App Passwords for docker-mailserver
Recently I got rid of my virtual IPFire firewall and setup a Netgate SG1100 as my home firewall. I did this mainly because the NIC on the IPFire host NUC was starting to fail, also we use Pfsense at work and it's good to be able to tinker on a common platform. As my email server was virtualized on the same host NUC as my firewall I switched my virtual modoboa email server install to the docker-mailserver project. This makes my mail server more portable than the old virtual machine was.
I then setup app specific passwords for my email following this guide Below is the changes I needed to do for the docker image.
Adding this to the docker-mailserver docker-compose.yml
volumes: ################################### #### Dovecot App Passwords Mod #### ################################### - /opt/mail/custom/dovecot/10-auth.conf:/etc/dovecot/conf.d/10-auth.conf:ro - /opt/mail/custom/dovecot/auth-appspecificpasswd.conf.ext:/etc/dovecot/conf.d/auth-appspecificpasswd.conf.ext:ro - /opt/mail/custom/dovecot/app_specific_passwd:/etc/dovecot/app_specific_passwd:ro
The /opt/mail/custom/dovecot/10-auth.conf
file
auth_mechanisms = plain login !include auth-passwdfile.inc !include auth-appspecificpasswd.conf.ext
The /opt/mail/custom/dovecot/auth-appspecificpasswd.conf.ext
file
passdb { driver = passwd-file args = scheme=SHA512-CRYPT username_format=%u /etc/dovecot/app_specific_passwd }
The /opt/mail/custom/dovecot/app_specific_passwd
file (example)
K9emaillapp:{SHA512-CRYPT}123456789...::::::user=foo
Assuming your docker-mailserver is called mail you can get the format you passwords for the app_specific_passwd
file by using:
docker exec -it mail doveadm pw -s SHA512-CRYPT
You can now user the username K9emaillapp
and the associated password to log in to your email account
Comments