RE: [qmailtoaster] qmailadmin password
Hi, I managed to get things working. The function was called once in qmailadmin.c and twice in user.c The RPM and SRPM can be downloaded from the following links. RPM : https://www.dropbox.com/s/iq0klajwd779psf/qmailadmin-1.2.16-2.el7.x86_64.rpm?dl=0 SRPM : https://www.dropbox.com/s/09gy3c4jytovvvt/qmailadmin-1.2.16-2.el7.src.rpm?dl=0 The password should be minimum of 10 characters, one uppercase, one lowercase, one digit and one symbol. Please help me to test this. Best regards Biju Jose -Original Message- From: Biju Jose [mailto:b...@whitesindia.com] Sent: 18 February 2019 16:19 To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] qmailadmin password Hi, I have altered the function at this link https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Added to code to invoke this in the Change Password option, it is working fine. Also added it to the create new email id, that is also working fine. But, so far, I am not able to get the modify email id to check for password strength. I am struggling here, I am not a C programmer. Any help appreciated. The code is pasted below. int check_strong(char *pass_string) { if(strlen(pass_string) < 10) { snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[322]); return 0; } int digit=0; int lower=0; int upper=0; int symbol=0; int length=strlen(pass_string); int i; for(i=0;i= 'a' && (pass_string[i]) <= 'z') l if((pass_string[i]) >= 'A' && (pass_string[i]) <= 'Z') u if((pass_string[i]) >= '0' && (pass_string[i]) <= '9') d if(isdigit(pass_string[i]) == isalpha(pass_string[i])) s } } if( digit == 1 && lower == 1 && upper ==1 && symbol==1 ) return 1; else{ return 0; } } Best regards -Original Message- From: Biju Jose [mailto:b...@whitesindia.com] Sent: 08 February 2019 20:57 To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] qmailadmin password Hi All, Sorry for pulling up an old thread. I am also having trouble in enforcing strong passwords for qmailtoaster, some of my users use silly easy to guess passwords and I am having trouble to block the spams passing thru such accounts. The qmailadmin needs some updates in this regard, but unfortunately, coding is not my fort, but I can help in whichever way I can, if someone can come forward to look at this. Ideally the password should be minimum of 10 characters, with a combination of lowercaps, uppercaps, numbers and symbols. It should also not contain the name part of the email id. The changes we make should stay thru the updates also. Any thoughts on how to go about this? Best regards Biju Jose -Original Message- From: qmailtoas...@dukat.dk [mailto:qmailtoas...@dukat.dk] Sent: 21 November 2018 16:33 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] qmailadmin password Hi Eric Thanks for your reply. Yes, but "1234" is not! I would be happy if at least 9 characters were required. I know there are some patches for qmailadmin out there, but one of Qmailtoaster's many advantages is that I do not have to compile at all. Se for example https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html or http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ or https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Sincerely, Allan Dukat On 2018-11-20 23:03, Eric Broch wrote: > Is 16 characters not enough? > > > On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: >> Hi List >> >> Some of my users' passwords were cracked and my server ended up in >> some RBLs, so my question is now, will some kind of password policy >> be implemented in the next realease of Qmailtoaster? >> >> Thanks in advance. >> >> Sincerely, >> >> Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] qmailadmin password
Hi, I have altered the function at this link https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Added to code to invoke this in the Change Password option, it is working fine. Also added it to the create new email id, that is also working fine. But, so far, I am not able to get the modify email id to check for password strength. I am struggling here, I am not a C programmer. Any help appreciated. The code is pasted below. int check_strong(char *pass_string) { if(strlen(pass_string) < 10) { snprintf (StatusMessage, sizeof(StatusMessage), "%s\n", html_text[322]); return 0; } int digit=0; int lower=0; int upper=0; int symbol=0; int length=strlen(pass_string); int i; for(i=0;i= 'a' && (pass_string[i]) <= 'z') l if((pass_string[i]) >= 'A' && (pass_string[i]) <= 'Z') u if((pass_string[i]) >= '0' && (pass_string[i]) <= '9') d if(isdigit(pass_string[i]) == isalpha(pass_string[i])) s } } if( digit == 1 && lower == 1 && upper ==1 && symbol==1 ) return 1; else{ return 0; } } Best regards -Original Message- From: Biju Jose [mailto:b...@whitesindia.com] Sent: 08 February 2019 20:57 To: qmailtoaster-list@qmailtoaster.com Subject: RE: [qmailtoaster] qmailadmin password Hi All, Sorry for pulling up an old thread. I am also having trouble in enforcing strong passwords for qmailtoaster, some of my users use silly easy to guess passwords and I am having trouble to block the spams passing thru such accounts. The qmailadmin needs some updates in this regard, but unfortunately, coding is not my fort, but I can help in whichever way I can, if someone can come forward to look at this. Ideally the password should be minimum of 10 characters, with a combination of lowercaps, uppercaps, numbers and symbols. It should also not contain the name part of the email id. The changes we make should stay thru the updates also. Any thoughts on how to go about this? Best regards Biju Jose -Original Message- From: qmailtoas...@dukat.dk [mailto:qmailtoas...@dukat.dk] Sent: 21 November 2018 16:33 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] qmailadmin password Hi Eric Thanks for your reply. Yes, but "1234" is not! I would be happy if at least 9 characters were required. I know there are some patches for qmailadmin out there, but one of Qmailtoaster's many advantages is that I do not have to compile at all. Se for example https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html or http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ or https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Sincerely, Allan Dukat On 2018-11-20 23:03, Eric Broch wrote: > Is 16 characters not enough? > > > On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: >> Hi List >> >> Some of my users' passwords were cracked and my server ended up in >> some RBLs, so my question is now, will some kind of password policy >> be implemented in the next realease of Qmailtoaster? >> >> Thanks in advance. >> >> Sincerely, >> >> Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] qmailadmin password
Hi All, Sorry for pulling up an old thread. I am also having trouble in enforcing strong passwords for qmailtoaster, some of my users use silly easy to guess passwords and I am having trouble to block the spams passing thru such accounts. The qmailadmin needs some updates in this regard, but unfortunately, coding is not my fort, but I can help in whichever way I can, if someone can come forward to look at this. Ideally the password should be minimum of 10 characters, with a combination of lowercaps, uppercaps, numbers and symbols. It should also not contain the name part of the email id. The changes we make should stay thru the updates also. Any thoughts on how to go about this? Best regards Biju Jose -Original Message- From: qmailtoas...@dukat.dk [mailto:qmailtoas...@dukat.dk] Sent: 21 November 2018 16:33 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] qmailadmin password Hi Eric Thanks for your reply. Yes, but "1234" is not! I would be happy if at least 9 characters were required. I know there are some patches for qmailadmin out there, but one of Qmailtoaster's many advantages is that I do not have to compile at all. Se for example https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html or http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ or https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Sincerely, Allan Dukat On 2018-11-20 23:03, Eric Broch wrote: > Is 16 characters not enough? > > > On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: >> Hi List >> >> Some of my users' passwords were cracked and my server ended up in >> some RBLs, so my question is now, will some kind of password policy >> be implemented in the next realease of Qmailtoaster? >> >> Thanks in advance. >> >> Sincerely, >> >> Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmailadmin password
Hi Eric Thanks for your reply. Yes, but "1234" is not! I would be happy if at least 9 characters were required. I know there are some patches for qmailadmin out there, but one of Qmailtoaster's many advantages is that I do not have to compile at all. Se for example https://notes.sagredo.eu/qmail-notes-185/qmailadmin-password-strenght-patch-175.html or http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ or https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html Sincerely, Allan Dukat On 2018-11-20 23:03, Eric Broch wrote: Is 16 characters not enough? On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: Hi List Some of my users' passwords were cracked and my server ended up in some RBLs, so my question is now, will some kind of password policy be implemented in the next realease of Qmailtoaster? Thanks in advance. Sincerely, Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] qmailadmin password
Is 16 characters not enough? On 11/20/2018 8:30 AM, qmailtoas...@dukat.dk wrote: Hi List Some of my users' passwords were cracked and my server ended up in some RBLs, so my question is now, will some kind of password policy be implemented in the next realease of Qmailtoaster? Thanks in advance. Sincerely, Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Eric Broch White Horse Technical Consulting (WHTC) - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] qmailadmin password
Hi List Some of my users' passwords were cracked and my server ended up in some RBLs, so my question is now, will some kind of password policy be implemented in the next realease of Qmailtoaster? Thanks in advance. Sincerely, Allan Dukat - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] qmailadmin/password complexity for QMT6
Hello People, Someone compiled qmailadmin-1.2.16-0.el6.x86_64 for QMT6 to check passwords. I employed the following this howto ( https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg35569.html) but after compilation would not result :( I need to check passwords entered in qmailadmin for QMT6/CentOS65_x86_64. Best regards, Nikolay
[qmailtoaster] qmailadmin password complexity
hi all has anybody implement the password complexity option in qmailadmin ? i tried using the video provided here but it does not work http://www.youtube.com/watch?v=GyBnwhokscY i have noted down the steps below. I need help on this please. STEPS FOLLOWED PASSWORD COMPLEXITY QMAILADMIN cd /usr/src/qtms-install rpm -Uvh qmailadmin-toaster-1.2.16-1.4.1.src.rpm cd /usr/src/redhat/SOURCES/ tar -xjf qmailadmin-1.2.16.tar.bz2 rm -rf qmailadmin-1.2.16.tar.bz2 cd qmailadmin-1.2.16 nano qmailadmin.c (see changes below) after editing qmailadmin.c nano lang/en edit the error codes cd /usr/src/redhat/SOURCES/ tar cfj qmailadmin-1.2.16.tar.bz2 qmailadmin-1.2.16 cd /usr/src/redhat/SPECS rpmbuild -ba qmailadmin-toaster.spec cd /usr/src/redhat/RPMS/i386 ls -l qmailadmin-toaster* chk the date of file to ensure that it is the new build rpm -Uvh qmailadmin-toaster-1.2.16-1.4.0.i386.rpm rpm -Uvh --replacefiles --replacepkgs qmailadmin-toaster-1.2.16-1.4.1.i386.rpm open qmailadmin.c file ADDITION 1 after #include add #include ADDITION 2 add it before int main(argc,argv) int check_strong(char *pass_string) { int digit=0; int alpha=0; int length=strlen(pass_string); int i; for(i=0;i