§2024-09-24
Configuration Configuration is stored in config/auth_enc_file.ini and uses the INI style formatting.
Example:
[users] user@domain.com={SHA512-CRYPT}$6$...
SHA512-CRYPT hashes can be generated using Dovecot like this:
doveadm pw -s SHA512-CRYPT -u user@domain.com -p 'password'
or using the provided gen.js like this:
node ./gen.js [username] [password]
by chatGPT
To create a configuration file for the haraka-plugin-auth-enc-file plugin in Haraka, follow these steps:
Install the Plugin: Ensure you have the haraka-plugin-auth-enc-file plugin installed. You can do this by running:
npm install haraka-plugin-auth-enc-file
Enable the Plugin: In your Haraka directory, navigate to config/plugins and add auth_enc_file to the list of plugins. This ensures that Haraka loads the plugin when it starts.
# Other plugins --> config/plugins
auth_enc_file
Create the Configuration File: Create a new file named auth_enc_file.ini in the config directory of your Haraka installation:
touch config/auth_enc_file.iniEdit the Configuration File: Open auth_enc_file.ini in a text editor and add the following configuration:
[default]
# This section defines the default password encryption method
method = bcrypt
# The path to the file containing username:password pairs
file = config/auth_enc_file.txt
You can adjust the method to the desired encryption algorithm, such as bcrypt, sha256, etc.
Create the Password File: You’ll also need to create the file that will store your username and password pairs. Create a new file named auth_enc_file.txt in the config directory:
touch config/auth_enc_file.txtAdd User Credentials: Open auth_enc_file.txt and add users in the following format:
username:hashed_password
You can generate hashed passwords using a tool or library in your preferred programming language. For example, if using bcrypt in Node.js:
npm install bcrypt
const bcrypt = require('bcrypt');
const password = 'your_password_here';
bcrypt.hash(password, 10, (err, hash) => {
console.log(hash); // Use this hash in your auth_enc_file.txt
});
$ node bcryptPassword.js <-- alex1765
$2b$10$Uql5deS1xloVSiYx09ckx.fgTl54CT8L0I6jr54g5BaXJngeqM396
$ cat config/auth_enc_file.txt
alexlai:2b$10$Uql5deS1xloVSiYx09ckx.fgTl54CT8L0I6jr54g5BaXJngeqM396
Restart Haraka: After setting everything up, restart your Haraka server to apply the changes:
haraka -c /path/to/your/haraka/config
Test the Authentication: You can now test the authentication mechanism by sending emails through Haraka and ensuring the credentials work as expected.
Example Content config/auth_enc_file.ini:
ini コードをコピーする [default] method = bcrypt file = config/auth_enc_file.txt config/auth_enc_file.txt:
perl コードをコピーする user1:$2b$10$EIXZ8bNfTwxldZy1uwlAeO1PV5K7Uk3g9U/dJ3ctCKsb7XzX.AXZ6 user2:$2b$10$4Z3p.g0YH1S2uV0c0e.Y9O0Qz4hbFSqO6AxQfI4qJh9osjZ0RhyY6 Notes Ensure the paths in your configuration files are correct relative to your Haraka installation. The hashed passwords should be generated securely, and sensitive data should be protected. This should set you up for using the haraka-plugin-auth-enc-file plugin effectively! If you have any specific issues or questions, feel free to ask!
$ haraka -c hc4NobleMailServer/
loaded TLD files:
1=1448
2=8320
3=3571
loaded 9672 Public Suffixes
loglevel: INFO
log format: DEFAULT
[WARN] [-] [server] smtp.ini.nodes unset, using 1, see https://github.com/haraka/Haraka/wiki/Performance-Tuning
Starting up Haraka version 3.0.4
[INFO] [-] [plugins] loading mail_from.is_resolvable
[INFO] [-] [plugins] loading rcpt_to.in_host_list
[INFO] [-] [plugins] loading queue/smtp_forward
[INFO] [-] [plugins] loading auth_enc_file
[CRIT] [-] [core] Caught exception: "Loading plugin auth_enc_file failed: No plugin with this name found"
[NOTICE] [-] [core] Shutting down