From 603902014a355edf30d24d55c0a5dde8f505030b Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 9 Jan 2017 11:04:35 +0100
Subject: [PATCH 1/6] Add command for phpfpm service to set a timezone, remove
 env var

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 3888762c..a31b4244 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -70,6 +70,7 @@ services:
 
     php-fpm-mailcow:
       image: andryyy/mailcow-dockerized:phpfpm
+      command: "php-fpm -d date.timezone=${TZ}"
       depends_on:
         - pdns-mailcow
       volumes:
@@ -84,7 +85,6 @@ services:
         - DBUSER=${DBUSER}
         - DBPASS=${DBPASS}
         - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME}
-        - TZ=${TZ}
       restart: always
       networks:
         mailcow-network:

From 49a98a30b510a021218bfef8d0799793e7e51fb4 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 9 Jan 2017 11:05:33 +0100
Subject: [PATCH 2/6] Add ability to set tag handling, add domain map

---
 data/conf/rspamd/dynmaps/authoritative.php | 22 ++++++++++
 data/conf/rspamd/dynmaps/tags.php          | 17 ++++++++
 data/conf/rspamd/lua/rspamd.local.lua      | 49 ++++++++++++++++++++++
 3 files changed, 88 insertions(+)
 create mode 100644 data/conf/rspamd/dynmaps/authoritative.php
 create mode 100644 data/conf/rspamd/dynmaps/tags.php

diff --git a/data/conf/rspamd/dynmaps/authoritative.php b/data/conf/rspamd/dynmaps/authoritative.php
new file mode 100644
index 00000000..b2c101f7
--- /dev/null
+++ b/data/conf/rspamd/dynmaps/authoritative.php
@@ -0,0 +1,22 @@
+<?php
+ini_set('error_reporting', 0);
+header('Content-Type: text/plain');
+require_once "vars.inc.php";
+$dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
+$opt = [
+    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+    PDO::ATTR_EMULATE_PREPARES   => false,
+];
+$pdo = new PDO($dsn, $database_user, $database_pass, $opt);
+$stmt = $pdo->query("SELECT `domain` FROM `domain`");
+$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+while ($row = array_shift($rows)) {
+  echo strtolower(trim($row['domain'])) . PHP_EOL;
+}
+$stmt = $pdo->query("SELECT `alias_domain` FROM `alias_domain`");
+$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+while ($row = array_shift($rows)) {
+  echo strtolower(trim($row['alias_domain'])) . PHP_EOL;
+}
+?>
\ No newline at end of file
diff --git a/data/conf/rspamd/dynmaps/tags.php b/data/conf/rspamd/dynmaps/tags.php
new file mode 100644
index 00000000..cc6435fe
--- /dev/null
+++ b/data/conf/rspamd/dynmaps/tags.php
@@ -0,0 +1,17 @@
+<?php
+ini_set('error_reporting', 0);
+header('Content-Type: text/plain');
+require_once "vars.inc.php";
+$dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
+$opt = [
+    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+    PDO::ATTR_EMULATE_PREPARES   => false,
+];
+$pdo = new PDO($dsn, $database_user, $database_pass, $opt);
+$stmt = $pdo->query("SELECT `username` FROM `mailbox` WHERE `wants_tagged_subject` = '1'");
+$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+while ($row = array_shift($rows)) {
+  echo strtolower(trim($row['username'])) . PHP_EOL;
+}
+?>
\ No newline at end of file
diff --git a/data/conf/rspamd/lua/rspamd.local.lua b/data/conf/rspamd/lua/rspamd.local.lua
index 292b7d08..4b02bf57 100644
--- a/data/conf/rspamd/lua/rspamd.local.lua
+++ b/data/conf/rspamd/lua/rspamd.local.lua
@@ -10,3 +10,52 @@ rspamd_config.MAILCOW_AUTH = {
 rspamd_config.MAILCOW_MOO = function (task)
 	return true
 end
+
+local modify_subject_map = rspamd_config:add_map({
+  url = 'http://nginx:8081/tags.php',
+  type = 'map',
+  description = 'Map of users to use subject tags for'
+})
+
+local auth_domain_map = rspamd_config:add_map({
+  url = 'http://nginx:8081/authoritative.php',
+  type = 'map',
+  description = 'Map of domains we are authoritative for'
+})
+
+rspamd_config.ADD_DELIMITER_TAG = {
+  callback = function(task)
+    local util = require("rspamd_util")
+    local rspamd_logger = require "rspamd_logger"
+    local user_tagged = task:get_recipients(1)[1]['user']
+    local domain = task:get_recipients(1)[1]['domain']
+    local user, tag = user_tagged:match("([^+]+)+(.*)")
+    local authdomain = auth_domain_map:get_key(domain)
+
+    if tag and authdomain then
+      rspamd_logger.infox("Domain %s is part of mailcow, start reading tag settings", domain)
+      local user_untagged = user .. '@' .. domain
+      rspamd_logger.infox("Querying tag settings for user %1", user_untagged)
+      if modify_subject_map:get_key(user_untagged) then
+        rspamd_logger.infox("User wants subject modified for tagged mail")
+        local sbj = task:get_header('Subject')
+        if tag then
+        rspamd_logger.infox("Found tag %1, will modify subject header", tag)
+        new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
+        task:set_rmilter_reply({
+          remove_headers = {['Subject'] = 1},
+          add_headers = {['Subject'] = new_sbj}
+        })
+        end
+      else
+        rspamd_logger.infox("Add X-Move-Tag header")
+        task:set_rmilter_reply({
+          add_headers = {['X-Moo-Tag'] = 'YES'}
+        })
+      end
+    else
+      rspamd_logger.infox("Skip delimiter handling for untagged message or authenticated user")
+    end
+    return false
+  end
+}

From d2945b0edfc1543d862c15e410b85040f8b50b7a Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 9 Jan 2017 11:08:45 +0100
Subject: [PATCH 3/6] Add ability to set tag handling, show more user
 information

---
 data/web/inc/footer.inc.php    |   6 +-
 data/web/inc/functions.inc.php | 112 +++++++++++++++++++++++++++++++
 data/web/inc/init.sql          |   3 +
 data/web/inc/triggers.inc.php  |   3 +
 data/web/inc/vars.inc.php      |   1 -
 data/web/lang/lang.de.php      |  10 +++
 data/web/lang/lang.en.php      |  12 ++++
 data/web/user.php              | 119 ++++++++++++++++++++++-----------
 8 files changed, 224 insertions(+), 42 deletions(-)

diff --git a/data/web/inc/footer.inc.php b/data/web/inc/footer.inc.php
index b2976bec..d2adca8e 100644
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -1,5 +1,5 @@
 <?php
-if ($_SESSION['mailcow_cc_role'] == "admin"):
+if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin"):
 ?>
 <div id="RestartSOGo" class="modal fade" role="dialog">
 	<div class="modal-dialog">
@@ -75,8 +75,8 @@ $(document).ready(function() {
 	});
 
 	// IE fix to hide scrollbars when table body is empty
-	$('tbody').filter(function (index) { 
-		return $(this).children().length < 1; 
+	$('tbody').filter(function (index) {
+		return $(this).children().length < 1;
 	}).remove();
 
 	// Init Bootstrap Selectpicker
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index cfa3fdb4..37acb736 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -52,6 +52,7 @@ function init_db_schema() {
 				$data = '';
 			}
 		}
+    // Create index if not exists
 		$stmt = $pdo->query("SHOW INDEX FROM sogo_acl WHERE KEY_NAME = 'sogo_acl_c_folder_id_idx'");
 		$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
 		if ($num_results == 0) {
@@ -67,6 +68,22 @@ function init_db_schema() {
 			'msg' => 'Database initialization completed.'
 		);
 	}
+  // Add newly added columns
+  $stmt = $pdo->query("SHOW COLUMNS FROM `mailbox` LIKE 'kind'");
+  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+  if ($num_results == 0) {
+    $pdo->query("ALTER TABLE `mailbox` ADD `kind` varchar(100) NOT NULL DEFAULT ''");
+  }
+  $stmt = $pdo->query("SHOW COLUMNS FROM `mailbox` LIKE 'multiple_bookings'");
+  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+  if ($num_results == 0) {
+    $pdo->query("ALTER TABLE `mailbox` ADD `multiple_bookings` tinyint(1) NOT NULL DEFAULT '0'");
+  }
+  $stmt = $pdo->query("SHOW COLUMNS FROM `mailbox` LIKE 'wants_tagged_subject'");
+  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+  if ($num_results == 0) {
+    $pdo->query("ALTER TABLE `mailbox` ADD `wants_tagged_subject` tinyint(1) NOT NULL DEFAULT '0'");
+  }
 }
 function verify_ssha256($hash, $password) {
 	// Remove tag if any
@@ -2630,6 +2647,101 @@ function get_sender_acl_handles($mailbox, $which) {
 	}
 	return false;
 }
+function tagging_options($action, $data = null) {
+	global $lang;
+	global $pdo;
+  $username	= $_SESSION['mailcow_cc_username'];
+  if ($action == "get") {
+    if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
+      return false;
+    }
+    try {
+      $stmt = $pdo->prepare("SELECT `wants_tagged_subject` FROM `mailbox` WHERE `username` = :username");
+      $stmt->execute(array(':username' => $username));
+      $SelectData = $stmt->fetch(PDO::FETCH_ASSOC);
+    }
+    catch(PDOException $e) {
+      $_SESSION['return'] = array(
+        'type' => 'danger',
+        'msg' => 'MySQL: '.$e
+      );
+      return false;
+    }
+    return $SelectData['wants_tagged_subject'];
+  }
+  elseif ($action == "set") {
+    ($data['tagged_mail_handler'] == "subject") ? $wants_tagged_subject = '1' : $wants_tagged_subject = '0';
+    if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
+      $_SESSION['return'] = array(
+        'type' => 'danger',
+        'msg' => sprintf($lang['danger']['username_invalid'])
+      );
+      return false;
+    }
+    try {
+      $stmt = $pdo->prepare("UPDATE `mailbox` SET `wants_tagged_subject` = :wants_tagged_subject WHERE `username` = :username");
+      $stmt->execute(array(':username' => $username, ':wants_tagged_subject' => $wants_tagged_subject));
+      $SelectData = $stmt->fetch(PDO::FETCH_ASSOC);
+    }
+    catch(PDOException $e) {
+      $_SESSION['return'] = array(
+        'type' => 'danger',
+        'msg' => 'MySQL: '.$e
+      );
+      return false;
+    }
+    $_SESSION['return'] = array(
+      'type' => 'success',
+      'msg' => sprintf($lang['success']['mailbox_modified'], $username)
+    );
+  }
+  return false;
+}
+function user_object_info($action, $data = null) {
+	global $lang;
+	global $pdo;
+  $username	= $_SESSION['mailcow_cc_username'];
+  if ($action == "get") {
+    if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
+      return false;
+    }
+    try {
+      $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`address` SEPARATOR ', '), '&#10008;') AS `aliases` FROM `alias` WHERE `goto` = :username_goto AND `address` NOT LIKE '@%' AND `address` != :username_address");
+      $stmt->execute(array(':username_goto' => $username, ':username_address' => $username));
+      $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+      while ($row = array_shift($run)) {
+        $data['aliases'] = $row['aliases'];
+      }
+      $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`send_as` SEPARATOR ', '), '&#10008;') AS `send_as` FROM `sender_acl` WHERE `logged_in_as` = :username AND `send_as` NOT LIKE '@%';");
+      $stmt->execute(array(':username' => $username));
+      $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+      while ($row = array_shift($run)) {
+        $data['aliases_also_send_as'] = $row['send_as'];
+      }
+      $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`send_as` SEPARATOR ', '), '&#10008;') AS `send_as` FROM `sender_acl` WHERE `logged_in_as` = :username AND `send_as` LIKE '@%';");
+      $stmt->execute(array(':username' => $username));
+      $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+      while ($row = array_shift($run)) {
+        $data['aliases_send_as_all'] = $row['send_as'];
+      }
+      $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`address` SEPARATOR ', '), '&#10008;') as `address` FROM `alias` WHERE `goto` = :username AND `address` LIKE '@%';");
+      $stmt->execute(array(':username' => $username));
+      $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+      while ($row = array_shift($run)) {
+        $data['is_catch_all'] = $row['address'];
+      }
+      return $data;
+    }
+    catch(PDOException $e) {
+      $_SESSION['return'] = array(
+        'type' => 'danger',
+        'msg' => 'MySQL: '.$e
+      );
+      return false;
+    }
+  }
+  return false;
+}
 function is_valid_domain_name($domain_name) { 
 	if (empty($domain_name)) {
 		return false;
diff --git a/data/web/inc/init.sql b/data/web/inc/init.sql
index 4335ff20..183c55e1 100644
--- a/data/web/inc/init.sql
+++ b/data/web/inc/init.sql
@@ -78,6 +78,9 @@ CREATE TABLE IF NOT EXISTS `mailbox` (
 	`modified` datetime NOT NULL DEFAULT '2016-01-01 00:00:00',
 	`tls_enforce_in` tinyint(1) NOT NULL DEFAULT '0',
 	`tls_enforce_out` tinyint(1) NOT NULL DEFAULT '0',
+	`kind` varchar(100) NOT NULL DEFAULT '',
+	`multiple_bookings` tinyint(1) NOT NULL DEFAULT '0',
+	`wants_tagged_subject` tinyint(1) NOT NULL DEFAULT '0',
 	`active` tinyint(1) NOT NULL DEFAULT '1',
 	PRIMARY KEY (`username`),
 	KEY `domain` (`domain`)
diff --git a/data/web/inc/triggers.inc.php b/data/web/inc/triggers.inc.php
index 484881c4..70e91640 100644
--- a/data/web/inc/triggers.inc.php
+++ b/data/web/inc/triggers.inc.php
@@ -51,6 +51,9 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "user
 	if (isset($_POST["trigger_set_spam_score"])) {
 		set_spam_score($_POST);
 	}
+	if (isset($_POST["trigger_set_tagging_options"])) {
+		tagging_options('set', $_POST);
+	}
 	if (isset($_POST["trigger_set_policy_list"])) {
 		set_policy_list($_POST);
 	}
diff --git a/data/web/inc/vars.inc.php b/data/web/inc/vars.inc.php
index 0c716b38..5c41e6d3 100644
--- a/data/web/inc/vars.inc.php
+++ b/data/web/inc/vars.inc.php
@@ -15,7 +15,6 @@ $database_name = getenv('DBNAME');
 
 // Other variables
 $mailcow_hostname = getenv('MAILCOW_HOSTNAME');
-date_default_timezone_set(getenv('TZ'));
 
 // Where to go after adding and editing objects
 // Can be "form" or "previous"
diff --git a/data/web/lang/lang.de.php b/data/web/lang/lang.de.php
index 09b79c9b..8727ca75 100644
--- a/data/web/lang/lang.de.php
+++ b/data/web/lang/lang.de.php
@@ -102,6 +102,8 @@ $lang['user']['did_you_know'] = '<b>Wussten Sie schon?</b> Sie können Ihre E-Ma
 $lang['user']['spam_aliases'] = 'Temporäre E-Mail Aliasse';
 $lang['user']['alias'] = 'Alias';
 $lang['user']['aliases'] = 'Aliasse';
+$lang['user']['is_catch_all'] = 'Ist Catch-All Adresse für Domain(s)';
+$lang['user']['aliases_also_send_as'] = 'Darf außerdem versenden als';
 $lang['user']['aliases_send_as_all'] = 'Absender für folgende Domains nicht prüfen';
 $lang['user']['alias_create_random'] = 'Zufälligen Alias generieren';
 $lang['user']['alias_extend_all'] = 'Gültigkeit +1h';
@@ -141,6 +143,14 @@ $lang['user']['no_record'] = 'Kein Eintrag';
 
 $lang['user']['misc_settings'] = 'Sonstige Kontoeinstellungen';
 $lang['user']['misc_delete_profile'] = 'Sonstige Kontoeinstellungen';
+
+$lang['user']['tag_handling'] = 'Umgang mit getaggten E-Mails steuern';
+$lang['user']['tag_in_subfolder'] = 'In Unterordner';
+$lang['user']['tag_in_subject'] = 'In Betreff';
+$lang['user']['tag_help_explain'] = 'Als Unterordner: Es wird ein Ordner mit dem Namen des Tags unterhalb der Inbox erstellt ("INBOX/Facebook").<br />
+In Betreff: Der Name des Tags wird dem Betreff angefügt, etwa "[Facebook] Meine Neuigkeiten".';
+$lang['user']['tag_help_example'] = 'Beispiel für eine getaggte E-Mail-Adresse: ich<b>+Facebook</b>@example.org';
+
 $lang['start']['dashboard'] = '%s - Dashboard';
 $lang['start']['start_rc'] = 'Roundcube öffnen';
 $lang['start']['start_sogo'] = 'SOGo öffnen';
diff --git a/data/web/lang/lang.en.php b/data/web/lang/lang.en.php
index ce9906d5..801d8479 100644
--- a/data/web/lang/lang.en.php
+++ b/data/web/lang/lang.en.php
@@ -103,6 +103,10 @@ $lang['user']['new_password_description'] = 'Requirement: 6 characters long, let
 $lang['user']['did_you_know'] = '<b>Did you know?</b> You can use tags in your email address ("me+<b>privat</b>@example.com") to move messages to a folder automatically (example: "privat").';
 $lang['user']['spam_aliases'] = 'Temporary email aliases';
 $lang['user']['alias'] = 'Alias';
+$lang['user']['aliases'] = 'Aliases';
+$lang['user']['is_catch_all'] = 'Catch-all for domain/s';
+$lang['user']['aliases_also_send_as'] = 'Also allowed to send as';
+$lang['user']['aliases_send_as_all'] = 'Do not check sender access for following domains';
 $lang['user']['alias_create_random'] = 'Generate random alias';
 $lang['user']['alias_extend_all'] = 'Extend aliases by 1 hour';
 $lang['user']['alias_valid_until'] = 'Valid until';
@@ -141,6 +145,14 @@ $lang['user']['no_record'] = 'No Record';
 
 $lang['user']['misc_settings'] = 'Other profile settings';
 $lang['user']['misc_delete_profile'] = 'Other profile settings';
+
+$lang['user']['tag_handling'] = 'Set handling for tagged mail';
+$lang['user']['tag_in_subfolder'] = 'In subfolder';
+$lang['user']['tag_in_subject'] = 'In subject';
+$lang['user']['tag_help_explain'] = 'In subfolder: a new subfolder named after the tag will be created below INBOX ("INBOX/Facebook").<br />
+In subject: the tags name will be prepended to the mails subject, example: "[Facebook] Meine Neuigkeiten".';
+$lang['user']['tag_help_example'] = 'Example for a tagged email address: ich<b>+Facebook</b>@example.org';
+
 $lang['start']['dashboard'] = '%s - dashboard';
 $lang['start']['start_rc'] = 'Open Roundcube';
 $lang['start']['start_sogo'] = 'Open SOGo';
diff --git a/data/web/user.php b/data/web/user.php
index a0c04bc4..08d129d7 100644
--- a/data/web/user.php
+++ b/data/web/user.php
@@ -14,42 +14,86 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
 <div class="panel panel-default">
 <div class="panel-heading"><?=$lang['user']['mailbox_details'];?></div>
 <div class="panel-body">
-<form class="form-horizontal" role="form" method="post" autocomplete="off">
-	<div class="form-group">
-		<div class="col-sm-offset-3 col-sm-10">
-			<div class="checkbox">
-				<label><input type="checkbox" name="togglePwNew" id="togglePwNew"> <?=$lang['user']['change_password'];?></label>
-			</div>
-		</div>
-	</div>
-	<div class="passFields">
-		<div class="form-group">
-			<label class="control-label col-sm-3" for="user_new_pass"><?=$lang['user']['new_password'];?></label>
-			<div class="col-sm-5">
-			<input type="password" class="form-control" pattern=".{6,}" name="user_new_pass" id="user_new_pass" autocomplete="off" disabled="disabled" required>
-			</div>
-		</div>
-		<div class="form-group">
-			<label class="control-label col-sm-3" for="user_new_pass2"><?=$lang['user']['new_password_repeat'];?></label>
-			<div class="col-sm-5">
-			<input type="password" class="form-control" pattern=".{6,}" name="user_new_pass2" id="user_new_pass2" disabled="disabled" autocomplete="off" required>
-			<p class="help-block"><?=$lang['user']['new_password_description'];?></p>
-			</div>
-		</div>
-		<hr>
-	</div>
-	<div class="form-group">
-		<label class="control-label col-sm-3" for="user_old_pass"><?=$lang['user']['password_now'];?></label>
-		<div class="col-sm-5">
-		<input type="password" class="form-control" name="user_old_pass" id="user_old_pass" autocomplete="off" required>
-		</div>
-	</div>
-	<div class="form-group">
-		<div class="col-sm-offset-3 col-sm-9">
-			<button type="submit" name="trigger_set_user_account" class="btn btn-success btn-default"><?=$lang['user']['save_changes'];?></button>
-		</div>
-	</div>
-</form>
+  <form class="form-horizontal" role="form" method="post" autocomplete="off">
+    <div class="form-group">
+      <div class="col-sm-offset-3 col-sm-10">
+        <div class="checkbox">
+          <label><input type="checkbox" name="togglePwNew" id="togglePwNew"> <?=$lang['user']['change_password'];?></label>
+        </div>
+      </div>
+    </div>
+    <div class="passFields">
+      <div class="form-group">
+        <label class="control-label col-sm-3" for="user_new_pass"><?=$lang['user']['new_password'];?></label>
+        <div class="col-sm-5">
+        <input type="password" class="form-control" pattern=".{6,}" name="user_new_pass" id="user_new_pass" autocomplete="off" disabled="disabled" required>
+        </div>
+      </div>
+      <div class="form-group">
+        <label class="control-label col-sm-3" for="user_new_pass2"><?=$lang['user']['new_password_repeat'];?></label>
+        <div class="col-sm-5">
+        <input type="password" class="form-control" pattern=".{6,}" name="user_new_pass2" id="user_new_pass2" disabled="disabled" autocomplete="off" required>
+        <p class="help-block"><?=$lang['user']['new_password_description'];?></p>
+        </div>
+      </div>
+      <hr>
+    </div>
+    <div class="form-group">
+      <label class="control-label col-sm-3" for="user_old_pass"><?=$lang['user']['password_now'];?></label>
+      <div class="col-sm-5">
+      <input type="password" class="form-control" name="user_old_pass" id="user_old_pass" autocomplete="off" required>
+      </div>
+    </div>
+    <div class="form-group">
+      <div class="col-sm-offset-3 col-sm-9">
+        <button type="submit" name="trigger_set_user_account" class="btn btn-success btn-default"><?=$lang['user']['save_changes'];?></button>
+      </div>
+    </div>
+  </form>
+  <hr>
+  <?php // Get user information about aliases
+  $get_user_object_info = user_object_info('get');?>
+  <div class="row">
+    <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['aliases'];?>:</div>
+    <div class="col-md-9 col-xs-7">
+    <p><?=$get_user_object_info['aliases'];?></p>
+    </div>
+  </div>
+  <div class="row">
+    <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['aliases_also_send_as'];?>:</div>
+    <div class="col-md-9 col-xs-7">
+    <p><?=$get_user_object_info['aliases_also_send_as'];?></p>
+    </div>
+  </div>
+  <div class="row">
+    <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['aliases_send_as_all'];?>:</div>
+    <div class="col-md-9 col-xs-7">
+    <p><?=$get_user_object_info['aliases_send_as_all'];?></p>
+    </div>
+  </div>
+  <div class="row">
+    <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['is_catch_all'];?>:</div>
+    <div class="col-md-9 col-xs-7">
+    <p><?=$get_user_object_info['is_catch_all'];?></p>
+    </div>
+  </div>
+  <hr>
+  <?php // Show tagging options ?>
+  <form class="form-horizontal" role="form" method="post">
+  <?php $get_tagging_options = tagging_options('get');?>
+  <div class="row">
+    <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['tag_handling'];?>:</div>
+    <div class="col-md-9 col-xs-7">
+    <input type="hidden" name="trigger_set_tagging_options" value="1">
+    <select name="tagged_mail_handler" class="selectpicker" onchange="this.form.submit()">
+      <option value="subfolder" <?=($get_tagging_options == "0") ? 'selected' : null; ?>><?=$lang['user']['tag_in_subfolder'];?></option>
+      <option value="subject" <?=($get_tagging_options == "1") ? 'selected' : null; ?>><?=$lang['user']['tag_in_subject'];?></option>
+    </select>
+    <p class="help-block"><?=$lang['user']['tag_help_explain'];?></p>
+    <p class="help-block"><?=$lang['user']['tag_help_example'];?></p>
+    </div>
+  </div>
+  </form>
 </div>
 </div>
 
@@ -321,8 +365,7 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user
 		</form>
 	</div>
 </div>
-
-
+<br />
 </div> <!-- /container -->
 <script src="js/sorttable.js"></script>
 <script src="js/user.js"></script>

From be7693a8e1fc8bcbeb2afe5a153942d98650d667 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 9 Jan 2017 11:39:27 +0100
Subject: [PATCH 4/6] Sieve tag handling changes

---
 data/conf/dovecot/sieve_after         | 2 +-
 data/conf/rspamd/lua/rspamd.local.lua | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/conf/dovecot/sieve_after b/data/conf/dovecot/sieve_after
index ae6aa5fe..d668a94c 100644
--- a/data/conf/dovecot/sieve_after
+++ b/data/conf/dovecot/sieve_after
@@ -7,6 +7,6 @@ require "envelope";
 if header :contains "X-Spam-Flag" "YES" {
   fileinto "Junk";
 }
-if envelope :detail :matches "to" "*" {
+if allof (envelope :detail :matches "to" "*", header :contains "X-Moo-Tag" "YES") {
   fileinto :create "INBOX/${1}";
 }
diff --git a/data/conf/rspamd/lua/rspamd.local.lua b/data/conf/rspamd/lua/rspamd.local.lua
index 4b02bf57..7e254d3b 100644
--- a/data/conf/rspamd/lua/rspamd.local.lua
+++ b/data/conf/rspamd/lua/rspamd.local.lua
@@ -48,7 +48,7 @@ rspamd_config.ADD_DELIMITER_TAG = {
         })
         end
       else
-        rspamd_logger.infox("Add X-Move-Tag header")
+        rspamd_logger.infox("Add X-Moo-Tag header")
         task:set_rmilter_reply({
           add_headers = {['X-Moo-Tag'] = 'YES'}
         })

From 621235d8da11aaf784a1321d849a940e380e8219 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 9 Jan 2017 12:37:39 +0100
Subject: [PATCH 5/6] Lowercase tag name "eXaMpLe" to "example" if folder
 "eXaMpLe" does not exist, else move to folder "eXaMpLe"

---
 data/conf/dovecot/sieve_after | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/data/conf/dovecot/sieve_after b/data/conf/dovecot/sieve_after
index d668a94c..0b43dbcf 100644
--- a/data/conf/dovecot/sieve_after
+++ b/data/conf/dovecot/sieve_after
@@ -7,6 +7,18 @@ require "envelope";
 if header :contains "X-Spam-Flag" "YES" {
   fileinto "Junk";
 }
-if allof (envelope :detail :matches "to" "*", header :contains "X-Moo-Tag" "YES") {
-  fileinto :create "INBOX/${1}";
+
+if allof (
+  envelope :detail :matches "to" "*",
+  header :contains "X-Moo-Tag" "YES",
+  mailboxexists "INBOX/${s}"
+  ) {
+    fileinto "INBOX/${s}";
+}
+elsif allof (
+  envelope :detail :matches "to" "*",
+  header :contains "X-Moo-Tag" "YES"
+  ) {
+    set :lower "s" "${1}";
+    fileinto :create "INBOX/${s}";
 }

From 86a8dc195e06d0faab9ac354a2a4ac9a5d96056b Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 9 Jan 2017 20:22:44 +0100
Subject: [PATCH 6/6] Change ciphers

---
 data/conf/dovecot/dovecot.conf |  4 +++-
 data/conf/nginx/site.conf      |  4 ++--
 data/conf/postfix/main.cf      | 10 +++++++---
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf
index e6dc6f70..9b299847 100644
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@@ -13,7 +13,9 @@ mail_location = maildir:~/
 mail_plugins = quota acl zlib antispam
 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
 ssl_protocols = !SSLv3 !SSLv2
-ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
+ssl_prefer_server_ciphers = yes
+ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
+ssl_options = no_compression
 # Automatically regenerates every week
 ssl_dh_parameters_length = 2048
 log_timestamp = "%Y-%m-%d %H:%M:%S "
diff --git a/data/conf/nginx/site.conf b/data/conf/nginx/site.conf
index ffc3f607..d754eae1 100644
--- a/data/conf/nginx/site.conf
+++ b/data/conf/nginx/site.conf
@@ -5,9 +5,9 @@ server {
   ssl_certificate_key /etc/ssl/mail/key.pem;
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_prefer_server_ciphers on;
-  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
+  ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA';
+  add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
   ssl_ecdh_curve secp384r1;
-  add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
   index index.php index.html;
   server_name _ autodiscover.* autoconfig.*;
   error_log  /var/log/nginx/error.log;
diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 6912d6b4..4f365677 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -69,12 +69,16 @@ smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
 smtpd_tls_eecdh_grade = strong
 smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
 smtpd_tls_loglevel = 1
-smtpd_tls_mandatory_ciphers = high
-smtpd_tls_mandatory_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
+smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
+smtp_tls_protocols = !SSLv2, !SSLv3
+lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3
+lmtp_tls_protocols = !SSLv2, !SSLv3
 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
 smtpd_tls_protocols = !SSLv2, !SSLv3
+smtpd_tls_mandatory_ciphers = high
 smtpd_tls_security_level = may
-tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
+tls_ssl_options = NO_COMPRESSION
+tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
 virtual_alias_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_catchall_maps.cf
 virtual_gid_maps = static:5000
 virtual_mailbox_base = /var/vmail/