of this plugin?

    shouldn't be that hard if one knows where/how passwords are stored for virtualusers

    http://pastebin.com/f135629b1
     
  4. BorderAmigos

    BorderAmigos New Member

    They are stored (in my case) in the database 'dbispconfig', table 'mail_user', column 'password'. But they are hashed to some obscure value. I have many names accounts that use the same password but in the database they show differently.
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    The passwords are encrypted with the default linux encryption and thats not obscure at all. It is a crypt md5 encryption with salt, so the hash is always different to prevent dictionary attacks. Its the same encryption that linux uses for passwprds in the /etc/shadow file.
     
  6. BorderAmigos

    BorderAmigos New Member

    All encryption is obscure to someone who knows nothing about encryption :confused:, but I've been studying it since the first post and am catching up. Is the 'salt' from ISPConfig or from elsewhere in the Linux system? (sasl?) I'm still studying that part.

    edit: (Directly changing the database may mess things up, I'm just experimenting).

    For the password to store in the above mentioned database it seems you would choose your PASSWORD and an 8 character salt value SALTSALT then
    Code:
    $password = '$1$SALTSALT$'.crypt('PASSWORD','$1$SALTSALT$');
    
    or something similar.

    What I'm curious about is if then using some php code to change the password in the database, will that automatically be read by ISPConfig, PostFix, Courier, et cetera? Or will it have to wait on a cron job or need some sort of restart or trigger before it goes into effect?
     
    Last edited: May 23, 2009
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    The salt is a random 8 character value, it should be different for every password.

    For courier and smtp and ispconfig it is enough to chnage it in the database. If ispconfig will support other configurations which may need to change config files then it will not be enough to change only the db, in that case also a record will have to be written to the sys_datalog to start the server side processing of the changes.
     
  8. freeeeeedy

    freeeeeedy New Member

    for squirrelmail + change_sqlpass
    you may need to change these in config.php

    $password_encryption = 'PHPCRYPT';
    $csp_salt_query = 'SELECT CONCAT(\'$1$\', SUBSTRING(SUBSTRING( PASSWORD , (LENGTH( SUBSTRING_INDEX( PASSWORD , \'$\', 2 ) ) +2 )) FROM 1 FOR 8)) FROM mail_user WHERE email = "%1"';

    and remark this
    //$csp_salt_static = '';

    Hope this help
     
  9. klonos

    klonos New Member

    Does this work with ispc3?

    Does it???
     
  10. freeeeeedy

    freeeeeedy New Member

    I think this is a Squirrelmail + change_sqlpass issue

    it doesn't related to ISPConfig
     
  11. CubAfull

    CubAfull Member

    I sussefully implement this future in my server... going to make a guide...

    post here or make a Linux tutorial in the frontpage ? :confused:
     
  12. falko

    falko Super Moderator ISPConfig Developer

    You can email the tutorial to me, and I'll publish it for you. :)

    ft [at] falkotimme [dot] com
     
  13. CubAfull

    CubAfull Member

    hi falko,
    I've sent you an email with a tutorial that I have done :)

    thank you
     
  14. klonos

    klonos New Member

    Hey falco, let us know once you're done. Thanx in advance!
     
  15. CubAfull

    CubAfull Member

  16. dreamsky

    dreamsky New Member

    my server debian squeeze with bind and dovecot ispconfig3 and i follow this configuration "http://www.howtoforge.com/perfect-server-debian-squeeze-with-bind-and-dovecot-ispconfig-3" i create ftp and database for my website and it's work,
    but i can't open mydomain.com/webmail so i must do step "20.2"
    but when i follow this configuration "http://www.howtoforge.com/how-to-configure-squirrelmail-to-allow-users-to-change-their-email-passwords-on-an-ispconfig-3-server" to change password user i got this error when i change password "Could not find Pear DB library"
    when i don't do step "20.2" i succeed change password but i can't open mydomain.com/webmail, i open webmail using ip 192.168.0.100/webmail

    anyone can help me so
    1. i can create ftp and database for my website
    2. i can open mydomain.com/webmail and
    3. i can change password succeed ?

    thx before
     
    Last edited: May 23, 2012
  17. falko

    falko Super Moderator ISPConfig Developer

    Please add /usr/share/php to open_basedir of the website from which you want to access webmail.
     
  18. dreamsky

    dreamsky New Member

  19. forbin42

    forbin42 New Member

    This works great. I am getting one error though where the server says that it can't understand the command because of SSL. I changed the port in the config but still get the error. Just an FYI, the password change is successful, just that the server returns the error.

    Corrupted Content Error

    The page you are trying to view cannot be shown because an error in the data transmission was detected.

    The page you are trying to view cannot be shown because an error in the data transmission was detected.Please contact the website owners to inform them of this problem.
     
  20. charlesthomas

    charlesthomas New Member

    I am aware in which perspective, but nevertheless in case someone has a minute or two, maybe he is able to examine the config data file on this plugin?
     

Share This Page