Hi everyone,
I run a very small (about 10 users) mailserver setup with the mail-crypt
plugin activated and wanted to transition from a global key setup to
user keys. Since I couldn't find a satisfying solution to reencrypt
mailboxes when users change their password I started writing a script
that ended up being a small webservice giving users a simple selfservice
portal to change their password.
I consider it pretty much done by now and it's public on github.
Maybe it's useful for somebody else. However its use case is very narrow
since I initially wrote this just for myself. It does only support a
Postgres user store for instance.
The main reason, however, for this post is me wondering if anybody would
bother to give me some feedback. Especially for the following aspects:
I execute doveadm from within my application. The advantage is that I
can keep the code very light (~650 lines of code) while at the same time
don't have to care about the crypto stuff which I wouldn't dare trying
anyways.
The disadvantage of this approach is that I had to write a doveadm
wrapper that needs the setuid bit to execute doveadm mailbox commands.
I consider this a bit hacky but a better solution didn't come to my mind.
Another aspect is the password that is being used to encrypt the private
key. When creating a new user in the database I generate a unique salt.
This salt is prefixed to the user's clear text password and the
resulting string is run trough the sha3-512 hash function. The output is
the mail_crypt_private_password.
You find the project here: https://github.com/nonce9/pwch
Criticism is welcome.
Benedikt
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
