Hi,

I've been searching for a couple of days already, but i just couldn't find anything specific to my problem.

I have an email server with Postfix, Dovecot and Openwebmail. For audit-compliance reasons, there is a need to have password expiry. Password expires well during POP3 authentication, so I would say that Dovecot authentication works fine. However my issues are:-

• logging in through Openwebmail is not being checked against expiry.

• changing of password through Openwebmail is able to update /etc/shadow file, but it does not update the last "password change date" in the same file. This results in POP3 failing to authenticate, as to Dovecot, password has already expired.

I'm using:-

• CentOS 5.3

• Postfix 2.3.3

• Dovecot 1.0.7

• Openwebmail 2.53

I tried changing Openwebmail's /var/www/cgi-bin/openwebmail/etc/openwebmail.conf "auth_module" parameter to "auth_pam", I cannot even change passwords using this. As such, I'm using back the original "auth_unix", it works well with password change, but with the issues I specified above. I changed the auth_unix.conf file as well on "check_expire" parameter, but expired users can still log in.

I'm already out of idea, and I've tried reading auth_unix.pl file as well. But I'm not familiar with Perl, and as such I couldn't really modify anything.

I'm hoping to be able to get some assistance here.

Any help would be greatly appreciated. Thank you in advance.