password expire warning for dovecot users in IMAP/POP login

Michael Slusarz michael.slusarz at dovecot.fi
Wed Jun 8 14:26:28 UTC 2016


The correct way to handle this IMAP-wise would be to return the EXPIRED response code (https://tools.ietf.org/html/rfc5530#section-3).  But this requires client support to report to the end user.  (And also requires that Dovecot would be able to determine from authentication source that the credentials are expired, as opposed to incorrect.)

michael

> On June 8, 2016 at 2:51 AM "A.L.E.C" <alec at alec.pl> wrote:
> 
> On 06/08/2016 10:39 AM, mkawada at redhat.com wrote:
> 
> > To make it happen, no need to add any other configurations on LDAP end
> > once possword policy is correctly set?
> 
> You've got me wrong. I just responded to Aki's question. ALERT feature
> could be used to send the message to the client, but there's no code to
> handle such LDAP password policies/notices yet.
> 
> --
> Aleksander 'A.L.E.C' Machniak
> Kolab Groupware Developer [http://kolab.org]
> 
> Roundcube Webmail Developer [http://roundcube.net]
> 
> ---------------------------------------------------
> PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl


More information about the dovecot mailing list