How to increase retention days for all Emails
HI,
We want to increase retention days for all the Emails , as per piler.conf the default retention days is 2557 days . The piler in our company is running since year 2013.
What is the procedure to increase retention days to 7300 days for all the emails ?
Is it sufficient to increase piler.conf retention days setting and restart the piler service or any other procedure is to be followed.
Regards,
Rajesh G L
Comments (3)
-
repo owner -
repo owner - changed status to closed
-
reporter Hi Janos,
We have hosted piler 1.3.5 build 997 on Ubuntu 16.04
Recently Vulnerability and penetration test was carried out on piler app.
The following observations was made:
1.Security Misconfiguration - Password with autocomplete enabled. The browser is able to store the user credentials.
Please suggest How to disable autocomplete off in piler application
2.Security Misconfiguration - Parameter Tampering
Issue Description:This attack can be performed by a malicious user who wants to exploit the application for their own benefit, or anattacker who wishes to attack a third person using a Man-in-the-middle attack.Parameter should be validated before processing based on the user/role/data mapping. Unvalidated HTTPparameter leads to exposing unintended functionalities/data to the unauthorized users. And, to delete the recordswhich is created by another user.
Fix Recommendation:
Restrict the functionality based on the user/role.Validate the access on every request based on the user/role/data.
please find the screenshots,(piler1,2,3.png)
- Sensitive Data Exposure - Clear-text Submission of Password
Issue Description:Password is being sent in cleartext which can be intercepted by attacker (using MITM attack).By intercepting the traffic between the client and server attacker can capture the clear-text password and uses itfor launch further attack.Fix Recommendation:
Enable HTTPS with secure SSL/TLS configuration
Encrypt the password.
We have already enabled https for the url , but the auditor suggested to encrypt the password entered in login form.
Please suggest how to encrypt the password
Thanks in advance
- Log in to comment
After you restart piler the new 7300 day retention will affect new incoming emails only. To fix the already archived emails, run the following sql query: