> BTW Greyhat, could you be so kind and tell me wich > application can test for weak passwords in connection > with hmailserver? It seems as you have great experience > with some appliances who would manage this.
I think you'll have to look at the hMailServer "scripting" the program exposes an "object module" which allows one to do almost everything so it may be possible to setup a script to check the entered passwords against some "rules" and refuse weak ones; again, imHo this is something which should be handled by mailserver not a job for ASSP; all in all, mailboxes/accounts are created on the mailserver and is the latter which should check/refuse weak or empty passwords Then, by the way, you may configure LocalFrequencyInt LocalFrequencyNumRcpt and NoLocalFrequency along with NotifyRe so that ASSP will reject messages from a given (local) sender if they're above a given frequency and notify the "postmaster" about the issue In my case I've the following setup LocalFrequencyInt 1800 LocalFrequencyNumRcpt 120 NoLocalFrequency file:files/nofreqlimit.txt and the NotifyRe file contains notification: too many recipients the limits above mean that, in some local users tries to send more than 120 messages (or a single message to more than 120 recipients) in 1800 seconds, further emails will be refused with a "tempfail", further send attempts will be rejected for some time and the admins will be notified; the nofreqlimit.txt file is then filled with addresses of mailing lists and known "good senders" which need to send "mass" mails for good reasons The idea is that if a given account suddenly starts pumping out a flurry of email messages either the box may be compromised (virus) or the account credentials may have been stolen or... someone did just setup a "mailing list" in any case getting an alert about such a thing will allow you to examine the flow and decide what to do (either suspend the account or allow it to send out those messages); all in all, 120 messages in 1800 seconds means sending more than one message every 15 seconds and this isn't so "usual" :) ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
