Code Locket Menu

Roundcube Password Plugin with doveadm

Blog post created on 2015-07-24

Sys AdminEmail

Roundcube enables users to update their own passwords very easily via the passwords plugin. It is not obvious, however, how to configure the plugin to make use of the doveadm script as the install instructions only reference how to configure the plugin via SQL functions. On my email server, for example, passwords are stored in the database after being hashed using the following command:

doveadm pw -s SHA512-CRYPT -p$PASS

It is surprisingly simple to configure the password plugin to use the same hashing method. Open the plugin configuration file, usually found at /usr/share/roundcubemail/plugins/password/, and ensure the following settings are correct:

$config['password_db_dsn'] = 'mysql://USER:PASS@localhost/DB';
$config['password_dovecotpw'] = 'doveadm pw';
$config['password_dovecotpw_method'] = 'SHA512-CRYPT';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE maildb.users SET crypt=%D WHERE id=%u LIMIT 1';

Ensure to adjust the MySQL connection string and query appropriately to match with your database settings and schema. The magic all happens when using the %D variable as that will trigger the script. Once you have made the edits you are ready to go. Just ensure the plugin has been activated in the Roundcube main configuration file!