Here is how to enable users to change their own passwords. We will be using the change-password-custom-sql plug-in for Rainloop. First, download (avaiable here: rainloop-webmail/plugins/change-password-custom-sql at master · RainLoop/rainloop-webmail · GitHub) and extract the change-password-custom-sql plug-in in its own folder to /data/data/default/plugins/ under Rainloop’s main directory. Second and last but not least, in “Plugins” under “Rainloop — Admin Panel”, configure that plugin as shown:
Notice: This tutorial currently needs to be updated since passwords are now encrypted with CRYPT. Please wait while confer with CyberPanel support on how best to update the SQL statement.
@Hifihedgehog I am moving servers and this is one of the things I needed.
I have read a bunch of your posts…i keep seeing mentions that you have tried some of the same things I have.
Are you using the internal rainloop for customers? or did you go with an external install in a subdomain e.g. webmail.domain.com?
You had roundcube running for awhile (I have yet to get that to work with Litespeed)…did you do that with a rpm/deb install or external in a subdomain.
I just can’t make up my mind on the best way to provide webmail to people who are used to the typical Cpanel presentation.
I used an external, extracted install of Rainloop for ease of installation and management. Previous to that, I used an external, extracted install of RoundCube as well. I am hoping I can get a concrete answer on how to change passwords because they are not successfully applying at the moment.
Finished! I will be pushing it to GitHub soon. If CyberPanel gives their blessing, we will now have a CyberPanel-specific password changing plug-in for Rainloop.
Done and done. I also initiated a pull request. So hopefully, it should be added very soon to the official Rainloop project. If this meets your approval team @CyberPanel, please let the Rainloop team know that they can go ahead and add it:
In an effort to be in parity as well as bulletproof security, I increased the rounds setting to 12 to match CyberPanel. Previously at only 10 rounds which is the default, there was no way anyone could reasonably hack passwords generated with the plugin since it would take about 1 year with a hefty, high-end, eight-GPU cluster meaning decades on a regular desktop or server. Now, it will take about 4 years on such a system and on a normal desktop, it would take decades if not over a century. In other words, this is more of a footnote, textbook release but warmly welcome for security maniacs, just the same.
Pinging @usmannasir and @CyberPanel. Where is the new location for email users? I noticed the Cyberpanel table is no longer in phpMyAdmin. I am needing to update my email plugin to accommodate these changes. Also, what versions of CyberPanel does this change in email user management apply to so I can note this in my release notes. Thanks!
As it turns out, the CyberPanel table appears to be merely hidden from phpMyAdmin, but it still exists when I access my tables via a terminal session. So please kindly disregard the above message.
I will be pushing it to GitHub soon. If CyberPanel gives their blessing, we will now have a CyberPanel-specific password changing plug-in for Rainloop.