Mailcow-dockerized: Nextcloud Integration

You can use "external users" plugin or something like that, to authenticate against IMAP. I thought about adding a plugin to Nextcloud to authenticate against mailcow directly.

The other way round will never work.

Are there any downsides with authenticating against IMAP? Security wise mostly.

Not really. :)

Use TLS. That's pretty much it.

So basically get a script to allow user registration on mailcow and have nextcloud create the user based on IMAP verification.

...not sure how nextcloud will handle creating the user though unless it pops a signup screen if the user doesn't exist.

You can actually use OAuth2 instead of IMAP since Mailcow added that feature a few weeks ago. Still requires a bit of manual work, but it’s quite reliable. I‘ll try to fix the remaining issues and add it to the documentation soon.

So basically get a script to allow user registration on mailcow and have nextcloud create the user based on IMAP verification.

with the mailcow-Api you may create mailboxes, and thus users.
https://feldhostmailhosting.docs.apiary.io/#reference/mailboxes

@Adorfer better take a look at these docs they are more up to date: https://mailcow.docs.apiary.io/ or simply open open your mailcow ui with /api then you will also get the docs.

Nextcloud can authenticate against IMAP. Users are created automatically if login against IMAP is successful. It worked well, but I don't use it anymore. From my documentary:

# use mailcow imap as login backend
php ~/www/occ app:enable user_external
php ~/www/occ config:system:set user_backends 0 arguments 0 --value={mail.example.com:993/imap/ssl}
php ~/www/occ config:system:set user_backends 0 class --value=OC_User_IMAP

# optinal: preconfigure nextcloud mail app
php ~/www/occ app:install mail
php ~/www/occ app:enable mail
php ~/www/occ config:system:set app.mail.accounts.default email --value "%USERID%"
php ~/www/occ config:system:set app.mail.accounts.default imapHost --value "mail.example.com"
php ~/www/occ config:system:set app.mail.accounts.default imapPort --value "993"
php ~/www/occ config:system:set app.mail.accounts.default imapSslMode --value "ssl"
php ~/www/occ config:system:set app.mail.accounts.default smtpHost --value "mail.example.com"
php ~/www/occ config:system:set app.mail.accounts.default smtpPort --value "465"
php ~/www/occ config:system:set app.mail.accounts.default smtpSslMode --value "ssl"

So all I'd need is the ability to create users with a signup page. I'm not specifically looking at mailcow for commercial purposes but would like to run my own small email provider as a hobby.

Creating the script shouldn't be that hard though based on the API examples. This should be fun!

@mritzmann I'm going to test this in a bit but 2FA in nextcloud is still possible when IMAP authentication is enabled correct? This should eliminate the risk of the nextcloud account being compromised in the event the mailcow server is.

bit but 2FA in nextcloud is still possible when IMAP authentication is enabled correct?

I don't know.

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.