Steve Rookard ( (no email) )
Fri, 28 Apr 2000 20:10:01 -0400

You can edit the html in chgpass.html to not allow them to enter anything.
I guess there is no harm no foul in having them see the option -- but then
politely inform them that this `really` isn't an option.

(i.e. I don't know how to remove the option from the main menu -- but I know
how to make it so that they can't change the password even if they decide to
click on the option)

Remember to delete the chgpass.par file that gets created (and then you
might want to restart the web option)

Just my 2 cents.

-Steve Rookard

-----Original Message-----
[]On Behalf Of Rob Witzel
Sent: Friday, April 28, 2000 6:51 PM
Subject: [Emerald]

We are using Emerald 331, SQL 6.5, Imail V6.02 authenticating off of the SQL
db with the emeralth dll.

We have recently discovered that when a customer accesses the imail web
interface, they can change their password in the SQL/radius/ imail database,
even though th option to change password for imail is disabled.

Ipswitch tech support says that it is a problem with the emerauth dll.

The customer that changed her password has somehow damaged her mailbox and
could not receive mail until I deleted her mailbox and recreated it.

We absolutly do not want our customers to be able to change their passwords.

Is there anything that we can do about this.

For more information about this list (including removal) go to: