This plugin is based on auth-enc-file (https://github.com/AuspeXeu/haraka-plugin-auth-enc-file). It uses SHA256CRYPT for user passwords.
Running etcd server must have key(s) in the config/mta/domains/<domain>/user format. The users defined under a domain is only allowed to send mails from that domain.
For every user:
<username> <space> <sha256 digest of password1> <CRLF>
etcdctl put config/mta/domains/domain.com/user "user PtjxQL5GUfVgaUANlOrmXA4w7HPvxFfn2wfApOLWeZ2
user2 PtjxQL5GUfVgaUANlOrmXA4w7HPvxFfn2wfApOLWeZ2
"
In the above example, user and user2 have the passwords "pass" (converted) and are under the domain "domain.com." These 2 users will only be able to send mails from domain.com. Such as:
swaks -s localhost:587 -f sender@domain.com -t goto@gmail.com -au user -ap pass --tls
Above command will work, while the below one will not:
swaks -s localhost:587 -f sender@test.com -t goto@gmail.com -au user -ap pass --tls
The plugin has a generate script that will generate the etcd config input of a given username and password.
Usage:
node ./generate.js username1 pass
Returns:
username1 PtjxQL5GUfVgaUANlOrmXA4w7HPvxFfn2wfApOLWeZ2