Percent character in mail_crypt_private_password not possible
mabi
mabi at protonmail.ch
Thu Jul 4 16:05:55 EEST 2019
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday, July 4, 2019 11:18 AM, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote:
> It depends. You can use either one, seehttps://wiki2.dovecot.org/Variables
>
> I think the safest option would be setup LDAP so that the private
> password would be only readable by self, and have dovecot use bind
> authentication. This way you can export it only when you successfully
> log in to LDAP.
Good point regarding LDAP but right now I am using PostgreSQL as backend for storing my accounts and use the following "password_query" parameter:
password_query = SELECT username AS user, password, '%w' AS userdb_mail_crypt_private_password FROM mailboxes WHERE username = '%u'
So based on the Dovecot Variables wiki documentation you mention I could adapt my "password_query" parameter to the following in order to use a SHA512 hash of the password:
password_query = SELECT username AS user, password, '%{sha512:w}' AS userdb_mail_crypt_private_password FROM mailboxes WHERE username = '%u'
is this correct?
I am also not sure about sha512 hash because the Dovecot Variable wiki page does not mention sha512 but only sha256. Is sha512 also available?
More information about the dovecot
mailing list