Robert Blayzor <rblayzor.bulk@inoc.net> writes:

Is there a way to configure Dovecot to perhaps filter/enforce which passwords are accepted before authenticating? Ie: Reject immediately (without a database lookup) if password is not X characters in length?

Yes, use the checkpassword hook.

http://wiki.dovecot.org/AuthDatabase/CheckPassword

I think there also some PAM module that you can stack into your system that will enforce password policies.

Joseph Tam <jtam.home@gmail.com>