Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Application and/or Groups Passwords for Mailboxes

    Feature Requests
    email mail mailbox
    6
    14
    108
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcusquinn
      marcusquinn last edited by girish

      Lets say I want to setup some shared mailboxes:

      • accounts@
      • marketing@
      • developers@
      • hr@

      Common usage in setting up Help Desk client apps, so it needs to be Mailboxes and not Mailing Lists, then departmental email visibility is segregated, especially important with a shared mailbox like hr@ can contain private personnel information.

      Currently I have to select a User and then that's the mailbox password - but then that user's password has to be used in mail clients, and needs to also be shared with other system admins - but it would be a user password being shared.

      The only workaround I can see is setting up these generic users with my email address and setting the passwords up that way and selecting those as the mailbox owners - but then that's unnecessary user accounts.

      An alternative to Application and/or Groups Passwords could just be to setup these mailbox users in a group that has no Dashboard access, since these users are just for mail clients. How to change the passwords in that context still needs considering or to remain available though.

      A creative solution could be to allow multiple user owners for Mailboxes, if that would allow for each user to use their own password for mailbox connection and therefore revoking the user would revoke their access to these group mailboxes but I suspect that might be hacky behind the scenes.

      Searching I didn't find anyone else with this use-case or need strangely, but it seems a pretty standard thing I just expected so maybe I'm missing something?

      M 1 Reply Last reply Reply Quote 1
      • M
        murgero App Dev @marcusquinn last edited by

        @marcusquinn Just setup an alias and add the users in question to it.

        marcusquinn 1 Reply Last reply Reply Quote 0
        • marcusquinn
          marcusquinn @murgero last edited by marcusquinn

          @murgero that doesn't work. FreeScout is Cloudron app, so that can be the example, it needs one or more mailboxes to connect too.

          Let's say you setup a customerservices@domain.com mailbox.

          Now, what Cloudron User to you assign to that mailbox?

          If I use my user, now my Cloudron password is saved in FreeScout.

          Let's say I'm off-duty and another sys admin has an issue and need to re-add the password in FreeScout. Do they use my password or change that mailbox to be their username?

          But let's say EspoCRM also has that mailbox setup, they have to change it there too now.

          The current data-relationship is One User to Many Mailboxes but it needs to be either Many to Many or there should be Application Passwords, which can probably still be Cloudron users behind the scenes but then you need to attach an email address to receive the password set/reset email.

          I guess that email address could be changed by any Sys Admin to their own if they need to change the password for any reason.

          Right now, that's the only way to create an independent password for a Shared Mailbox managed by more than one Sys Admin.

          (we have between 3 and 10 Sys Admins depending on the area of the business)

          M 1 Reply Last reply Reply Quote 1
          • girish
            girish Staff last edited by girish

            What we do is: Create a user called support. Generate a random password. Now assign this user as the owner of all the shared mailboxes. We then setup Freescout (the help desk app we use) with the mailboxes. Nobody other than the one who sets up Freescout needs to know the password because once the shared mailboxes are setup, other people don't need to know the password. We have a similar setup going inside EspoCRM as well.

            If for some reason, you have to pass around a password (maybe you all want to use different clients), then you can generate mail passwords. Login as this support user and go to Profile -> App Passwords. There is a Mail Client option in the drop down. For example, to hand out a password for User1. This also makes it easy for you to revoke it later.

            bc12bda2-3c0c-4328-8307-477cbcffc6ee-image.png

            Finally, for 5.5, I am looking into shared mailboxes. This is dovecot acl mailbox sharing. With this, if you setup a shared mailbox, then when people login with an IMAP client, they will already see the shared mailbox as a subdirectory. I cannot guarantee how well this feature will work in practice though. I have not used shared mailboxes via IMAP in the past but we are building it for a client. 🤞

            marcusquinn O 2 Replies Last reply Reply Quote 5
            • marcusquinn
              marcusquinn @girish last edited by

              @girish Sounds good - will work with what we have and leave you in peace for that which I'll certainly help with testing and feedback on too.

              1 Reply Last reply Reply Quote 0
              • M
                murgero App Dev @marcusquinn last edited by

                @marcusquinn Sorry - I think I misunderstood the question 🙂

                1 Reply Last reply Reply Quote 1
                • O
                  oj @girish last edited by

                  Hi @girish, You were "looking into shared mailboxes" for 5.5. I couldn't find it in the 5.5 docs...nor in the 5.6 forum discussions. Will it be coming soon?

                  1 Reply Last reply Reply Quote 0
                  • girish
                    girish Staff last edited by

                    @oj We tried to implement this for 5.6 (via IMAP mailbox sharing) but getting this to work with SOGo+LDAP has been a nightmare. So, it's not part of the release.

                    I think maybe a better approach for Cloudron is to just allow a mailbox to have multiple owners (instead of the single owner now). That way they 2 users can access the same mailbox with their own password.

                    marcusquinn d19dotca O L 4 Replies Last reply Reply Quote 3
                    • marcusquinn
                      marcusquinn @girish last edited by

                      @girish Completely understood, that would be a happy, secure and intuitive manageable solution.

                      1 Reply Last reply Reply Quote 1
                      • d19dotca
                        d19dotca @girish last edited by

                        @girish Yes being able to add multiple users to the same mailbox would be great! Could really use that for a couple of my clients right now.

                        1 Reply Last reply Reply Quote 1
                        • O
                          oj @girish last edited by

                          @girish Thanks!

                          1 Reply Last reply Reply Quote 0
                          • L
                            LowTech @girish last edited by

                            @girish I was just looking up how to do something similar as the OP, and I believe this solution would be sufficient.

                            girish 1 Reply Last reply Reply Quote 0
                            • girish
                              girish Staff @LowTech last edited by

                              @lowtech For Cloudron 6, we are trying to make a group as owner of a mailbox to implement this feature. 🤞

                              1 Reply Last reply Reply Quote 4
                              • girish
                                girish Staff last edited by

                                This is implemented in Cloudron 6 ! https://forum.cloudron.io/topic/3205/what-s-coming-in-6-0-take-2/99

                                1 Reply Last reply Reply Quote 3
                                • First post
                                  Last post