diff --git a/data/web/autoconfig.php b/data/web/autoconfig.php
index d01bc724..523d6183 100644
--- a/data/web/autoconfig.php
+++ b/data/web/autoconfig.php
@@ -5,6 +5,16 @@ if (empty($mailcow_hostname)) {
   exit();
 }
 
+$domain_dot = strpos($_SERVER['HTTP_HOST'], '.');
+$domain_port = strpos($_SERVER['HTTP_HOST'], ':');
+if ($domain_port === FALSE) {
+  $domain = substr($_SERVER['HTTP_HOST'], $domain_dot+1);
+  $port = 443;
+} else {
+  $domain = substr($_SERVER['HTTP_HOST'], $domain_dot+1, $domain_port-$domain_dot-1);
+  $port = substr($_SERVER['HTTP_HOST'], $domain_port+1);
+}
+
 header('Content-Type: application/xml');
 ?>
 <?= '<?xml version="1.0"?>'; ?>
@@ -15,52 +25,59 @@ header('Content-Type: application/xml');
       <displayShortName>mail server</displayShortName>
 
       <incomingServer type="imap">
-         <hostname><?= $mailcow_hostname; ?></hostname>
-         <port>993</port>
+         <hostname><?= $autodiscover_config['imap']['server']; ?></hostname>
+         <port><?= $autodiscover_config['imap']['port']; ?></port>
          <socketType>SSL</socketType>
          <username>%EMAILADDRESS%</username>
          <authentication>password-cleartext</authentication>
       </incomingServer>
       <incomingServer type="imap">
-         <hostname><?= $mailcow_hostname; ?></hostname>
-         <port>143</port>
+         <hostname><?= $autodiscover_config['imap']['server']; ?></hostname>
+         <port><?= $autodiscover_config['imap']['tlsport']; ?></port>
          <socketType>STARTTLS</socketType>
          <username>%EMAILADDRESS%</username>
          <authentication>password-cleartext</authentication>
       </incomingServer>
 
+<?php
+$records = dns_get_record('_pop3s._tcp.' . $domain, DNS_SRV); // check if POP3 is announced as "not provided" via SRV record
+if (count($records) == 0 || $records[0]['target'] != '') { ?>
       <incomingServer type="pop3">
-         <hostname><?= $mailcow_hostname; ?></hostname>
-         <port>995</port>
+         <hostname><?= $autodiscover_config['pop3']['server']; ?></hostname>
+         <port><?= $autodiscover_config['pop3']['port']; ?></port>
          <socketType>SSL</socketType>
          <username>%EMAILADDRESS%</username>
          <authentication>password-cleartext</authentication>
       </incomingServer>
+<?php } ?>
+<?php
+$records = dns_get_record('_pop3._tcp.' . $domain, DNS_SRV); // check if POP3 is announced as "not provided" via SRV record
+if (count($records) == 0 || $records[0]['target'] != '') { ?>
       <incomingServer type="pop3">
-         <hostname><?= $mailcow_hostname; ?></hostname>
-         <port>110</port>
+         <hostname><?= $autodiscover_config['pop3']['server']; ?></hostname>
+         <port><?= $autodiscover_config['pop3']['tlsport']; ?></port>
          <socketType>STARTTLS</socketType>
          <username>%EMAILADDRESS%</username>
          <authentication>password-cleartext</authentication>
       </incomingServer>
+<?php } ?>
 
       <outgoingServer type="smtp">
-         <hostname><?= $mailcow_hostname; ?></hostname>
-         <port>465</port>
+         <hostname><?= $autodiscover_config['smtp']['server']; ?></hostname>
+         <port><?= $autodiscover_config['smtp']['port']; ?></port>
          <socketType>SSL</socketType>
          <username>%EMAILADDRESS%</username>
          <authentication>password-cleartext</authentication>
       </outgoingServer>
-
       <outgoingServer type="smtp">
-         <hostname><?= $mailcow_hostname; ?></hostname>
-         <port>587</port>
+         <hostname><?= $autodiscover_config['smtp']['server']; ?></hostname>
+         <port><?= $autodiscover_config['smtp']['tlsport']; ?></port>
          <socketType>STARTTLS</socketType>
          <username>%EMAILADDRESS%</username>
          <authentication>password-cleartext</authentication>
       </outgoingServer>
 
-      <enable visiturl="https://<?= $mailcow_hostname; ?>/admin.php">
+      <enable visiturl="https://<?= $mailcow_hostname; ?><?php if ($port != 443) echo ':'.$port; ?>/admin.php">
          <instruction>If you didn't change the password given to you by the administrator or if you didn't change it in a long time, please consider doing that now.</instruction>
          <instruction lang="de">Sollten Sie das Ihnen durch den Administrator vergebene Passwort noch nicht geändert haben, empfehlen wir dies nun zu tun. Auch ein altes Passwort sollte aus Sicherheitsgründen geändert werden.</instruction>
       </enable>
@@ -68,6 +85,6 @@ header('Content-Type: application/xml');
     </emailProvider>
 
     <webMail>
-      <loginPage url="https://<?= $mailcow_hostname; ?>/SOGo/" />
+      <loginPage url="https://<?= $mailcow_hostname; ?><?php if ($port != 443) echo ':'.$port; ?>/SOGo/" />
     </webMail>
 </clientConfig>
diff --git a/data/web/autodiscover.php b/data/web/autodiscover.php
index fd8cd641..7f6081ae 100644
--- a/data/web/autodiscover.php
+++ b/data/web/autodiscover.php
@@ -12,13 +12,14 @@ error_reporting(0);
 $data = trim(file_get_contents("php://input"));
 
 // Desktop client needs IMAP, unless it's Outlook 2013 or higher on Windows
-if (strpos($data, 'autodiscover/outlook/responseschema')) { // desktop client
+if (strpos($data, 'autodiscover/outlook/responseschema') !== false) { // desktop client
   $configuration['autodiscoverType'] = 'imap';
   if ($configuration['useEASforOutlook'] == 'yes' &&
-  // Office for macOS does not support EAS
-  strpos($_SERVER['HTTP_USER_AGENT'], 'Mac') === false &&
-  // Outlook 2013 (version 15) or higher
-  preg_match('/(Outlook|Office).+1[5-9]\./', $_SERVER['HTTP_USER_AGENT'])) {
+    // Office for macOS does not support EAS
+    strpos($_SERVER['HTTP_USER_AGENT'], 'Mac') === false &&
+    // Outlook 2013 (version 15) or higher
+    preg_match('/(Outlook|Office).+1[5-9]\./', $_SERVER['HTTP_USER_AGENT'])
+  ) {
     $configuration['autodiscoverType'] = 'activesync';
   }
 }
@@ -60,8 +61,28 @@ else {
 <?php
         exit(0);
       }
-      $discover = new SimpleXMLElement($data);
-      $email = $discover->Request->EMailAddress;
+      try {
+        $discover = new SimpleXMLElement($data);
+        $email = $discover->Request->EMailAddress;
+      } catch (Exception $e) {
+        $email = $_SERVER['PHP_AUTH_USER'];
+      }
+
+      $username = trim($email);
+      try {
+        $stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
+        $stmt->execute(array(':username' => $username));
+        $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
+      }
+      catch(PDOException $e) {
+        die("Failed to determine name from SQL");
+      }
+      if (!empty($MailboxData['name'])) {
+        $displayname = utf8_encode($MailboxData['name']);
+      }
+      else {
+        $displayname = $email;
+      }
 
       if ($configuration['autodiscoverType'] == 'imap') {
 ?>
@@ -96,13 +117,13 @@ else {
       </Protocol>
       <Protocol>
         <Type>CalDAV</Type>
-        <Server><?=$configuration['caldav']['server'];?>/SOGo/dav/<?=$email;?>/Calendar</Server>
+        <Server>https://<?=$configuration['caldav']['server'];?><?php if ($configuration['caldav']['port'] != 443) echo ':'.$configuration['caldav']['port']; ?>/SOGo/dav/<?=$email;?>/Calendar</Server>
         <DomainRequired>off</DomainRequired>
         <LoginName><?=$email;?></LoginName>
       </Protocol>
       <Protocol>
         <Type>CardDAV</Type>
-        <Server><?=$configuration['carddav']['server'];?>/SOGo/dav/<?=$email;?>/Contacts</Server>
+        <Server>https://<?=$configuration['carddav']['server'];?><?php if ($configuration['caldav']['port'] != 443) echo ':'.$configuration['carddav']['port']; ?>/SOGo/dav/<?=$email;?>/Contacts</Server>
         <DomainRequired>off</DomainRequired>
         <LoginName><?=$email;?></LoginName>
       </Protocol>
@@ -111,21 +132,6 @@ else {
 <?php
       }
       else if ($configuration['autodiscoverType'] == 'activesync') {
-        $username = trim($email);
-        try {
-          $stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
-          $stmt->execute(array(':username' => $username));
-          $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
-        }
-        catch(PDOException $e) {
-          die("Failed to determine name from SQL");
-        }
-        if (!empty($MailboxData['name'])) {
-          $displayname = utf8_encode($MailboxData['name']);
-        }
-        else {
-          $displayname = $email;
-        }
 ?>
   <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
     <Culture>en:en</Culture>
diff --git a/data/web/clientconfig.php b/data/web/clientconfig.php
new file mode 100644
index 00000000..68722a89
--- /dev/null
+++ b/data/web/clientconfig.php
@@ -0,0 +1,185 @@
+<?php
+require_once 'inc/prerequisites.inc.php';
+
+if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "user") {
+require_once("inc/header.inc.php");
+
+if (file_exists('thunderbird-plugins/version.csv'))
+{
+  $fh = fopen('thunderbird-plugins/version.csv', 'r');
+  if ($fh)
+  {
+    while (($row = fgetcsv($fh, 1000, ';')) !== FALSE)
+    {
+      if ($row[0] == 'sogo-integrator@inverse.ca') {
+        $integrator_file = $row[2];
+      }
+    }
+    fclose($fh);
+  }
+}
+
+$email = $_SESSION['mailcow_cc_username'];
+$domain = explode('@', $_SESSION['mailcow_cc_username'])[1];
+
+$username = trim($email);
+try {
+  $stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
+  $stmt->execute(array(':username' => $username));
+  $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
+}
+catch(PDOException $e) {
+  die("Failed to determine name from SQL");
+}
+if (!empty($MailboxData['name'])) {
+  $displayname = utf8_encode($MailboxData['name']);
+}
+else {
+  $displayname = $email;
+}
+?>
+<div class="container">
+  <h2>Client Configuration Guide</h2>
+  <p>Select your email client or operating system below to view a step-by-step guide to setting up your email account.</p>
+  
+  <h3><a href="#" onclick="document.getElementById('client_apple').style.display = 'block'">Apple macOS / iOS</a></h3>
+  <div  id="client_apple" style="display: none">
+    <ol>
+      <li>Download and open <a href="mobileconfig.php">Mailcow.mobileconfig</a>.</li>
+      <li>Enter the unlock code (iPhone) or computer password (Mac).</li>
+      <li>Enter your email password three times when prompted.</li>
+    </ol>
+    <p>On iOS, Exchange is also supported as an alternative to the procedure above. It has the advantage of supporting push email (i.e. you are immediately notified of incoming messages), but has some limitations, e.g. it does not support more than three email addresses per contact in your address book. Follow the steps below if you decide to use Exchange instead.</p>
+    <ol>
+      <li>Open the <em>Settings</em> app, tap <em>Mail</em>, tap <em>Accounts</em>, tap <em>Add Acccount</em>, select <em>Exchange</em>.</li>
+      <li>Enter your email address (<code><?php echo $email; ?></code>) and tap <em>Next</em>.</li>
+      <li>Enter your password, tap <em>Next</em> again.</li>
+      <li>Finally, tap <em>Save</em>.</li>
+    </ol>
+  </div>
+  
+  <h3><a href="#" onclick="document.getElementById('client_android').style.display = 'block'">Android</a></h3>
+  <ol id="client_android" style="display: none">
+    <li>Open the <em>Email</em> app.</li>
+    <li>If this is your first email account, tap <em>Add Account</em>; if not, tap <em>More</em> and <em>Settings</em> and then <em>Add account</em>.</li>
+    <li>Select <em>Microsoft Exchange ActiveSync</em>.</li>
+    <li>Enter your email address (<code><?php echo $email; ?></code>) and password.</li>
+    <li>Tap <em>Sign in</em>.</li>
+  </ol>
+  
+  <h3><a href="#" onclick="document.getElementById('client_emclient').style.display = 'block'">eM Client</a></h3>
+  <ol id="client_emclient" style="display: none">
+    <li>Launch eM Client.</li>
+    <li>If this is the first time you launched eM Client, it asks you to set up your account. Proceed to step 4.</li>
+    <li>Go to <em>Menu</em> at the top, select <em>Tools</em> and <em>Accounts</em>.</li>
+    <li>Enter your email address (<code><?php echo $email; ?></code>) and click <em>Start Now</em>.</li>
+    <li>Enter your password and click <em>Continue</em>.</li>
+    <li>Enter your name (<code><?php echo $displayname; ?></code>) and click <em>Next</em>.</li>
+    <li>Click <em>Finish</em>.</li>
+  </ol>
+  
+  <h3><a href="#" onclick="document.getElementById('client_kontact').style.display = 'block'">KDE Kontact</a></h3>
+  <div id="client_kontact" style="display: none">
+    <ol>
+      <li>Launch Kontact.</li>
+      <li>If this is the first time you launched Kontact or KMail, it asks you to set up your account. Proceed to step 4.</li>
+      <li>Go to <em>Mail</em> in the sidebar. Go to the <em>Tools</em> menu and select <em>Account Wizard</em>.</li>
+      <li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
+      <li>Click <em>Create Account</em>. If prompted, re-enter your password and click <em>OK</em>.</li>
+      <li>Close the window by clicking <em>Finish</em>.</li>
+      <li>Go to <em>Calendar</em> in the sidebar.</li>
+      <li>Go to the <em>Settings</em> menu and select <em>Configure KOrganizer</em>.</li>
+      <li>Go to the <em>Calendars</em> tab and click the <em>Add</em> button.</li>
+      <li>Choose <em>DAV groupware resource</em> and click <em>OK</em>.</li>
+      <li>Enter your email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
+      <li>Select <em>ScalableOGo</em> from the dropdown menu and click <em>Next</em>.</li>
+      <li>Enter <code><?= $autodiscover_config['caldav']['server']; ?></code> into the <em>Host</em> field and click <em>Next</em>.</li>
+      <li>Click <em>Test Connection</em> and then <em>Finish</em>. Finally, click <em>OK</em> twice.</li>
+    </ol>
+    <p>Once you have set up Kontact, you can also use KMail, KOrganizer and KAddressBook individually.</p>
+  </div>
+  
+  <h3><a href="#" onclick="document.getElementById('client_outlook').style.display = 'block'">Microsoft Outlook</a></h3>
+  <div id="client_outlook" style="display: none">
+<?php if ($autodiscover_config['useEASforOutlook'] == 'yes') { ?>
+    <h4>Outlook 2013 or higher on Windows</h4>
+    <ol>
+      <li>Launch Outlook.</li>
+      <li>If this is the first time you launched Outlook, it asks you to set up your account. Proceed to step 4.</li>
+      <li>Go to the <em>File</em> menu and click <em>Add Account</em>.</li>
+      <li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
+      <li>When prompted, enter your password again, check <em>Remember my credentials</em> and click <em>OK</em>.</li>
+      <li>Click the <em>Allow</em> button.</li>
+      <li>Click <em>Finish</em>.</li>
+    </ol>
+    <h4>Outlook 2007 or 2010 on Windows</h4>
+<?php } else { ?>
+    <h4>Outlook 2007 or higher on Windows</h4>
+<?php } ?>
+    <ol>
+      <li>Download and install <a href="https://caldavsynchronizer.org" target="_blank">Outlook CalDav Synchronizer</a>.</li>
+      <li>Launch Outlook.</li>
+      <li>If this is the first time you launched Outlook, it asks you to set up your account. Proceed to step 5.</li>
+      <li>Go to the <em>File</em> menu and click <em>Add Account</em>.</li>
+      <li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
+      <li>Click <em>Finish</em>.</li>
+      <li>Go to the <em>CalDav Synchronizer</em> ribbon, click <em>Synchronization Profiles</em>.</li>
+      <li>Click the second button at top (<em>Add multiple profiles</em>), select <em>Sogo</em>, click <em>Ok</em>.</li>
+      <li>Click the <em>Get IMAP/POP3 account settings</em> button.</li>
+      <li>Click <em>Discover resources and assign to Outlook folders</em>.</li>
+      <li>In the <em>Select Resource</em> window that pops up, select your main calendar (usually <em>Personal Calendar</em>), click the <em>...</em> button, assign it to <em>Calendar</em>, and click <em>OK</em>. Go to the <em>Address Books</em> and <em>Tasks</em> tabs and repeat repeat the process accordingly. Do not assign multiple calendars, address books or task lists!</li>
+      <li>Close all windows with the <em>OK</em> buttons.</li>
+    </ol>
+    <h4>Outlook 2011 or higher on macOS</h4>
+    <p>The Mac version of Outlook does not synchronize calendars and contacts and therefore is not supported.</p>
+  </div>
+  
+  <h3><a href="#" onclick="document.getElementById('client_thunderbird').style.display = 'block'">Mozilla Thunderbird</a></h3>
+  <div id="client_thunderbird" style="display: none">
+    <ol>
+      <li>Launch Thunderbird.</li>
+      <li>If this is the first time you launched Thunderbird, it asks you whether you would like a new email address. Click <em>Skip this and use my existing email</em> and proceed to step 4.</li>
+      <li>Go to the <em>Tools</em> menu and select <em>Account Settings</em>.</li>
+      <li>Click the <em>Account Actions</em> dropdown menu at the bottom left and select <em>Add Mail Account</em>.</li>
+      <li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Make sure the <em>Remember password</em> checkbox is selected and click <em>Continue</em>.</li>
+      <li>Once the configuration has been automatically detected, click <em>Done</em>.</li>
+      <li>If you already had other accounts configured in Thunderbird, select the new one (<?php echo $email; ?>) on the left, click the <em>Account Actions</em> dropdown and select <em>Set as Default</em>.</li>
+      <li>Close the account settings window with the <em>OK</em> button.</li>
+      <li>In your web browser, download <a href="thunderbird-plugins/<?php echo str_replace('__DOMAIN__', $domain, $integrator_file); ?>">SOGo Integrator</a>.</li>
+      <li>Back in Thunderbird, go to the <em>Tools</em> menu and select <em>Add-ons</em>.</li>
+      <li>Click <em>Extensions</em> on the left, click the little gear icon at the top and select <em>Install Add-on From File</em>. Select the file you downloaded in step 9, click <em>Open</em> and, after waiting for a few seconds, <em>Install Now</em>.</li>
+      <li>Click the <em>Restart Now</em> button at the top that appears.</li>
+      <li>Thunderbird briefly shows a message that it is updating extensions, then restarts automatically once more.</li>
+      <li>When you are prompted to authenticate for <?= $autodiscover_config['caldav']['server']; ?>, enter your email address and password, check <em>Use Password Manager</em> and click <em>OK</em>.</li>
+    </ol>
+  </div>
+  
+  <h3><a href="#" onclick="document.getElementById('client_windows').style.display = 'block'">Windows</a></h3>
+  <div id="client_windows" style="display: none">
+    <ol>
+    <li>Open the <em>Mail</em> app.</li>
+    <li>If you have not previously used Mail, you can click <em>Add Account</em> in the main window. Proceed to step 4.</li>
+    <li>Click <em>Accounts</em> in the sidebar on the left, then click <em>Add Account</em> on the far right.</li>
+    <li>Select <em>Exchange</em>.</li>
+    <li>Enter your email address (<code><?php echo $email; ?></code>) and click Next.</li>
+    <li>Enter your password and click <em>Log in</em>.</li>
+    </ol>
+    <p>Once you have set up the Mail app, you can also use the People and Calendar apps.</p>
+  </div>
+  
+  <h3><a href="#" onclick="document.getElementById('client_windowsphone').style.display = 'block'">Windows Phone</a></h3>
+  <ol id="client_windowsphone" style="display: none">
+    <li>Open the <em>Settings</em> app. Select <em>email + accounts</em> and tap <em>add an account</em>.</li>
+    <li>Tap Exchange.</li>
+    <li>Enter your email address (<code><?php echo $email; ?></code>) and your password. Tap <em>Sign in</em>.</li>
+    <li>Tap <em>done</em>.</li>
+  </ol>
+</div>
+
+<?php
+require_once("inc/footer.inc.php");
+} else {
+  header('Location: index.php');
+  exit();
+}
+?>
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index b3420530..af93794b 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -62,17 +62,17 @@ function hasMailboxObjectAccess($username, $role, $object) {
 	}
 	return false;
 }
+function pem_to_der($pem_key) {
+  // Need to remove BEGIN/END PUBLIC KEY
+  $lines = explode("\n", trim($pem_key));
+  unset($lines[count($lines)-1]);
+  unset($lines[0]);
+  return base64_decode(implode('', $lines));
+}
 function generate_tlsa_digest($hostname, $port, $starttls = null) {
   if (!is_valid_domain_name($hostname)) {
     return "Not a valid hostname";
   }
-  function pem_to_der($pem_key) {
-    // Need to remove BEGIN/END PUBLIC KEY
-    $lines = explode("\n", trim($pem_key));
-    unset($lines[count($lines)-1]);
-    unset($lines[0]);
-    return base64_decode(implode('', $lines));
-  }
 
   if (empty($starttls)) {
     $context = stream_context_create(array("ssl" => array("capture_peer_cert" => true, 'verify_peer' => false, 'allow_self_signed' => true)));
@@ -88,20 +88,24 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
       return $error_nr . ': ' . $error_msg;
     }
     $banner = fread($stream, 512 );
-    if (preg_match("/^220/i", $banner)) {
+    if (preg_match("/^220/i", $banner)) { // SMTP
       fwrite($stream,"HELO tlsa.generator.local\r\n");
       fread($stream, 512);
       fwrite($stream,"STARTTLS\r\n");
       fread($stream, 512);
     }
-    elseif (preg_match("/imap.+starttls/i", $banner)) {
+    elseif (preg_match("/imap.+starttls/i", $banner)) { // IMAP
       fwrite($stream,"A1 STARTTLS\r\n");
       fread($stream, 512);
     }
-    elseif (preg_match("/^\+OK/", $banner)) {
+    elseif (preg_match("/^\+OK/", $banner)) { // POP3
       fwrite($stream,"STLS\r\n");
       fread($stream, 512);
     }
+    elseif (preg_match("/^OK/m", $banner)) { // Sieve
+      fwrite($stream,"STARTTLS\r\n");
+      fread($stream, 512);
+    }
     else {
       return 'Unknown banner: "' . htmlspecialchars(trim($banner)) . '"';
     }
diff --git a/data/web/inc/vars.inc.php b/data/web/inc/vars.inc.php
index a52442db..775af1e1 100644
--- a/data/web/inc/vars.inc.php
+++ b/data/web/inc/vars.inc.php
@@ -18,31 +18,48 @@ $database_name = getenv('DBNAME');
 $mailcow_hostname = getenv('MAILCOW_HOSTNAME');
 
 // Autodiscover settings
+$https_port = strpos($_SERVER['HTTP_HOST'], ':');
+if ($https_port === FALSE) {
+  $https_port = 443;
+} else {
+  $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1);
+}
 $autodiscover_config = array(
   // Enable the autodiscover service for Outlook desktop clients
   'useEASforOutlook' => 'yes',
   // General autodiscover service type: "activesync" or "imap"
   'autodiscoverType' => 'activesync',
-  // Please don't use STARTTLS-enabled service ports here.
+  // Please don't use STARTTLS-enabled service ports in the "port" variable.
   // The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
+  // The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable.
   'imap' => array(
     'server' => $mailcow_hostname,
-    'port' => getenv('IMAPS_PORT'),
+    'port' => array_pop(explode(':', getenv('IMAPS_PORT'))),
+    'tlsport' => array_pop(explode(':', getenv('IMAP_PORT'))),
+  ),
+  'pop3' => array(
+    'server' => $mailcow_hostname,
+    'port' => array_pop(explode(':', getenv('POPS_PORT'))),
+    'tlsport' => array_pop(explode(':', getenv('POP_PORT'))),
   ),
   'smtp' => array(
     'server' => $mailcow_hostname,
-    'port' => getenv('SMTPS_PORT'),
+    'port' => array_pop(explode(':', getenv('SMTPS_PORT'))),
+    'tlsport' => array_pop(explode(':', getenv('SUBMISSION_PORT'))),
   ),
   'activesync' => array(
-    'url' => 'https://'.$mailcow_hostname.'/Microsoft-Server-ActiveSync'
+    'url' => 'https://'.$mailcow_hostname.($https_port == 443 ? '' : ':'.$https_port).'/Microsoft-Server-ActiveSync',
   ),
   'caldav' => array(
-    'url' => 'https://'.$mailcow_hostname
+    'server' => $mailcow_hostname,
+    'port' => $https_port,
   ),
   'carddav' => array(
-    'url' => 'https://'.$mailcow_hostname
-  )
+    'server' => $mailcow_hostname,
+    'port' => $https_port,
+  ),
 );
+unset($https_port);
 
 // Where to go after adding and editing objects
 // Can be "form" or "previous"
diff --git a/data/web/lang/lang.de.php b/data/web/lang/lang.de.php
index 732171cc..54a497ab 100644
--- a/data/web/lang/lang.de.php
+++ b/data/web/lang/lang.de.php
@@ -108,6 +108,7 @@ $lang['user']['user_settings'] = 'Benutzereinstellungen';
 $lang['user']['mailbox_settings'] = 'Mailbox-Einstellungen';
 $lang['user']['mailbox_details'] = 'Mailbox-Details';
 $lang['user']['change_password'] = 'Passwort ändern';
+$lang['user']['client_configuration'] = 'Konfigurationsanleitungen für E-Mail-Programme und Smartphones anzeigen';
 $lang['user']['new_password'] = 'Neues Passwort';
 $lang['user']['save_changes'] = 'Änderungen speichern';
 $lang['user']['password_now'] = 'Aktuelles Passwort (Änderungen bestätigen)';
diff --git a/data/web/lang/lang.en.php b/data/web/lang/lang.en.php
index 391c7d01..f0608821 100644
--- a/data/web/lang/lang.en.php
+++ b/data/web/lang/lang.en.php
@@ -110,6 +110,7 @@ $lang['user']['user_settings'] = 'User settings';
 $lang['user']['mailbox_settings'] = 'Mailbox settings';
 $lang['user']['mailbox_details'] = 'Mailbox details';
 $lang['user']['change_password'] = 'Change password';
+$lang['user']['client_configuration'] = 'Show configuration guides for email clients and smartphones';
 $lang['user']['new_password'] = 'New password';
 $lang['user']['save_changes'] = 'Save changes';
 $lang['user']['password_now'] = 'Current password (confirm changes)';
diff --git a/data/web/mobileconfig.php b/data/web/mobileconfig.php
new file mode 100644
index 00000000..198fa4d7
--- /dev/null
+++ b/data/web/mobileconfig.php
@@ -0,0 +1,167 @@
+<?php
+require_once 'inc/prerequisites.inc.php';
+
+if (empty($mailcow_hostname)) {
+  exit();
+}
+if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'user') {
+  header("Location: index.php");
+  die("This page is only available to logged-in users, not admins.");
+}
+
+header('Content-Type: application/x-apple-aspen-config');
+header('Content-Disposition: attachment; filename="Mailcow.mobileconfig"');
+
+$email = $_SESSION['mailcow_cc_username'];
+$domain = explode('@', $_SESSION['mailcow_cc_username'])[1];
+$identifier = implode('.', array_reverse(explode('.', $domain))) . '.iphoneprofile.mailcow';
+
+try {
+  $stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
+  $stmt->execute(array(':username' => $email));
+  $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
+}
+catch(PDOException $e) {
+  die("Failed to determine name from SQL");
+}
+if (!empty($MailboxData['name'])) {
+  $displayname = utf8_encode($MailboxData['name']);
+}
+else {
+  $displayname = $email;
+}
+
+echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
+?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>PayloadContent</key>
+	<array>
+		<dict>
+			<key>CalDAVAccountDescription</key>
+			<string><?php echo $domain; ?></string>
+			<key>CalDAVHostName</key>
+			<string><?php echo $autodiscover_config['caldav']['server']; ?></string>
+			<key>CalDAVPort</key>
+			<real><?php echo $autodiscover_config['caldav']['port']; ?></real>
+			<key>CalDAVPrincipalURL</key>
+			<string>/SOGo/dav/<?php echo $email; ?></string>
+			<key>CalDAVUseSSL</key>
+			<true/>
+			<key>CalDAVUsername</key>
+			<string><?php echo $email; ?></string>
+			<key>PayloadDescription</key>
+			<string>Configures CalDAV account.</string>
+			<key>PayloadDisplayName</key>
+			<string>CalDAV (<?php echo $domain; ?>)</string>
+			<key>PayloadIdentifier</key>
+			<string><?php echo $identifier; ?>.CalDAV</string>
+			<key>PayloadOrganization</key>
+			<string></string>
+			<key>PayloadType</key>
+			<string>com.apple.caldav.account</string>
+			<key>PayloadUUID</key>
+			<string>FC898573-EBA8-48AF-93BD-BFA0C9778FA7</string>
+			<key>PayloadVersion</key>
+			<integer>1</integer>
+		</dict>
+		<dict>
+			<key>EmailAccountDescription</key>
+			<string><?php echo $domain; ?></string>
+			<key>EmailAccountType</key>
+			<string>EmailTypeIMAP</string>
+			<key>EmailAccountName</key>
+			<string><?php echo $displayname; ?></string>
+			<key>EmailAddress</key>
+			<string><?php echo $email; ?></string>
+			<key>IncomingMailServerAuthentication</key>
+			<string>EmailAuthPassword</string>
+			<key>IncomingMailServerHostName</key>
+			<string><?php echo $autodiscover_config['imap']['server']; ?></string>
+			<key>IncomingMailServerPortNumber</key>
+			<integer><?php echo $autodiscover_config['imap']['port']; ?></integer>
+			<key>IncomingMailServerUseSSL</key>
+			<true/>
+			<key>IncomingMailServerUsername</key>
+			<string><?php echo $email; ?></string>
+			<key>OutgoingMailServerAuthentication</key>
+			<string>EmailAuthPassword</string>
+			<key>OutgoingMailServerHostName</key>
+			<string><?php echo $autodiscover_config['smtp']['server']; ?></string>
+			<key>OutgoingMailServerPortNumber</key>
+			<integer><?php echo $autodiscover_config['smtp']['port']; ?></integer>
+			<key>OutgoingMailServerUseSSL</key>
+			<true/>
+			<key>OutgoingMailServerUsername</key>
+			<string><?php echo $email; ?></string>
+			<key>OutgoingPasswordSameAsIncomingPassword</key>
+			<true/>
+			<key>PayloadDescription</key>
+			<string>Configures email account.</string>
+			<key>PayloadDisplayName</key>
+			<string>IMAP Account (<?php echo $domain; ?>)</string>
+			<key>PayloadIdentifier</key>
+			<string><?php echo $identifier; ?>.email</string>
+			<key>PayloadOrganization</key>
+			<string></string>
+			<key>PayloadType</key>
+			<string>com.apple.mail.managed</string>
+			<key>PayloadUUID</key>
+			<string>00294FBB-1016-413E-87B9-652D856D6875</string>
+			<key>PayloadVersion</key>
+			<integer>1</integer>
+			<key>PreventAppSheet</key>
+			<false/>
+			<key>PreventMove</key>
+			<false/>
+			<key>SMIMEEnabled</key>
+			<false/>
+		</dict>
+		<dict>
+			<key>CardDAVAccountDescription</key>
+			<string><?php echo $domain; ?></string>
+			<key>CardDAVHostName</key>
+			<string><?php echo $autodiscover_config['carddav']['server']; ?></string>
+			<key>CardDAVPort</key>
+			<integer><?php echo $autodiscover_config['carddav']['port']; ?></integer>
+			<key>CardDAVPrincipalURL</key>
+			<string>/SOGo/dav/<?php echo $email; ?></string>
+			<key>CardDAVUseSSL</key>
+			<true/>
+			<key>CardDAVUsername</key>
+			<string><?php echo $email; ?></string>
+			<key>PayloadDescription</key>
+			<string>Configures CardDAV accounts</string>
+			<key>PayloadDisplayName</key>
+			<string>CardDAV (<?php echo $domain; ?>)</string>
+			<key>PayloadIdentifier</key>
+			<string><?php echo $identifier; ?>.carddav</string>
+			<key>PayloadOrganization</key>
+			<string></string>
+			<key>PayloadType</key>
+			<string>com.apple.carddav.account</string>
+			<key>PayloadUUID</key>
+			<string>0797EF2B-B1F1-4BC7-ABCD-4580862252B4</string>
+			<key>PayloadVersion</key>
+			<integer>1</integer>
+		</dict>
+	</array>
+	<key>PayloadDescription</key>
+	<string>IMAP, CalDAV, CardDAV</string>
+	<key>PayloadDisplayName</key>
+	<string><?php echo $domain; ?> Mailcow</string>
+	<key>PayloadIdentifier</key>
+	<string><?php echo $identifier; ?></string>
+	<key>PayloadOrganization</key>
+	<string></string>
+	<key>PayloadRemovalDisallowed</key>
+	<false/>
+	<key>PayloadType</key>
+	<string>Configuration</string>
+	<key>PayloadUUID</key>
+	<string>5EE248C5-ACCB-42D8-9199-8F8ED08D5624</string>
+	<key>PayloadVersion</key>
+	<integer>1</integer>
+</dict>
+</plist>
diff --git a/data/web/user.php b/data/web/user.php
index 77ccc62d..ba7678e2 100644
--- a/data/web/user.php
+++ b/data/web/user.php
@@ -74,6 +74,7 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
   <div class="row">
     <div class="col-sm-offset-3 col-sm-9">
       <p><a href="#pwChangeModal" data-toggle="modal">[<?=$lang['user']['change_password'];?>]</a></p>
+      <p><a href="clientconfig.php">[<?=$lang['user']['client_configuration'];?>]</a></p>
     </div>
   </div>
   <hr>