"Fernando Maior" <[EMAIL PROTECTED]> writes: > In general, password expiration is of use when users connect > via IMAP/POP3 to the maildirs, not when they are sending mail. > Because if they are sending mail, probably they are already > logged into the system.
We require our users to do SMTP AUTH if they're remote, so they can relay through our servers. So it would be ideal if all the qmail-ldap auth could do a check against some expiration date. > In that case, try looking at your IMAP/POP3 configuration, or > webmail, that is where you should be checking password > expiration IMHO. I could have a script check for expirations and flip the accountStatus to Disabled. That would be OK, and help enforce our policy here. But where do you suggest storing this expiration date? I'm not smart enough about LDAP schema to know where to put this. While I understand that LDAP entries get a date/time-stamp of their last update, it seems this applies to the entire entry, not just a single attribute like userPassword. Suggestions welcomed. Thanks.
