I'm new to the vpopmail list, but not to vpopmail, I've had numerous
requests for a way to enforce password management with vpopmail managed
The reason for my post is the fact that vpopmail doesn't currently offer
a way to do this automatically, but I think there is a way to make it happen
Here is my idea:
write a perl script that will:
use ~vpopmail/bin/vdominfo to get a list of virtual domains.
compare this list with a configuration file in ~vpopmail/etc that stores
a list of domains which are to be EXCLUDED from password enforcement.
If not excluded use
~vpopmail/bin/vuserinfo -n -D domainname
to obtain a list of users on that domain
then compare each "[EMAIL PROTECTED]" to a second configuration file also in
~vpopmail/etc for user exclusions
if the USER is not excluded, then execute this
~vpopmail/bin/vuserinfo -p [EMAIL PROTECTED]
to get the encrypted password.
in a text file database store the username, the encrypted password, and
the date you ran the script.
if the user wasn't found, add a record.
if the user was found compare the date in the record (which should be
the date the password was first seen by the script) and the current date
and age it.
if the password age is >= X + Y days old reset the password to a random
if the password age is >= X days old send a mail warning of an account
(where X and Y are configuration variables in the script concerning the
password age and the delay before suspension)
loop thru all emails and domains in this fashion
If you make this script a daily cron job (after midnight so you don't
have date discrepancies inside the script)
this this gives a rudimentary password management system.
My questions for the list are:
What do you see I've missed, what additional features would you find
Do you think this type of thing has enough value for widespread appeal?
I'd like to make sure that I make this as useful as possible, so any
comments or suggestions are welcome.
If you've already done something like this, would you share your
Nebraska Turkey Growers
1-308-468-5711, ext. 106