Back to Community Threads
4
Disable password strength for existing passwords option not working
Problem reported by Antony - 2/16/2015 at 5:37 PM
Submitted
Yesterday we made a change to the password policy requirements and today users started receiving password policy violation emails stating that outbound messages will be blocked if the password has not been updated by x date.
 
The "Disable password strength for existing passwords" option is also selected. My understanding is that this should mean existing users are not sent these emails and don't have their outbound messages blocked.  For some reason this doesn't appear to be the case.
 
Looks like a bug in the logic somewhere.  

9 Replies

Reply to Thread
0
Employee Replied
2/24/2015 at 3:49 PM
Employee Post
Hello Anthony,
 
Thanks for the information. Can you please verify the specific version of SmarterMail that you have installed. What are the settings enabled for the Auto-block Grace Period and User Notification Timing ? To my knowledge we have made one or two changes to the password requirements in SmarterMail 13.2x build. This may be corrected if you have the opportunity to upgrade to the latest build available.
 
Please let me know and I will continue to test this on our end.
 
Thanks.
 
0
Antony Replied
2/24/2015 at 5:42 PM
Hi Joe,
We are using v13.2.5511 Enterprise
Auto Block grace period was set to 30. We have since extended that to 45 and unchecked the "Disable outgoing SMTP when auto-block grace period ends" oprtion  until we know all the impacts
User Notification timing is 28, 14, 7, 3, 2, 1
Wait to hear from you.
Antony
1
Scarab Replied
3/9/2015 at 11:52 AM
We just experienced the exact same issue after upgrading to SmarterMail Enterprise v13.3.5535 (from v13.1.5451 which did not have this issue). We have "Disable password strength for existing passwords" enabled for "grandfathered" accounts and only want to enforce Password Requirements on new accounts & new passwords. We had quite the Customer Support issue this weekend when several thousand users received an automated Password Policy Violation email from our SmarterMail server.
2
Antony Replied
4/14/2015 at 11:58 AM
Hi Joe
Just wondering if any progress has been made on this issue?
Look forward to hear from you.
Regards
 Antony
1
Antony Replied
5/1/2015 at 12:45 PM
Bump? Has this been fixed?
1
Steve Reid Replied
6/15/2015 at 10:11 AM
4 months without a response on a bug that is reported to still exist...
1
Antony Replied
7/10/2015 at 9:41 AM
Hey Smartertools
May we please have an update on this issue/bug.
It appears that Joe's earlier response has been removed from the thread.
 
0
CCWH Replied
7/11/2015 at 3:03 PM
No response is laughable. I've raised the exact issue in another thread am seen at least one other... ALL with no response from ST staff, just others with the same issue. Suppose this is one no one wants to pick up so waiting for a submitted ticket
0
Employee Replied
7/13/2015 at 1:14 PM
Employee Post
Please see the last post in this thread: http://portal.smartertools.com/community/a86425/disable-password-strength-for-existing-passwords-does-not-work.aspx#91099
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Understanding SNI in SmarterMailSmarterMail > Server Configuration and Management
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
SmarterTrack/WHMCS Addon ModuleUtilities and Conversion Tools
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Manually Securing SmarterMail Using Let's Encrypt and Certify the WebSmarterMail > Installation and Configuration