Allow authentication from webmail directly, fixes #308

core/dovecot/conf/dovecot-sql.conf.ext

@@ -3,7 +3,7 @@ connect = /data/main.db
 
 # Return the user hashed password
 password_query = \
- SELECT NULL as password, 'Y' as nopassword, '{{ FRONT_ADDRESS }}' as allow_nets \
+ SELECT NULL as password, 'Y' as nopassword, '{{ FRONT_ADDRESS }}{% if WEBMAIL_ADDRESS %},{{ WEBMAIL_ADDRESS }}{% endif %}' as allow_nets \
    FROM user \
   WHERE user.email = '%u'
 

core/dovecot/start.py

@@ -4,11 +4,13 @@ import jinja2
 import os
 import socket
 import glob
-	
+
 convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ))
 
 # Actual startup script
 os.environ["FRONT_ADDRESS"] = socket.gethostbyname("front")
+if os.environ["WEBMAIL"] != "none":
+	os.environ["WEBMAIL_ADDRESS"] = socket.gethostbyname("webmail")
 
 for dovecot_file in glob.glob("/conf/*"):
     convert(dovecot_file, os.path.join("/etc/dovecot", os.path.basename(dovecot_file)))

webmails/rainloop/default.ini

@@ -6,7 +6,7 @@ sieve_use = On
 sieve_allow_raw = Off
 sieve_host = "imap"
 sieve_port = 4190
-sieve_secure = "TLS"
+sieve_secure = "None"
 smtp_host = "front"
 smtp_port = 10025
 smtp_secure = "None"

webmails/roundcube/config.inc.php

@@ -26,7 +26,7 @@ $config['smtp_pass'] = '%p';
 
 // Sieve script management
 $config['managesieve_host'] = 'imap';
-$config['managesieve_usetls'] = true;
+$config['managesieve_usetls'] = false;
 
 // We access the IMAP and SMTP servers locally with internal names, SSL
 // will obviously fail but this sounds better than allowing insecure login