The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Temporarily Set Minimum Email Password Length

Discussion in 'Security' started by _jman, Jun 22, 2014.

  1. _jman

    _jman Member

    Joined:
    Jan 17, 2007
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Hi, have need for an email account with a password < the minimum 5 chars enforced in the email setup screens.

    Not worried about security. It'll get locked down through Exim so that account can only send via one IP (which is pretty closely monitored).

    How do I temporarily get cPanel to allow a shorter email password length?

    If there's a CLI method that'd be fine too.

    Thanks!
    --
    Carl
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Wait, you want a password shorter than 5 characters? I probably could figure out a way to do it, but in good conscience, I could never advise anyone of how.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,676
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. _jman

    _jman Member

    Joined:
    Jan 17, 2007
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Emailing invoices out of QB. Thanks to Yahoo and the DMARC issue, Intuit in their wisdom is now showing @quickbooks.com in the from address rather than the company's.

    Sure, they can call folks and tell them to look in junk, but that won't fix the problem. Se we have to switch to webmail, sending the email from our server instead of theirs.

    Alas, their implementation of that method doesn't store the password, so the sales staff has to enter it every time an invoice is sent. Ugh.

    Everyone dials into one server to run QB, so we can lock down the from address in Exim, allowing messages to only be send from a single IP. That part's already covered. Don't want the account to be used for spam!

    (Intuit hasn't considered all the ramifications yet, either. We've already run into a customer who also happens to use our same e-faxing service. I've had to plug the Intuit from address into our allowed senders to allow e-faxing of invoices. Now that customer gets our cover letter with *their* faxed QB invoices. More Ugh.)

    So, not the best solution, but do need a 1 character PW for this one specific, secured email account.

    A CLI solution would be the best; have read elsewhere the length is being enforced somewhere in /etc/pam.d - just not sure where. Figure it's a simple matter of temporarily modifying a file, restarting some service, updating the PW for that one account, then setting it back.
     
  5. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Why do you have to use webmail? You couldn't use a mail client which stores the password, or a script which is configured to authenticate to the proper SMTP server?

    I sent you instructions privately on how to generate your own PW hash, since in the interest of security I would prefer not to post those publicly as it can allow setting some really horribly bad passwords.
     
    #5 quizknows, Jun 23, 2014
    Last edited: Jun 23, 2014
Loading...

Share This Page