Fully separate authentication from IMAP access

Now imapsql module does not handle authentication. (it was not doing it so well anyway) sql_table module was introduced and used in the default configuration as a replacement for functionality that was implemented by imapsql before. Parts of maddyctl code were rewritten to make it work transparently with any IMAP backend or credentials store. Closes #212.
2025-04-05 14:07:38 +03:00 · 2020-04-13 23:01:17 +03:00 · 2020-04-13 23:01:17 +03:00 · e19d21dfcb
commit e19d21dfcb
parent 609a8fd235
29 changed files with 867 additions and 473 deletions
--- a/docs/tutorials/manual-installation.md
+++ b/docs/tutorials/manual-installation.md
@ -57,7 +57,8 @@ basic ideas about how email works.
   zone to make signing work.
 7. Create user accounts you need using `maddyctl`:
   ```
-   maddyctl users create foxcpp@example.org
+   maddyctl creds create foxcpp@example.org
+   maddyctl imap-acct create foxcpp@example.org
   ```

 Congratulations, now you have your working mail server.
--- a/docs/tutorials/setting-up.md
+++ b/docs/tutorials/setting-up.md
@ -154,24 +154,38 @@ mx: mx1.example.org
 mx: mx2.example.org
 ```

-## postmaster and other user accounts
+## User accounts and maddyctl

 A mail server is useless without mailboxes, right? Unlike software like postfix
 and dovecot, maddy uses "virtual users" by default, meaning it does not care or
 know about system users.

-Here is the command to create virtual 'postmaster' account, it will prompt you
-for a password:
+IMAP mailboxes ("accounts") and authentication credentials are kept separate.
+
+To register user credentials, use `maddyctl creds create` command.
+Like that:
 ```
-$ maddyctl users create postmaster@example.org
+$ maddyctl creds create postmaster@example.org
 ```

-Note that account names include the domain. When authenticating in the mail
-client, full address should be specified as a username as well.
+Note the username is a e-mail address. This is required as username is used to
+authorize IMAP and SMTP access (unless you configure custom mappings, not
+described here).

-Btw, it is a good idea to learn what else maddyctl can do. Given the
-non-standard structure of messages storage, maddyctl is the only way to
-comfortably inspect it.
+After registering the user credentials, you also need to create a local
+storage account:
+```
+$ maddyctl imap-acct create postmaster@example.org
+``
+
+That is it. Now you have your first e-mail address. when authenticating using
+your e-mail client, do not forget the username is "postmaster@example.org", not
+just "postmaster".
+
+You may find running `maddyctl creds --help` and `maddyctl imap-acct --help`
+useful to learn about other commands. Note that IMAP accounts and credentials
+are managed separately yet usernames should match by default for things to
+work.

 ## Optional: Install and use fail2ban