Hey Francois; 1) DbMail is a MDA (Mail Distribution Agent), thus unfairly the object of your gripe, but there are certainly a few MUA's (Mail User Agents) which will accomplish your goal.
2) There are a number of WebMail interfaces which with a little bit of additional coding can allow the user to change passwords. I have done it in PHP for SquirrelMail in lieu of the available plug-in but quickly reversed that after too many users changed their password only because the option was there, promptly forgetting the password they entered; the fallout from which rains down on the help desk by phone. :o) Inviting password changes gets exactly that as a result and the goal of 'zero-admin' is foiled by the propensity of most users to mispell and or forget passwords. (If you choose this route you might add a javascript to catch the occasional Caps lock :o)). Keep in mind what you are seeking is system access from a web interface which is best done from a SSL so that only encrypted data is passed to avoid exposing your backend DBMS. The procedure I have found which works best is having users email their password change request to [EMAIL PROTECTED]; or something like that. Admin does the changes on a schedule. Users send their request via Desktop client, SquirrelMail, or whatever WebMail on an SSL. You just put a few words about it on the WebMail login screen or help file.When next their MUA pops up a login window they know the password has been changed and must enter the new password. So there's a couple of approaches. Or you can write your own PERL-based access like at http://jaraok.com which is entirely DBMail (and a few months' work :o). And another is to use LDAP. 3) >>"First of all many users like to know that only them know their own password" << If this is a real expectation you should be using a TLS transport implementation to avoid broadcasting in plaintext their password to the entire globe. The point being that it is pure folly to promote to users that their password is secure and known only to them when in fact it is transmitted in plain text for every POP/IMAP login, permeating each daily log in plain ASCII text and repeatedly occurring in the packets transferred from their computer across many internet hops every fifteen minutes or so while they are using any of the common MUAs with default settings. 4) You might take a close look at the DbMail LDAP feature: http://www.dbmail.org/dokuwiki/doku.php?id=ldap_authentication And maybe read O'Reilly's LDAP Administration book. This is a truly deluxe and very useful approach with good future prospects for managing a large user account base. 5) A DBMA planned release of a PERL-based web client (DbMail WebClient (DBMW)) has been delayed pending the unleashing of the great potential of gmime in the developmental DbMail 2.1 HEAD. If there was any interest I could push out the front-end which does allow password changes, perhaps by V2.2.3. (Use the "contact" link at http://library.mobrien.com/dbmailadministrator/ to add any feature requests.) Happy days... Mike Hi, I've been using DBMAIL for the last few months and am very happy with it. The only problem I have is letting users change their own password. I've googled and searched the mailing list without results. I find it hard to believe that a system that is supposed "in theory" to accommodate millions of accounts does not provide for that functionality. First of all many users like to know that only them know their own password and also if it runs for "millions of accounts", I would not like to be the admin for that system, it would be a full time job for several people.... I would be really grateful if somebody could provide any pointers. Thanks Francois _______________________________________________ Dbmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
