I recently setup a iRedMail server (with a MySQL backend) and everything is working fine, so I am switching to maintenance mode.
In that spirit, I was investigating updating all of the iRedMail server passwords. In the process of my investigation, I discovered that all of the passwords are stored in plaintext in various config files.
From a security standpoint this seems like a bad idea and I was wondering if there was a better option.
[link] [comments]