1

Topic: forrce a user password change

==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version: centos 6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx):apache
- Manage mail accounts with iRedAdmin-Pro? PRO
- Related log if you're reporting an issue:
====

trying to follow this and it is not working at all
http://www.iredmail.org/docs/force.user … sword.html

Made the changes and restarted iredapd but one can send email without any warning. setting is the database for that user passwordlastchange is all zeros.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: forrce a user password change

Could you please turn on debug mode in iRedAPD and show us related log with a new testing email?
Reference: http://www.iredmail.org/docs/debug.iredapd.html

3

Re: forrce a user password change

here is the log:

2015-11-19 07:25:14 DEBUG Connect from 127.0.0.1, port 54863.
2015-11-19 07:25:14 DEBUG smtp session: request=smtpd_access_policy
2015-11-19 07:25:14 DEBUG smtp session: protocol_state=END-OF-MESSAGE
2015-11-19 07:25:14 DEBUG smtp session: protocol_name=ESMTP
2015-11-19 07:25:14 DEBUG smtp session: client_address=xxxxx
2015-11-19 07:25:14 DEBUG smtp session: client_name=xxxxx
2015-11-19 07:25:14 DEBUG smtp session: reverse_client_name=xxxxx
2015-11-19 07:25:14 DEBUG smtp session: helo_name=[192.168.2.22]
2015-11-19 07:25:14 DEBUG smtp session: sender=xxxxx
2015-11-19 07:25:14 DEBUG smtp session: recipient=xxxxx
2015-11-19 07:25:14 DEBUG smtp session: recipient_count=1
2015-11-19 07:25:14 DEBUG smtp session: queue_id=07E592A604EB
2015-11-19 07:25:14 DEBUG smtp session: instance=4ad7.564dcdb9.e8cef.0
2015-11-19 07:25:14 DEBUG smtp session: size=544
2015-11-19 07:25:14 DEBUG smtp session: etrn_domain=
2015-11-19 07:25:14 DEBUG smtp session: stress=
2015-11-19 07:25:14 DEBUG smtp session: sasl_method=PLAIN
2015-11-19 07:25:14 DEBUG smtp session: sasl_username=xxxxx
2015-11-19 07:25:14 DEBUG smtp session: sasl_sender=
2015-11-19 07:25:14 DEBUG smtp session: ccert_subject=
2015-11-19 07:25:14 DEBUG smtp session: ccert_issuer=
2015-11-19 07:25:14 DEBUG smtp session: ccert_fingerprint=
2015-11-19 07:25:14 DEBUG smtp session: ccert_pubkey_fingerprint=
2015-11-19 07:25:14 DEBUG smtp session: encryption_protocol=TLSv1.2
2015-11-19 07:25:14 DEBUG smtp session: encryption_cipher=xxxxxx
2015-11-19 07:25:14 DEBUG smtp session: encryption_keysize=128
2015-11-19 07:25:14 DEBUG Skip plugin: reject_null_sender (protocol_state != END-OF-MESSAGE)
2015-11-19 07:25:14 DEBUG --> Apply plugin: amavisd_message_size_limit
2015-11-19 07:25:14 DEBUG Message size: 544
2015-11-19 07:25:14 DEBUG Getting applicable policies
2015-11-19 07:25:14 DEBUG Valid policy accounts for recipient xxxxx: 'xxxxx@xxxxx', '@xxxxx', '@.xxxxxs', '@.'
2015-11-19 07:25:14 DEBUG SELECT policy_name,message_size_limit
                 FROM users, policy
                 WHERE
                    (users.policy_id=policy.id)
                    AND (users.email IN ('xxxx@xxxx', '@xxxx', '@.xxxx', '@.'))
                 ORDER BY users.priority DESC

2015-11-19 07:25:14 DEBUG Error while quering Amavisd policy (xxxx@xxxx): 'Connection' object has no attribute 'fetchmany'
2015-11-19 07:25:14 DEBUG <-- Result: DUNNO
2015-11-19 07:25:14 DEBUG Skip plugin: amavisd_wblist (protocol_state != END-OF-MESSAGE)
2015-11-19 07:25:14 DEBUG Skip plugin: sql_alias_access_policy (protocol_state != END-OF-MESSAGE)
2015-11-19 07:25:14 DEBUG Skip plugin: sql_force_change_password_in_days (protocol_state != END-OF-MESSAGE)
2015-11-19 07:25:14 INFO [x.x.x.x] END-OF-MESSAGE, xxxx@xxxx -> xxxx@xxxx, DUNNO
2015-11-19 07:25:14 DEBUG Session ended

4

Re: forrce a user password change

It sure would be nice to be able to automatically send out an email a few days prior to expiration and ask for them to change it.

5

Re: forrce a user password change

No log related to RCPT protocol state? Or you just didn't copy/paste it?
Pasted log is END-OF-MESSAGE state. Please show me output of command:

postconf smtpd_recipient_restrictions

6

Re: forrce a user password change

[root@ired2 mailscript]# postconf smtpd_recipient_restrictions
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostname, reject_unknown_recipient_domain, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unlisted_recipient, reject_rbl_client bl.spamcop.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client b.barracudacentral.org, check_policy_service inet:127.0.0.1:7777, reject_unauth_destination

7

Re: forrce a user password change

I have the same situation, a hint ?

postconf smtpd_recipient_restrictions
smtpd_recipient_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, permit_sasl_authenticated, reject_unauth_destination, check_sender_access hash:/etc/postfix/sender_checks_my, check_client_access hash:/etc/postfix/rbl_override

Centos 7 / iRedAPD-1.4.4

This can be verified without upgrading ?

8

Re: forrce a user password change

@LukaszR, Please create a new forum topic for your own issue. You're digging a 4 years old forum thread.