9
URGENT feature request!!! We need to be able to configure password expiration rules (and maybe complexity rules) BY DOMAIN!
Problem reported by Gabriele Maoret - SERSIS - 6/8/2023 at 1:10 AM
Resolved
Having many different customers managed within SmarterMail (each with at least one dedicated Domain), we need to be able to set password expiration BY DOMAIN.

This is because many customers have different policies from each other (examples: someone wants the deadline every three months, someone else every 6 months, still others want it one month and someone does NOT want the deadline...)

The same thing would be nice for password complexity rules as well, but that's less important...


In order not to lose customers, it is therefore necessary to be able to apply different rules to passwords at least for each domain, at least as regards expiration.


If we were able to personalize individual users as well, it would be even better, but at least BY DOMAIN it is absolutely necessary!
Gabriele Maoret - Head of SysAdmins at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

21 Replies

Reply to Thread
3
Zach Sylvester Replied
Employee Post
Hey Gabriele, 

Thank you for submitting this as a feature request! As a current workaround to avoid losing customers, I suggest that you utilize the API to do this. Here is how you could do it. 

  1. Get customer's requirements. 1 month, 2 months, etc. 
  2. Write a script using the API
    1. Get the domain users
    2. Make a list of the domain users
    3. For each user expire the password. 
  3. Execute the script at the prescribed time frame. 
    1. Since you're using the API you can run this from anywhere that has access to the server.
    2. You could set up a task in the Windows task scheduler to run the expiration script. 
    3. You could setup a Linux environment to run a crontab to run the expiration script
Let me know if you have any questions and if this helps. 

Thanks, 
Zach Sylvester System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Gabriele Maoret - SERSIS Replied
Hi Zack!

This is a good idea for an emergency temporary fix...
I will test it and if I can get it to work I think it might be good for my emergency needs at the moment.

However, this is not good for normal SmarterMail server platform administration and maintenance, so I hope this can be done via the webadmin interface in the near future...
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Gabriele Maoret - SERSIS Replied
Hi again, Zack!

I took a look at the APIs, but, putting together that I'm not really very good at WEB call programming and that the 2 APIs you mentioned aren't exactly well documented, I think I'll have some difficulties...

Do you happen to already have some examples ready, perhaps executable from a Windows batch file or from PowerShell?

Thanks in advance if you can help me...
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
3
J Lee Replied
Another Per Domain feature would also be great to apply special spam and virus scan rules per domain.

J. Sebastian Lee Service2Client LLC 6333 E Mockingbird Ste 147 Dallas, TX 75214 - 877.251.3273
0
Gabriele Maoret - SERSIS Replied
Yeah J, that is another one, but please, write another separate post for it! I'll upvote it for sure
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
1
Zach Sylvester Replied
Employee Post
Hello Gabriele,

Thank you for your prompt response. I have developed a working example of the script, which you can find on GitHub at the following repository: https://github.com/zjs81/SMEXPIRESCRIPT

Feel free to explore the repository to review the code and understand how the script functions.

If you plan to use the script with the task scheduler on Windows, there are a couple of considerations to keep in mind. First, you will need to convert the script to an executable format. There are various tools available that can help you accomplish this, such as PyInstaller or Py2exe.

Additionally, when running the script through the task scheduler, you may encounter an issue where the script is unable to locate the configuration file. This is because the task scheduler doesn't load the user's profile when executing scripts and instead starts them in the "C:\windows\system32" directory.

To address this, you can specify the desired folder by setting the "Start In" folder in the Action section of the Task's properties. This allows you to specify the folder in which the script should be executed, ensuring that the configuration file is found correctly.

If you have any questions please let me know. 

Thank you,
Zach Sylvester System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Gabriele Maoret - SERSIS Replied
Thanks!
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
3
Roger Replied
I am absolutely in favor of it. We absolutely need to be able to create password rules per domain. I can't just set automatic renewal of passwords after 6 months for all customers and some want it 1 time per year for example. This is really important.

Then you should also be able to set this in the domain preferences for new customers.
4
Jay Dubb Replied
+1 for per-domain requirements.  I'll add the request for password length per-domain also.  Our default is 8 characters, with complexity, but we have a large client who wants at least 12 characters required.  They were not happy when told we couldn't do that without affecting all other customer domains on the server.
1
Gabriele Maoret - SERSIS Replied
Hi Jay! This is also a really good request!

but... Please create a new separate post for this request...

Rest assured that I will vote for it immediately!!!!
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Gabriele Maoret - SERSIS Replied
still missing function in latest SM 8587...
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Roger Replied
are there any news from SM-Team?
3
Tim Uzzanti Replied
Employee Post
That task is bouncing around development and our QC team which means it could be out in a week or two.  
Tim Uzzanti CEO SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Roger Replied
This is absolutely brilliant, thank you so much. I am very excited to test this feature.
0
Gabriele Maoret - SERSIS Replied
Great! THX Tim!
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Gabriele Maoret - SERSIS Replied
still missing in 8601
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
1
Employee Replied
Employee Post
Just an update that this was included in Build 8629 (Aug 17, 2023). 
0
Gabriele Maoret - SERSIS Replied
Marked As Resolution
Hi Andrea!

Yes, I can confirm that. 
This function is OK
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Does this ability also say that I can set a particular email address in a domain, or a domain to NEVER expire the password ? 
I wrote this over a year ago and never got a response.
www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !
0
Gabriele Maoret - SERSIS Replied
Hi Curtis!

No, all emails in a domain will have the same expire settings, without exceptions
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
SO I could set up a "messages" domain taht is just used for various web forms and set the domain to not expire, or expire all at the same time ?
www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !

Reply to Thread