Master password for mail box

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
User avatar
timex163
Normal user
Normal user
Posts: 38
Joined: 2014-06-17 13:20
Location: Montréal

Master password for mail box

Post by timex163 » 2014-09-14 20:10

Greetings,

Is there a way to add a master password for a domain ?

I would like to access user emails with out needing to know there password.

I am aware i can change the password and put back the old hash but i would like something more passive. I also know that i can get the eml files by browsing the directory.

Thank you for your help.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Master password for mail box

Post by percepts » 2014-09-14 21:10

not possible.

But you can use mirror if you want to take a copy of all email and put in in one mailbox.

But be aware that in some jurisdictions doing this for the purpose of reading private mail is illegal.

User avatar
jimimaseye
Moderator
Moderator
Posts: 7953
Joined: 2011-09-08 17:48

Re: Master password for mail box

Post by jimimaseye » 2014-09-14 22:06

Cant you just access and read the raw .eml file in the data directory?
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Master password for mail box

Post by percepts » 2014-09-14 22:34

you can if you want to. That is if you know which one you're looking for and if it still exists. The user may have deleted it.

Perhaps if you told us what exactly you are trying to achieve and why, then you might get different suggestions.

User avatar
timex163
Normal user
Normal user
Posts: 38
Joined: 2014-06-17 13:20
Location: Montréal

Re: Master password for mail box

Post by timex163 » 2014-09-14 23:05

Thank you very much for all your posts.
not possible.

But you can use mirror if you want to take a copy of all email and put in in one mailbox.

But be aware that in some jurisdictions doing this for the purpose of reading private mail is illegal.
All of our employes have signed a contract, stating that they are aware of routine email checks, due to the nature of our work. Also that email is only for work and anyone found using it for private usage without permission may get suspended.

I am currently mirroring every emails in and out to an internal box.
Cant you just access and read the raw .eml file in the data directory?
Has I stated on my main post, I was already aware of that.
Perhaps if you told us what exactly you are trying to achieve and why, then you might get different suggestions.
I am leaving my current job at this company and was looking for an easier system for the new comer, to basically do my job... :lol:

Right now the way I have set it up is a I have a filter in Thunderbird that sorts everything in different folders. I wanted to give the ability to the new comer to directly access the inbox to verify if the email was open or not.

Thank you.

Actually, I have a question for all you guys. Is there a particular reason why the data directory for the eml files does not reflect the folder it's in ? Basically in cpanel, all emails are sorted in there default box ( new email go to new, read emails go to inbox, and spam goes into a spam folder ....) Tho in hmailserver, they are just "dumped" ( I don't really know how to call it) and then a call is made to the database to retrieve the eml file's path.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Master password for mail box

Post by percepts » 2014-09-14 23:18

cpanel isn't a mailserver. What you see in there has come from some other software so what happens in between is anyones guess unless you look at cpanel internals and the mailserver it just happens to be using which could be one of many I think.

If you setup hmail to use blowfish encryption instead of default then you can write a script to decode the users password and just login with their credentials. Blowfish encrypt and decrypt methods exist in com api. And you can list out all users passwords from com api then (if you want to).

BUT

you would need to reset every users password to do it and notify them of new password which can't do by email because they won't won't be able to authenticate without their new password to get the mail. So its a pain to do once you have a lot of users. But for a new install before setting up users, it gets you to where you want to be.

folder structure exists as it is for performance reasons I believe but not too sure about that. I wouldn't hold your breath waiting for that to change.

User avatar
timex163
Normal user
Normal user
Posts: 38
Joined: 2014-06-17 13:20
Location: Montréal

Re: Master password for mail box

Post by timex163 » 2014-09-14 23:22

Thank you for the fast responses.

Looks like they new guy will stay this way for a long time. Unless he wants to dev something.

User avatar
SorenR
Senior user
Senior user
Posts: 3138
Joined: 2006-08-21 15:38
Location: Denmark

Re: Master password for mail box

Post by SorenR » 2014-09-14 23:41

timex163 wrote:Thank you very much for all your posts.
not possible.

But you can use mirror if you want to take a copy of all email and put in in one mailbox.

But be aware that in some jurisdictions doing this for the purpose of reading private mail is illegal.
All of our employes have signed a contract, stating that they are aware of routine email checks, due to the nature of our work. Also that email is only for work and anyone found using it for private usage without permission may get suspended.

I am currently mirroring every emails in and out to an internal box.
Cant you just access and read the raw .eml file in the data directory?
Has I stated on my main post, I was already aware of that.
Perhaps if you told us what exactly you are trying to achieve and why, then you might get different suggestions.
I am leaving my current job at this company and was looking for an easier system for the new comer, to basically do my job... :lol:

Right now the way I have set it up is a I have a filter in Thunderbird that sorts everything in different folders. I wanted to give the ability to the new comer to directly access the inbox to verify if the email was open or not.

Thank you.

Actually, I have a question for all you guys. Is there a particular reason why the data directory for the eml files does not reflect the folder it's in ? Basically in cpanel, all emails are sorted in there default box ( new email go to new, read emails go to inbox, and spam goes into a spam folder ....) Tho in hmailserver, they are just "dumped" ( I don't really know how to call it) and then a call is made to the database to retrieve the eml file's path.
The [filename].eml is actually [GUID].eml and the first two characters of the filename indicate which folder it belongs to ;-)
Moving the email to a different folder is only a "logical" move, not a "physical" move.

Just like "Second Life" classifies all assets in its world 8)
SørenR.

The quantum rule of insecurity which states that the act of observing how vulnerable a host or service is changes the insecurity level of the service.

User avatar
jimimaseye
Moderator
Moderator
Posts: 7953
Joined: 2011-09-08 17:48

Re: Master password for mail box

Post by jimimaseye » 2014-09-15 11:49

timex163 wrote:
Cant you just access and read the raw .eml file in the data directory?
Has I stated on my main post, I was already aware of that.
My apologies, I missed that bit.

As you have suggested, you are mirroring. Its possibly an easier way (a global rule to copy all incoming and outgoing emails off to a 'email monitor user' account (which is you) and have the snoop in there. No hassles on passwords then (and lets you do full searches within your client and deletions after analysed it so no need to be too much of an extra space resource.) (Alternatively a simple "'forfiles/DIR' since" command can list/copy all emails since a particular time for you to take a browse through).

.EML structure: I understand a benefit in that its the SQL database that stored and hold the filename of an email and its physical location as well as the mail folder it is supposed to appear in. This in my opinion is a benefit as you can MOVE the email to any email forder in your account but there is no phsical wite/delete of the raw file required, just an update in the SQL database (quicker and less resource). A bit like the FAT table on a hard disk pointing to the physical file on the disk. (When you move the file, ot doesnt actually move, the FAT just gets updated)
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
jimimaseye
Moderator
Moderator
Posts: 7953
Joined: 2011-09-08 17:48

Re: Master password for mail box

Post by jimimaseye » 2014-09-24 10:56

Just a thought: Doesnt 'SETTINGS - ADVANCED - MIRRORING' help?.

Will mirror any inwards and outgoing email to another mailbox - like your admin snooper one.
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
timex163
Normal user
Normal user
Posts: 38
Joined: 2014-06-17 13:20
Location: Montréal

Re: Master password for mail box

Post by timex163 » 2014-09-24 13:22

Yes, that's exactly what I am doing. I'm mirroring every email in and out.

User avatar
jimimaseye
Moderator
Moderator
Posts: 7953
Joined: 2011-09-08 17:48

Re: Master password for mail box

Post by jimimaseye » 2014-09-24 16:35

Ah yes, now I see. Apologies again. :oops:
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

Post Reply