{
    my $sogodrec = $DB->get('sogod')
        || $DB->new_record('sogod', {type => 'service'});
    my $sogod_sieve_pw = $sogodrec->prop('SieveMasterPassword');
    if (not $sogod_sieve_pw or length($sogod_sieve_pw) < 57)
    {
        use MIME::Base64 qw(encode_base64);

        $sogod_sieve_pw = "not set due to error";
        if ( open( RANDOM, "/dev/urandom" ) )
        {
            my $buf;
            # 57 bytes is a full line of Base64 coding, and contains
            # 456 bits of randomness - given a perfectly random /dev/random
            if ( read( RANDOM, $buf, 57 ) != 57 )
            {
                warn("Short read from /dev/random: $!");
            }
            else
            {
                $sogod_sieve_pw = encode_base64($buf);
                chomp $sogod_sieve_pw;
            }
            close RANDOM;
        }
        else
        {
            warn "Could not open /dev/urandom: $!";
        }
        $sogodrec->set_prop('SieveMasterPassword', $sogod_sieve_pw);
    }
}
