User password is sent unencrypted/plaintext in welcome mail

derschueddi · October 19, 2018, 6:34pm

Hi there,

when adding a new user my Seafile-Server sends a welcome mail to the them. I think this can be configured using

SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER = True

I like this feature in general but what I find really worrying is the fact that the password the user chose is actually sent in plaintext. When noticing this I was confused and checked the source code for a possibility to turn this off but there is no way to do this except for turning off the whole feature.

As users cannot always rely on their hoster (and anyone else involved in transfer) and mails are sent unencrypted this feels to me to be a security issue. Also users tend to use same passwords in many occasions. The only scenario where I think this is useful is for the reset-password form.

So what I would recommend is to add at least an option field where you can turn off including the password, and make it default.

What do you think? Did I miss something and this is already possible?

Thanks,
-derschueddi

fakuivan · October 19, 2018, 9:21pm

# Whether to send email when a system admin adding a new member. Default is `True`.
SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER = True

This feature is supposed to be accompanied by the user being forced to change the password set by the system.
If you use a mail provider that supports TLS, then your mails will be encrypted on the way to the mail provider (if you set EMAIL_USE_TLS to True on seahub_settings.py), as to how the provider sends those mails to the seafile user, that’s up to them I think.
As far as I know there’s no standard end-to-end encryption protocol for email, only client-server (TLS). I’m not sure what you mean by “encrypting” emails.