Facebook
Twitter
Christoph Farnleitner
New Pleskian
Hey
I've got an old mail server that I have to migrate to Plesk. The mass of mail accounts existing does not allow me to reset every users password since the after-work (helping users to reset there passwords or re-configuring there mail clients) will take me way too much time. Also, as a provider I feel responsible for having my clients not to care too much about the up-coming system change.
Old mail server (ISPConfig multi server setup):
Here, passwords are stored using crypt(). I do have the crypted password and the salt used.
Plesk (17.5.3#55 - impossible to upgrade as multi server setup is not available in the latest release...):
Plesk seems to store mail account passwords using AES128 encryption, correct? At least that's what I would assume based on the test record that I get by running
`select mail_name,password from mail inner join accounts on accounts.id=mail.account_id;` (as suggest for example here: Where are the passwords for the mailaccounts stored? (Postfix))
in `plesk db`.
Now, taking a closer look at the `accounts` table I can see two different types:
Now, based on above findings I tried updating the relevant record for the mail account like so:
`update accounts set type = 'crypt', password = <salted hash> where id = <id>;`
However, the mail account, when trying to login in to webmail still allows the 'old' (AES128 encrypted) password only.
Does this table not hold the mail account's password? Or might there be another reason why plesk still uses the initially set password in this case?
Note: No, I don't know whether this approach could be working at all, however I'm still wondering where Plesk stores the mail password in that case anyway.
Or, in other words, is there any possibility to define the encryption method for mail passwords?
I've got an old mail server that I have to migrate to Plesk. The mass of mail accounts existing does not allow me to reset every users password since the after-work (helping users to reset there passwords or re-configuring there mail clients) will take me way too much time. Also, as a provider I feel responsible for having my clients not to care too much about the up-coming system change.
Old mail server (ISPConfig multi server setup):
Here, passwords are stored using crypt(). I do have the crypted password and the salt used.
Plesk (17.5.3#55 - impossible to upgrade as multi server setup is not available in the latest release...):
Plesk seems to store mail account passwords using AES128 encryption, correct? At least that's what I would assume based on the test record that I get by running
`select mail_name,password from mail inner join accounts on accounts.id=mail.account_id;` (as suggest for example here: Where are the passwords for the mailaccounts stored? (Postfix))
in `plesk db`.
Now, taking a closer look at the `accounts` table I can see two different types:
- crypt
- sym
Now, based on above findings I tried updating the relevant record for the mail account like so:
`update accounts set type = 'crypt', password = <salted hash> where id = <id>;`
However, the mail account, when trying to login in to webmail still allows the 'old' (AES128 encrypted) password only.
Does this table not hold the mail account's password? Or might there be another reason why plesk still uses the initially set password in this case?
Note: No, I don't know whether this approach could be working at all, however I'm still wondering where Plesk stores the mail password in that case anyway.
Or, in other words, is there any possibility to define the encryption method for mail passwords?
Last edited:
