1 Topic by yavuz.maslak

  • yavuz.maslak
  • Member
  • Offline
  • Registered: 2014-07-30
  • Posts: 159

Topic: force change password in n days in my configuration doesn't work

==== Required information ====
- iRedMail version: 0.9.2
- Store mail accounts in which backend MySQL
- Web server (Apache
- Linux/BSD distribution name and version: 14.0.4.2
- Related log if you're reporting an issue:
====
I added plugin sql_force_change_password_in_day. Although  changing my password the server rejects to send my mails.

# tail -f /var/log/iredapd.log
2015-06-10 13:08:27 INFO Loading plugin: amavisd_wblist
2015-06-10 13:08:27 INFO Loading plugin: sql_alias_access_policy
2015-06-10 13:08:27 INFO Loading plugin: sql_force_change_password_in_days
2015-06-10 13:08:38 INFO [10.21.28.175] RCPT, maslak@test.domain.com -> maslakyavuz@gmail.com, REJECT Please change your password in webmail before sending email: https://mailbox.test.domain.com/mail

what can be the problem?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: force change password in n days in my configuration doesn't work

Please turn on debug mode in iRedAPD, send one testing email again, then show us full log in /var/log/iredapd.log.
http://www.iredmail.org/docs/debug.iredapd.html

3 Reply by yavuz.maslak

  • yavuz.maslak
  • Member
  • Offline
  • Registered: 2014-07-30
  • Posts: 159

Re: force change password in n days in my configuration doesn't work

ZhangHuangbin wrote:

Please turn on debug mode in iRedAPD, send one testing email again, then show us full log in /var/log/iredapd.log.
http://www.iredmail.org/docs/debug.iredapd.html

I set debug mode  in level of debug.

I just changed password  and then I can not send mail.  my debug log as following

2015-06-14 21:38:23 DEBUG SQL: record: None
2015-06-14 21:38:23 DEBUG <-- Result: DUNNO (Not a mail alias account)
2015-06-14 21:38:23 DEBUG --> Apply plugin: sql_force_change_password_in_days
2015-06-14 21:38:23 DEBUG SQL to get mailbox.passwordlastchange of sender (maslak@test.domain.com): SELECT passwordlastchange FROM mailbox WHERE username='maslak@test.domain.com' LIMIT 1
2015-06-14 21:38:23 DEBUG Returned SQL Record: (datetime.datetime(2015, 6, 14, 21, 31, 31),)
2015-06-14 21:38:23 DEBUG Date of password last change: 2015-06-14 21:31:31
2015-06-14 21:38:23 DEBUG Sender didn't change password before.
2015-06-14 21:38:23 DEBUG <-- Result: REJECT Please change your password in webmail before sending email: https://mailbox.test.domain.com/mail
2015-06-14 21:38:23 DEBUG INSERT INTO log (admin, ip, msg, timestamp) VALUES ('iredapd', '10.212.141.254', 'REJECT Please change your password in webmail before sending email: https://mailbox.test.domain.com/mail (maslak@test.domain.com -> maslakyavuz@gmail.com, sql_force_change_password_in_days)', NOW());

4 Reply by yavuz.maslak

  • yavuz.maslak
  • Member
  • Offline
  • Registered: 2014-07-30
  • Posts: 159

Re: force change password in n days in my configuration doesn't work

Hello ZhangHuangbin

is there a progress about that ?

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: force change password in n days in my configuration doesn't work

yavuz.maslak wrote:

2015-06-14 21:38:23 DEBUG --> Apply plugin: sql_force_change_password_in_days
2015-06-14 21:38:23 DEBUG SQL to get mailbox.passwordlastchange of sender (maslak@test.domain.com): SELECT passwordlastchange FROM mailbox WHERE username='maslak@test.domain.com' LIMIT 1
2015-06-14 21:38:23 DEBUG Returned SQL Record: (datetime.datetime(2015, 6, 14, 21, 31, 31),)
2015-06-14 21:38:23 DEBUG Date of password last change: 2015-06-14 21:31:31
2015-06-14 21:38:23 DEBUG Sender didn't change password before.

Looks like a bug in iRedAPD plugin.
Please try this patch, and do let me know whether or not it works for you:

diff -r 6b20219a5892 plugins/sql_force_change_password_in_days.py
--- a/plugins/sql_force_change_password_in_days.py    Sat Jun 20 10:03:34 2015 +0800
+++ b/plugins/sql_force_change_password_in_days.py    Fri Jun 26 11:24:53 2015 +0800
@@ -56,11 +56,11 @@
 
     # Compare date to make sure it's less than CHANGE_PASSWORD_DAYS.
     shift = datetime.datetime.now() - pwchdate
-    if not shift < datetime.timedelta(days=settings.CHANGE_PASSWORD_DAYS):
-        logging.debug("Password last change date is older than %d days." % settings.CHANGE_PASSWORD_DAYS)
-        return reject_action
+    if shift < datetime.timedelta(days=settings.CHANGE_PASSWORD_DAYS):
+        logging.debug("Current password was changed in %d days." % settings.CHANGE_PASSWORD_DAYS)
+        return SMTP_ACTIONS['default']
     else:
-        logging.debug("Sender didn't change password before.")
+        logging.debug("Sender didn't change password in last %d days." % settings.CHANGE_PASSWORD_DAYS)
         return reject_action
 
     logging.debug("Sender will be forced to change password on %s." % str(pwchdate + datetime.timedelta(days=settings.CHANGE_PASSWORD_DAYS)))

6 Reply by yavuz.maslak

  • yavuz.maslak
  • Member
  • Offline
  • Registered: 2014-07-30
  • Posts: 159

Re: force change password in n days in my configuration doesn't work

How can i apply this patch ? could you give the command you will need to execute?
Thanks

ZhangHuangbin wrote:
yavuz.maslak wrote:

2015-06-14 21:38:23 DEBUG --> Apply plugin: sql_force_change_password_in_days
2015-06-14 21:38:23 DEBUG SQL to get mailbox.passwordlastchange of sender (maslak@test.domain.com): SELECT passwordlastchange FROM mailbox WHERE username='maslak@test.domain.com' LIMIT 1
2015-06-14 21:38:23 DEBUG Returned SQL Record: (datetime.datetime(2015, 6, 14, 21, 31, 31),)
2015-06-14 21:38:23 DEBUG Date of password last change: 2015-06-14 21:31:31
2015-06-14 21:38:23 DEBUG Sender didn't change password before.

Looks like a bug in iRedAPD plugin.
Please try this patch, and do let me know whether or not it works for you:

diff -r 6b20219a5892 plugins/sql_force_change_password_in_days.py
--- a/plugins/sql_force_change_password_in_days.py    Sat Jun 20 10:03:34 2015 +0800
+++ b/plugins/sql_force_change_password_in_days.py    Fri Jun 26 11:24:53 2015 +0800
@@ -56,11 +56,11 @@
 
     # Compare date to make sure it's less than CHANGE_PASSWORD_DAYS.
     shift = datetime.datetime.now() - pwchdate
-    if not shift < datetime.timedelta(days=settings.CHANGE_PASSWORD_DAYS):
-        logging.debug("Password last change date is older than %d days." % settings.CHANGE_PASSWORD_DAYS)
-        return reject_action
+    if shift < datetime.timedelta(days=settings.CHANGE_PASSWORD_DAYS):
+        logging.debug("Current password was changed in %d days." % settings.CHANGE_PASSWORD_DAYS)
+        return SMTP_ACTIONS['default']
     else:
-        logging.debug("Sender didn't change password before.")
+        logging.debug("Sender didn't change password in last %d days." % settings.CHANGE_PASSWORD_DAYS)
         return reject_action
 
     logging.debug("Sender will be forced to change password on %s." % str(pwchdate + datetime.timedelta(days=settings.CHANGE_PASSWORD_DAYS)))

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: force change password in n days in my configuration doesn't work

OK, try this instead:

*) Download this file: https://bitbucket.org/zhb/iredapd/raw/d … in_days.py

*) Override file /opt/iredapd/plugins/sql_force_change_password_in_days.py with downloaded one.
*) Restart iRedAPD service.

8 Reply by yavuz.maslak

  • yavuz.maslak
  • Member
  • Offline
  • Registered: 2014-07-30
  • Posts: 159

Re: force change password in n days in my configuration doesn't work

Thank you Zhang .  the patch works

ZhangHuangbin wrote:

OK, try this instead:

*) Download this file: https://bitbucket.org/zhb/iredapd/raw/d … in_days.py

*) Override file /opt/iredapd/plugins/sql_force_change_password_in_days.py with downloaded one.
*) Restart iRedAPD service.

9 Reply by yavuz.maslak

  • yavuz.maslak
  • Member
  • Offline
  • Registered: 2014-07-30
  • Posts: 159

Re: force change password in n days in my configuration doesn't work

well , can i specify exceptions for some mail accounts? such as 'Never expires for for accounts
 

ZhangHuangbin wrote:

OK, try this instead:

*) Download this file: https://bitbucket.org/zhb/iredapd/raw/d … in_days.py

*) Override file /opt/iredapd/plugins/sql_force_change_password_in_days.py with downloaded one.
*) Restart iRedAPD service.

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: force change password in n days in my configuration doesn't work

yavuz.maslak wrote:

well , can i specify exceptions for some mail accounts? such as 'Never expires for for accounts

Not supported yet.

it's a good idea, and here's patch to support this feature. (This patch will be included in next iRedAPD release.)
https://bitbucket.org/zhb/iredapd/commi … 0fee1957d1