qmailadmin password-strenght patch

April 26, 2015 Roberto Puzzanghera2 comments

A big lack of qmail account managers, expecially qmailadmin, is that they do not provide any password complexity check. A couple of days ago I discovered in one of my servers a "test 123456" account and I realized that the time has come to put a patch on it.

Since I had no luck in having cracklib working inside qmailadmin (see crackilib patch, any help  on the purpose would be veeerrry much appreciated) I've quickly found a solution via a javascript form validation, which refuses unsecure passwords. You can easily customize how it decides to accept/refuse the passwords modifying the file pw_strenght_chk.js in the html dir.

patches | qmail | qmailadmin
add a comment

Comments

where to get and how to apply patch

Peter Sutta January 27, 2018 12:46

Dear Roberto,

i am glad you create such a patch. I would like to get it and make it work. Could you please describe where to get full patch with some short howto apply it on the qmail server?

Thank you in advance.

Reply | Permalink

where to get and how to apply patch

Roberto Puzzanghera January 27, 2018 13:17

sorry the link was broken... here it is http://notes.sagredo.eu/files/qmail/patches/qmailadmin//qmailadmin-1.2.16-pwd-strenght.2015.04.25.patch.

Info about the installation are in the qmailadmin page

Reply | Permalink

qmail notes

General notes

daemontools

ucspi-tcp6

qmail

vpopmail

Patching

Configuring

Testing

autorespond

ezmlm-idx

qmailadmin

Add-ons

RBL

Greetdelay

tcprules

DKIM

SURBL

Limiting per user/domain/IP outgoing emails

Installing a valid SSL certificate

qmail-taps-extended

moreipme

qmHandle

queue-repair

vQadmin

ezmlm-browse

ezmlm-web

rblsmtpd

qmail-rblchk

Dovecot

Running

Testing

Filtering

Expunging

Roundcube

Plugins

Spamassassin

Userprefs

ClamAV

simscan

Testing

fail2ban

Need help?

ChangeLog

Pay me a coffee:

PayPal - The safer, easier way to pay online.

Other contents

Linux-vserver on Slackware

Running two php on the same server

rsync backup via ssh

Securing proftpd

Installing mariaDB

Setting up MySQL

SEO friendly URLs with apache mod_rewrite

Building your ownCloud

Building your own mozilla-sync server

Setting up Tex on Mediawiki

Slackware RSS feeds

English
Italiano
Recent comments

Cant compile libdomainkeys
February 27, 2019 08:46

SMTP reject
February 26, 2019 17:28

Use apache 2.4 with vqadmin
February 26, 2019 16:38

Use apache 2.4 with vqadmin
February 26, 2019 16:15

SMTP reject
February 22, 2019 14:00

SMTP reject
February 21, 2019 22:03

SMTP reject
February 21, 2019 21:56

SMTP reject
February 20, 2019 20:11

Cant compile libdomainkeys
February 20, 2019 19:45

Cant compile libdomainkeys
February 20, 2019 07:24

See also...

qmailadmin password-strenght patch

Tags

apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver mariadb mediawiki mozilla mysql owncloud patches php proftpd qmail qmailadmin rbl roundcube rsync sieve simscan slackware spamassassin ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin

Recent posts

Patching qmail

smtp-auth + qmail-tls + forcetls patch for qmail

Sieve interpreter & Dovecot ManageSieve

simscan

ChangeLog

vQadmin

Setting up your firewall with fail2ban

SURBL filtering configuration

Installing and configuring Spamassassin

Configuring DKIM for qmail

RSS feeds