diff --git a/data/web/edit.php b/data/web/edit.php
index e3b863c5..6087a7c6 100644
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -424,9 +424,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
                 <div class="col-sm-6">
                   <h4><?=$lang['user']['spamfilter_wl'];?></h4>
                   <p><?=$lang['user']['spamfilter_wl_desc'];?></p>
-                  <div class="table-responsive">
-                    <table class="table table-striped table-condensed" id="wl_policy_domain_table"></table>
-                  </div>
                   <div class="mass-actions-user">
                     <div class="btn-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
                       <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_wl_domain" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
@@ -441,13 +438,13 @@ if (isset($_SESSION['mailcow_cc_role'])) {
                       </span>
                     </div>
                   </form>
+                  <div class="table-responsive">
+                    <table class="table table-striped table-condensed" id="wl_policy_domain_table"></table>
+                  </div>
                 </div>
                 <div class="col-sm-6">
                   <h4><?=$lang['user']['spamfilter_bl'];?></h4>
                   <p><?=$lang['user']['spamfilter_bl_desc'];?></p>
-                  <div class="table-responsive">
-                    <table class="table table-striped table-condensed" id="bl_policy_domain_table"></table>
-                  </div>
                   <div class="mass-actions-user">
                     <div class="btn-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
                       <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_bl_domain" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
@@ -462,6 +459,9 @@ if (isset($_SESSION['mailcow_cc_role'])) {
                       </span>
                     </div>
                   </form>
+                  <div class="table-responsive">
+                    <table class="table table-striped table-condensed" id="bl_policy_domain_table"></table>
+                  </div>
                 </div>
               </div>
             </div>
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index 36bd3e9e..db2b3dfd 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -453,7 +453,7 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
     return 'Error: Cannot read peer certificate';
   }
 }
-function alertbox_log_parser($_data){
+function alertbox_log_parser($_data) {
   global $lang;
   if (isset($_data['return'])) {
     foreach ($_data['return'] as $return) {
@@ -483,11 +483,10 @@ function alertbox_log_parser($_data){
   }
   return false;
 }
-function verify_salted_hash($hash, $password, $algo, $salt_length)
-{
+function verify_salted_hash($hash, $password, $algo, $salt_length) {
   // Decode hash
   $dhash = base64_decode($hash);
-  // Get first 20 bytes of binary which equals a SSHA hash
+  // Get first n bytes of binary which equals a SSHA hash
   $ohash = substr($dhash, 0, $salt_length);
   // Remove SSHA hash from decoded hash to get original salt string
   $osalt = str_replace($ohash, '', $dhash);
@@ -497,9 +496,7 @@ function verify_salted_hash($hash, $password, $algo, $salt_length)
   }
   return false;
 }
-
-function verify_hash($hash, $password)
-{
+function verify_hash($hash, $password) {
   if (preg_match('/^{(.+)}(.+)/i', $hash, $hash_array)) {
     $scheme = strtoupper($hash_array[1]);
     $hash = $hash_array[2];
diff --git a/data/web/user.php b/data/web/user.php
index cb55a543..ca4ae932 100644
--- a/data/web/user.php
+++ b/data/web/user.php
@@ -517,16 +517,6 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
 			<div class="col-sm-6">
 				<h4><?=$lang['user']['spamfilter_wl'];?></h4>
         <p><?=$lang['user']['spamfilter_wl_desc'];?></p>
-        <div class="table-responsive">
-          <table class="table table-striped table-condensed" id="wl_policy_mailbox_table"></table>
-        </div>
-
-        <div class="mass-actions-user">
-          <div class="btn-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
-            <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_wl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
-            <a class="btn btn-sm btn-danger" data-action="delete_selected" data-id="policy_wl_mailbox" data-api-url='delete/mailbox-policy' href="#"><?=$lang['mailbox']['remove'];?></a></li>
-          </div>
-        </div>
         <form class="form-inline" data-id="add_wl_policy_mailbox">
           <div class="input-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
             <input type="text" class="form-control" name="object_from" placeholder="*@example.org" required>
@@ -535,20 +525,19 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
             </span>
           </div>
         </form>
+        <div class="mass-actions-user">
+          <div class="btn-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
+            <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_wl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
+            <a class="btn btn-sm btn-danger" data-action="delete_selected" data-id="policy_wl_mailbox" data-api-url='delete/mailbox-policy' href="#"><?=$lang['mailbox']['remove'];?></a></li>
+          </div>
+        </div>
+        <div class="table-responsive">
+          <table class="table table-striped table-condensed" id="wl_policy_mailbox_table"></table>
+        </div>
       </div>
 			<div class="col-sm-6">
 				<h4><?=$lang['user']['spamfilter_bl'];?></h4>
         <p><?=$lang['user']['spamfilter_bl_desc'];?></p>
-        <div class="table-responsive">
-          <table class="table table-striped table-condensed" id="bl_policy_mailbox_table"></table>
-        </div>
-
-        <div class="mass-actions-user">
-          <div class="btn-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
-            <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_bl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
-            <a class="btn btn-sm btn-danger" data-action="delete_selected" data-id="policy_bl_mailbox" data-api-url='delete/mailbox-policy' href="#"><?=$lang['mailbox']['remove'];?></a></li>
-          </div>
-        </div>
         <form class="form-inline" data-id="add_bl_policy_mailbox">
           <div class="input-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
             <input type="text" class="form-control" name="object_from" placeholder="*@example.org" required>
@@ -557,7 +546,15 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
             </span>
           </div>
         </form>
-
+        <div class="mass-actions-user">
+          <div class="btn-group" data-acl="<?=$_SESSION['acl']['spam_policy'];?>">
+            <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_bl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
+            <a class="btn btn-sm btn-danger" data-action="delete_selected" data-id="policy_bl_mailbox" data-api-url='delete/mailbox-policy' href="#"><?=$lang['mailbox']['remove'];?></a></li>
+          </div>
+        </div>
+        <div class="table-responsive">
+          <table class="table table-striped table-condensed" id="bl_policy_mailbox_table"></table>
+        </div>
       </div>
     </div>
   </div>