Managing Mail Accounts
Mail accounts are the individual email addresses that users log into webmail with. They are stored in the mail_accounts table and serve as the source of truth for Dovecot's MySQL authentication driver. Every account belongs to a domain.
Viewing the Accounts List
Navigate to Admin → Accounts. The table shows all accounts across all domains:
| Column | Description |
|---|---|
Full email address (user@example.com) |
|
| Domain | Parent domain |
| Quota | Quota limit in MB (0 = unlimited) and current usage |
| 2FA | Whether the user has TOTP two-factor authentication enabled on their webmail session |
| Last Sync | Timestamp of the last account sync received from the Panel agent, or — for manually created accounts |
| Status | Active or Suspended |
Use the search field to filter by email address or domain. Use the domain dropdown to filter by a single domain.
Creating an Account Manually
Manual creation is primarily used in standalone mode (without Opterius Panel). In panel-integrated deployments, accounts are created through the Panel and synced automatically.
- Click Add Account.
- Fill in the fields:
| Field | Required | Notes |
|---|---|---|
| Email address | Yes | The full address, e.g. jane@example.com. The domain must already exist in Admin → Domains. |
| Password | Yes | The user's mail password. Stored hashed. |
| Quota (MB) | No | Leave at 0 for unlimited, or enter a value in megabytes. |
- Click Create Account.
Dovecot reads the new account from the database immediately (no restart required when using the MySQL auth driver).
Editing an Account
Click the email address in the accounts list, or use the Edit (pencil) icon.
You can update:
- Display name — used in the From header when sending mail (if not overridden by the webmail client).
- Quota — see Account Quotas.
- Status — set to Suspended to block IMAP login without deleting the account. Useful for temporarily disabling an account.
To reset a password, use the dedicated Reset Password action — see Force-Resetting a Password.
Deleting an Account
Click the Delete button on the account detail page and confirm with your admin password.
Deleting an account:
- Removes the row from
mail_accounts. - Removes any aliases that had this account as their sole destination.
- Removes autoresponder records for this account.
- Removes group memberships for this account.
Maildir data is not deleted automatically. The email files remain at /var/mail/{domain}/{user}/Maildir/. Remove them manually to reclaim disk space:
rm -rf /var/mail/example.com/jane/Maildir
Panel Sync Integration
When Opterius Panel is connected, accounts are managed in the Panel and synchronized to Opterius Mail automatically by the Go agent. The sync covers three operations:
| Action | Trigger | What Happens in Opterius Mail |
|---|---|---|
create |
Panel creates a new email account | Upserts domain and account rows; sets hashed password |
delete |
Panel deletes an email account | Soft-deletes the account row |
password |
User changes password in Panel | Updates the stored password hash |
The sync is one-directional: Panel → Mail. Changes made in Opterius Mail (e.g., quota updates) are not pushed back to the Panel. Password resets performed in the admin panel (Mail → Admin) are not reflected in the Panel — see Force-Resetting a Password for the implications.
Sync Indicator
In the accounts list, the Last Sync column shows when each account was last touched by the Panel agent. If the timestamp is unexpectedly old, check:
# On the Panel server
tail -f /var/log/opterius-agent.log
And verify that MAIL_SYNC_SECRET matches between the Panel's agent config and Mail's .env.
Bulk Operations
Select multiple accounts using the checkboxes, then use the Bulk Actions dropdown:
- Edit Quota — apply the same quota to all selected accounts.
- Suspend / Unsuspend — toggle status for all selected accounts.
- Delete — delete all selected accounts (requires password confirmation).
Account Password Storage and Dovecot
The password stored in mail_accounts.password must be in a format that Dovecot's auth-sql driver can verify. Opterius Mail stores passwords in a format compatible with your Dovecot passdb query configuration.
The default configuration uses bcrypt ({BLF-CRYPT}$2y$...), which Dovecot supports natively when using the dovecot-auth SQL driver. If your Dovecot is configured for SHA512-CRYPT, the admin panel stores passwords in that format instead. The format is determined by the DOVECOT_PASSWORD_SCHEME key in .env (default: BLF-CRYPT).