Hi everyone,

I have been running a Qmail mail server for a few months already but now boss wants passwords and emails encrypted and not plain text.

Does anyone have any ideas how to do this? I am not really worried about the emails at this stage because we have told users to not store on the server anyways but the passwords I can understand is insecure. I have installed VqAdmin and it will show the text passwords for all users.

Any help would be great.

Ta
Chris

If you are asking how to encrypt authentication and sending of email then all you have to do is get/generate a SSL cert and enable TLS.

Are you using pop or imap? Which prog are you using for this?

no not really. When I go into Vqadmin I can see everyones passwords. They are stored somewhere in plain text. This concerns me as Im about to handover knowledge to somebody else and im not 100% sure if I want them to have access to everyones password. What I want is that those mail passwords be encrypted.

Ok I think im able to refine my question a bit more now after some looking around.

My server has the following file

/home/vpopmail/domains/etc.com/vpasswd
this file contain plain text passwords in them. eg password12

no encryption. How can I make sure these passwords are encrypted?

THanks for any help

When you run --configure on vpopmail, you can pass an argument that will tell vpopmail whether you want plain-text passwords or not.

./configure --enable-clear-passwd=n

Check here for more info...

http://www.inter7.com/vpopmail/install.txt

Keep in mind though, that if this person whom you do not fully trust has direct access, especially root access, to the server then they can read everyone's email manually directly out of the vpopmail mailboxes. If you are truly paranoid about this, then the best thing to do is too encrypt the actual email using something like GnuPGP. That way nobody, no matter what access they have to the server, can read the email except the person with the key.

Hi thanks for your replies. Yes im aware of this DaHammer but must do what boss wants right

What are the side affects of recompiling like this? Will I need to re-create the domain users etc?

No. If you recompile and run make, make install-strip, it will not mess up anything that you have running now. However, you may want to review all of the available options for configure to see what other features you may want to adjust. For vpopmail, there are a bunch. Just run ./configure --help to see them all. Some of these options have a default value that you may not want. Post back here if you have questions about what these do.

But no, there are no side effects, but you may want to consider stopping qmail while you run the make commands.

You know what... I may have spoken too soon. I seem to remember once upon a time, I changed mine from being encrypted to unencrypted and I seem to remember the ones I already had stored did not change. I think it's only done on the new accounts that are made afterwards. But don't quote me on that. It's been over a year ago.

Running the below command will not effect the current configuration. It will remove the password coloum from vqadmin web panel.
Step 1) go to Vqadmin Setup folder
Step 2) Vim user.c
Comment the below line
#ifdef CLEAR_PASS
printf("<th><FONT face=%s color=\"%s\">Password</FONT></th>\n",face, fgcolor);
#ifdef CLEAR_PASS
printf("<td align=middle><FONT face=%s color=\"%s\">%s</FONT></td>\n",face, fgcolor, vpw->pw_clear_passwd);

Step 3)
./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html

Step 4)
make && make install-strip