Heyyas,
I was wondering if there was a way to, or any plans to add a way
to disallow blank/empty passwords? Due to a lot of traveling I like to
use my qmail/vpopmail server as a relay, closed to the world
obviously, but open to anyone who can authenticate. A fair amount of
people use the system, some of which are not tech savvy.
I've had a few problems caused by people scanning for accounts
with blank passwords, finding one, and exploiting the account to relay
spam. I understand that this is really an administration issue, but
rather than have a cronjob that mails me a list of accounts without a
password, it would be nice if there was a way to not accept a blank
password. If anyone knows how to do this on a vpopmail level as well,
that would rock.
Thanks,
Korf
- [qmailadmin] Blank Passwords qmailadmin
-
