首页 发现 帮助
登录
mirrors
/
mailcow-dockerized
镜像自地址 https://github.com/mailcow/mailcow-dockerized
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

[Dovecot] Remove user queries from passdb + add a second passdb for additional algorithms + create userdb without password queries

André 7 年之前
父节点
a4e96a3fe3
当前提交
2aef18d130
共有 2 个文件被更改,包括 24 次插入6 次删除
分列视图 显示文件统计
  1. 18 4
      data/Dockerfiles/dovecot/docker-entrypoint.sh
  2. 6 2
      data/conf/dovecot/dovecot.conf

+ 18 - 4
data/Dockerfiles/dovecot/docker-entrypoint.sh
查看文件 

@@ -83,16 +83,30 @@ map {
 
 EOF
 
 
 
-# Create user and pass dict for Dovecot
 
-cat <<EOF > /usr/local/etc/dovecot/sql/dovecot-dict-sql-passdb.conf
 
+# Create userdb dict for Dovecot
 
+cat <<EOF > /usr/local/etc/dovecot/sql/dovecot-dict-sql-userdb.conf
 
 driver = mysql
 
 connect = "host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
 
-default_pass_scheme = SSHA256
 
-password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') AND JSON_EXTRACT(attributes, '$.force_pw_update') NOT LIKE '%%1%%'
 
 user_query = SELECT CONCAT('maildir:/var/vmail/',maildir) AS mail, 5000 AS uid, 5000 AS gid, concat('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
 
 iterate_query = SELECT username FROM mailbox WHERE active='1';
 
 EOF
 
 
+# Create default pass dict for Dovecot
 
+cat <<EOF > /usr/local/etc/dovecot/sql/dovecot-dict-sql-ssha256-passdb.conf
 
+driver = mysql
 
+connect = "host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
 
+default_pass_scheme = SSHA256
 
+password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') AND JSON_EXTRACT(attributes, '$.force_pw_update') NOT LIKE '%%1%%'
 
+EOF
 
+
 
+# Create additional passdb dict for Dovecot
 
+cat <<EOF > /usr/local/etc/dovecot/sql/dovecot-dict-sql-additional-passdb.conf
 
+driver = mysql
 
+connect = "host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
 
+default_pass_scheme = ${ADDITIONAL_HASH_SCHEME}
 
+password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') AND JSON_EXTRACT(attributes, '$.force_pw_update') NOT LIKE '%%1%%'
 
+EOF
 
+
 
 # Create global sieve_after script
 
 cat /usr/local/etc/dovecot/sieve_after > /var/vmail/sieve/global.sieve

+ 6 - 2
data/conf/dovecot/dovecot.conf
查看文件 

@@ -43,7 +43,11 @@ passdb {
 
   pass = yes
 
 }
 
 passdb {
 
-  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-passdb.conf
 
+  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-ssha256-passdb.conf
 
+  driver = sql
 
+}
 
+passdb {
 
+  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-additional-passdb.conf
 
   driver = sql
 
 }
 
 # Set doveadm_password=your-secret-password in data/conf/dovecot/extra.conf (create if missing)
 
@@ -238,7 +242,7 @@ listen = *,[::]
 
 ssl_cert = </etc/ssl/mail/cert.pem
 
 ssl_key = </etc/ssl/mail/key.pem
 
 userdb {
 
-  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-passdb.conf
 
+  args = /usr/local/etc/dovecot/sql/dovecot-dict-sql-userdb.conf
 
   driver = sql
 
 }
 
 protocol imap {