April 26, 2015 Roberto Puzzanghera2 comments
A big lack of
qmail account managers, expecially
qmailadmin, is that they do not provide any password complexity check. A couple of days ago I discovered in one of my servers a "test 123456" account and I realized that the time has come to put a patch on it.
Since I had no luck in having
cracklib working inside
qmailadmin (see crackilib patch, any help on the purpose would be veeerrry much appreciated) I've quickly found a solution via a
pw_strenght_chk.js in the html dir.
apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver mariadb mediawiki mozilla mysql owncloud patches php proftpd qmail qmailadmin rbl roundcube rsync sieve simscan slackware spamassassin ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin