In your environment the zammad admin is not allowed to know the password for the mailbox?
Because to reveal the password you have to be an admin of the zammad system that probably might already now the password.
We have multiple admins.
A shared mailbox from a microsoft exchange server is used.
however, to login to the share mailbox your personal credentials have to be used.
And we dont want to share personal credentials between eachother.
Nevertheless, the passwords can be revealed using a simple hover over tool.
Therefore wondering how passwords are stored in Zammad.
The email settings passwords seem to be stored as plain text, is this correct?
How are passwords from customers/agents/admins stored?
You could -at least as work around- create a dummy account that does not belong to a personal admin - you could use that exchange account to access the shared mailbox.
Normally you could also use the credentials of the shared mailbox directly - as long as I don’t missunderstand how you use your exchange accounts.
Neverless, this can be a problem. I guess that zammad does it this way, because most pop/imap connectors do the same within their config files.
From what I see in the database dumps the e-mail account credentials are stored in clear text - user information like agents and customers seem to be hashed passwords as you’d expect from a prober system