URGENT feature request!!! We need to be able to configure password expiration rules (and maybe complexity rules) BY DOMAIN!

Problem reported by Gabriele Maoret - SERSIS - 6/8/2023 at 1:10 AM

Resolved

Having many different customers managed within SmarterMail (each with at least one dedicated Domain), we need to be able to set password expiration BY DOMAIN.

This is because many customers have different policies from each other (examples: someone wants the deadline every three months, someone else every 6 months, still others want it one month and someone does NOT want the deadline...)

The same thing would be nice for password complexity rules as well, but that's less important...

In order not to lose customers, it is therefore necessary to be able to apply different rules to passwords at least for each domain, at least as regards expiration.

If we were able to personalize individual users as well, it would be even better, but at least BY DOMAIN it is absolutely necessary!

Gabriele Maoret - Head of SysAdmins and CISO at SERSIS

Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

21 Replies

Reply to Thread

Zach Sylvester Replied

6/8/2023 at 12:12 PM

Employee Post

Hey Gabriele,

Thank you for submitting this as a feature request! As a current workaround to avoid losing customers, I suggest that you utilize the API to do this. Here is how you could do it.

Get customer's requirements. 1 month, 2 months, etc.
Write a script using the API
1. Get the domain users
2. Make a list of the domain users
3. For each user expire the password.
Execute the script at the prescribed time frame.
1. Since you're using the API you can run this from anywhere that has access to the server.
2. You could set up a task in the Windows task scheduler to run the expiration script.
3. You could setup a Linux environment to run a crontab to run the expiration script

Let me know if you have any questions and if this helps.

Thanks,

Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com

Gabriele Maoret - SERSIS Replied

6/8/2023 at 1:47 PM

Hi Zack!

This is a good idea for an emergency temporary fix...

I will test it and if I can get it to work I think it might be good for my emergency needs at the moment.

However, this is not good for normal SmarterMail server platform administration and maintenance, so I hope this can be done via the webadmin interface in the near future...

Gabriele Maoret - Head of SysAdmins and CISO at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

Gabriele Maoret - SERSIS Replied

6/9/2023 at 7:59 AM

Hi again, Zack!

I took a look at the APIs, but, putting together that I'm not really very good at WEB call programming and that the 2 APIs you mentioned aren't exactly well documented, I think I'll have some difficulties...

Do you happen to already have some examples ready, perhaps executable from a Windows batch file or from PowerShell?

Thanks in advance if you can help me...

J Lee Replied

6/9/2023 at 11:24 AM

Another Per Domain feature would also be great to apply special spam and virus scan rules per domain.

https://portal.smartertools.com/community/a95427/per-domain-spam-and-virus-scanning-settings.aspx

J. Sebastian Lee Service2Client LLC 6333 E Mockingbird Ste 147 Dallas, TX 75214 - 877.251.3273

Gabriele Maoret - SERSIS Replied

6/9/2023 at 12:08 PM

Yeah J, that is another one, but please, write another separate post for it! I'll upvote it for sure

Zach Sylvester Replied

6/11/2023 at 12:26 AM

Employee Post

Hello Gabriele,

Thank you for your prompt response. I have developed a working example of the script, which you can find on GitHub at the following repository: https://github.com/zjs81/SMEXPIRESCRIPT

Feel free to explore the repository to review the code and understand how the script functions.

If you plan to use the script with the task scheduler on Windows, there are a couple of considerations to keep in mind. First, you will need to convert the script to an executable format. There are various tools available that can help you accomplish this, such as PyInstaller or Py2exe.

Additionally, when running the script through the task scheduler, you may encounter an issue where the script is unable to locate the configuration file. This is because the task scheduler doesn't load the user's profile when executing scripts and instead starts them in the "C:\windows\system32" directory.

To address this, you can specify the desired folder by setting the "Start In" folder in the Action section of the Task's properties. This allows you to specify the folder in which the script should be executed, ensuring that the configuration file is found correctly.

If you have any questions please let me know.

Thank you,

Zach Sylvester Software Developer SmarterTools Inc. www.smartertools.com

Gabriele Maoret - SERSIS Replied

6/11/2023 at 1:36 AM

Thanks!

Roger Replied

6/11/2023 at 5:17 AM

I am absolutely in favor of it. We absolutely need to be able to create password rules per domain. I can't just set automatic renewal of passwords after 6 months for all customers and some want it 1 time per year for example. This is really important.

Then you should also be able to set this in the domain preferences for new customers.

Jay Dubb Replied

6/16/2023 at 2:42 PM

+1 for per-domain requirements. I'll add the request for password length per-domain also. Our default is 8 characters, with complexity, but we have a large client who wants at least 12 characters required. They were not happy when told we couldn't do that without affecting all other customer domains on the server.

Gabriele Maoret - SERSIS Replied

6/16/2023 at 2:50 PM

Hi Jay! This is also a really good request!

but... Please create a new separate post for this request...

Rest assured that I will vote for it immediately!!!!

Gabriele Maoret - SERSIS Replied

7/8/2023 at 2:15 AM

still missing function in latest SM 8587...

Roger Replied

7/11/2023 at 9:16 AM

are there any news from SM-Team?

Tim Uzzanti Replied

7/11/2023 at 10:11 AM

Employee Post

That task is bouncing around development and our QC team which means it could be out in a week or two.

Tim Uzzanti CEO SmarterTools Inc. www.smartertools.com

Roger Replied

7/11/2023 at 10:36 AM

This is absolutely brilliant, thank you so much. I am very excited to test this feature.

Gabriele Maoret - SERSIS Replied

7/11/2023 at 6:10 PM

Great! THX Tim!

Gabriele Maoret - SERSIS Replied

7/24/2023 at 12:26 AM

still missing in 8601

Employee Replied

9/19/2023 at 1:40 PM

Employee Post

Just an update that this was included in Build 8629 (Aug 17, 2023).

Gabriele Maoret - SERSIS Replied

9/19/2023 at 11:35 PM

Marked As Resolution

Hi Andrea!

Yes, I can confirm that.

This function is OK

Curtis Kropar www.HawaiianHope.org Replied

9/21/2023 at 5:56 PM

Does this ability also say that I can set a particular email address in a domain, or a domain to NEVER expire the password ?

I wrote this over a year ago and never got a response.

https://portal.smartertools.com/community/a94608/set-only-certain-email-accounts-not-to-expire-password.aspx

www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !