RE: [qmailtoaster] qmailadmin password
Hi,
I managed to get things working. The function was called once in qmailadmin.c
and twice in user.c
The RPM and SRPM can be downloaded from the following links.
RPM :
https://www.dropbox.com/s/iq0klajwd779psf/qmailadmin-1.2.16-2.el7.x86_64.rpm?dl=0
SRPM :
https://www.dropbox.com/s/09gy3c4jytovvvt/qmailadmin-1.2.16-2.el7.src.rpm?dl=0
The password should be minimum of 10 characters, one uppercase, one lowercase,
one digit and one symbol.
Please help me to test this.
Best regards
Biju Jose
-Original Message-
From: Biju Jose [mailto:b...@whitesindia.com]
Sent: 18 February 2019 16:19
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] qmailadmin password
Hi,
I have altered the function at this link
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html
Added to code to invoke this in the Change Password option, it is working
fine. Also added it to the create new email id, that is also working fine. But,
so far, I am not able to get the modify email id to check for password
strength. I am struggling here, I am not a C programmer. Any help appreciated.
The code is pasted below.
int check_strong(char *pass_string)
{
if(strlen(pass_string) < 10) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[322]);
return 0;
}
int digit=0;
int lower=0;
int upper=0;
int symbol=0;
int length=strlen(pass_string);
int i;
for(i=0;i= 'a' && (pass_string[i]) <= 'z') l
if((pass_string[i]) >= 'A' && (pass_string[i]) <= 'Z') u
if((pass_string[i]) >= '0' && (pass_string[i]) <= '9') d
if(isdigit(pass_string[i]) == isalpha(pass_string[i])) s
}
}
if( digit == 1 && lower == 1 && upper ==1 && symbol==1 ) return 1;
else{
return 0;
}
}
Best regards
-Original Message-
From: Biju Jose [mailto:b...@whitesindia.com]
Sent: 08 February 2019 20:57
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] qmailadmin password
Hi All,
Sorry for pulling up an old thread.
I am also having trouble in enforcing strong passwords for qmailtoaster, some
of my users use silly easy to guess passwords and I am having trouble to block
the spams passing thru such accounts.
The qmailadmin needs some updates in this regard, but unfortunately, coding is
not my fort, but I can help in whichever way I can, if someone can come
forward to look at this.
Ideally the password should be minimum of 10 characters, with a combination of
lowercaps, uppercaps, numbers and symbols. It should also not contain the name
part of the email id. The changes we make should stay thru the updates also.
Any thoughts on how to go about this?
Best regards
Biju Jose
-Original Message-
From: qmailtoas...@dukat.dk [mailto:qmailtoas...@dukat.dk]
Sent: 21 November 2018 16:33
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] qmailadmin password
Hi Eric
Thanks for your reply.
Yes, but "1234" is not! I would be happy if at least 9 characters were required.
I know there are some patches for qmailadmin out there, but one of
Qmailtoaster's many advantages is that I do not have to compile at all.
Se for example
https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html
or
http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/
or
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html
Sincerely,
Allan Dukat
On 2018-11-20 23:03, Eric Broch wrote:
> Is 16 characters not enough?
>
>
> On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote:
>> Hi List
>>
>> Some of my users' passwords were cracked and my server ended up in
>> some RBLs, so my question is now, will some kind of password policy
>> be implemented in the next realease of Qmailtoaster?
>>
>> Thanks in advance.
>>
>> Sincerely,
>>
>> Allan Dukat
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] qmailadmin password
Hi,
I have altered the function at this link
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html
Added to code to invoke this in the Change Password option, it is working
fine. Also added it to the create new email id, that is also working fine. But,
so far, I am not able to get the modify email id to check for password
strength. I am struggling here, I am not a C programmer. Any help appreciated.
The code is pasted below.
int check_strong(char *pass_string)
{
if(strlen(pass_string) < 10) {
snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[322]);
return 0;
}
int digit=0;
int lower=0;
int upper=0;
int symbol=0;
int length=strlen(pass_string);
int i;
for(i=0;i= 'a' && (pass_string[i]) <= 'z') l
if((pass_string[i]) >= 'A' && (pass_string[i]) <= 'Z') u
if((pass_string[i]) >= '0' && (pass_string[i]) <= '9') d
if(isdigit(pass_string[i]) == isalpha(pass_string[i])) s
}
}
if( digit == 1 && lower == 1 && upper ==1 && symbol==1 ) return 1;
else{
return 0;
}
}
Best regards
-Original Message-
From: Biju Jose [mailto:b...@whitesindia.com]
Sent: 08 February 2019 20:57
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] qmailadmin password
Hi All,
Sorry for pulling up an old thread.
I am also having trouble in enforcing strong passwords for qmailtoaster, some
of my users use silly easy to guess passwords and I am having trouble to block
the spams passing thru such accounts.
The qmailadmin needs some updates in this regard, but unfortunately, coding is
not my fort, but I can help in whichever way I can, if someone can come
forward to look at this.
Ideally the password should be minimum of 10 characters, with a combination of
lowercaps, uppercaps, numbers and symbols. It should also not contain the name
part of the email id. The changes we make should stay thru the updates also.
Any thoughts on how to go about this?
Best regards
Biju Jose
-Original Message-
From: qmailtoas...@dukat.dk [mailto:qmailtoas...@dukat.dk]
Sent: 21 November 2018 16:33
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] qmailadmin password
Hi Eric
Thanks for your reply.
Yes, but "1234" is not! I would be happy if at least 9 characters were required.
I know there are some patches for qmailadmin out there, but one of
Qmailtoaster's many advantages is that I do not have to compile at all.
Se for example
https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html
or
http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/
or
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html
Sincerely,
Allan Dukat
On 2018-11-20 23:03, Eric Broch wrote:
> Is 16 characters not enough?
>
>
> On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote:
>> Hi List
>>
>> Some of my users' passwords were cracked and my server ended up in
>> some RBLs, so my question is now, will some kind of password policy
>> be implemented in the next realease of Qmailtoaster?
>>
>> Thanks in advance.
>>
>> Sincerely,
>>
>> Allan Dukat
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] qmailadmin password
Hi All, Sorry for pulling up an old thread. I am also having trouble in enforcing strong passwords for qmailtoaster, some of my users use silly easy to guess passwords and I am having trouble to block the spams passing thru such accounts. The qmailadmin needs some updates in this regard, but unfortunately, coding is not my fort, but I can help in whichever way I can, if someone can come forward to look at this. Ideally the password should be minimum of 10 characters, with a combination of lowercaps, uppercaps, numbers and symbols. It should also not contain the name part of the email id. The changes we make should stay thru the updates also. Any thoughts on how to go about this? Best regards Biju Jose -Original Message- From: qmailtoas...@dukat.dk [mailto:qmailtoas...@dukat.dk] Sent: 21 November 2018 16:33 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] qmailadmin password Hi Eric Thanks for your reply. Yes, but "1234" is not! I would be happy if at least 9 characters were required. I know there are some patches for qmailadmin out there, but one of Qmailtoaster's many advantages is that I do not have to compile at all. Se for example https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html or http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ or https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Sincerely, Allan Dukat On 2018-11-20 23:03, Eric Broch wrote: > Is 16 characters not enough? > > > On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: >> Hi List >> >> Some of my users' passwords were cracked and my server ended up in >> some RBLs, so my question is now, will some kind of password policy >> be implemented in the next realease of Qmailtoaster? >> >> Thanks in advance. >> >> Sincerely, >> >> Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmailadmin password
Hi Eric Thanks for your reply. Yes, but "1234" is not! I would be happy if at least 9 characters were required. I know there are some patches for qmailadmin out there, but one of Qmailtoaster's many advantages is that I do not have to compile at all. Se for example https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html or http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ or https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Sincerely, Allan Dukat On 2018-11-20 23:03, Eric Broch wrote: Is 16 characters not enough? On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: Hi List Some of my users' passwords were cracked and my server ended up in some RBLs, so my question is now, will some kind of password policy be implemented in the next realease of Qmailtoaster? Thanks in advance. Sincerely, Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmailadmin password
Is 16 characters not enough? On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: Hi List Some of my users' passwords were cracked and my server ended up in some RBLs, so my question is now, will some kind of password policy be implemented in the next realease of Qmailtoaster? Thanks in advance. Sincerely, Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Eric Broch White Horse Technical Consulting (WHTC) - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
