Helpdesk Login
  • Home
  • Services
    • One-Time Support
    • Monthly Management
    • Managed Hosting
    • IT Strategy
  • Pricing
  • Blog
  • About Us
  • Contact Us

Easily Find Bad Email Passwords on Plesk

April 23, 2010Jeff HuckabyEmail

Bad passwords can be costly. Recently, I had to spend several hours cleaning up a server due to poor end-user passwords used for email accounts. Spammers guessed these passwords and starting flooding the system with email. As soon as one account was fixed, they hit another. So I needed a quick way to find bad passwords. While not exhaustive, this little trick can save you a lot of time.

Bad Passwords
To get a list of bad passwords, I turned to the popular Top 500 Worst Passwords of All Time list. This list is rather old and certainly not exhaustive, but bad passwords live long and rarely die, so it is a good place to start.

Plesk Database
Email user passwords are stored in the accounts table in Plesk. Typically they are stored as plain text which makes it easy to search for bad user passwords. The Plesk database (psa) can be overwhelming but Major Hayden of MySQLTuner fame has put together a nice reference site: PleskHacker.

Find Bad Passwords
By querying the Plesk database against the bad password list we can easily find all of the email user accounts that have bad passwords. I’m sure there are better MySQL queries but this one does the job. You must first login to your MySQL database:

mysql -Dpsa -uadmin -p`cat /etc/psa/.psa.shadow`

Then run the query to find bad email passwords.

Note password list is the list of bad passwords you want to test. The 500 bad password list will be very long, so I did not post it here.

select mail_name,name,password from accounts,mail,domains where mail.account_id=accounts.id and mail.dom_id = domains.id and password IN ("password list");

This will return a list of mail name, domain and their password. You can dump this out to a CSV file for further processing.

Here’s a text file with the full MySQL query you can use to run on your server.

What to Do?
Now you have your list, you can work with your clients to change their bad passwords.

You can force them to use good ones by checking the box: “Check the passwords for mailboxes in the dictionary” in Plesk under the mail server settings.

MySQL Help
If any MySQL gurus have a better way to run the query, let me know. Ideally, I would like to simply put my bad password list into a file and then run a query against it. This should be easy enough to script up, I just do not have the time.

Other Bad Passwords
Also, I’ve seen some hosts use the domain name as the password. Or the domain name plus “abc” or “123” or some similar scheme. This is not clever. Attackers know these tricks and once they get a hold of a system with bad passwords, they will often continue to scan until they find other accounts.

Related Post

Playing Nice – Using the Post Master Service...
Forwarded Emails May Cause Backscatter Spam Compla...
How Time to First Byte Impacts Web Performance
PCI Compliance Project: Initial Results
How to Fix Plesk after Red Hat OpenSSL Updates
How to Remove Your IP from the Hotmail Blacklist

Search

Related Post

Help Understanding DNS Lookups – Infographic
Certified Parallels Engineers for Plesk
End of Life for Red Hat Enterprise Linux 3
Email Bac’n is not Spam
How to Run Security Scans in WHM cPanel
How to Create SSL Certificates in cPanel WHM

Company

  • About Us
  • Partners
  • Referral Program
  • Privacy Policy
  • Service Agreements
  • Legal

Services

  • One-Time Support
  • Monthly Management
  • Managed Hosting
  • IT Strategy

Resources

  • Helpdesk Login
  • Billing Login

Follow Us

Facebook
Twitter
LinkedIn
YouTube
SSL Secured

© 2017 All rights reserved. rackAID LLC