Page 1 of 1

Corona Quarantine Project #2 - Limit Outgoing Messages

Posted: 2020-03-23 00:05
by palinka
I had a look at the other variants for limiting outgoing messages. Then I decided to do a corona-chan project out of it. :mrgreen:

Unlike the others, there are no warnings. In reality, if a password is comprimised, 100 messages can go out before the affected user even checks his messages. Instead, I just cut it off - disable the affected account completely. Then an SMS message goes out. The SMS function could easily be replaced by "alternate (non-hMailServer) email address" like a gmail address. In fact, I just thought of that now, so I will incorporate it soon. :mrgreen: Anyway, if your account gets disabled, you can't logon to change the password. That is done via SMS. You can have a random password created for you or you can create your own password. If you opt to create your own, it must be validated for special characters before acceptance. After the new password is created, the account is enabled and you're back in business.

The password changer can also be used if you just want to change your password. The routine is exactly the same, except the account is not disabled before starting.

The other part of the project is initiating 2 factor auth after a period of inactivity. Here, if a user does not logon within N days, at the next logon attempt, the account will be "locked". In reality, nothing changes with the account (its not disabled like above). Instead, a database holds a key that is switched on or off based on the logon condition. The mechanism is RvdH's disconnect.exe, which I found to work well even on localhost. If the switch is on, every attempt by that user will result in being disconnected. At the time of disconnect, a SMS message is sent requesting reply UNLOCK. User replies UNLOCK and switch is turned off. No passwords necessary - just let me know that its actually YOU logging on.

In both cases, minimum requirements are working Gammu SMS (with working gammu-smsd-inject and runonreceive correctly configured), and hMailServer 5.7 -OR- one of RvdH's builds with OnClientLogon included.

Right now there are no setup instructions - I'll take care of that tonight or tomorrow. :mrgreen:

Files here: ... g-Messages

Re: Corona Quarantine Project #2 - Limit Outgoing Messages

Posted: 2020-03-23 14:21
by palinka
I just updated the readme to include instructions.

Re: Corona Quarantine Project #2 - Limit Outgoing Messages

Posted: 2020-03-28 15:47
by palinka
Fixed a couple bugs and added php admin.

The php admin:
* shows active accounts - ones that sent messages today along with the message count
* shows inactive accounts - ones that did not send messages today (I split them for easier / more intuitive viewing)
* search users
* allows for changing/adding mobile number and other variables

Files: ... g-Messages