doveauth: don't create users if /tmp/nocreate exists

README.md

@@ -47,3 +47,13 @@ Dovecot listens on ports 143(imap) and 993 (imaps).
 For DKIM you must add a DNS entry as found in /etc/opendkim/selector.txt on your chatmail instance.
 The above `scripts/deploy.sh` prints out the DKIM selector and DNS entry you
 need to setup with your DNS provider. 
+
+## Emergency Commands
+
+If you need to stop account creation,
+e.g. because some script is wildly creating accounts,
+just run `touch /tmp/nocreate`.
+You can remove the file
+as soon as the attacker was banned
+by different means.
+

chatmaild/src/chatmaild/dictproxy.py

@@ -27,9 +27,10 @@ def encrypt_password(password: str):
 
 
 def create_user(db, user, password):
-    with db.write_transaction() as conn:
-        conn.create_user(user, password)
-    return dict(home=f"/home/vmail/{user}", uid="vmail", gid="vmail", password=password)
+    if not os.path.exists("/tmp/nocreate"):
+        with db.write_transaction() as conn:
+            conn.create_user(user, password)
+        return dict(home=f"/home/vmail/{user}", uid="vmail", gid="vmail", password=password)
 
 
 def get_user_data(db, user):