If you setup your server and setup policies, ie the mail policy to use for example uppers, lowers, digits and symbol and on your user account you dont select to use for example the symbol option, which we are not doing right now because our whmcs passwords dont have them, when you create the customers account, it fails and removes all the options that it creates, ie domain, web, etc almost like a rollback.
- The issue here it seems is the email account it creates is created using the whmcs account password and because there is no symbol it fails and rolls back. The question here then is why not just sync the password options across all services, ie in policies rather have a security policy that applies to all services, because its stupid to have the mail policy separate from the account policy, but then go and use the account password for the email account, maybe rather just generate a random password.
- The second issue is the email account gets created as mail@thedomain.com, can this email account name be changed, ie to postmaster or the accounts name in whmcs (OK I am going to answer this myself, its in mail policies, its the catchall account name that sets this account)? also I see another account gets created automatically system.domain.admin can this also be renamed to another name, ie postmaster ?
- Does smartermail get restarted at any point in this process, as after I create a user and then use whmcs to terminate the users account, the webmail interface gives a page error for about 5 minutes and then becomes active again, if this is the case where can we stop it from doing this, as this is going to affect webmail users
- The password policy also only offers uppers, digits and symbols, can it be amended to force a lowers option as well please. As this causes confusion when a person creates a password without lowers, the error returned does not say use a lower case char as well.
Thanks in advance as always
?
Hello,
- We have separated password policy's for each service as they may have different requirements. We can look into the possibility of creating one which will then set all other password policy's to the same.
- The catch all Account is set in Mail Policy.
- I don't believe that smartermail is reset at all as we just used the API to make and remove domains/accounts.
- We can look into adding lowercase letters to the password complexity.
Kind Regards,
Trevor Robinson
Hi Trevor,
currently if you use the whmcs module it uses the whmcs password for the catchall account. So if the whmcs password doesnt comply it fails to create the domain and all the rest. If you do it manually ie create the account without the symbols in the policy it creates it fine, then if you create an email account manually with symbols it works fine. Its when you use the whmcs to create and the customer hasnt used symbols it fails.
It doesnt need to specifically be a single policy, but maybe the catchall address password can be autogenerated, this will fix the issue and stop the provisioning failure.
The lowercase option is definately needed please..
