I run my family email server using postfix + dovecot + mysql + spamassassin + roundcube. When I first set up the server I follow the Digital Ocean tutorial here. I want my users to be able to change their password in roundcube, however, their documentation for the password plugin wants me to set SQL query string as follows,

UPDATE users SET password=ENCRYPT(%p,concat(_utf8'$1$',right(md5(rand()),8),_utf8'$')) WHERE username=%u LIMIT 1

This is using md5 for the hashing where as I am using SHA (also I do not have a users table). See below,

INSERT INTO `servermail`.`virtual_users`
(`id`, `domain_id`, `password` , `email`)
VALUES
('1', '1', ENCRYPT('firstpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email1@example.com'),

I want to format this query correctly. Any help would be appreciated.