1 Topic by redtrouble

  • redtrouble
  • Member
  • Offline
  • Registered: 2011-03-08
  • Posts: 9

Topic: User password security requirements

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): newest
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version:  Debian 10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  pgsql
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? not now
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====


I would like 2 things to be done:
- disallow mailboxes passwords to be weak (min 10 chars),
- require to change passwords every 3 months (with sending mails to them with 14,7, 3, 1 day before blocking an account)

Did anybody know how to do that?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: User password security requirements

redtrouble wrote:

- disallow mailboxes passwords to be weak (min 10 chars),

Roundcube and iRedAdmin-Pro have this feature. SOGo doesn't.

redtrouble wrote:

- require to change passwords every 3 months (with sending mails to them with 14,7, 3, 1 day before blocking an account)

FYI: https://docs.iredmail.org/force.user.to … sword.html