Docs
parent
5f7fb2e7c2
commit
d891bc8894
|
@ -0,0 +1,8 @@
|
|||
rebuild-images.sh
|
||||
data/conf/sogo/sieve.creds
|
||||
data/conf/dovecot/dovecot-master.passwd
|
||||
mailcow.conf
|
||||
mailcow.conf_backup
|
||||
data/conf/nginx/listen*active
|
||||
data/web/inc/vars.local.inc.php
|
||||
site/
|
|
@ -0,0 +1,5 @@
|
|||
# mailcow: dockerized - 🐮 + 🐋 = 💕
|
||||
|
||||
[![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JWBSYHF4SMC68)
|
||||
|
||||
Please see the official documentation for instructions => [mailcow.email/dockerized](https://mailcow.email/dockerized)
|
|
@ -1,124 +0,0 @@
|
|||
/*
|
||||
This is the GitHub theme for highlight.js
|
||||
|
||||
github.com style (c) Vasily Polovnyov <vast@whiteants.net>
|
||||
|
||||
*/
|
||||
|
||||
.hljs {
|
||||
display: block;
|
||||
overflow-x: auto;
|
||||
color: #333;
|
||||
-webkit-text-size-adjust: none;
|
||||
}
|
||||
|
||||
.hljs-comment,
|
||||
.diff .hljs-header,
|
||||
.hljs-javadoc {
|
||||
color: #998;
|
||||
font-style: italic;
|
||||
}
|
||||
|
||||
.hljs-keyword,
|
||||
.css .rule .hljs-keyword,
|
||||
.hljs-winutils,
|
||||
.nginx .hljs-title,
|
||||
.hljs-subst,
|
||||
.hljs-request,
|
||||
.hljs-status {
|
||||
color: #333;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.hljs-number,
|
||||
.hljs-hexcolor,
|
||||
.ruby .hljs-constant {
|
||||
color: #008080;
|
||||
}
|
||||
|
||||
.hljs-string,
|
||||
.hljs-tag .hljs-value,
|
||||
.hljs-phpdoc,
|
||||
.hljs-dartdoc,
|
||||
.tex .hljs-formula {
|
||||
color: #d14;
|
||||
}
|
||||
|
||||
.hljs-title,
|
||||
.hljs-id,
|
||||
.scss .hljs-preprocessor {
|
||||
color: #900;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.hljs-list .hljs-keyword,
|
||||
.hljs-subst {
|
||||
font-weight: normal;
|
||||
}
|
||||
|
||||
.hljs-class .hljs-title,
|
||||
.hljs-type,
|
||||
.vhdl .hljs-literal,
|
||||
.tex .hljs-command {
|
||||
color: #458;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.hljs-tag,
|
||||
.hljs-tag .hljs-title,
|
||||
.hljs-rule .hljs-property,
|
||||
.django .hljs-tag .hljs-keyword {
|
||||
color: #000080;
|
||||
font-weight: normal;
|
||||
}
|
||||
|
||||
.hljs-attribute,
|
||||
.hljs-variable,
|
||||
.lisp .hljs-body,
|
||||
.hljs-name {
|
||||
color: #008080;
|
||||
}
|
||||
|
||||
.hljs-regexp {
|
||||
color: #009926;
|
||||
}
|
||||
|
||||
.hljs-symbol,
|
||||
.ruby .hljs-symbol .hljs-string,
|
||||
.lisp .hljs-keyword,
|
||||
.clojure .hljs-keyword,
|
||||
.scheme .hljs-keyword,
|
||||
.tex .hljs-special,
|
||||
.hljs-prompt {
|
||||
color: #990073;
|
||||
}
|
||||
|
||||
.hljs-built_in {
|
||||
color: #0086b3;
|
||||
}
|
||||
|
||||
.hljs-preprocessor,
|
||||
.hljs-pragma,
|
||||
.hljs-pi,
|
||||
.hljs-doctype,
|
||||
.hljs-shebang,
|
||||
.hljs-cdata {
|
||||
color: #999;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.hljs-deletion {
|
||||
background: #fdd;
|
||||
}
|
||||
|
||||
.hljs-addition {
|
||||
background: #dfd;
|
||||
}
|
||||
|
||||
.diff .hljs-change {
|
||||
background: #0086b3;
|
||||
}
|
||||
|
||||
.hljs-chunk {
|
||||
color: #aaa;
|
||||
}
|
File diff suppressed because one or more lines are too long
|
@ -1,178 +0,0 @@
|
|||
/*
|
||||
* Sphinx doesn't have support for section dividers like we do in
|
||||
* MkDocs, this styles the section titles in the nav
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/175
|
||||
*/
|
||||
.wy-menu-vertical span {
|
||||
line-height: 18px;
|
||||
padding: 0.4045em 1.618em;
|
||||
display: block;
|
||||
position: relative;
|
||||
font-size: 90%;
|
||||
color: #838383;
|
||||
}
|
||||
|
||||
.wy-menu-vertical .subnav a {
|
||||
padding: 0.4045em 2.427em;
|
||||
}
|
||||
|
||||
/*
|
||||
* Long navigations run off the bottom of the screen as the nav
|
||||
* area doesn't scroll.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/pull/202
|
||||
*/
|
||||
.wy-nav-side {
|
||||
height: 100%;
|
||||
overflow-y: auto;
|
||||
}
|
||||
|
||||
/*
|
||||
* readthedocs theme hides nav items when the window height is
|
||||
* too small to contain them.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/#348
|
||||
*/
|
||||
.wy-menu-vertical ul {
|
||||
margin-bottom: 2em;
|
||||
}
|
||||
|
||||
/*
|
||||
* Wrap inline code samples otherwise they shoot of the side and
|
||||
* can't be read at all.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/313
|
||||
* https://github.com/mkdocs/mkdocs/issues/233
|
||||
* https://github.com/mkdocs/mkdocs/issues/834
|
||||
*/
|
||||
code {
|
||||
white-space: pre-wrap;
|
||||
word-wrap: break-word;
|
||||
padding: 2px 5px;
|
||||
}
|
||||
|
||||
/**
|
||||
* Make code blocks display as blocks and give them the appropriate
|
||||
* font size and padding.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/855
|
||||
* https://github.com/mkdocs/mkdocs/issues/834
|
||||
* https://github.com/mkdocs/mkdocs/issues/233
|
||||
*/
|
||||
pre code {
|
||||
white-space: pre;
|
||||
word-wrap: normal;
|
||||
display: block;
|
||||
padding: 12px;
|
||||
font-size: 12px;
|
||||
}
|
||||
|
||||
/*
|
||||
* Fix link colors when the link text is inline code.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/718
|
||||
*/
|
||||
a code {
|
||||
color: #2980B9;
|
||||
}
|
||||
a:hover code {
|
||||
color: #3091d1;
|
||||
}
|
||||
a:visited code {
|
||||
color: #9B59B6;
|
||||
}
|
||||
|
||||
/*
|
||||
* The CSS classes from highlight.js seem to clash with the
|
||||
* ReadTheDocs theme causing some code to be incorrectly made
|
||||
* bold and italic.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/411
|
||||
*/
|
||||
pre .cs, pre .c {
|
||||
font-weight: inherit;
|
||||
font-style: inherit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Fix some issues with the theme and non-highlighted code
|
||||
* samples. Without and highlighting styles attached the
|
||||
* formatting is broken.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/319
|
||||
*/
|
||||
.no-highlight {
|
||||
display: block;
|
||||
padding: 0.5em;
|
||||
color: #333;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Additions specific to the search functionality provided by MkDocs
|
||||
*/
|
||||
|
||||
.search-results article {
|
||||
margin-top: 23px;
|
||||
border-top: 1px solid #E1E4E5;
|
||||
padding-top: 24px;
|
||||
}
|
||||
|
||||
.search-results article:first-child {
|
||||
border-top: none;
|
||||
}
|
||||
|
||||
form .search-query {
|
||||
width: 100%;
|
||||
border-radius: 50px;
|
||||
padding: 6px 12px; /* csslint allow: box-model */
|
||||
border-color: #D1D4D5;
|
||||
}
|
||||
|
||||
.wy-menu-vertical li ul {
|
||||
display: inherit;
|
||||
}
|
||||
|
||||
.wy-menu-vertical li ul.subnav ul.subnav{
|
||||
padding-left: 1em;
|
||||
}
|
||||
|
||||
.wy-menu-vertical .subnav li.current > a {
|
||||
padding-left: 2.42em;
|
||||
}
|
||||
.wy-menu-vertical .subnav li.current > ul li a {
|
||||
padding-left: 3.23em;
|
||||
}
|
||||
|
||||
/*
|
||||
* Improve inline code blocks within admonitions.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/656
|
||||
*/
|
||||
.admonition code {
|
||||
color: #404040;
|
||||
border: 1px solid #c7c9cb;
|
||||
border: 1px solid rgba(0, 0, 0, 0.2);
|
||||
background: #f8fbfd;
|
||||
background: rgba(255, 255, 255, 0.7);
|
||||
}
|
||||
|
||||
/*
|
||||
* Account for wide tables which go off the side.
|
||||
* Override borders to avoid wierdness on narrow tables.
|
||||
*
|
||||
* https://github.com/mkdocs/mkdocs/issues/834
|
||||
* https://github.com/mkdocs/mkdocs/pull/1034
|
||||
*/
|
||||
.rst-content .section .docutils {
|
||||
width: 100%;
|
||||
overflow: auto;
|
||||
display: block;
|
||||
border: none;
|
||||
}
|
||||
|
||||
td, th {
|
||||
border: 1px solid #e1e4e5 !important; /* csslint allow: important */
|
||||
border-collapse: collapse;
|
||||
}
|
|
@ -0,0 +1,87 @@
|
|||
From ubuntu:xenial
|
||||
MAINTAINER Andre Peters <andre.peters@servercow.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
ENV LC_ALL C
|
||||
|
||||
RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
&& ln -sf /bin/true /sbin/initctl \
|
||||
&& dpkg-divert --local --rename --add /usr/bin/ischroot \
|
||||
&& ln -sf /bin/true /usr/bin/ischroot
|
||||
|
||||
RUN apt-get update
|
||||
RUN apt-get -y install dovecot-common \
|
||||
dovecot-core \
|
||||
dovecot-imapd \
|
||||
dovecot-lmtpd \
|
||||
dovecot-managesieved \
|
||||
dovecot-sieve \
|
||||
dovecot-mysql \
|
||||
dovecot-pop3d \
|
||||
dovecot-dev \
|
||||
syslog-ng \
|
||||
syslog-ng-core \
|
||||
ca-certificates \
|
||||
supervisor \
|
||||
wget \
|
||||
curl \
|
||||
build-essential \
|
||||
autotools-dev \
|
||||
automake \
|
||||
libauthen-ntlm-perl \
|
||||
libcrypt-ssleay-perl \
|
||||
libdigest-hmac-perl \
|
||||
libfile-copy-recursive-perl \
|
||||
libio-compress-perl \
|
||||
libio-socket-inet6-perl \
|
||||
libio-socket-ssl-perl \
|
||||
libio-tee-perl \
|
||||
libmodule-scandeps-perl \
|
||||
libnet-ssleay-perl \
|
||||
libpar-packer-perl \
|
||||
libreadonly-perl \
|
||||
libterm-readkey-perl \
|
||||
libtest-pod-perl \
|
||||
libtest-simple-perl \
|
||||
libunicode-string-perl \
|
||||
liburi-perl \
|
||||
libdbi-perl \
|
||||
liblockfile-simple-perl \
|
||||
libdbd-mysql-perl \
|
||||
libipc-run-perl \
|
||||
make \
|
||||
cpanminus
|
||||
|
||||
RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
|
||||
RUN cpanm Data::Uniqid Mail::IMAPClient String::Util
|
||||
RUN echo '* * * * * root /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync
|
||||
RUN echo '30 3 * * * vmail /usr/bin/doveadm quota recalc -A' > /etc/cron.d/dovecot-sync
|
||||
|
||||
WORKDIR /tmp
|
||||
|
||||
RUN wget http://hg.dovecot.org/dovecot-antispam-plugin/archive/tip.tar.gz -O - | tar xvz \
|
||||
&& cd /tmp/dovecot-antispam* \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure --prefix=/usr \
|
||||
&& make \
|
||||
&& make install
|
||||
|
||||
COPY ./imapsync /usr/local/bin/imapsync
|
||||
COPY ./postlogin.sh /usr/local/bin/postlogin.sh
|
||||
COPY ./imapsync_cron.pl /usr/local/bin/imapsync_cron.pl
|
||||
COPY ./rspamd-pipe /usr/local/bin/rspamd-pipe
|
||||
COPY ./docker-entrypoint.sh /
|
||||
COPY ./supervisord.conf /etc/supervisor/supervisord.conf
|
||||
|
||||
RUN chmod +x /usr/local/bin/rspamd-pipe
|
||||
RUN chmod +x /usr/local/bin/imapsync_cron.pl
|
||||
|
||||
RUN groupadd -g 5000 vmail
|
||||
RUN useradd -g vmail -u 5000 vmail -d /var/vmail
|
||||
|
||||
EXPOSE 24 10001
|
||||
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
@ -0,0 +1,28 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# Hard-code env vars to imapsync due to cron not passing them to the perl script
|
||||
sed -i "/^\$DBUSER/c\\\$DBUSER='${DBUSER}';" /usr/local/bin/imapsync_cron.pl
|
||||
sed -i "/^\$DBPASS/c\\\$DBPASS='${DBPASS}';" /usr/local/bin/imapsync_cron.pl
|
||||
sed -i "/^\$DBNAME/c\\\$DBNAME='${DBNAME}';" /usr/local/bin/imapsync_cron.pl
|
||||
|
||||
# Set Dovecot config parameters, escape " in db password
|
||||
DBPASS=$(echo ${DBPASS} | sed 's/"/\\"/g')
|
||||
sed -i "/^connect/c\connect = \"host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}\"" /etc/dovecot/sql/*
|
||||
|
||||
[[ ! -d /var/vmail/sieve ]] && mkdir -p /var/vmail/sieve
|
||||
[[ ! -d /etc/sogo ]] && mkdir -p /etc/sogo
|
||||
cat /etc/dovecot/sieve_after > /var/vmail/sieve/global.sieve
|
||||
sievec /var/vmail/sieve/global.sieve
|
||||
chown -R vmail:vmail /var/vmail/sieve
|
||||
|
||||
# Do not do this every start-up, it may take a very long time. So we use a stat check here.
|
||||
if [[ $(stat -c %U /var/vmail/) != "vmail" ]] ; then chown -R vmail:vmail /var/vmail ; fi
|
||||
|
||||
# Create random master for SOGo sieve features
|
||||
RAND_USER=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 16 | head -n 1)
|
||||
RAND_PASS=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 24 | head -n 1)
|
||||
echo ${RAND_USER}:$(doveadm pw -s SHA1 -p ${RAND_PASS}) > /etc/dovecot/dovecot-master.passwd
|
||||
echo ${RAND_USER}:${RAND_PASS} > /etc/sogo/sieve.creds
|
||||
|
||||
exec "$@"
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,72 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
use DBI;
|
||||
use File::Temp qw/ mkstemp /;
|
||||
use LockFile::Simple qw(lock trylock unlock);
|
||||
use Data::Dumper qw(Dumper);
|
||||
use IPC::Run 'run';
|
||||
use String::Util 'trim';
|
||||
|
||||
$DBNAME = '';
|
||||
$DBUSER = '';
|
||||
$DBPASS = '';
|
||||
|
||||
$run_dir="/tmp";
|
||||
$dsn = "DBI:mysql:database=" . $DBNAME . ";host=mysql";
|
||||
$lock_file = $run_dir . "/imapsync_busy";
|
||||
$lockmgr = LockFile::Simple->make(-autoclean => 1, -max => 1);
|
||||
$lockmgr->lock($lock_file) || die "can't lock ${lock_file}";
|
||||
$dbh = DBI->connect($dsn, $DBUSER, $DBPASS);
|
||||
open my $file, '<', "/etc/sogo/sieve.creds";
|
||||
my $creds = <$file>;
|
||||
close $file;
|
||||
my ($master_user, $master_pass) = split /:/, $creds;
|
||||
my $sth = $dbh->prepare("SELECT id, user1, user2, host1, authmech1, password1, exclude, port1, enc1, delete2duplicates, maxage, subfolder2 FROM imapsync WHERE active = 1 AND (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(last_run) > mins_interval * 60 OR last_run IS NULL)");
|
||||
$sth->execute();
|
||||
my $row;
|
||||
|
||||
while ($row = $sth->fetchrow_arrayref()) {
|
||||
|
||||
$id = @$row[0];
|
||||
$user1 = @$row[1];
|
||||
$user2 = @$row[2];
|
||||
$host1 = @$row[3];
|
||||
$authmech1 = @$row[4];
|
||||
$password1 = @$row[5];
|
||||
$exclude = @$row[6];
|
||||
$port1 = @$row[7];
|
||||
$enc1 = @$row[8];
|
||||
$delete2duplicates = @$row[9];
|
||||
$maxage = @$row[10];
|
||||
$subfolder2 = @$row[11];
|
||||
|
||||
if ($enc1 eq "TLS") { $enc1 = "--tls1"; } elsif ($enc1 eq "SSL") { $enc1 = "--ssl1"; } else { undef $enc1; }
|
||||
|
||||
run [ "/usr/local/bin/imapsync",
|
||||
"--timeout1", "10",
|
||||
"--tmpdir", "/tmp",
|
||||
"--subscribeall",
|
||||
($exclude eq "" ? () : ("--exclude", $exclude)),
|
||||
($subfolder2 eq "" ? () : ('--subfolder2', $subfolder2)),
|
||||
($maxage eq "0" ? () : ('--maxage', $maxage)),
|
||||
($delete2duplicates ne "1" ? () : ('--delete2duplicates')),
|
||||
(!defined($enc1) ? () : ($enc1)),
|
||||
"--host1", $host1,
|
||||
"--user1", $user1,
|
||||
"--password1", $password1,
|
||||
"--port1", $port1,
|
||||
"--host2", "localhost",
|
||||
"--user2", $user2 . '*' . trim($master_user),
|
||||
"--password2", trim($master_pass),
|
||||
'--no-modulesversion'], ">", \my $stdout;
|
||||
|
||||
$update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, last_run = NOW() WHERE id = ?");
|
||||
$update->bind_param( 1, ${stdout} );
|
||||
$update->bind_param( 2, ${id} );
|
||||
$update->execute();
|
||||
}
|
||||
|
||||
$sth->finish();
|
||||
$dbh->disconnect();
|
||||
|
||||
$lockmgr->unlock($lock_file);
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
|
||||
export MASTER_USER=$USER
|
||||
exec "$@"
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/bash
|
||||
if [[ ${2} == "learn_spam" ]]; then
|
||||
/usr/bin/curl --data-binary @- http://rspamd:11334/learnspam < /dev/stdin
|
||||
elif [[ ${2} == "learn_ham" ]]; then
|
||||
/usr/bin/curl --data-binary @- http://rspamd:11334/learnham < /dev/stdin
|
||||
fi
|
||||
# Always return 0 to satisfy Dovecot...
|
||||
exit 0
|
|
@ -0,0 +1,21 @@
|
|||
[supervisord]
|
||||
nodaemon=true
|
||||
|
||||
[program:syslog-ng]
|
||||
command=/usr/sbin/syslog-ng --foreground --no-caps
|
||||
redirect_stderr=true
|
||||
autostart=true
|
||||
stdout_syslog=true
|
||||
|
||||
[program:dovecot]
|
||||
command=/usr/sbin/dovecot -F
|
||||
autorestart=true
|
||||
|
||||
[program:logfiles]
|
||||
command=/usr/bin/tail -f /var/log/mail.log /var/log/syslog
|
||||
stdout_logfile=/dev/fd/1
|
||||
stdout_logfile_maxbytes=0
|
||||
|
||||
[program:cron]
|
||||
command=/usr/sbin/cron -f
|
||||
autorestart=true
|
|
@ -0,0 +1,26 @@
|
|||
FROM ubuntu:xenial
|
||||
MAINTAINER Andre Peters <andre.peters@debinux.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
ENV LC_ALL C
|
||||
|
||||
RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
&& ln -sf /bin/true /sbin/initctl \
|
||||
&& dpkg-divert --local --rename --add /usr/bin/ischroot \
|
||||
&& ln -sf /bin/true /usr/bin/ischroot
|
||||
|
||||
RUN echo 'deb http://repo.powerdns.com/ubuntu xenial-rec-40 main' > /etc/apt/sources.list.d/pdns.list
|
||||
|
||||
RUN echo 'Package: pdns-*\n\
|
||||
Pin: origin repo.powerdns.com\n\
|
||||
Pin-Priority: 600\n' > /etc/apt/preferences.d/pdns
|
||||
|
||||
RUN apt-key adv --fetch-keys http://repo.powerdns.com/FD380FBB-pub.asc \
|
||||
&& apt-get update \
|
||||
&& apt-get install -y --force-yes pdns-recursor
|
||||
|
||||
CMD ["/usr/sbin/pdns_recursor"]
|
||||
|
||||
EXPOSE 53/udp
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
@ -0,0 +1,18 @@
|
|||
FROM php:7.1-fpm
|
||||
MAINTAINER Andre Peters <andre.peters@servercow.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y zlib1g-dev libicu-dev g++ libidn11-dev libxml2-dev
|
||||
|
||||
RUN docker-php-ext-configure intl
|
||||
RUN docker-php-ext-install intl pdo pdo_mysql xmlrpc
|
||||
RUN pear install channel://pear.php.net/Net_IDNA2-0.1.1 Auth_SASL Net_IMAP NET_SMTP Net_IDNA2 Mail_mime
|
||||
|
||||
COPY ./docker-entrypoint.sh /
|
||||
|
||||
EXPOSE 9000
|
||||
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
CMD ["php-fpm"]
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi
|
||||
if [[ $(stat -c %U /data/dkim/) != "www-data" ]] ; then chown -R www-data:www-data /data/dkim ; fi
|
||||
|
||||
exec "$@"
|
|
@ -0,0 +1,33 @@
|
|||
From ubuntu:xenial
|
||||
MAINTAINER Andre Peters <andre.peters@servercow.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
ENV LC_ALL C
|
||||
|
||||
RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
&& ln -sf /bin/true /sbin/initctl \
|
||||
&& dpkg-divert --local --rename --add /usr/bin/ischroot \
|
||||
&& ln -sf /bin/true /usr/bin/ischroot
|
||||
|
||||
RUN apt-get update
|
||||
RUN apt-get install -y --no-install-recommends supervisor \
|
||||
postfix \
|
||||
sasl2-bin \
|
||||
libsasl2-modules \
|
||||
postfix \
|
||||
postfix-mysql \
|
||||
postfix-pcre \
|
||||
syslog-ng \
|
||||
syslog-ng-core \
|
||||
ca-certificates
|
||||
|
||||
RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
|
||||
|
||||
COPY supervisord.conf /etc/supervisor/supervisord.conf
|
||||
COPY postfix.sh /opt/postfix.sh
|
||||
|
||||
EXPOSE 588
|
||||
|
||||
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
@ -0,0 +1,16 @@
|
|||
#!/bin/bash
|
||||
|
||||
trap "postfix stop" EXIT
|
||||
|
||||
sed -i "/^user/c\user = ${DBUSER}" /opt/postfix/conf/sql/*
|
||||
sed -i "/^password/c\password = ${DBPASS}" /opt/postfix/conf/sql/*
|
||||
sed -i "/^dbname/c\dbname = ${DBNAME}" /opt/postfix/conf/sql/*
|
||||
|
||||
postconf -c /opt/postfix/conf
|
||||
if [[ $? != 0 ]]; then
|
||||
echo "Postfix configuration error, refusing to start."
|
||||
exit 1
|
||||
else
|
||||
postfix -c /opt/postfix/conf start
|
||||
sleep infinity
|
||||
fi
|
|
@ -0,0 +1,17 @@
|
|||
[supervisord]
|
||||
nodaemon=true
|
||||
|
||||
[program:syslog-ng]
|
||||
command=/usr/sbin/syslog-ng --foreground --no-caps
|
||||
redirect_stderr=true
|
||||
autostart=true
|
||||
stdout_syslog=true
|
||||
|
||||
[program:postfix]
|
||||
command=/opt/postfix.sh
|
||||
autorestart=true
|
||||
|
||||
[program:postfix-maillog]
|
||||
command=/usr/bin/tail -f /var/log/mail.log
|
||||
stdout_logfile=/dev/fd/1
|
||||
stdout_logfile_maxbytes=0
|
|
@ -0,0 +1,26 @@
|
|||
FROM ubuntu:xenial
|
||||
MAINTAINER Andre Peters <andre.peters@servercow.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
ENV LC_ALL C
|
||||
|
||||
RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
&& ln -sf /bin/true /sbin/initctl \
|
||||
&& dpkg-divert --local --rename --add /usr/bin/ischroot \
|
||||
&& ln -sf /bin/true /usr/bin/ischroot
|
||||
|
||||
RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
|
||||
&& echo "deb http://rspamd.com/apt-stable/ xenial main" > /etc/apt/sources.list.d/rspamd.list \
|
||||
&& apt-get update \
|
||||
&& apt-get --no-install-recommends -y --force-yes install rmilter cron syslog-ng syslog-ng-core supervisor
|
||||
|
||||
COPY supervisord.conf /etc/supervisor/supervisord.conf
|
||||
|
||||
EXPOSE 9000
|
||||
|
||||
RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
|
||||
RUN touch /var/log/mail.log && chmod 640 /var/log/mail.log && chown root:adm /var/log/mail.log
|
||||
|
||||
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
@ -0,0 +1,18 @@
|
|||
[supervisord]
|
||||
nodaemon=true
|
||||
|
||||
[program:syslog-ng]
|
||||
command=/usr/sbin/syslog-ng --foreground --no-caps
|
||||
redirect_stderr=true
|
||||
autostart=true
|
||||
stdout_syslog=true
|
||||
|
||||
[program:rmilter]
|
||||
command=/usr/sbin/rmilter -n -c /etc/rmilter.conf.d/rmilter.conf
|
||||
user=_rmilter
|
||||
autorestart=true
|
||||
|
||||
[program:rmilter-syslog]
|
||||
command=/usr/bin/tail -f /var/log/mail.log
|
||||
stdout_logfile=/dev/fd/1
|
||||
stdout_logfile_maxbytes=0
|
|
@ -0,0 +1,27 @@
|
|||
FROM ubuntu:xenial
|
||||
MAINTAINER Andre Peters <andre.peters@debinux.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
ENV LC_ALL C
|
||||
|
||||
RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
&& ln -sf /bin/true /sbin/initctl \
|
||||
&& dpkg-divert --local --rename --add /usr/bin/ischroot \
|
||||
&& ln -sf /bin/true /usr/bin/ischroot
|
||||
|
||||
RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
|
||||
&& echo "deb http://rspamd.com/apt-stable/ xenial main" > /etc/apt/sources.list.d/rspamd.list \
|
||||
&& apt-get update \
|
||||
&& apt-get -y install rspamd ca-certificates
|
||||
|
||||
RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local
|
||||
# "Hardcoded" - we need them
|
||||
RUN echo 'settings = "http://nginx:8081/settings.php";' > /etc/rspamd/modules.d/settings.conf
|
||||
|
||||
CMD ["/usr/bin/rspamd","-f", "-u", "_rspamd", "-g", "_rspamd"]
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
USER _rspamd
|
||||
|
||||
EXPOSE 11333 11334
|
|
@ -0,0 +1,51 @@
|
|||
FROM ubuntu:xenial
|
||||
MAINTAINER Andre Peters <andre.peters@servercow.de>
|
||||
|
||||
ENV DEBIAN_FRONTEND noninteractive
|
||||
ENV LC_ALL C
|
||||
ENV GOSU_VERSION 1.9
|
||||
|
||||
RUN dpkg-divert --local --rename --add /sbin/initctl \
|
||||
&& ln -sf /bin/true /sbin/initctl \
|
||||
&& dpkg-divert --local --rename --add /usr/bin/ischroot \
|
||||
&& ln -sf /bin/true /usr/bin/ischroot
|
||||
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y --no-install-recommends apt-transport-https \
|
||||
ca-certificates \
|
||||
wget \
|
||||
syslog-ng \
|
||||
syslog-ng-core \
|
||||
supervisor \
|
||||
mysql-client \
|
||||
cron \
|
||||
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
|
||||
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
|
||||
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
|
||||
&& export GNUPGHOME="$(mktemp -d)" \
|
||||
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
|
||||
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
|
||||
&& rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
|
||||
&& chmod +x /usr/local/bin/gosu \
|
||||
&& gosu nobody true
|
||||
|
||||
RUN apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 \
|
||||
&& echo "deb http://packages.inverse.ca/SOGo/nightly/3/ubuntu/ xenial xenial" > /etc/apt/sources.list.d/sogo.list \
|
||||
&& apt-get update \
|
||||
&& apt-get -y --force-yes install sogo sogo-activesync
|
||||
|
||||
RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
|
||||
RUN echo '* * * * * sogo /usr/sbin/sogo-ealarms-notify' > /etc/cron.d/sogo
|
||||
RUN echo '* * * * * sogo /usr/sbin/sogo-tool expire-sessions 60' >> /etc/cron.d/sogo
|
||||
RUN echo '0 0 * * * sogo /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds' >> /etc/cron.d/sogo
|
||||
|
||||
COPY ./reconf-domains.sh /
|
||||
COPY supervisord.conf /etc/supervisor/supervisord.conf
|
||||
|
||||
#EXPOSE 20000
|
||||
#EXPOSE 9191
|
||||
#EXPOSE 9192
|
||||
|
||||
CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
|
||||
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
@ -0,0 +1,98 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Wait for MySQL to warm-up
|
||||
while mysqladmin ping --host mysql --silent; do
|
||||
|
||||
# Recreate view
|
||||
|
||||
mysql --host mysql -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "DROP VIEW IF EXISTS sogo_view"
|
||||
|
||||
mysql --host mysql -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF
|
||||
CREATE VIEW sogo_view (c_uid, domain, c_name, c_password, c_cn, mail, aliases, ad_aliases, home, kind, multiple_bookings) AS
|
||||
SELECT mailbox.username, mailbox.domain, mailbox.username, mailbox.password, mailbox.name, mailbox.username, IFNULL(ga.aliases, ''), IFNULL(gda.ad_alias, ''), CONCAT('/var/vmail/', maildir), mailbox.kind, mailbox.multiple_bookings FROM mailbox
|
||||
LEFT OUTER JOIN grouped_mail_aliases ga ON ga.username = mailbox.username
|
||||
LEFT OUTER JOIN grouped_domain_alias_address gda ON gda.username = mailbox.username
|
||||
WHERE mailbox.active = '1';
|
||||
EOF
|
||||
|
||||
|
||||
mkdir -p /var/lib/sogo/GNUstep/Defaults/
|
||||
|
||||
# Generate plist header with timezone data
|
||||
cat <<EOF > /var/lib/sogo/GNUstep/Defaults/sogod.plist
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE plist PUBLIC "-//GNUstep//DTD plist 0.9//EN" "http://www.gnustep.org/plist-0_9.xml">
|
||||
<plist version="0.9">
|
||||
<dict>
|
||||
<key>OCSAclURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_acl</string>
|
||||
<key>OCSCacheFolderURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_cache_folder</string>
|
||||
<key>OCSEMailAlarmsFolderURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_alarms_folder</string>
|
||||
<key>DomainFieldName</key>
|
||||
<string>domain</string>
|
||||
<key>OCSFolderInfoURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_folder_info</string>
|
||||
<key>OCSSessionsFolderURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_sessions_folder</string>
|
||||
<key>OCSStoreURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_store</string>
|
||||
<key>SOGoProfileURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_user_profile</string>
|
||||
<key>SOGoTimeZone</key>
|
||||
<string>${TZ}</string>
|
||||
<key>domains</key>
|
||||
<dict>
|
||||
EOF
|
||||
|
||||
# Generate multi-domain setup
|
||||
while read line
|
||||
do
|
||||
echo " <key>${line}</key>
|
||||
<dict>
|
||||
<key>SOGoMailDomain</key>
|
||||
<string>${line}</string>
|
||||
<key>SOGoUserSources</key>
|
||||
<array>
|
||||
<dict>
|
||||
<key>MailFieldNames</key>
|
||||
<array>
|
||||
<string>aliases</string>
|
||||
<string>ad_aliases</string>
|
||||
</array>
|
||||
<key>KindFieldName</key>
|
||||
<string>kind</string>
|
||||
<key>MultipleBookingsFieldName</key>
|
||||
<string>multiple_bookings</string>
|
||||
<key>canAuthenticate</key>
|
||||
<string>YES</string>
|
||||
<key>displayName</key>
|
||||
<string>GAL</string>
|
||||
<key>id</key>
|
||||
<string>${line}</string>
|
||||
<key>isAddressBook</key>
|
||||
<string>YES</string>
|
||||
<key>type</key>
|
||||
<string>sql</string>
|
||||
<key>userPasswordAlgorithm</key>
|
||||
<string>ssha256</string>
|
||||
<key>viewURL</key>
|
||||
<string>mysql://${DBUSER}:${DBPASS}@mysql:3306/${DBNAME}/sogo_view</string>
|
||||
</dict>
|
||||
</array>
|
||||
</dict>" >> /var/lib/sogo/GNUstep/Defaults/sogod.plist
|
||||
done < <(mysql --host mysql -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain;" -B -N)
|
||||
|
||||
# Generate footer
|
||||
echo ' </dict>
|
||||
</dict>
|
||||
</plist>' >> /var/lib/sogo/GNUstep/Defaults/sogod.plist
|
||||
|
||||
# Fix permissions
|
||||
chown sogo:sogo -R /var/lib/sogo/
|
||||
chmod 600 /var/lib/sogo/GNUstep/Defaults/sogod.plist
|
||||
|
||||
sleep 99999
|
||||
|
||||
done
|
|
@ -0,0 +1,46 @@
|
|||
[supervisord]
|
||||
nodaemon=true
|
||||
|
||||
[program:syslog-ng]
|
||||
command=/usr/sbin/syslog-ng --foreground --no-caps
|
||||
redirect_stderr=true
|
||||
autostart=true
|
||||
stdout_syslog=true
|
||||
|
||||
[group:sogo-group]
|
||||
programs=reconf-domains,sogo
|
||||
|
||||
[program:sogo]
|
||||
command=/usr/sbin/sogod
|
||||
user=sogo
|
||||
autorestart=true
|
||||
priority=20
|
||||
|
||||
[program:reconf-domains]
|
||||
command=/reconf-domains.sh
|
||||
autorestart=true
|
||||
priority=10
|
||||
|
||||
[program:sogo-syslog]
|
||||
command=/usr/bin/tail -f /var/log/syslog -f /var/log/sogo/sogo.log
|
||||
stdout_logfile=/dev/fd/1
|
||||
stdout_logfile_maxbytes=0
|
||||
|
||||
[program:cron]
|
||||
command=/usr/sbin/cron -f
|
||||
autorestart=true
|
||||
|
||||
[program:sogo-webres]
|
||||
command=/usr/bin/python -u -m SimpleHTTPServer 9192
|
||||
directory=/usr/lib/GNUstep/SOGo/
|
||||
user=sogo
|
||||
autorestart=true
|
||||
|
||||
[inet_http_server]
|
||||
port=9191
|
||||
|
||||
[rpcinterface:supervisor]
|
||||
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
|
||||
|
||||
[supervisorctl]
|
||||
serverurl=http://localhost:9191
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
echo DBPASS=$(openssl rand -base64 32 | tr -dc _A-Z-a-z-0-9)
|
||||
echo DBROOT=$(openssl rand -base64 32 | tr -dc _A-Z-a-z-0-9)
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAr+geb+b9p5PgNMDUwtK3NxtmUJrHvnCSxkkLEBPFp/vVvEQV
|
||||
eJQN3WNQVXjkqaAXQzWSkTz/URiKAKMSL/nx1+Es6HRXdR79GMc6kY1GBFMfhSwt
|
||||
BzblNZ++WpD4JB3bL5prMrf2HiTqe617dlENoqK0kBEDGZq3En07aV+MIRuT8HSW
|
||||
B4j1/St2DAKJYGCGVqPDgpFt7+aR8aXGkvoCMKpgiB32tNkmdDfzOdWmAdFS1KaV
|
||||
RK+ap9WmwNdMH0BzCud9vhuJjdUZlhfmWuuT5XaGU+fftIlI191XYOEZHe44TLy1
|
||||
xWwXUhc+BmhhSj3k75lNvtAxydVrZIyoVxpLHwIDAQABAoIBAARMxkGyAc1Q3hAs
|
||||
Dodco0Hjl5Ks1ekf01apfm28Lf63NzhM6cFyzQv2W4ZbWCuVUDxCWPzX4t3Wnbj6
|
||||
Q32MvI6sYG6mOWURhtpONG5OZ8G/Tmvw8oDUpLG03/BSzt4DJNJ7EdfBi3CdMmYn
|
||||
jXcM8Cpjk8pZwBumHoeDLCqdPU2p1onq+iwMdQDKfq1ESBwEuXIO82x9y/O6zxNZ
|
||||
HlWFDS5hLEt0UVWIV5aGK0/M/kzOCKwy7MMbJhHPYKy7Yvno2t+fJ6jiwswyEsCz
|
||||
M2Z3DUWzgrT4DdWSV2Bns0X/xID5kH7EXm7GqsudbHHJNnr7LWuowFSOzAX47t+N
|
||||
JgrRIaECgYEA1iFfpgO/awiNQLV1VpgA3pqzmFddEh74sFqILkSGd2fxH6BbgXJB
|
||||
z+7Cu6jij8Odvf48suKsG9K0OwAehnR/ZgkrQmnKftf/pEZ+iLdsS/T8IZAXjQ4g
|
||||
cLlYOOMuqIi8Ev1nT0/++IaSKro0CSDuuNtkqRCQ/ZMJtWzFxw3yZRcCgYEA0k1m
|
||||
vaxvkSXqrYvFjDkPM5gUXcE4wx9t6Y4iwmRISLe6bJcfVfaT9oCz4o6p4dxZsoXw
|
||||
SFSazFedqwQlzXMrrBd2rHYgg13N9LU9TggZXtSMOdye+dxk24P7GmJdWH5+S5vm
|
||||
TqATs105AD95p7X8+H1TpW4liwW+eNjFqqO8HzkCgYBIuVj01z0BqwveOEK7wDA7
|
||||
aisoyDMR3nbz3it2G0vX7fNUnG+3jQiRCDQW7ArWbMd8KYaP8rAlWvBfQXEclSBX
|
||||
lTGeArQFVHK8Zjy/Thx3x6KB+6AkBfI6lphB6daE4ruNb4bQxwh/e6TU4hyeJRMu
|
||||
sUSErt2vYWrgtSqOqkvyzQKBgBKExFZRd+WVLCwqEbQ+VgtaCfkTibcM7nXRkVgC
|
||||
0qasnxru19CPDQp43N5HZ8g+yhtBVh5YbOUvle+4Rsfnq2HVExsur8BBo2A4EXTs
|
||||
m6dRGiQCPHGOKcd2wMbbAJNJWD+6M7aavAFgZSOTc1gEW4laJ+J6Z43tbI9hr05O
|
||||
asNpAoGAFje1QFMYw8s8ZTYVrfwafgDB/BNnQRVnQwTZRXcabAT5O0Wc8hTDPOun
|
||||
aBNJ3oKSwBvt7Snsn1G/oeH0aZ6cI8kkYE+dyQ5YqSZZUbJF6g771iNv4lMvxRBN
|
||||
BT/ihKzXb/t47z6W8dL5N1BSZ0KrwIrEkqCeHBlAW+G/FArrbZU=
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICzjCCAbigAwIBAgIRALtgn1eSIUIhoGv9nq94NYEwCwYJKoZIhvcNAQELMBIx
|
||||
EDAOBgNVBAoTB21haWxjb3cwHhcNMTYxMjEzMTAxMTAwWhcNMTkxMTI4MTAxMTAw
|
||||
WjASMRAwDgYDVQQKEwdtYWlsY293MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
||||
CgKCAQEAr+geb+b9p5PgNMDUwtK3NxtmUJrHvnCSxkkLEBPFp/vVvEQVeJQN3WNQ
|
||||
VXjkqaAXQzWSkTz/URiKAKMSL/nx1+Es6HRXdR79GMc6kY1GBFMfhSwtBzblNZ++
|
||||
WpD4JB3bL5prMrf2HiTqe617dlENoqK0kBEDGZq3En07aV+MIRuT8HSWB4j1/St2
|
||||
DAKJYGCGVqPDgpFt7+aR8aXGkvoCMKpgiB32tNkmdDfzOdWmAdFS1KaVRK+ap9Wm
|
||||
wNdMH0BzCud9vhuJjdUZlhfmWuuT5XaGU+fftIlI191XYOEZHe44TLy1xWwXUhc+
|
||||
BmhhSj3k75lNvtAxydVrZIyoVxpLHwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAKww
|
||||
DwYDVR0TAQH/BAUwAwEB/zALBgkqhkiG9w0BAQsDggEBAF36qnigBDvvqRI0xksc
|
||||
NkGFMB3JLKznOZ0DrWUx121/GHFaNNNeI7ECmyk2eRYKCEZNnxWa1/LJ7GWn7lRU
|
||||
JD3OeWbhBUgA+HXoKl/jzXokuXMjYi/eFrgOofk2AqNDA5ioduS6A4vL8UDQc+74
|
||||
WSS8za4zoVR4GtxqDG+msRzTNVWXRcaaaWSrWMfZtQcEKIeQGDkcccvZ+mzlFUsH
|
||||
G1xxKuOPGjAwrxda4x+FY/dYdPbRV8ua0RQmYUMnROv507QnGZ9FdzdrvisZ67xx
|
||||
5BfxbApAyxDD/p7B4Zh1daga2LYGRwMJuwYjXlw9uNxJVQwcxg4nppWF1KZ4Fz0c
|
||||
EjY=
|
||||
-----END CERTIFICATE-----
|
|
@ -0,0 +1,19 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDBDCCAe6gAwIBAgIQeJMoL/3dxhxhT9EwuRTL/DALBgkqhkiG9w0BAQswEjEQ
|
||||
MA4GA1UEChMHbWFpbGNvdzAeFw0xNjEyMTMxMDExMDBaFw0xOTExMjgxMDExMDBa
|
||||
MC0xEDAOBgNVBAoTB21haWxjb3cxGTAXBgNVBAMTEG1haWwuZXhhbXBsZS5vcmcw
|
||||
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRg0xT3At9DSb3H5OMp3K1
|
||||
MpXAgYyotSK6TS61fC0QEHy2fMXiws7Agcye6Ln7CG63Fe1eN2jkdlefy9xJivS8
|
||||
y5w0M8i168v5znzC8fnylL2iOiSYfK/B/oEqfU7YH4RcegO53oDDIUZmi4Frgnu7
|
||||
39VVOU1ZyHEVqGJ2H2aAIkoZRjGzumD9Ym4LWGidtKJzBgFt/qmhUeWXipM8w281
|
||||
XkQnJU79+x2ywnJSvEZ3r/ZVJC7kbjiVw+/k15k9Cxk6Ik8wmJ0X/+xWxoZomHQI
|
||||
1LM0VKAS/iaU95dn2bplvL6jTiiyWAbrMjSKs4XbPt/fIbOicNkj6+CFy0MVfyyH
|
||||
AgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIAqDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
|
||||
KwYBBQUHAwEwDAYDVR0TAQH/BAIwADALBgkqhkiG9w0BAQsDggEBAI/jBJa1P8nB
|
||||
eHUN5muQmjBVDVOYyWAAEapOe2HYsBcpjaB2H8Iw3DQzJtz6peYeYSCmHRVqFLCm
|
||||
VPrq36l9mPUotyPDPlQQAxCj9R2+WbGaJO+N/E1F8FQ94dr3jqwUyfjVPoqEjmIH
|
||||
NFkvbA0RJOeBm9oYGdhM0wjOBV9c9MTHFG82nQ/zQeTuPb7GXuKIOXYCxoLNOZMw
|
||||
UJ02Cqjv5ImrgOhcstAKX3Ip0urSvZUGvtPla4CGh+M6yDFJ08GzX6OiMIH207RW
|
||||
jAbUXXERSUv/7hysdDjGo5HZjCeMzVu9KAxoZXqnmvkk8g2swKWtWBRcoeU1VGx0
|
||||
Bx4Q4KMjuYQ=
|
||||
-----END CERTIFICATE-----
|
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN DH PARAMETERS-----
|
||||
MIIBCAKCAQEA9iHB0CRDhV8wfBgqnmvuJpl0fzL3qL75R4ZvQHlfMNLrxuIz2x9D
|
||||
9zcDhPcBTVzV5Ay0AAkke4wP6r6wDQqXqBP4Y8IOkYAyLh3jM40jfHQzQt+5JdQl
|
||||
ond3kiscBsFOch/vMfSLMu3lAb0YhPNTvrxhMz7LcVAWYl82swASupdiKR+MgaQr
|
||||
XsugpmDKsHW60VmIM9B7K9Y+rNHwvMWkmISd0KxA8oOy1WJvsVEissMALZDE3c4w
|
||||
2xHmO2lXxgEx3aez28736t4m/KW3g9Zr31a1M0KusmfY//fGkPk4NUrLBOS2xrgp
|
||||
Y/rG1qSBdcVyerM0Ki93qCyHKYu4ene0OwIBAg==
|
||||
-----END DH PARAMETERS-----
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEA0YNMU9wLfQ0m9x+TjKdytTKVwIGMqLUiuk0utXwtEBB8tnzF
|
||||
4sLOwIHMnui5+whutxXtXjdo5HZXn8vcSYr0vMucNDPItevL+c58wvH58pS9ojok
|
||||
mHyvwf6BKn1O2B+EXHoDud6AwyFGZouBa4J7u9/VVTlNWchxFahidh9mgCJKGUYx
|
||||
s7pg/WJuC1honbSicwYBbf6poVHll4qTPMNvNV5EJyVO/fsdssJyUrxGd6/2VSQu
|
||||
5G44lcPv5NeZPQsZOiJPMJidF//sVsaGaJh0CNSzNFSgEv4mlPeXZ9m6Zby+o04o
|
||||
slgG6zI0irOF2z7f3yGzonDZI+vghctDFX8shwIDAQABAoIBAQC9kiLnIgxXGyZt
|
||||
pmmYdA6re1jatZ2zLSp+DcY8ul3/0hs195IKCyCOOSQPiR520Pt0t+duP46uYZIJ
|
||||
aakp9gxaI5Vz+oMacH/AyaBDuDTj1Mf9WMSyIOfbDVCMRJOppGLcVh62+Gfjp2EO
|
||||
+h2hTJBuvypFkbK2kVIZOaHVpbXWKw1oYuEcTftk9XfxxvfSMw1HQ12/P2CAcbaa
|
||||
jPmVbisunv6kpXtewSBTcaLSYWJf1MYD5Hi8fzkD2FJSXYbfQd8RKvT2rj6FA7ux
|
||||
CDMzbYhdnd7lc63OARCIjfCRNtDT1cZ3gR1CQHD98lWxmPQIZukv+w7s/bSrFgnQ
|
||||
ROZ0ghBJAoGBAOmE/3d5FDmp0aJNxXynKcRGdpEEM4O40RIdqa2eR6Pa7aTRosao
|
||||
z0qVgdFuJrqjlB3jgedxXEX1M0abCUzzM9Q5F7JLl+KsjwRwpkIOkPiyUncLp7LK
|
||||
QbY3tvYBIdpjlF1USOMGRL4j11hqr4vQC/yPBF7jj81kCZDTbmZhp82jAoGBAOWu
|
||||
ql5QFUOlmqkuWIAFkiLEZhOu+ptqkE+zG50CCGMJIX0dJ2PHXFyNGInomAeT0nbI
|
||||
pbnK3x7KeEKiGrAqZFNCTHhApTwkrIj0L/RQbMDZ7u7j1AEUVNFEhIm62kg84FtG
|
||||
xtfxVxredE+NQc/tyV3hXegdNZxegALirlcMKIvNAoGAWFwIxk48Ru1o8z72QQqH
|
||||
lUsMRicOzwK5qV8r+xPvC6MlVL42F3F8rj4QFwzU/r4yp3SUjNyqC5aSRl8Xj9Re
|
||||
gijwPHi6Cf09SHLPliMo29GtvnnchJxfbPF7+23GP3p6gy4HPk/65u9s5nnH3uFk
|
||||
B7ad8sGsgg0eSXyXQ4okEn0CgYEAnogPuedGthlxBgMiPMMbmfm7hyyId4t3Ljuu
|
||||
/JExnsHnpobf8EPjoVIWNOIhRWGnrCtUEEhR9tvDZCKljyDDfKBPTdU496lMmX8K
|
||||
NnToi7gg7iy84T3aSVMktDgPgDrclMPmbZh8CeSvnVUfrtgu3Ci4+4Rlw5eKffNe
|
||||
aGDQ/6UCgYAbUq9mRT2WOXIo+Dchi9VzDWgtfOw5VEyqkSpb7hPiIYx5jNaENnVK
|
||||
cAi3iqbBgPJBuMlTrKmmaxdmssGOEZNJLuuXLDbCU+f5cpu5PQ4crC6UtRI5rlhp
|
||||
8Yc+oiv3HWbSw3sVRpMFB6NP4DnvgFW3B2Wdfb/lNzPCKWqBsX7gWw==
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -0,0 +1,247 @@
|
|||
auth_mechanisms = plain login
|
||||
#mail_debug = yes
|
||||
log_path = /var/log/mail.log
|
||||
disable_plaintext_auth = yes
|
||||
# Uncomment on NFS share
|
||||
#mmap_disable = yes
|
||||
#mail_fsync = always
|
||||
#mail_nfs_index = yes
|
||||
#mail_nfs_storage = yes
|
||||
login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"
|
||||
mail_home = /var/vmail/%d/%n
|
||||
mail_location = maildir:~/
|
||||
mail_plugins = quota acl zlib antispam
|
||||
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
|
||||
ssl_protocols = !SSLv3 !SSLv2
|
||||
ssl_prefer_server_ciphers = yes
|
||||
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
|
||||
ssl_options = no_compression
|
||||
# Automatically regenerates every week
|
||||
ssl_dh_parameters_length = 2048
|
||||
log_timestamp = "%Y-%m-%d %H:%M:%S "
|
||||
recipient_delimiter = +
|
||||
auth_master_user_separator = *
|
||||
mail_prefetch_count = 30
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = /etc/dovecot/dovecot-master.passwd
|
||||
master = yes
|
||||
pass = yes
|
||||
}
|
||||
passdb {
|
||||
args = /etc/dovecot/sql/dovecot-mysql.conf
|
||||
driver = sql
|
||||
}
|
||||
namespace inbox {
|
||||
inbox = yes
|
||||
location =
|
||||
separator = /
|
||||
mailbox "Trash" {
|
||||
auto = subscribe
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Deleted Messages" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Deleted Items" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Gelöschte Objekte" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Papierkorb" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Itens Excluidos" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Itens Excluídos" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Lixeira" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Prullenbak" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Verwijderde items" {
|
||||
special_use = \Trash
|
||||
}
|
||||
mailbox "Archive" {
|
||||
auto = subscribe
|
||||
special_use = \Archive
|
||||
}
|
||||
mailbox "Archiv" {
|
||||
special_use = \Archive
|
||||
}
|
||||
mailbox "Archives" {
|
||||
special_use = \Archive
|
||||
}
|
||||
mailbox "Arquivo" {
|
||||
special_use = \Archive
|
||||
}
|
||||
mailbox "Arquivos" {
|
||||
special_use = \Archive
|
||||
}
|
||||
mailbox "Archief" {
|
||||
special_use = \Archive
|
||||
}
|
||||
mailbox "Sent" {
|
||||
auto = subscribe
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Sent Messages" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Sent Items" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Gesendet" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Gesendete Objekte" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Itens Enviados" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Enviados" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Verzonden items" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Verzonden" {
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox "Drafts" {
|
||||
auto = subscribe
|
||||
special_use = \Drafts
|
||||
}
|
||||
mailbox "Entwürfe" {
|
||||
special_use = \Drafts
|
||||
}
|
||||
mailbox "Rascunhos" {
|
||||
special_use = \Drafts
|
||||
}
|
||||
mailbox "Concepten" {
|
||||
special_use = \Drafts
|
||||
}
|
||||
mailbox "Junk" {
|
||||
auto = subscribe
|
||||
special_use = \Junk
|
||||
}
|
||||
mailbox "Junk E-mail" {
|
||||
special_use = \Junk
|
||||
}
|
||||
mailbox "Spam" {
|
||||
special_use = \Junk
|
||||
}
|
||||
mailbox "Lixo Eletrônico" {
|
||||
special_use = \Junk
|
||||
}
|
||||
mailbox "Ongewenste e-mail" {
|
||||
special_use = \Junk
|
||||
}
|
||||
prefix =
|
||||
}
|
||||
namespace {
|
||||
type = shared
|
||||
separator = /
|
||||
prefix = Shared/%%u/
|
||||
location = maildir:%%h/:INDEXPVT=~/Shared/%%u
|
||||
subscriptions = no
|
||||
list = yes
|
||||
}
|
||||
protocols = imap sieve lmtp pop3
|
||||
service dict {
|
||||
unix_listener dict {
|
||||
mode = 0660
|
||||
user = vmail
|
||||
group = vmail
|
||||
}
|
||||
}
|
||||
service auth {
|
||||
inet_listener auth-inet {
|
||||
port = 10001
|
||||
}
|
||||
unix_listener auth-master {
|
||||
mode = 0600
|
||||
user = vmail
|
||||
}
|
||||
unix_listener auth-userdb {
|
||||
mode = 0600
|
||||
user = vmail
|
||||
}
|
||||
user = root
|
||||
}
|
||||
service managesieve-login {
|
||||
inet_listener sieve {
|
||||
port = 4190
|
||||
}
|
||||
service_count = 1
|
||||
process_min_avail = 2
|
||||
vsz_limit = 128M
|
||||
}
|
||||
service imap {
|
||||
executable = imap imap-postlogin
|
||||
}
|
||||
service managesieve {
|
||||
process_limit = 256
|
||||
}
|
||||
service lmtp {
|
||||
inet_listener lmtp-inet {
|
||||
port = 24
|
||||
}
|
||||
user = vmail
|
||||
}
|
||||
listen = *,[::]
|
||||
ssl_cert = </etc/ssl/mail/cert.pem
|
||||
ssl_key = </etc/ssl/mail/key.pem
|
||||
userdb {
|
||||
args = /etc/dovecot/sql/dovecot-mysql.conf
|
||||
driver = sql
|
||||
}
|
||||
protocol imap {
|
||||
mail_plugins = quota imap_quota imap_acl acl zlib imap_zlib antispam
|
||||
}
|
||||
protocol lmtp {
|
||||
mail_plugins = quota sieve acl zlib
|
||||
auth_socket_path = /var/run/dovecot/auth-master
|
||||
}
|
||||
protocol sieve {
|
||||
managesieve_logout_format = bytes=%i/%o
|
||||
}
|
||||
plugin {
|
||||
acl_anyone = allow
|
||||
acl_shared_dict = file:/var/vmail/shared-mailboxes.db
|
||||
acl = vfile
|
||||
quota = dict:Userquota::proxy::sqlquota
|
||||
quota_rule2 = Trash:storage=+100%%
|
||||
antispam_backend = mailtrain
|
||||
antispam_spam = Junk
|
||||
antispam_trash = Trash
|
||||
antispam_mail_sendmail = /usr/local/bin/rspamd-pipe
|
||||
antispam_mail_spam = learn_spam
|
||||
antispam_mail_notspam = learn_ham
|
||||
# Do not complain about empty parameter
|
||||
antispam_mail_sendmail_args = --blind
|
||||
sieve = /var/vmail/sieve/%u.sieve
|
||||
sieve_after = /var/vmail/sieve/global.sieve
|
||||
sieve_max_script_size = 1M
|
||||
sieve_quota_max_scripts = 0
|
||||
sieve_quota_max_storage = 0
|
||||
}
|
||||
dict {
|
||||
sqlquota = mysql:/etc/dovecot/sql/dovecot-dict-sql.conf
|
||||
}
|
||||
remote 127.0.0.1 {
|
||||
disable_plaintext_auth = no
|
||||
}
|
||||
submission_host = postfix:588
|
||||
mail_max_userip_connections = 500
|
||||
service imap-postlogin {
|
||||
executable = script-login /usr/local/bin/postlogin.sh
|
||||
unix_listener imap-postlogin {
|
||||
}
|
||||
}
|
|
@ -0,0 +1,24 @@
|
|||
require "fileinto";
|
||||
require "mailbox";
|
||||
require "variables";
|
||||
require "subaddress";
|
||||
require "envelope";
|
||||
|
||||
if header :contains "X-Spam-Flag" "YES" {
|
||||
fileinto "Junk";
|
||||
}
|
||||
|
||||
if allof (
|
||||
envelope :detail :matches "to" "*",
|
||||
header :contains "X-Moo-Tag" "YES",
|
||||
mailboxexists "INBOX/${s}"
|
||||
) {
|
||||
fileinto "INBOX/${s}";
|
||||
}
|
||||
elsif allof (
|
||||
envelope :detail :matches "to" "*",
|
||||
header :contains "X-Moo-Tag" "YES"
|
||||
) {
|
||||
set :lower "s" "${1}";
|
||||
fileinto :create "INBOX/${s}";
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
connect = "host=mysql dbname=mailcow user=mailcow password=mysafepasswd"
|
||||
|
||||
map {
|
||||
pattern = priv/quota/storage
|
||||
table = quota2
|
||||
username_field = username
|
||||
value_field = bytes
|
||||
}
|
||||
map {
|
||||
pattern = priv/quota/messages
|
||||
table = quota2
|
||||
username_field = username
|
||||
value_field = messages
|
||||
}
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
driver = mysql
|
||||
connect = "host=mysql dbname=mailcow user=mailcow password=mysafepasswd"
|
||||
default_pass_scheme = SSHA256
|
||||
password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1')
|
||||
user_query = SELECT CONCAT('maildir:/var/vmail/',maildir) AS mail, 5000 AS uid, 5000 AS gid, concat('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1'
|
||||
iterate_query = SELECT username FROM mailbox WHERE active='1';
|
|
@ -0,0 +1,14 @@
|
|||
[mysqld]
|
||||
character-set-client-handshake = FALSE
|
||||
character-set-server = utf8mb4
|
||||
collation-server = utf8mb4_unicode_ci
|
||||
innodb_file_per_table = TRUE
|
||||
innodb_file_format = barracuda
|
||||
innodb_large_prefix = TRUE
|
||||
#sql_mode=IGNORE_SPACE,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
|
||||
|
||||
[client]
|
||||
default-character-set = utf8mb4
|
||||
|
||||
[mysql]
|
||||
default-character-set = utf8mb4
|
|
@ -0,0 +1,18 @@
|
|||
server {
|
||||
listen 8081;
|
||||
index index.php index.html;
|
||||
server_name _;
|
||||
error_log /var/log/nginx/error.log;
|
||||
access_log /var/log/nginx/access.log;
|
||||
root /dynmaps;
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
listen ${HTTPS_PORT};
|
|
@ -0,0 +1,136 @@
|
|||
proxy_cache_path /tmp levels=1:2 keys_zone=sogo:10m inactive=24h max_size=1g;
|
||||
server {
|
||||
include /etc/nginx/conf.d/listen.active;
|
||||
include /etc/nginx/mime.types;
|
||||
charset utf-8;
|
||||
override_charset on;
|
||||
ssl on;
|
||||
ssl_certificate /etc/ssl/mail/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/mail/key.pem;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA';
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
ssl_ecdh_curve secp384r1;
|
||||
index index.php index.html;
|
||||
server_name _ autodiscover.* autoconfig.*;
|
||||
error_log /var/log/nginx/error.log;
|
||||
access_log /var/log/nginx/access.log;
|
||||
root /web;
|
||||
|
||||
location = /principals/ {
|
||||
rewrite ^ https://$host/SOGo/dav;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass phpfpm:9000;
|
||||
fastcgi_index index.php;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param PHP_VALUE "max_execution_time = 1200
|
||||
max_input_time = 1200
|
||||
memory_limit = 64M";
|
||||
fastcgi_read_timeout 1200;
|
||||
}
|
||||
|
||||
rewrite ^(/save.+)$ /rspamd$1 last;
|
||||
location /rspamd/ {
|
||||
proxy_pass http://172.22.1.253:11334/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
}
|
||||
|
||||
location ^~ /inc/init.sql {
|
||||
deny all;
|
||||
}
|
||||
|
||||
if ($host ~* autodiscover\.(.*)) {
|
||||
rewrite ^(.*) /autodiscover.php last;
|
||||
}
|
||||
|
||||
if ($host ~* autoconfig\.(.*)) {
|
||||
rewrite ^(.*) /autoconfig.php last;
|
||||
}
|
||||
|
||||
location ^~ /Microsoft-Server-ActiveSync {
|
||||
proxy_pass http://172.22.1.252:20000/SOGo/Microsoft-Server-ActiveSync;
|
||||
proxy_connect_timeout 1000;
|
||||
proxy_next_upstream timeout error;
|
||||
proxy_send_timeout 1000;
|
||||
proxy_read_timeout 1000;
|
||||
proxy_buffer_size 8k;
|
||||
proxy_buffers 4 32k;
|
||||
proxy_temp_file_write_size 64k;
|
||||
proxy_busy_buffers_size 64k;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url $scheme://$host:$server_port;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 100m;
|
||||
}
|
||||
|
||||
location ^~ /SOGo {
|
||||
proxy_pass http://172.22.1.252:20000;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url $scheme://$host:$server_port;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
#proxy_connect_timeout 90;
|
||||
#proxy_send_timeout 90;
|
||||
#proxy_read_timeout 90;
|
||||
#proxy_buffer_size 4k;
|
||||
#proxy_buffers 4 32k;
|
||||
#proxy_busy_buffers_size 64k;
|
||||
#proxy_temp_file_write_size 64k;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 100m;
|
||||
break;
|
||||
}
|
||||
|
||||
location /SOGo.woa/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location /SOGo/WebServerResources/ {
|
||||
proxy_pass http://172.22.1.252:9192/WebServerResources/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/WebServerResources/;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$ {
|
||||
proxy_pass http://172.22.1.252:9192/$1.SOGo/Resources/$2;
|
||||
proxy_set_header Host $host;
|
||||
proxy_cache sogo;
|
||||
proxy_cache_valid 200 1d;
|
||||
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
|
||||
#alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
addNTA("mailcow-network", "nta for local")
|
|
@ -0,0 +1,41 @@
|
|||
allow-from=127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8
|
||||
config-dir=/etc/powerdns
|
||||
daemon=no
|
||||
disable-syslog=yes
|
||||
dnssec=process
|
||||
dnssec-log-bogus=yes
|
||||
dont-query=10.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fc00::/7, fe80::/10, 0.0.0.0/8, 192.0.0.0/24, 192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24, 240.0.0.0/4, ::/96, ::ffff:0:0/96, 100::/64, 2001:db8::/32
|
||||
export-etc-hosts=off
|
||||
# forward-zones=
|
||||
forward-zones-recurse=mailcow-network.=127.0.0.11
|
||||
local-address=0.0.0.0
|
||||
local-port=53
|
||||
loglevel=6
|
||||
# lowercase-outgoing=no
|
||||
lua-config-file=/etc/powerdns/pdns_custom.lua
|
||||
# max-cache-entries=1000000
|
||||
# max-cache-ttl=86400
|
||||
# max-mthreads=2048
|
||||
# max-negative-ttl=3600
|
||||
# max-packetcache-entries=500000
|
||||
# max-qperq=50
|
||||
# max-tcp-clients=128
|
||||
# max-tcp-per-client=0
|
||||
# max-total-msec=7000
|
||||
# minimum-ttl-override=0
|
||||
# network-timeout=1500
|
||||
# packetcache-servfail-ttl=60
|
||||
# packetcache-ttl=3600
|
||||
quiet=yes
|
||||
# security-poll-suffix=secpoll.powerdns.com.
|
||||
# serve-rfc1918=yes
|
||||
# server-down-max-fails=64
|
||||
# server-down-throttle-time=60
|
||||
setgid=pdns
|
||||
setuid=pdns
|
||||
# spoof-nearmiss-max=20
|
||||
# stack-size=200000
|
||||
# threads=2
|
||||
# trace=off
|
||||
version-string=PowerDNS Recursor
|
||||
webserver=no
|
|
@ -0,0 +1,93 @@
|
|||
biff = no
|
||||
append_dot_mydomain = no
|
||||
smtpd_tls_cert_file = /etc/ssl/mail/cert.pem
|
||||
smtpd_tls_key_file = /etc/ssl/mail/key.pem
|
||||
smtpd_use_tls=yes
|
||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
||||
alias_maps = hash:/etc/aliases
|
||||
alias_database = hash:/etc/aliases
|
||||
relayhost =
|
||||
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
|
||||
mailbox_size_limit = 0
|
||||
recipient_delimiter = +
|
||||
inet_interfaces = all
|
||||
inet_protocols = all
|
||||
bounce_queue_lifetime = 1d
|
||||
broken_sasl_auth_clients = yes
|
||||
disable_vrfy_command = yes
|
||||
maximal_backoff_time = 1800s
|
||||
maximal_queue_lifetime = 1d
|
||||
message_size_limit = 26214400
|
||||
milter_default_action = accept
|
||||
milter_protocol = 6
|
||||
minimal_backoff_time = 300s
|
||||
plaintext_reject_code = 550
|
||||
postscreen_access_list = permit_mynetworks, cidr:/opt/postfix/conf/postscreen_access.cidr
|
||||
postscreen_bare_newline_enable = no
|
||||
postscreen_blacklist_action = drop
|
||||
postscreen_cache_cleanup_interval = 24h
|
||||
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
|
||||
postscreen_dnsbl_action = enforce
|
||||
postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7 dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5 bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8 dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3 dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2 dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.4*1 hostkarma.junkemailfilter.com=127.0.1.2*1 wl.mailspike.net=127.0.0.[18;19;20]*-2 hostkarma.junkemailfilter.com=127.0.0.1*-2
|
||||
postscreen_dnsbl_threshold = 8
|
||||
postscreen_dnsbl_ttl = 5m
|
||||
postscreen_greet_action = enforce
|
||||
postscreen_greet_banner = $smtpd_banner
|
||||
postscreen_greet_ttl = 2d
|
||||
postscreen_greet_wait = 3s
|
||||
postscreen_non_smtp_command_enable = no
|
||||
postscreen_pipelining_enable = no
|
||||
proxy_read_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_sender_acl.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_out_policy.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf, $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
|
||||
queue_run_delay = 300s
|
||||
relay_domains = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_relay_domain_maps.cf
|
||||
relay_recipient_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_relay_recipient_maps.cf
|
||||
sender_dependent_default_transport_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_out_policy.cf
|
||||
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||
smtp_tls_cert_file = /etc/ssl/mail/cert.pem
|
||||
smtp_tls_key_file = /etc/ssl/mail/key.pem
|
||||
smtp_tls_loglevel = 1
|
||||
smtp_dns_support_level = dnssec
|
||||
smtp_tls_security_level = dane
|
||||
smtpd_data_restrictions = reject_unauth_pipelining, permit
|
||||
smtpd_delay_reject = yes
|
||||
smtpd_error_sleep_time = 10s
|
||||
smtpd_hard_error_limit = ${stress?1}${stress:5}
|
||||
smtpd_helo_required = yes
|
||||
smtpd_proxy_timeout = 600s
|
||||
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_recipient_access proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf, reject_invalid_helo_hostname, reject_unknown_reverse_client_hostname, reject_unauth_destination
|
||||
smtpd_sasl_auth_enable = yes
|
||||
smtpd_sasl_authenticated_header = yes
|
||||
smtpd_sasl_path = inet:dovecot:10001
|
||||
smtpd_sasl_type = dovecot
|
||||
smtpd_sender_login_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_sender_acl.cf
|
||||
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated, reject_unlisted_sender, reject_unknown_sender_domain
|
||||
smtpd_soft_error_limit = 3
|
||||
smtpd_tls_auth_only = yes
|
||||
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
|
||||
smtpd_tls_eecdh_grade = strong
|
||||
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
|
||||
smtpd_tls_loglevel = 1
|
||||
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
|
||||
smtp_tls_protocols = !SSLv2, !SSLv3
|
||||
lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3
|
||||
lmtp_tls_protocols = !SSLv2, !SSLv3
|
||||
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
|
||||
smtpd_tls_protocols = !SSLv2, !SSLv3
|
||||
smtpd_tls_mandatory_ciphers = high
|
||||
smtpd_tls_security_level = may
|
||||
tls_ssl_options = NO_COMPRESSION
|
||||
tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
|
||||
virtual_alias_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_catchall_maps.cf
|
||||
virtual_gid_maps = static:5000
|
||||
virtual_mailbox_base = /var/vmail/
|
||||
virtual_mailbox_domains = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_domains_maps.cf
|
||||
virtual_mailbox_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_domain_mailbox_maps.cf
|
||||
virtual_minimum_uid = 104
|
||||
virtual_transport = lmtp:inet:dovecot:24
|
||||
virtual_uid_maps = static:5000
|
||||
smtpd_milters = inet:rmilter:9900
|
||||
non_smtpd_milters = inet:rmilter:9900
|
||||
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
|
||||
mydestination = localhost.localdomain, localhost
|
|
@ -0,0 +1,45 @@
|
|||
smtp inet n - n - 1 postscreen
|
||||
smtpd pass - - n - - smtpd
|
||||
-o smtpd_helo_restrictions=permit_mynetworks,reject_non_fqdn_helo_hostname
|
||||
smtps inet n - n - - smtpd
|
||||
-o smtpd_tls_wrappermode=yes
|
||||
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
|
||||
submission inet n - n - - smtpd
|
||||
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
|
||||
-o smtpd_enforce_tls=yes
|
||||
-o smtpd_tls_security_level=encrypt
|
||||
-o tls_preempt_cipherlist=yes
|
||||
588 inet n - n - - smtpd
|
||||
-o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
|
||||
-o smtpd_tls_auth_only=no
|
||||
smtp_enforced_tls unix - - n - - smtp
|
||||
-o smtp_tls_security_level=encrypt
|
||||
-o syslog_name=enforced-tls-smtp
|
||||
-o smtp_delivery_status_filter=pcre:/opt/postfix/conf/smtp_dsn_filter
|
||||
tlsproxy unix - - n - 0 tlsproxy
|
||||
dnsblog unix - - n - 0 dnsblog
|
||||
pickup fifo n - n 60 1 pickup
|
||||
cleanup unix n - n - 0 cleanup
|
||||
qmgr fifo n - n 300 1 qmgr
|
||||
tlsmgr unix - - n 1000? 1 tlsmgr
|
||||
rewrite unix - - n - - trivial-rewrite
|
||||
bounce unix - - n - 0 bounce
|
||||
defer unix - - n - 0 bounce
|
||||
trace unix - - n - 0 bounce
|
||||
verify unix - - n - 1 verify
|
||||
flush unix n - n 1000? 0 flush
|
||||
proxymap unix - - n - - proxymap
|
||||
proxywrite unix - - n - 1 proxymap
|
||||
smtp unix - - n - - smtp
|
||||
relay unix - - n - - smtp
|
||||
showq unix n - n - - showq
|
||||
error unix - - n - - error
|
||||
retry unix - - n - - error
|
||||
discard unix - - n - - discard
|
||||
local unix - n n - - local
|
||||
virtual unix - n n - - virtual
|
||||
lmtp unix - - n - - lmtp
|
||||
anvil unix - - n - 1 anvil
|
||||
scache unix - - n - 1 scache
|
||||
maildrop unix - n n - - pipe flags=DRhu
|
||||
user=vmail argv=/usr/bin/maildrop -d ${recipient}
|
|
@ -0,0 +1,654 @@
|
|||
# Generated by Postwhite v1.30 on Thu Dec 8 21:11:27 CET 2016
|
||||
# https://github.com/stevejenkins/postwhite/
|
||||
# 651 total rules
|
||||
2a00:1450:4000::/36 permit
|
||||
2a01:111:f400::/48 permit
|
||||
2a04:35c0::/29 permit
|
||||
2c0f:fb50:4000::/36 permit
|
||||
5.135.24.0/24 permit
|
||||
8.20.114.31 permit
|
||||
8.25.194.0/23 permit
|
||||
8.25.196.0/23 permit
|
||||
12.130.86.238 permit
|
||||
13.111.0.0/19 permit
|
||||
17.36.0.0/16 permit
|
||||
17.41.0.0/16 permit
|
||||
17.110.0.0/15 permit
|
||||
17.120.0.0/16 permit
|
||||
17.133.0.0/16 permit
|
||||
17.139.0.0/16 permit
|
||||
17.142.0.0/15 permit
|
||||
17.151.1.0/24 permit
|
||||
17.158.0.0/15 permit
|
||||
17.162.0.0/15 permit
|
||||
17.164.0.0/16 permit
|
||||
17.171.37.0/24 permit
|
||||
17.172.0.0/16 permit
|
||||
23.21.83.90 permit
|
||||
23.23.237.213 permit
|
||||
23.96.52.53 permit
|
||||
23.100.122.175 permit
|
||||
23.103.128.0/19 permit
|
||||
23.103.131.7 permit
|
||||
23.103.191.0/24 permit
|
||||
23.103.198.0/23 permit
|
||||
23.103.200.0/21 permit
|
||||
23.103.208.0/21 permit
|
||||
23.103.224.0/19 permit
|
||||
23.253.182.0/24 permit
|
||||
23.253.182.103 permit
|
||||
23.253.183.0/24 permit
|
||||
23.253.183.145 permit
|
||||
23.253.183.146 permit
|
||||
23.253.183.147 permit
|
||||
23.253.183.148 permit
|
||||
23.253.183.150 permit
|
||||
27.126.146.0/24 permit
|
||||
37.59.69.128/25 permit
|
||||
37.59.249.0/24 permit
|
||||
37.188.97.188/32 permit
|
||||
40.92.0.0/14 permit
|
||||
40.96.32.50 permit
|
||||
40.97.113.34 permit
|
||||
40.97.113.210 permit
|
||||
40.97.153.146 permit
|
||||
40.97.155.26 permit
|
||||
40.97.156.114 permit
|
||||
40.97.160.2 permit
|
||||
40.97.164.146 permit
|
||||
40.97.166.138 permit
|
||||
40.97.170.154 permit
|
||||
40.107.0.0/17 permit
|
||||
40.107.128.0/18 permit
|
||||
41.74.192.0/22 permit
|
||||
41.74.196.0/22 permit
|
||||
41.74.200.0/22 permit
|
||||
41.74.201.0/24 permit
|
||||
41.74.204.0/22 permit
|
||||
41.74.205.0/24 permit
|
||||
46.19.168.0/23 permit
|
||||
50.18.45.249 permit
|
||||
50.18.121.236 permit
|
||||
50.18.121.248 permit
|
||||
50.18.123.221 permit
|
||||
50.18.124.70 permit
|
||||
50.18.125.97 permit
|
||||
50.18.125.237 permit
|
||||
50.18.126.162 permit
|
||||
50.22.164.201 permit
|
||||
50.23.218.192/27 permit
|
||||
50.31.32.0/19 permit
|
||||
50.31.36.197 permit
|
||||
50.31.36.199 permit
|
||||
50.31.36.205 permit
|
||||
50.31.36.208 permit
|
||||
50.31.36.213 permit
|
||||
50.31.60.1 permit
|
||||
50.31.156.96/27 permit
|
||||
50.207.218.237 permit
|
||||
51.4.71.62 permit
|
||||
52.0.20.102 permit
|
||||
52.95.48.152/29 permit
|
||||
52.95.49.88/29 permit
|
||||
52.205.61.79 permit
|
||||
54.172.97.247 permit
|
||||
54.173.229.38 permit
|
||||
54.214.39.184 permit
|
||||
54.240.0.0/18 permit
|
||||
54.241.16.209 permit
|
||||
54.243.205.80 permit
|
||||
54.244.242.0/24 permit
|
||||
62.17.146.128/26 permit
|
||||
63.80.14.0/23 permit
|
||||
63.111.28.137 permit
|
||||
63.128.21.0/24 permit
|
||||
64.4.22.64/26 permit
|
||||
64.18.0.0/20 permit
|
||||
64.20.241.45 permit
|
||||
64.34.47.128/27 permit
|
||||
64.34.57.192/26 permit
|
||||
64.79.155.0/24 permit
|
||||
64.79.155.192 permit
|
||||
64.127.115.252 permit
|
||||
64.132.88.0/23 permit
|
||||
64.132.92.0/24 permit
|
||||
64.135.77.0/24 permit
|
||||
64.135.83.0/24 permit
|
||||
64.233.160.0/19 permit
|
||||
65.39.215.0/24 permit
|
||||
65.54.51.64/26 permit
|
||||
65.54.61.64/26 permit
|
||||
65.54.121.120/29 permit
|
||||
65.54.121.124/31 permit
|
||||
65.54.190.0/24 permit
|
||||
65.54.241.0/24 permit
|
||||
65.55.33.64/28 permit
|
||||
65.55.34.0/24 permit
|
||||
65.55.42.224/28 permit
|
||||
65.55.52.224/27 permit
|
||||
65.55.77.28 permit
|
||||
65.55.78.128/25 permit
|
||||
65.55.81.48/28 permit
|
||||
65.55.81.54/31 permit
|
||||
65.55.85.12 permit
|
||||
65.55.88.0/24 permit
|
||||
65.55.90.0/24 permit
|
||||
65.55.94.0/25 permit
|
||||
65.55.111.0/24 permit
|
||||
65.55.113.64/26 permit
|
||||
65.55.116.0/25 permit
|
||||
65.55.126.0/25 permit
|
||||
65.55.169.0/24 permit
|
||||
65.55.174.0/25 permit
|
||||
65.55.178.128/27 permit
|
||||
65.55.234.192/26 permit
|
||||
65.110.161.77 permit
|
||||
65.212.180.36 permit
|
||||
65.242.92.0/24 permit
|
||||
65.242.92.15 permit
|
||||
66.77.16.201/32 permit
|
||||
66.102.0.0/20 permit
|
||||
66.135.215.0/24 permit
|
||||
66.135.222.1 permit
|
||||
66.211.168.230/31 permit
|
||||
66.211.184.0/23 permit
|
||||
66.220.144.128/25 permit
|
||||
66.220.155.0/24 permit
|
||||
66.220.155.128/25 permit
|
||||
66.220.157.0/25 permit
|
||||
66.231.80.0/20 permit
|
||||
66.249.80.0/20 permit
|
||||
67.23.31.6 permit
|
||||
67.72.99.26 permit
|
||||
67.221.168.65 permit
|
||||
67.228.2.24/30 permit
|
||||
67.228.21.184/29 permit
|
||||
67.228.37.4/30 permit
|
||||
67.228.50.32/27 permit
|
||||
67.228.50.54/31 permit
|
||||
67.231.145.42 permit
|
||||
67.231.153.30 permit
|
||||
68.232.192.0/20 permit
|
||||
69.63.178.128/25 permit
|
||||
69.63.179.25 permit
|
||||
69.63.184.0/25 permit
|
||||
69.65.42.195 permit
|
||||
69.65.49.192/29 permit
|
||||
69.162.98.0/24 permit
|
||||
69.171.232.0/24 permit
|
||||
69.171.232.128/25 permit
|
||||
69.171.244.0/24 permit
|
||||
70.37.151.128/25 permit
|
||||
70.42.149.35 permit
|
||||
72.3.185.0/24 permit
|
||||
72.3.237.64/28 permit
|
||||
72.5.230.111/32 permit
|
||||
72.14.192.0/18 permit
|
||||
72.21.192.0/19 permit
|
||||
72.21.212.0/25 permit
|
||||
72.21.217.142/32 permit
|
||||
72.32.154.0/24 permit
|
||||
72.32.217.0/24 permit
|
||||
72.32.243.0/24 permit
|
||||
72.249.147.250/32 permit
|
||||
74.63.63.115 permit
|
||||
74.63.63.121 permit
|
||||
74.63.194.126 permit
|
||||
74.63.234.75 permit
|
||||
74.63.236.0/24 permit
|
||||
74.86.113.28/30 permit
|
||||
74.86.129.240/30 permit
|
||||
74.86.131.208/30 permit
|
||||
74.86.132.208/30 permit
|
||||
74.86.160.160/30 permit
|
||||
74.86.164.188/30 permit
|
||||
74.86.171.192/30 permit
|
||||
74.86.195.28/30 permit
|
||||
74.86.207.36/30 permit
|
||||
74.86.226.216/30 permit
|
||||
74.86.236.240/30 permit
|
||||
74.86.241.250/31 permit
|
||||
74.112.64.26 permit
|
||||
74.112.67.243 permit
|
||||
74.112.170.21/32 permit
|
||||
74.125.0.0/16 permit
|
||||
74.201.84.0/24 permit
|
||||
74.201.152.59/32 permit
|
||||
74.201.154.0/24 permit
|
||||
74.201.155.25/32 permit
|
||||
74.201.155.26/32 permit
|
||||
74.201.155.27/32 permit
|
||||
74.201.155.28/32 permit
|
||||
74.201.155.79/32 permit
|
||||
74.202.227.52/32 permit
|
||||
74.208.4.192/26 permit
|
||||
74.208.5.64/26 permit
|
||||
74.208.122.0/26 permit
|
||||
74.209.250.0/24 permit
|
||||
74.209.250.84 permit
|
||||
75.126.200.128/27 permit
|
||||
75.126.253.0/24 permit
|
||||
75.126.253.48 permit
|
||||
80.231.25.0/24 permit
|
||||
80.231.219.0/24 permit
|
||||
81.223.46.0/27 permit
|
||||
82.165.159.0/24 permit
|
||||
85.222.130.192/26 permit
|
||||
85.222.138.192/26 permit
|
||||
86.61.88.25 permit
|
||||
87.238.80.0/21 permit
|
||||
87.253.232.0/21 permit
|
||||
91.194.248.0/23 permit
|
||||
91.198.22.0/24 permit
|
||||
91.211.240.0/24 permit
|
||||
91.211.242.0/24 permit
|
||||
91.211.243.0/24 permit
|
||||
91.220.42.0/24 permit
|
||||
94.236.119.0/26 permit
|
||||
94.245.112.0/27 permit
|
||||
94.245.112.10/31 permit
|
||||
94.245.120.64/26 permit
|
||||
96.43.144.0/20 permit
|
||||
96.43.144.64/28 permit
|
||||
96.43.144.64/31 permit
|
||||
96.43.147.64/28 permit
|
||||
96.43.148.64/28 permit
|
||||
96.43.148.64/31 permit
|
||||
96.43.151.64/28 permit
|
||||
96.43.152.64/27 permit
|
||||
96.43.153.64/27 permit
|
||||
96.46.150.192/27 permit
|
||||
101.53.164.192/26 permit
|
||||
103.11.200.0/22 permit
|
||||
103.13.69.0/24 permit
|
||||
103.28.42.0/24 permit
|
||||
103.237.104.0/22 permit
|
||||
104.40.211.35 permit
|
||||
104.43.195.251 permit
|
||||
104.47.0.0/17 permit
|
||||
104.130.96.0/28 permit
|
||||
104.130.122.0/23 permit
|
||||
104.245.209.192/26 permit
|
||||
106.50.16.0/28 permit
|
||||
107.0.11.224/27 permit
|
||||
108.174.0.0/24 permit
|
||||
108.174.0.215 permit
|
||||
108.174.3.0/24 permit
|
||||
108.174.6.0/24 permit
|
||||
108.175.18.45 permit
|
||||
108.175.30.45 permit
|
||||
108.177.8.0/21 permit
|
||||
108.177.96.0/19 permit
|
||||
111.221.23.128/25 permit
|
||||
111.221.26.0/27 permit
|
||||
111.221.66.0/25 permit
|
||||
111.221.69.128/25 permit
|
||||
111.221.112.0/21 permit
|
||||
124.47.150.0/24 permit
|
||||
124.47.189.0/24 permit
|
||||
129.41.77.70 permit
|
||||
129.41.169.249 permit
|
||||
131.107.0.0/16 permit
|
||||
131.107.1.18 permit
|
||||
131.107.1.19 permit
|
||||
131.107.1.20 permit
|
||||
131.107.1.37 permit
|
||||
131.107.1.44 permit
|
||||
131.107.1.48 permit
|
||||
131.107.1.56 permit
|
||||
131.253.30.0/24 permit
|
||||
131.253.121.20 permit
|
||||
134.170.113.0/26 permit
|
||||
134.170.140.0/24 permit
|
||||
134.170.141.64/26 permit
|
||||
134.170.143.0/24 permit
|
||||
134.170.174.0/24 permit
|
||||
136.146.128.64/27 permit
|
||||
136.146.208.16/28 permit
|
||||
136.146.210.16/28 permit
|
||||
136.147.46.192/26 permit
|
||||
136.147.62.192/26 permit
|
||||
136.147.128.0/20 permit
|
||||
136.147.176.0/20 permit
|
||||
146.88.28.0/24 permit
|
||||
146.101.78.0/24 permit
|
||||
147.243.1.47 permit
|
||||
147.243.1.48 permit
|
||||
147.243.1.153 permit
|
||||
147.243.128.24 permit
|
||||
147.243.128.26 permit
|
||||
151.101.37.140 permit
|
||||
157.55.0.192/26 permit
|
||||
157.55.1.128/26 permit
|
||||
157.55.2.0/25 permit
|
||||
157.55.9.128/25 permit
|
||||
157.55.11.0/25 permit
|
||||
157.55.49.0/25 permit
|
||||
157.55.61.0/24 permit
|
||||
157.55.157.128/25 permit
|
||||
157.55.158.0/23 permit
|
||||
157.55.225.0/25 permit
|
||||
157.55.234.0/24 permit
|
||||
157.56.24.0/25 permit
|
||||
157.56.110.0/23 permit
|
||||
157.56.112.0/24 permit
|
||||
157.56.120.128/26 permit
|
||||
157.56.172.28 permit
|
||||
157.56.232.0/21 permit
|
||||
157.56.240.0/20 permit
|
||||
157.56.248.0/21 permit
|
||||
157.151.208.65 permit
|
||||
162.88.4.0/24 permit
|
||||
162.88.36.0/24 permit
|
||||
162.248.185.121 permit
|
||||
163.47.180.0/22 permit
|
||||
165.254.167.152/30 permit
|
||||
165.254.167.156/31 permit
|
||||
165.254.167.162/31 permit
|
||||
165.254.168.66/31 permit
|
||||
165.254.168.68/31 permit
|
||||
165.254.168.70/31 permit
|
||||
165.254.168.72/31 permit
|
||||
166.78.68.0/22 permit
|
||||
166.78.68.221 permit
|
||||
166.78.69.146 permit
|
||||
166.78.69.169 permit
|
||||
166.78.69.170 permit
|
||||
166.78.71.131 permit
|
||||
167.89.0.0/17 permit
|
||||
167.89.16.30 permit
|
||||
167.89.16.183 permit
|
||||
167.89.16.245 permit
|
||||
167.89.25.84 permit
|
||||
167.89.32.5 permit
|
||||
167.89.32.50 permit
|
||||
167.89.46.159 permit
|
||||
167.89.46.185 permit
|
||||
167.89.60.95 permit
|
||||
167.89.62.118 permit
|
||||
167.89.64.9 permit
|
||||
167.89.65.0 permit
|
||||
167.89.65.53 permit
|
||||
167.89.65.100 permit
|
||||
167.89.74.233 permit
|
||||
167.89.75.33 permit
|
||||
167.89.75.126 permit
|
||||
167.89.75.136 permit
|
||||
167.89.75.164 permit
|
||||
167.89.101.2 permit
|
||||
167.89.101.192/28 permit
|
||||
167.220.67.238 permit
|
||||
172.217.0.0/19 permit
|
||||
173.0.84.224/28 permit
|
||||
173.0.94.244/30 permit
|
||||
173.193.132.0/23 permit
|
||||
173.193.132.134/31 permit
|
||||
173.193.210.32/27 permit
|
||||
173.194.0.0/16 permit
|
||||
173.203.79.182 permit
|
||||
173.203.81.39 permit
|
||||
173.224.160.128/25 permit
|
||||
173.224.161.128/25 permit
|
||||
173.228.155.0/24 permit
|
||||
174.36.80.208/28 permit
|
||||
174.36.84.8/29 permit
|
||||
174.36.84.16/29 permit
|
||||
174.36.84.32/29 permit
|
||||
174.36.84.144/29 permit
|
||||
174.36.84.240/29 permit
|
||||
174.36.85.248/30 permit
|
||||
174.36.92.96/27 permit
|
||||
174.36.114.128/30 permit
|
||||
174.36.114.140/30 permit
|
||||
174.36.114.148/30 permit
|
||||
174.36.114.152/29 permit
|
||||
174.37.67.28/30 permit
|
||||
174.37.226.64/27 permit
|
||||
174.129.194.241 permit
|
||||
174.129.203.189 permit
|
||||
174.137.46.0/24 permit
|
||||
176.32.105.0/24 permit
|
||||
176.32.127.0/24 permit
|
||||
178.32.48.128 permit
|
||||
178.33.111.144 permit
|
||||
178.33.137.208/28 permit
|
||||
178.33.221.0/24 permit
|
||||
178.236.10.128/26 permit
|
||||
178.249.98.16/29 permit
|
||||
178.249.202.16/29 permit
|
||||
180.189.28.0/24 permit
|
||||
182.50.76.0/22 permit
|
||||
182.50.78.64/28 permit
|
||||
184.173.105.0/24 permit
|
||||
184.173.153.0/24 permit
|
||||
185.4.120.0/24 permit
|
||||
185.4.122.0/24 permit
|
||||
185.12.80.0/22 permit
|
||||
185.28.196.0/22 permit
|
||||
185.90.20.0/22 permit
|
||||
188.172.128.0/20 permit
|
||||
191.239.213.197 permit
|
||||
192.28.128.0/18 permit
|
||||
192.30.252.0/22 permit
|
||||
192.64.236.0/24 permit
|
||||
192.64.237.0/24 permit
|
||||
192.64.238.0/24 permit
|
||||
192.161.144.0/20 permit
|
||||
192.230.81.86 permit
|
||||
192.237.158.0/23 permit
|
||||
192.237.159.42 permit
|
||||
192.237.159.43 permit
|
||||
192.254.112.0/20 permit
|
||||
192.254.112.60 permit
|
||||
192.254.112.98/31 permit
|
||||
192.254.113.10 permit
|
||||
192.254.113.101 permit
|
||||
192.254.114.176 permit
|
||||
192.254.115.72 permit
|
||||
192.254.118.63 permit
|
||||
193.28.178.0/25 permit
|
||||
194.64.234.128/27 permit
|
||||
194.64.234.129 permit
|
||||
194.154.193.192/27 permit
|
||||
195.54.172.0/23 permit
|
||||
195.130.217.0/24 permit
|
||||
198.2.128.0/18 permit
|
||||
198.2.128.0/24 permit
|
||||
198.2.132.0/22 permit
|
||||
198.2.136.0/23 permit
|
||||
198.2.177.0/24 permit
|
||||
198.2.178.0/24 permit
|
||||
198.2.179.0/24 permit
|
||||
198.2.180.0/24 permit
|
||||
198.2.186.0/23 permit
|
||||
198.21.0.0/21 permit
|
||||
198.21.3.166 permit
|
||||
198.21.4.224 permit
|
||||
198.37.144.0/20 permit
|
||||
198.37.145.250 permit
|
||||
198.37.149.128 permit
|
||||
198.37.151.26 permit
|
||||
198.61.254.0/23 permit
|
||||
198.61.254.231 permit
|
||||
198.178.234.57 permit
|
||||
198.245.80.0/20 permit
|
||||
199.15.176.173 permit
|
||||
199.15.212.0/22 permit
|
||||
199.15.214.169/32 permit
|
||||
199.16.156.0/22 permit
|
||||
199.19.0.0/21 permit
|
||||
199.59.148.0/22 permit
|
||||
199.83.132.86 permit
|
||||
199.101.161.130 permit
|
||||
199.101.162.0/25 permit
|
||||
199.122.120.0/21 permit
|
||||
199.127.232.0/22 permit
|
||||
199.187.117.209 permit
|
||||
199.187.117.233 permit
|
||||
199.187.117.234/31 permit
|
||||
199.187.117.236/31 permit
|
||||
199.187.118.201 permit
|
||||
199.187.118.202/31 permit
|
||||
199.187.118.204 permit
|
||||
199.187.118.209 permit
|
||||
199.201.64.23 permit
|
||||
199.201.65.23 permit
|
||||
199.255.192.0/22 permit
|
||||
202.129.242.0/23 permit
|
||||
202.177.148.100 permit
|
||||
202.177.148.110 permit
|
||||
203.32.4.25 permit
|
||||
203.55.21.0/24 permit
|
||||
203.62.195.0/24 permit
|
||||
203.81.17.0/24 permit
|
||||
203.122.32.250 permit
|
||||
203.145.57.160/27 permit
|
||||
204.13.11.48/29 permit
|
||||
204.13.11.48/30 permit
|
||||
204.13.248.0/22 permit
|
||||
204.14.232.0/21 permit
|
||||
204.14.232.64/28 permit
|
||||
204.14.234.64/28 permit
|
||||
204.14.238.0/27 permit
|
||||
204.29.186.0/23 permit
|
||||
204.75.142.0/24 permit
|
||||
204.92.114.187 permit
|
||||
204.92.114.203 permit
|
||||
204.92.114.204/31 permit
|
||||
204.153.121.0/24 permit
|
||||
205.139.110.0/23 permit
|
||||
205.201.128.0/20 permit
|
||||
205.201.131.128/25 permit
|
||||
205.201.132.14 permit
|
||||
205.201.134.128/25 permit
|
||||
205.201.136.0/23 permit
|
||||
205.201.137.229 permit
|
||||
205.201.139.0/24 permit
|
||||
205.201.140.14 permit
|
||||
205.207.104.0/22 permit
|
||||
205.217.25.132 permit
|
||||
205.217.25.135 permit
|
||||
205.251.233.32/32 permit
|
||||
205.251.233.36/32 permit
|
||||
206.25.247.143 permit
|
||||
206.25.247.155 permit
|
||||
206.165.246.80/29 permit
|
||||
206.191.224.0/19 permit
|
||||
206.246.157.1 permit
|
||||
207.46.4.128/25 permit
|
||||
207.46.22.35 permit
|
||||
207.46.22.98 permit
|
||||
207.46.22.101 permit
|
||||
207.46.50.72 permit
|
||||
207.46.50.82 permit
|
||||
207.46.50.192/26 permit
|
||||
207.46.50.224 permit
|
||||
207.46.51.64/26 permit
|
||||
207.46.52.71 permit
|
||||
207.46.52.79 permit
|
||||
207.46.58.128/25 permit
|
||||
207.46.100.0/24 permit
|
||||
207.46.101.128/26 permit
|
||||
207.46.116.128/29 permit
|
||||
207.46.117.0/24 permit
|
||||
207.46.132.128/27 permit
|
||||
207.46.163.0/24 permit
|
||||
207.46.198.0/25 permit
|
||||
207.46.200.0/27 permit
|
||||
207.67.38.0/24 permit
|
||||
207.67.98.192/27 permit
|
||||
207.68.176.0/26 permit
|
||||
207.68.176.96/27 permit
|
||||
207.82.80.0/24 permit
|
||||
207.126.144.0/20 permit
|
||||
207.171.160.0/19 permit
|
||||
207.211.30.0/24 permit
|
||||
207.211.31.0/25 permit
|
||||
207.211.41.113 permit
|
||||
207.218.90.0/24 permit
|
||||
207.250.68.0/24 permit
|
||||
208.40.232.70 permit
|
||||
208.43.21.28/30 permit
|
||||
208.43.21.64/29 permit
|
||||
208.43.21.72/30 permit
|
||||
208.43.239.136/30 permit
|
||||
208.64.132.0/22 permit
|
||||
208.66.139.0/25 permit
|
||||
208.74.204.0/22 permit
|
||||
208.74.204.9 permit
|
||||
208.75.120.0/22 permit
|
||||
208.75.122.246 permit
|
||||
208.76.56.0/21 permit
|
||||
208.78.68.0/22 permit
|
||||
208.82.236.96/28 permit
|
||||
208.82.237.96/28 permit
|
||||
208.82.238.96/28 permit
|
||||
208.85.50.137 permit
|
||||
208.89.13.233 permit
|
||||
208.89.13.234/31 permit
|
||||
208.89.13.236/31 permit
|
||||
208.89.14.201 permit
|
||||
208.89.14.202/31 permit
|
||||
208.89.14.204 permit
|
||||
208.89.14.209 permit
|
||||
208.117.48.0/20 permit
|
||||
208.185.229.45 permit
|
||||
208.201.241.163 permit
|
||||
209.43.22.0/28 permit
|
||||
209.46.117.168 permit
|
||||
209.46.117.179 permit
|
||||
209.61.151.0/24 permit
|
||||
209.67.98.46 permit
|
||||
209.67.98.59 permit
|
||||
209.85.128.0/17 permit
|
||||
212.4.136.0/26 permit
|
||||
212.123.28.40/32 permit
|
||||
212.227.15.0/24 permit
|
||||
212.227.17.0/27 permit
|
||||
212.227.126.128/25 permit
|
||||
213.165.64.0/23 permit
|
||||
213.167.75.0/24 permit
|
||||
213.167.81.0/24 permit
|
||||
213.199.128.139 permit
|
||||
213.199.128.145 permit
|
||||
213.199.138.181 permit
|
||||
213.199.138.191 permit
|
||||
213.199.154.0/24 permit
|
||||
213.199.161.128/27 permit
|
||||
213.199.177.0/26 permit
|
||||
213.199.180.0/24 permit
|
||||
216.17.150.242 permit
|
||||
216.17.150.251 permit
|
||||
216.32.180.0/23 permit
|
||||
216.46.168.197 permit
|
||||
216.46.168.222 permit
|
||||
216.58.192.0/19 permit
|
||||
216.99.5.67 permit
|
||||
216.99.5.68 permit
|
||||
216.113.160.0/24 permit
|
||||
216.113.172.0/25 permit
|
||||
216.113.175.0/24 permit
|
||||
216.136.162.65 permit
|
||||
216.136.162.120/29 permit
|
||||
216.136.168.80/28 permit
|
||||
216.146.32.0/20 permit
|
||||
216.198.0.0/18 permit
|
||||
216.203.30.55 permit
|
||||
216.203.33.178/31 permit
|
||||
216.205.24.0/24 permit
|
||||
216.229.156.0/25 permit
|
||||
216.239.32.0/19 permit
|
||||
217.72.207.0/27 permit
|
||||
217.77.141.52 permit
|
||||
217.77.141.59 permit
|
||||
217.175.193.0/24 permit
|
||||
217.175.194.0/23 permit
|
||||
217.175.196.0/24 permit
|
||||
2001:4860:4000::/36 permit
|
||||
2404:6800:4000::/36 permit
|
||||
2607:f8b0:4000::/36 permit
|
||||
2620:109:c003:104::/64 permit
|
||||
2620:109:c006:104::/64 permit
|
||||
2620:109:c00d:104::/64 permit
|
||||
2620:119:50c0:207::/64 permit
|
||||
2800:3f0:4000::/36 permit
|
|
@ -0,0 +1,6 @@
|
|||
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/
|
||||
5$1
|
||||
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
|
||||
5$1
|
||||
/^4.7.5(.*)/
|
||||
5.7.5$1
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT DISTINCT CASE WHEN '%d' IN (SELECT domain FROM domain WHERE relay_all_recipients=1 AND domain='%d' AND backupmx=1) THEN '%s' ELSE (SELECT goto FROM alias WHERE address='%s' AND active='1') END AS result;
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.address WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_in = '1' AND mailbox.active = '1'), 'reject_plaintext_session', 'DUNNO') AS 'tls_enforce_in';
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT IF( EXISTS( SELECT 'TLS_ACTIVE' FROM alias LEFT OUTER JOIN mailbox ON mailbox.username = alias.address WHERE (address='%s' OR address IN (SELECT CONCAT('%u', '@', target_domain) FROM alias_domain WHERE alias_domain='%d')) AND mailbox.tls_enforce_out = '1' AND mailbox.active = '1'), 'smtp_enforced_tls:', 'DUNNO') AS 'tls_enforce_out';
|
|
@ -0,0 +1,6 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT maildir FROM mailbox,alias_domain WHERE alias_domain.alias_domain = '%d' and mailbox.username = CONCAT('%u', '@', alias_domain.target_domain) AND mailbox.active = 1 AND alias_domain.active='1'
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' and alias.address = CONCAT('%u', '@', alias_domain.target_domain) AND alias.active = 1 AND alias_domain.active='1'
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT goto FROM alias WHERE address='%s' AND active='1';
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT alias_domain from alias_domain WHERE alias_domain='%s' AND active='1' UNION SELECT domain FROM domain WHERE domain='%s' AND active = '1' AND backupmx = '0'
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = '1'
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT domain FROM domain WHERE domain='%s' AND backupmx = '1' AND active = '1'
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT goto FROM alias WHERE address='%s' AND active='1' AND domain IN(SELECT domain FROM domain WHERE domain='%d' AND active='1') UNION SELECT logged_in_as FROM sender_acl WHERE send_as='@%d' OR send_as='%s' OR send_as IN ( SELECT CONCAT ('@',target_domain) FROM alias_domain WHERE alias_domain = '%d') OR send_as IN ( SELECT CONCAT ('%u','@',target_domain) FROM alias_domain WHERE alias_domain = '%d' ) AND logged_in_as NOT IN (SELECT goto FROM alias WHERE address='%s') UNION SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = '%d' AND alias.address = CONCAT('%u','@',alias_domain.target_domain) AND alias.active ='1' AND alias_domain.active='1'
|
|
@ -0,0 +1,5 @@
|
|||
user = mailcow
|
||||
password = mysafepasswd
|
||||
hosts = mysql
|
||||
dbname = mailcow
|
||||
query = SELECT goto FROM spamalias WHERE address='%s' AND validity >= UNIX_TIMESTAMP()
|
|
@ -0,0 +1,42 @@
|
|||
bind_socket = inet:9900;
|
||||
spamd {
|
||||
servers = r:rspamd:11333;
|
||||
connect_timeout = 1s;
|
||||
results_timeout = 20s;
|
||||
error_time = 10;
|
||||
dead_time = 300;
|
||||
maxerrors = 10;
|
||||
reject_message = "Spam or virus message rejected due to high detection score";
|
||||
whitelist = 127.0.0.1/32, [::1]/128;
|
||||
spamd_soft_fail = yes;
|
||||
rspamd_metric = "default";
|
||||
extended_spam_headers = yes;
|
||||
spam_header = "X-Spam-Flag";
|
||||
spam_header_value = "YES";
|
||||
};
|
||||
redis {
|
||||
servers_grey = redis:6379;
|
||||
servers_limits = redis:6379;
|
||||
servers_id = redis:6379;
|
||||
id_prefix = "message_id.";
|
||||
grey_prefix = "grey.";
|
||||
white_prefix = "white.";
|
||||
connect_timeout = 1s;
|
||||
error_time = 10;
|
||||
dead_time = 300;
|
||||
maxerrors = 10;
|
||||
};
|
||||
tempdir = /tmp;
|
||||
tempfiles_mode = 00600;
|
||||
max_size = 20M;
|
||||
strict_auth = yes;
|
||||
use_dcc = no;
|
||||
limits {
|
||||
enable = false;
|
||||
};
|
||||
greylisting {
|
||||
enable = false;
|
||||
}
|
||||
dkim {
|
||||
enable = false;
|
||||
};
|
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
ini_set('error_reporting', 0);
|
||||
header('Content-Type: text/plain');
|
||||
require_once "vars.inc.php";
|
||||
$dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
|
||||
$opt = [
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
];
|
||||
$pdo = new PDO($dsn, $database_user, $database_pass, $opt);
|
||||
$stmt = $pdo->query("SELECT `domain` FROM `domain`");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
echo strtolower(trim($row['domain'])) . PHP_EOL;
|
||||
}
|
||||
$stmt = $pdo->query("SELECT `alias_domain` FROM `alias_domain`");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
echo strtolower(trim($row['alias_domain'])) . PHP_EOL;
|
||||
}
|
||||
?>
|
|
@ -0,0 +1,224 @@
|
|||
<?php
|
||||
/*
|
||||
The match section performs AND operation on different matches: for example, if you have from and rcpt in the same rule,
|
||||
then the rule matches only when from AND rcpt match. For similar matches, the OR rule applies: if you have multiple rcpt matches,
|
||||
then any of these will trigger the rule. If a rule is triggered then no more rules are matched.
|
||||
*/
|
||||
ini_set('error_reporting', '0');
|
||||
|
||||
header('Content-Type: text/plain');
|
||||
require_once "vars.inc.php";
|
||||
|
||||
$dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
|
||||
$opt = [
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
];
|
||||
$pdo = new PDO($dsn, $database_user, $database_pass, $opt);
|
||||
?>
|
||||
settings {
|
||||
<?php
|
||||
$stmt = $pdo->query("SELECT DISTINCT `object` FROM `filterconf` WHERE `option` = 'highspamlevel' OR `option` = 'lowspamlevel'");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
while ($row = array_shift($rows)) {
|
||||
$username_sane = preg_replace("/[^a-zA-Z0-9]+/", "", $row['object']);
|
||||
?>
|
||||
score_<?=$username_sane;?> {
|
||||
priority = low;
|
||||
<?php
|
||||
$stmt = $pdo->prepare("SELECT `option`, `value` FROM `filterconf`
|
||||
WHERE (`option` = 'highspamlevel' OR `option` = 'lowspamlevel')
|
||||
AND `object`= :object");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$spamscore = $stmt->fetchAll(PDO::FETCH_COLUMN|PDO::FETCH_GROUP);
|
||||
|
||||
$stmt = $pdo->prepare("SELECT GROUP_CONCAT(REPLACE(`value`, '*', '.*') SEPARATOR '|') AS `value` FROM `filterconf`
|
||||
WHERE (`object`= :object OR `object`= :object_domain)
|
||||
AND (`option` = 'blacklist_from' OR `option` = 'whitelist_from')");
|
||||
$stmt->execute(array(':object' => $row['object'], ':object_domain' => substr(strrchr($row['object'], "@"), 1)));
|
||||
$grouped_lists = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
||||
$value_sane = preg_replace("/\.\./", ".", (preg_replace("/\*/", ".*", $grouped_lists[0])));
|
||||
?>
|
||||
from = "/^((?!<?=$value_sane;?>).)*$/";
|
||||
rcpt = "<?=$row['object'];?>";
|
||||
<?php
|
||||
$stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `goto` = :object_goto AND `address` NOT LIKE '@%' AND `address` != :object_address");
|
||||
$stmt->execute(array(':object_goto' => $row['object'], ':object_address' => $row['object']));
|
||||
$rows_aliases_1 = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row_aliases_1 = array_shift($rows_aliases_1)) {
|
||||
?>
|
||||
rcpt = "<?=$row_aliases_1['address'];?>";
|
||||
<?php
|
||||
}
|
||||
$stmt = $pdo->prepare("SELECT CONCAT(`local_part`, '@', `alias_domain`.`alias_domain`) AS `aliases` FROM `mailbox`
|
||||
LEFT OUTER JOIN `alias_domain` on `mailbox`.`domain` = `alias_domain`.`target_domain`
|
||||
WHERE `mailbox`.`username` = :object");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$rows_aliases_2 = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_aliases_2);
|
||||
while ($row_aliases_2 = array_shift($rows_aliases_2)) {
|
||||
if (!empty($row_aliases_2['aliases'])) {
|
||||
?>
|
||||
rcpt = "<?=$row_aliases_2['aliases'];?>";
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
apply "default" {
|
||||
actions {
|
||||
reject = <?=$spamscore['highspamlevel'][0];?>;
|
||||
greylist = <?=$spamscore['lowspamlevel'][0] - 1;?>;
|
||||
"add header" = <?=$spamscore['lowspamlevel'][0];?>;
|
||||
}
|
||||
}
|
||||
}
|
||||
<?php
|
||||
}
|
||||
|
||||
/*
|
||||
// Start whitelist
|
||||
*/
|
||||
|
||||
$stmt = $pdo->query("SELECT DISTINCT `object` FROM `filterconf` WHERE `option` = 'whitelist_from'");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
$username_sane = preg_replace("/[^a-zA-Z0-9]+/", "", $row['object']);
|
||||
?>
|
||||
whitelist_<?=$username_sane;?> {
|
||||
<?php
|
||||
$stmt = $pdo->prepare("SELECT GROUP_CONCAT(REPLACE(`value`, '*', '.*') SEPARATOR '|') AS `value` FROM `filterconf`
|
||||
WHERE `object`= :object
|
||||
AND `option` = 'whitelist_from'");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$grouped_lists = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
||||
$value_sane = preg_replace("/\.\./", ".", (preg_replace("/\*/", ".*", $grouped_lists[0])));
|
||||
?>
|
||||
from = "/(<?=$value_sane;?>)/";
|
||||
<?php
|
||||
if (!filter_var(trim($row['object']), FILTER_VALIDATE_EMAIL)) {
|
||||
?>
|
||||
priority = medium;
|
||||
rcpt = "/.*@<?=$row['object'];?>/";
|
||||
<?php
|
||||
$stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain`
|
||||
WHERE `target_domain` = :object");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$rows_domain_aliases = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_domain_aliases);
|
||||
while ($row_domain_aliases = array_shift($rows_domain_aliases)) {
|
||||
?>
|
||||
rcpt = "/.*@<?=$row_domain_aliases['alias_domain'];?>/";
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
priority = high;
|
||||
rcpt = "<?=$row['object'];?>";
|
||||
<?php
|
||||
}
|
||||
$stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `goto` = :object_goto AND `address` NOT LIKE '@%' AND `address` != :object_address");
|
||||
$stmt->execute(array(':object_goto' => $row['object'], ':object_address' => $row['object']));
|
||||
$rows_aliases_wl_1 = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_aliases_wl_1);
|
||||
while ($row_aliases_wl_1 = array_shift($rows_aliases_wl_1)) {
|
||||
?>
|
||||
rcpt = "<?=$row_aliases_wl_1['address'];?>";
|
||||
<?php
|
||||
}
|
||||
$stmt = $pdo->prepare("SELECT CONCAT(`local_part`, '@', `alias_domain`.`alias_domain`) AS `aliases` FROM `mailbox`
|
||||
LEFT OUTER JOIN `alias_domain` on `mailbox`.`domain` = `alias_domain`.`target_domain`
|
||||
WHERE `mailbox`.`username` = :object");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$rows_aliases_wl_2 = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_aliases_wl_2);
|
||||
while ($row_aliases_wl_2 = array_shift($rows_aliases_wl_2)) {
|
||||
if (!empty($row_aliases_wl_2['aliases'])) {
|
||||
?>
|
||||
rcpt = "<?=$row_aliases_wl_2['aliases'];?>";
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
apply "default" {
|
||||
MAILCOW_MOO = -999.0;
|
||||
}
|
||||
}
|
||||
<?php
|
||||
}
|
||||
|
||||
/*
|
||||
// Start blacklist
|
||||
*/
|
||||
|
||||
$stmt = $pdo->query("SELECT DISTINCT `object` FROM `filterconf` WHERE `option` = 'blacklist_from'");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
$username_sane = preg_replace("/[^a-zA-Z0-9]+/", "", $row['object']);
|
||||
?>
|
||||
blacklist_<?=$username_sane;?> {
|
||||
<?php
|
||||
$stmt = $pdo->prepare("SELECT GROUP_CONCAT(REPLACE(`value`, '*', '.*') SEPARATOR '|') AS `value` FROM `filterconf`
|
||||
WHERE `object`= :object
|
||||
AND `option` = 'blacklist_from'");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$grouped_lists = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
||||
$value_sane = preg_replace("/\.\./", ".", (preg_replace("/\*/", ".*", $grouped_lists[0])));
|
||||
?>
|
||||
from = "/(<?=$value_sane;?>)/";
|
||||
<?php
|
||||
if (!filter_var(trim($row['object']), FILTER_VALIDATE_EMAIL)) {
|
||||
?>
|
||||
priority = medium;
|
||||
rcpt = "/.*@<?=$row['object'];?>/";
|
||||
<?php
|
||||
$stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain`
|
||||
WHERE `target_domain` = :object");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$rows_domain_aliases = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_domain_aliases);
|
||||
while ($row_domain_aliases = array_shift($rows_domain_aliases)) {
|
||||
?>
|
||||
rcpt = "/.*@<?=$row_domain_aliases['alias_domain'];?>/";
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
priority = high;
|
||||
rcpt = "<?=$row['object'];?>";
|
||||
<?php
|
||||
}
|
||||
$stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `goto` = :object_goto AND `address` NOT LIKE '@%' AND `address` != :object_address");
|
||||
$stmt->execute(array(':object_goto' => $row['object'], ':object_address' => $row['object']));
|
||||
$rows_aliases_bl_1 = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_aliases_bl_1);
|
||||
while ($row_aliases_bl_1 = array_shift($rows_aliases_bl_1)) {
|
||||
?>
|
||||
rcpt = "<?=$row_aliases_bl_1['address'];?>";
|
||||
<?php
|
||||
}
|
||||
$stmt = $pdo->prepare("SELECT CONCAT(`local_part`, '@', `alias_domain`.`alias_domain`) AS `aliases` FROM `mailbox`
|
||||
LEFT OUTER JOIN `alias_domain` on `mailbox`.`domain` = `alias_domain`.`target_domain`
|
||||
WHERE `mailbox`.`username` = :object");
|
||||
$stmt->execute(array(':object' => $row['object']));
|
||||
$rows_aliases_bl_2 = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
array_filter($rows_aliases_bl_2);
|
||||
while ($row_aliases_bl_2 = array_shift($rows_aliases_bl_2)) {
|
||||
if (!empty($row_aliases_bl_2['aliases'])) {
|
||||
?>
|
||||
rcpt = "<?=$row_aliases_bl_2['aliases'];?>";
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
apply "default" {
|
||||
MAILCOW_MOO = 999.0;
|
||||
}
|
||||
}
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
ini_set('error_reporting', 0);
|
||||
header('Content-Type: text/plain');
|
||||
require_once "vars.inc.php";
|
||||
$dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
|
||||
$opt = [
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
];
|
||||
$pdo = new PDO($dsn, $database_user, $database_pass, $opt);
|
||||
$stmt = $pdo->query("SELECT `username` FROM `mailbox` WHERE `wants_tagged_subject` = '1'");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
echo strtolower(trim($row['username'])) . PHP_EOL;
|
||||
}
|
||||
$stmt = $pdo->query("SELECT CONCAT(mailbox.local_part, '@', alias_domain.alias_domain) as `tag_ad` FROM `mailbox` INNER JOIN `alias_domain` ON mailbox.domain = alias_domain.target_domain WHERE mailbox.wants_tagged_subject='1';");
|
||||
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
while ($row = array_shift($rows)) {
|
||||
echo strtolower(trim($row['tag_ad'])) . PHP_EOL;
|
||||
}
|
||||
?>
|
|
@ -0,0 +1 @@
|
|||
../../../web/inc/vars.inc.php
|
|
@ -0,0 +1,34 @@
|
|||
sign_condition =<<EOD
|
||||
return function(task)
|
||||
local smtp_from = task:get_from('smtp')
|
||||
local mime_from = task:get_from('mime')
|
||||
local rspamd_logger = require "rspamd_logger"
|
||||
if smtp_from[1]['domain'] ~= nil and smtp_from[1]['domain'] ~= '' then
|
||||
domain = smtp_from[1]['domain']
|
||||
rspamd_logger.infox(task, "set domain found in smtp from field to %s", domain)
|
||||
if not task:get_user() then
|
||||
rspamd_logger.infox(task, "found domain in smtp header field, but user is not authenticated - skipped")
|
||||
return false
|
||||
end
|
||||
elseif mime_from[1]['domain'] ~= nil and mime_from[1]['domain'] ~= '' then
|
||||
domain = mime_from[1]['domain']
|
||||
rspamd_logger.infox(task, "set domain found in mime from field to %s", domain)
|
||||
else
|
||||
rspamd_logger.infox(task, "cannot determine domain for dkim signing")
|
||||
return false
|
||||
end
|
||||
local keyfile = io.open("/data/dkim/keys/" .. domain .. ".dkim")
|
||||
if keyfile then
|
||||
rspamd_logger.infox(task, "found dkim key file for domain %s", domain)
|
||||
keyfile:close()
|
||||
return {
|
||||
key = "/data/dkim/keys/" .. domain .. ".dkim",
|
||||
domain = domain,
|
||||
selector = "dkim"
|
||||
}
|
||||
else
|
||||
rspamd_logger.infox(task, "no key file for domain %s - skipped", domain)
|
||||
end
|
||||
return false
|
||||
end
|
||||
EOD;
|
|
@ -0,0 +1,19 @@
|
|||
actions {
|
||||
reject = 15;
|
||||
add_header = 5;
|
||||
greylist = 4;
|
||||
}
|
||||
symbol "MAILCOW_AUTH" {
|
||||
description = "mailcow authenticated";
|
||||
score = -20.0;
|
||||
}
|
||||
group "bayes" {
|
||||
symbol "BAYES_SPAM" {
|
||||
weight = 7.5;
|
||||
description = "Message probably spam, probability: ";
|
||||
}
|
||||
symbol "BAYES_HAM" {
|
||||
weight = -2.5;
|
||||
description = "Message probably ham, probability: ";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
dns {
|
||||
enable_dnssec = true;
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
servers = "redis:6379";
|
|
@ -0,0 +1 @@
|
|||
# rspamd.conf.local
|
|
@ -0,0 +1,59 @@
|
|||
classifier "bayes" {
|
||||
tokenizer {
|
||||
name = "osb";
|
||||
}
|
||||
|
||||
backend = "redis";
|
||||
servers = "redis:6379";
|
||||
min_tokens = 11;
|
||||
min_learns = 20;
|
||||
autolearn = true;
|
||||
|
||||
per_user = <<EOD
|
||||
return function(task)
|
||||
local rcpt = task:get_recipients(1)
|
||||
|
||||
if rcpt then
|
||||
one_rcpt = rcpt[1]
|
||||
if one_rcpt['domain'] then
|
||||
return one_rcpt['domain']
|
||||
end
|
||||
end
|
||||
|
||||
return nil
|
||||
end
|
||||
EOD
|
||||
|
||||
statfile {
|
||||
symbol = "BAYES_HAM";
|
||||
spam = false;
|
||||
}
|
||||
statfile {
|
||||
symbol = "BAYES_SPAM";
|
||||
spam = true;
|
||||
}
|
||||
learn_condition =<<EOD
|
||||
return function(task, is_spam, is_unlearn)
|
||||
local prob = task:get_mempool():get_variable('bayes_prob', 'double')
|
||||
|
||||
if prob then
|
||||
local in_class = false
|
||||
local cl
|
||||
if is_spam then
|
||||
cl = 'spam'
|
||||
in_class = prob >= 0.95
|
||||
else
|
||||
cl = 'ham'
|
||||
in_class = prob <= 0.05
|
||||
end
|
||||
|
||||
if in_class then
|
||||
return false,string.format('already in class %s; probability %.2f%%',
|
||||
cl, math.abs((prob - 0.5) * 200.0))
|
||||
end
|
||||
end
|
||||
|
||||
return true
|
||||
end
|
||||
EOD
|
||||
}
|
|
@ -0,0 +1,75 @@
|
|||
rspamd_config.MAILCOW_AUTH = {
|
||||
callback = function(task)
|
||||
local uname = task:get_user()
|
||||
if uname then
|
||||
return 1
|
||||
end
|
||||
end
|
||||
}
|
||||
|
||||
rspamd_config.MAILCOW_MOO = function (task)
|
||||
return true
|
||||
end
|
||||
|
||||
local modify_subject_map = rspamd_config:add_map({
|
||||
url = 'http://nginx:8081/tags.php',
|
||||
type = 'map',
|
||||
description = 'Map of users to use subject tags for'
|
||||
})
|
||||
|
||||
local auth_domain_map = rspamd_config:add_map({
|
||||
url = 'http://nginx:8081/authoritative.php',
|
||||
type = 'map',
|
||||
description = 'Map of domains we are authoritative for'
|
||||
})
|
||||
|
||||
rspamd_config.ADD_DELIMITER_TAG = {
|
||||
callback = function(task)
|
||||
local util = require("rspamd_util")
|
||||
local rspamd_logger = require "rspamd_logger"
|
||||
|
||||
local user_env_tagged = task:get_recipients(1)[1]['user']
|
||||
local user_to_tagged = task:get_recipients(2)[1]['user']
|
||||
|
||||
local domain = task:get_recipients(1)[1]['domain']
|
||||
|
||||
local user_env, tag_env = user_env_tagged:match("([^+]+)+(.*)")
|
||||
local user_to, tag_to = user_to_tagged:match("([^+]+)+(.*)")
|
||||
|
||||
local authdomain = auth_domain_map:get_key(domain)
|
||||
|
||||
if tag_env then
|
||||
tag = tag_env
|
||||
user = user_env
|
||||
elseif tag_to then
|
||||
tag = tag_to
|
||||
user = user_env
|
||||
end
|
||||
|
||||
if tag and authdomain then
|
||||
rspamd_logger.infox("Domain %s is part of mailcow, start reading tag settings", domain)
|
||||
local user_untagged = user .. '@' .. domain
|
||||
rspamd_logger.infox("Querying tag settings for user %1", user_untagged)
|
||||
if modify_subject_map:get_key(user_untagged) then
|
||||
rspamd_logger.infox("User wants subject modified for tagged mail")
|
||||
local sbj = task:get_header('Subject')
|
||||
if tag then
|
||||
rspamd_logger.infox("Found tag %1, will modify subject header", tag)
|
||||
new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
|
||||
task:set_rmilter_reply({
|
||||
remove_headers = {['Subject'] = 1},
|
||||
add_headers = {['Subject'] = new_sbj}
|
||||
})
|
||||
end
|
||||
else
|
||||
rspamd_logger.infox("Add X-Moo-Tag header")
|
||||
task:set_rmilter_reply({
|
||||
add_headers = {['X-Moo-Tag'] = 'YES'}
|
||||
})
|
||||
end
|
||||
else
|
||||
rspamd_logger.infox("Skip delimiter handling for untagged message or authenticated user")
|
||||
end
|
||||
return false
|
||||
end
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
type = "console";
|
||||
systemd = false;
|
||||
.include "$CONFDIR/logging.inc"
|
|
@ -0,0 +1,7 @@
|
|||
bind_socket = "*:11334";
|
||||
enable_password = "$2$pppq86q9uns51zd5ekfxecj7bxwaefo3$p7f9xdhamydjhtypcr639it3kqeiknx3dk9on7skjypyi8uwwcmy";
|
||||
secure_ip = "192.168.0.0/16";
|
||||
secure_ip = "172.16.0.0/12";
|
||||
secure_ip = "10.0.0.0/8";
|
||||
secure_ip = "127.0.0.1";
|
||||
secure_ip = "::1";
|
|
@ -0,0 +1 @@
|
|||
bind_socket = "*:11333";
|
|
@ -0,0 +1,76 @@
|
|||
{
|
||||
SOGoCalendarDefaultRoles = (
|
||||
PublicViewer,
|
||||
ConfidentialDAndTViewer,
|
||||
PrivateDAndTViewer
|
||||
);
|
||||
|
||||
WOWorkersCount = "20";
|
||||
SOGoACLsSendEMailNotifications = YES;
|
||||
SOGoAppointmentSendEMailNotifications = YES;
|
||||
SOGoDraftsFolderName = "Drafts";
|
||||
SOGoJunkFolderName= "Junk";
|
||||
SOGoMailDomain = "sogo.local";
|
||||
SOGoEnableEMailAlarms = NO;
|
||||
SOGoFoldersSendEMailNotifications = YES;
|
||||
SOGoForwardEnabled = YES;
|
||||
|
||||
// Multi-domain setup
|
||||
// Domains are isolated, you can define visibility options here.
|
||||
// Example:
|
||||
|
||||
// SOGoDomainsVisibility = (
|
||||
// (domain1.tld, domain5.tld),
|
||||
// (domain3.tld, domain2.tld)
|
||||
// );
|
||||
|
||||
SOGoIMAPServer = "imap://dovecot:143/?tls=YES";
|
||||
SOGoSieveServer = "sieve://dovecot:4190/?tls=YES";
|
||||
SOGoSMTPServer = "postfix:588";
|
||||
WOPort = "0.0.0.0:20000";
|
||||
SOGoMemcachedHost = "memcached";
|
||||
|
||||
SOGoLanguage = English;
|
||||
SOGoMailAuxiliaryUserAccountsEnabled = YES;
|
||||
SOGoMailCustomFromEnabled = YES;
|
||||
SOGoMailingMechanism = smtp;
|
||||
SOGoSMTPAuthenticationType = plain;
|
||||
|
||||
SxVMemLimit = 512;
|
||||
|
||||
SOGoMaximumPingInterval = 354;
|
||||
|
||||
SOGoInternalSyncInterval = 30;
|
||||
SOGoMaximumSyncInterval = 354;
|
||||
|
||||
SOGoMaximumSyncWindowSize = 0;
|
||||
SOGoMaximumSyncResponseSize = 1024;
|
||||
|
||||
WOWatchDogRequestTimeout = 10;
|
||||
WOListenQueueSize = 300;
|
||||
WONoDetach = YES;
|
||||
|
||||
SOGoIMAPAclConformsToIMAPExt = Yes;
|
||||
SOGoPageTitle = "SOGo Groupware";
|
||||
SOGoFirstDayOfWeek = "1";
|
||||
|
||||
SOGoSieveFolderEncoding = "UTF-8";
|
||||
SOGoPasswordChangeEnabled = NO;
|
||||
SOGoSentFolderName = "Sent";
|
||||
SOGoMailShowSubscribedFoldersOnly = NO;
|
||||
NGImap4ConnectionStringSeparator = "/";
|
||||
SOGoSieveScriptsEnabled = YES;
|
||||
SOGoTrashFolderName = "Trash";
|
||||
SOGoVacationEnabled = YES;
|
||||
|
||||
MySQL4Encoding = "utf8mb4";
|
||||
//SOGoDebugRequests = YES;
|
||||
//SoDebugBaseURL = YES;
|
||||
//ImapDebugEnabled = YES;
|
||||
//SOGoEASDebugEnabled = YES;
|
||||
//LDAPDebugEnabled = YES;
|
||||
//PGDebugEnabled = YES;
|
||||
//MySQL4DebugEnabled = YES;
|
||||
//SOGoUIxDebugEnabled = YES;
|
||||
//WODontZipResponse = YES;
|
||||
}
|
|
@ -0,0 +1,385 @@
|
|||
<?php
|
||||
require_once("inc/prerequisites.inc.php");
|
||||
$AuthUsers = array("admin", "domainadmin", "user");
|
||||
if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role'], $AuthUsers)) {
|
||||
header('Location: /');
|
||||
exit();
|
||||
}
|
||||
require_once("inc/header.inc.php");
|
||||
?>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title"><?=$lang['add']['title'];?></h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<?php
|
||||
if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin")) {
|
||||
if (isset($_GET['domain']) && $_SESSION['mailcow_cc_role'] == "admin") {
|
||||
?>
|
||||
<h4><?=$lang['add']['domain'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="domain"><?=$lang['add']['domain'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" autocorrect="off" autocapitalize="none" class="form-control" name="domain" id="domain">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="description"><?=$lang['add']['description'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="description" id="description">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="aliases"><?=$lang['add']['max_aliases'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="aliases" id="aliases" value="400">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="mailboxes"><?=$lang['add']['max_mailboxes'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="mailboxes" id="mailboxes" value="10">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="maxquota"><?=$lang['add']['mailbox_quota_m'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="maxquota" id="maxquota" value="3072">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="quota"><?=$lang['add']['domain_quota_m'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="quota" id="quota" value="10240">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2"><?=$lang['add']['backup_mx_options'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="backupmx"> <?=$lang['add']['relay_domain'];?></label>
|
||||
<br />
|
||||
<label><input type="checkbox" name="relay_all_recipients"> <?=$lang['add']['relay_all'];?></label>
|
||||
<p><?=$lang['add']['relay_all_info'];?></p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_add_domain" class="btn btn-success"><?=$lang['add']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
<p><span class="glyphicon glyphicon-exclamation-sign text-danger"></span> <?=$lang['add']['restart_sogo_hint'];?></p>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
elseif (isset($_GET['alias'])) {
|
||||
?>
|
||||
<h4><?=$lang['add']['alias'];?></h4>
|
||||
<p><?=$lang['add']['alias_spf_fail'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="address"><?=$lang['add']['alias_address'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<textarea autocorrect="off" autocapitalize="none" class="form-control" rows="5" name="address" id="address"></textarea>
|
||||
<p><?=$lang['add']['alias_address_info'];?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="goto"><?=$lang['add']['target_address'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<textarea autocorrect="off" autocapitalize="none" class="form-control" rows="5" id="goto" name="goto"></textarea>
|
||||
<p><?=$lang['add']['target_address_info'];?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_add_alias" class="btn btn-success "><?=$lang['add']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
elseif (isset($_GET['aliasdomain'])) {
|
||||
?>
|
||||
<h4><?=$lang['add']['alias_domain'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="alias_domain"><?=$lang['add']['alias_domain'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<textarea autocorrect="off" autocapitalize="none" class="form-control" rows="5" name="alias_domain" id="alias_domain"></textarea>
|
||||
<p><?=$lang['add']['alias_domain_info'];?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="target_domain"><?=$lang['add']['target_domain'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<select name="target_domain" id="target_domain" title="<?=$lang['add']['select'];?>" required>
|
||||
<?php
|
||||
foreach (mailbox_get_domains() as $domain) {
|
||||
echo "<option>".htmlspecialchars($domain)."</option>";
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_add_alias_domain" class="btn btn-success "><?=$lang['add']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
elseif (isset($_GET['mailbox'])) {
|
||||
?>
|
||||
<h4><?=$lang['add']['mailbox'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="local_part"><?=$lang['add']['mailbox_username'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" pattern="[A-Za-z0-9\.!#$%&'*+/=?^_`{|}~-]+" autocorrect="off" autocapitalize="none" class="form-control" name="local_part" id="local_part" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="domain"><?=$lang['add']['domain'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select id="addSelectDomain" name="domain" id="domain" title="<?=$lang['add']['select'];?>" required>
|
||||
<?php
|
||||
foreach (mailbox_get_domains() as $domain) {
|
||||
echo "<option>".htmlspecialchars($domain)."</option>";
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="name"><?=$lang['add']['full_name'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="name" id="name">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="addInputQuota"><?=$lang['add']['quota_mb'];?>
|
||||
<br /><span id="quotaBadge" class="badge">max. - MiB</span>
|
||||
</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="quota" min="1" max="" id="addInputQuota" disabled value="<?=$lang['add']['select_domain'];?>" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password"><?=$lang['add']['password'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password" id="password" placeholder="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password2"><?=$lang['add']['password_repeat'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password2" id="password2" placeholder="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_add_mailbox" class="btn btn-success "><?=$lang['add']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
elseif (isset($_GET['resource'])) {
|
||||
?>
|
||||
<h4><?=$lang['add']['resource'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="description"><?=$lang['add']['description'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="description" id="description" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="domain"><?=$lang['add']['domain'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select name="domain" id="domain" title="<?=$lang['add']['select'];?>" required>
|
||||
<?php
|
||||
foreach (mailbox_get_domains() as $domain) {
|
||||
echo "<option>".htmlspecialchars($domain)."</option>";
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="domain"><?=$lang['add']['kind'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select name="kind" id="kind" title="<?=$lang['add']['select'];?>" required>
|
||||
<option value="location">Location</option>
|
||||
<option value="group">Group</option>
|
||||
<option value="thing">Thing</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="multiple_bookings" checked> <?=$lang['add']['multiple_bookings'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_add_resource" class="btn btn-success "><?=$lang['add']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "user")) {
|
||||
if (isset($_GET['syncjob'])) {
|
||||
?>
|
||||
<h4><?=$lang['add']['syncjob'];?></h4>
|
||||
<p><?=$lang['add']['syncjob_hint'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="host1"><?=$lang['add']['hostname'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="host1" id="host1" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="port1">Port</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="port1" id="port1" min="1" max="65535" value="143" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="user1"><?=$lang['add']['username'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="user1" id="user1" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password1"><?=$lang['add']['password'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="password1" id="password1" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="enc1"><?=$lang['add']['enc_method'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<select name="enc1" id="enc1" title="<?=$lang['add']['select'];?>" required>
|
||||
<option selected>TLS</option>
|
||||
<option>SSL</option>
|
||||
<option>PLAIN</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="mins_interval"><?=$lang['add']['mins_interval'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="mins_interval" min="10" max="3600" value="20" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="subfolder2"><?=$lang['edit']['subfolder2'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="subfolder2" id="subfolder2" value="External">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="maxage"><?=$lang['edit']['maxage'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="maxage" id="maxage" min="0" max="32000" value="0">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="exclude"><?=$lang['add']['exclude'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="exclude" id="exclude" value="(?i)spam|(?i)junk">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="delete2duplicates" checked> <?=$lang['add']['delete2duplicates'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="add_syncjob" value="1" class="btn btn-success "><?=$lang['add']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-danger" role="alert"><?=$lang['danger']['access_denied'];?></div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<a href="<?=$_SESSION['return_to'];?>">← <?=$lang['add']['previous'];?></a>
|
||||
</div> <!-- /container -->
|
||||
<script src="js/add.js"></script>
|
||||
<?php
|
||||
require_once("inc/footer.inc.php");
|
||||
?>
|
|
@ -0,0 +1,311 @@
|
|||
<?php
|
||||
require_once("inc/prerequisites.inc.php");
|
||||
|
||||
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
|
||||
require_once("inc/header.inc.php");
|
||||
$_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
|
||||
$tfa_data = get_tfa();
|
||||
?>
|
||||
<div class="container">
|
||||
<h4><span class="glyphicon glyphicon-user" aria-hidden="true"></span> <?=$lang['admin']['access'];?></h4>
|
||||
|
||||
<div class="panel-group" id="accordion_access">
|
||||
<div class="panel panel-danger">
|
||||
<div class="panel-heading"><?=$lang['admin']['admin_details'];?></div>
|
||||
<div class="panel-body">
|
||||
<form class="form-horizontal" autocapitalize="none" autocorrect="off" role="form" method="post">
|
||||
<?php $admindetails = get_admin_details(); ?>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-3" for="admin_user"><?=$lang['admin']['admin'];?>:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="text" class="form-control" name="admin_user" id="admin_user" value="<?=htmlspecialchars($admindetails['username']);?>" required>
|
||||
↳ <kbd>a-z A-Z - _ .</kbd>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-3" for="admin_pass"><?=$lang['admin']['password'];?>:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="password" class="form-control" name="admin_pass" id="admin_pass" placeholder="<?=$lang['admin']['unchanged_if_empty'];?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-3" for="admin_pass2"><?=$lang['admin']['password_repeat'];?>:</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="password" class="form-control" name="admin_pass2" id="admin_pass2">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-3 col-sm-9">
|
||||
<button type="submit" name="edit_admin_account" class="btn btn-default"><?=$lang['admin']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<hr>
|
||||
<div class="row">
|
||||
<div class="col-sm-3 col-xs-5 text-right"><?=$lang['tfa']['tfa'];?>:</div>
|
||||
<div class="col-sm-9 col-xs-7">
|
||||
<p id="tfa_pretty"><?=$tfa_data['pretty'];?></p>
|
||||
<div id="tfa_additional">
|
||||
<?php if($tfa_data['additional']):
|
||||
foreach ($tfa_data['additional'] as $key_info): ?>
|
||||
<form style="display:inline;" method="post">
|
||||
<input type="hidden" name="unset_tfa_key" value="<?=$key_info['id'];?>" />
|
||||
<div style="padding:4px;margin:4px" class="label label-<?=($_SESSION['tfa_id'] == $key_info['id']) ? 'success' : 'default'; ?>">
|
||||
<?=$key_info['key_id'];?>
|
||||
<a href="#" style="font-weight:bold;color:white" onClick="$(this).closest('form').submit()">[<?=strtolower($lang['admin']['remove']);?>]</a>
|
||||
</div>
|
||||
</form>
|
||||
<?php endforeach;
|
||||
endif;?>
|
||||
</div>
|
||||
<br />
|
||||
</div>
|
||||
</div>
|
||||
<div class="row">
|
||||
<div class="col-sm-3 col-xs-5 text-right"><?=$lang['tfa']['set_tfa'];?>:</div>
|
||||
<div class="col-sm-9 col-xs-7">
|
||||
<select data-width="auto" id="selectTFA" class="selectpicker" title="<?=$lang['tfa']['select'];?>">
|
||||
<option value="yubi_otp"><?=$lang['tfa']['yubi_otp'];?></option>
|
||||
<option value="u2f"><?=$lang['tfa']['u2f'];?></option>
|
||||
<option value="none"><?=$lang['tfa']['none'];?></option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="panel panel-default">
|
||||
<div style="cursor:pointer;" class="panel-heading" data-toggle="collapse" data-parent="#accordion_access" data-target="#collapseDomAdmins">
|
||||
<span class="accordion-toggle"><?=$lang['admin']['domain_admins'];?></span>
|
||||
</div>
|
||||
<div id="collapseDomAdmins" class="panel-collapse collapse">
|
||||
<div class="panel-body">
|
||||
<form method="post">
|
||||
<div class="table-responsive">
|
||||
<table class="table table-striped sortable-theme-bootstrap" data-sortable id="domainadminstable">
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="sort-table" style="min-width: 100px;"><?=$lang['admin']['username'];?></th>
|
||||
<th class="sort-table" style="min-width: 166px;"><?=$lang['admin']['admin_domains'];?></th>
|
||||
<th class="sort-table" style="min-width: 76px;"><?=$lang['admin']['active'];?></th>
|
||||
<th class="sort-table" style="min-width: 76px;"><?=$lang['tfa']['tfa'];?></th>
|
||||
<th style="text-align: right; min-width: 200px;" data-sortable="false"><?=$lang['admin']['action'];?></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
foreach (get_domain_admins() as $domain_admin) {
|
||||
$da_data = get_domain_admin_details($domain_admin);
|
||||
if (!empty($da_data)):
|
||||
?>
|
||||
<tr id="data">
|
||||
<td><?=htmlspecialchars(strtolower($domain_admin));?></td>
|
||||
<td>
|
||||
<?php
|
||||
foreach ($da_data['selected_domains'] as $domain) {
|
||||
echo htmlspecialchars($domain).'<br />';
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
<td><?=$da_data['active'];?></td>
|
||||
<td><?=empty($da_data['tfa_active_int']) ? "✘" : "✔";?></td>
|
||||
<td style="text-align: right;">
|
||||
<div class="btn-group">
|
||||
<a href="edit.php?domainadmin=<?=$domain_admin;?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> <?=$lang['admin']['edit'];?></a>
|
||||
<a href="delete.php?domainadmin=<?=$domain_admin;?>" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> <?=$lang['admin']['remove'];?></a>
|
||||
</div>
|
||||
</td>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<tr id="no-data"><td colspan="4" style="text-align: center; font-style: italic;"><?=$lang['admin']['no_record'];?></td></tr>
|
||||
<?php
|
||||
endif;
|
||||
}
|
||||
?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</form>
|
||||
<small>
|
||||
<legend><?=$lang['admin']['add_domain_admin'];?></legend>
|
||||
<form class="form-horizontal" role="form" method="post">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="username"><?=$lang['admin']['username'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="username" id="username" required>
|
||||
↳ <kbd>a-z A-Z - _ .</kbd>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="name"><?=$lang['admin']['admin_domains'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select title="<?=$lang['admin']['search_domain_da'];?>" style="width:100%" name="domain[]" size="5" multiple>
|
||||
<?php
|
||||
foreach (mailbox_get_domains() as $domain) {
|
||||
echo "<option>".htmlspecialchars($domain)."</option>";
|
||||
}
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password"><?=$lang['admin']['password'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password" id="password" placeholder="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password2"><?=$lang['admin']['password_repeat'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password2" id="password2" placeholder="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" checked> <?=$lang['admin']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="add_domain_admin" class="btn btn-default"><?=$lang['admin']['add'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</small>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<h4><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> <?=$lang['admin']['configuration'];?></h4>
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading"><?=$lang['admin']['dkim_keys'];?></div>
|
||||
<div id="collapseDKIM" class="panel-collapse">
|
||||
<div class="panel-body">
|
||||
<p style="margin-bottom:40px"><?=$lang['admin']['dkim_key_hint'];?></p>
|
||||
<?php
|
||||
foreach(mailbox_get_domains() as $domain) {
|
||||
if (!empty($dkim = dkim_get_key_details($domain))) {
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-3">
|
||||
<p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br />
|
||||
<span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
|
||||
<span class="label label-info"><?=$dkim['length'];?> bit</span>
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-xs-8">
|
||||
<pre><?=$dkim['dkim_txt'];?></pre>
|
||||
</div>
|
||||
<div class="col-xs-1">
|
||||
<form class="form-inline" method="post">
|
||||
<input type="hidden" name="domain" value="<?=$domain;?>">
|
||||
<input type="hidden" name="dkim_delete_key" value="1">
|
||||
<a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="top" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-3">
|
||||
<p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br /><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
|
||||
</div>
|
||||
<div class="col-xs-8"><pre>-</pre></div>
|
||||
<div class="col-xs-1"> </div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
foreach(mailbox_get_alias_domains($domain) as $alias_domain) {
|
||||
if (!empty($dkim = dkim_get_key_details($alias_domain))) {
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-offset-1 col-xs-2">
|
||||
<p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small>
|
||||
<span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
|
||||
<span class="label label-info"><?=$dkim['length'];?> bit</span>
|
||||
</p>
|
||||
</div>
|
||||
<div class="col-xs-8">
|
||||
<pre><?=$dkim['dkim_txt'];?></pre>
|
||||
</div>
|
||||
<div class="col-xs-1">
|
||||
<form class="form-inline" method="post">
|
||||
<input type="hidden" name="domain" value="<?=$alias_domain;?>">
|
||||
<input type="hidden" name="dkim_delete_key" value="1">
|
||||
<a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="top" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-2 col-xs-offset-1">
|
||||
<p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
|
||||
</div>
|
||||
<div class="col-xs-8"><pre>-</pre></div>
|
||||
<div class="col-xs-1"> </div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
}
|
||||
foreach(dkim_get_blind_keys() as $blind) {
|
||||
if (!empty($dkim = dkim_get_key_details($blind))) {
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-xs-3">
|
||||
<p>Domain: <strong><?=htmlspecialchars($blind);?></strong><br /><span class="label label-warning"><?=$lang['admin']['dkim_key_unused'];?></span></p>
|
||||
</div>
|
||||
<div class="col-xs-8">
|
||||
<pre><?=$dkim['dkim_txt'];?></pre>
|
||||
</div>
|
||||
<div class="col-xs-1">
|
||||
<form class="form-inline" method="post">
|
||||
<input type="hidden" name="domain" value="<?=$blind;?>">
|
||||
<input type="hidden" name="dkim_delete_key" value="1">
|
||||
<a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="top" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
<legend style="margin-top:40px"><?=$lang['admin']['dkim_add_key'];?></legend>
|
||||
<form class="form-inline" role="form" method="post">
|
||||
<div class="form-group">
|
||||
<label for="domain">Domain</label>
|
||||
<input class="form-control" id="domain" name="domain" placeholder="example.org" required>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<select data-width="200px" class="form-control" id="key_size" name="key_size" title="<?=$lang['admin']['dkim_key_length'];?>" required>
|
||||
<option data-subtext="bits">1024</option>
|
||||
<option data-subtext="bits">2048</option>
|
||||
</select>
|
||||
</div>
|
||||
<button type="submit" name="dkim_add_key" class="btn btn-default"><span class="glyphicon glyphicon-plus"></span> <?=$lang['admin']['add'];?></button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div> <!-- /container -->
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js" integrity="sha384-YWP9O4NjmcGo4oEJFXvvYSEzuHIvey+LbXkBNJ1Kd0yfugEZN9NCQNpRYBVC1RvA" crossorigin="anonymous"></script>
|
||||
<script src="js/sorttable.js"></script>
|
||||
<script src="js/admin.js"></script>
|
||||
<?php
|
||||
require_once("inc/footer.inc.php");
|
||||
} else {
|
||||
header('Location: /');
|
||||
exit();
|
||||
}
|
||||
?>
|
|
@ -0,0 +1,69 @@
|
|||
<?php
|
||||
require_once "inc/vars.inc.php";
|
||||
if (empty($mailcow_hostname)) { exit(); }
|
||||
header("Content-Type: application/xml");
|
||||
?>
|
||||
<?='<?xml version="1.0"?>';?>
|
||||
<clientConfig version="1.1">
|
||||
<emailProvider id="<?=$mailcow_hostname;?>">
|
||||
|
||||
<displayName>A mailcow mail server</displayName>
|
||||
<displayShortName>mail server</displayShortName>
|
||||
|
||||
<incomingServer type="imap">
|
||||
<hostname><?=$mailcow_hostname;?></hostname>
|
||||
<port>993</port>
|
||||
<socketType>SSL</socketType>
|
||||
<username>%EMAILADDRESS%</username>
|
||||
<authentication>password-cleartext</authentication>
|
||||
</incomingServer>
|
||||
<incomingServer type="imap">
|
||||
<hostname><?=$mailcow_hostname;?></hostname>
|
||||
<port>143</port>
|
||||
<socketType>STARTTLS</socketType>
|
||||
<username>%EMAILADDRESS%</username>
|
||||
<authentication>password-cleartext</authentication>
|
||||
</incomingServer>
|
||||
|
||||
<incomingServer type="pop3">
|
||||
<hostname><?=$mailcow_hostname;?></hostname>
|
||||
<port>995</port>
|
||||
<socketType>SSL</socketType>
|
||||
<username>%EMAILADDRESS%</username>
|
||||
<authentication>password-cleartext</authentication>
|
||||
</incomingServer>
|
||||
<incomingServer type="pop3">
|
||||
<hostname><?=$mailcow_hostname;?></hostname>
|
||||
<port>110</port>
|
||||
<socketType>STARTTLS</socketType>
|
||||
<username>%EMAILADDRESS%</username>
|
||||
<authentication>password-cleartext</authentication>
|
||||
</incomingServer>
|
||||
|
||||
<outgoingServer type="smtp">
|
||||
<hostname><?=$mailcow_hostname;?></hostname>
|
||||
<port>465</port>
|
||||
<socketType>SSL</socketType>
|
||||
<username>%EMAILADDRESS%</username>
|
||||
<authentication>password-cleartext</authentication>
|
||||
</outgoingServer>
|
||||
|
||||
<outgoingServer type="smtp">
|
||||
<hostname><?=$mailcow_hostname;?></hostname>
|
||||
<port>587</port>
|
||||
<socketType>STARTTLS</socketType>
|
||||
<username>%EMAILADDRESS%</username>
|
||||
<authentication>password-cleartext</authentication>
|
||||
</outgoingServer>
|
||||
|
||||
<enable visiturl="https://<?=$mailcow_hostname;?>/admin.php">
|
||||
<instruction>If you didn't change the password given to you by the administrator or if you didn't change it in a long time, please consider doing that now.</instruction>
|
||||
<instruction lang="de">Sollten Sie das Ihnen durch den Administrator vergebene Passwort noch nicht geändert haben, empfehlen wir dies nun zu tun. Auch ein altes Passwort sollte aus Sicherheitsgründen geändert werden.</instruction>
|
||||
</enable>
|
||||
|
||||
</emailProvider>
|
||||
|
||||
<webMail>
|
||||
<loginPage url="https://<?=$mailcow_hostname;?>/SOGo/" />
|
||||
</webMail>
|
||||
</clientConfig>
|
|
@ -0,0 +1,142 @@
|
|||
<?php
|
||||
require_once 'inc/vars.inc.php';
|
||||
require_once 'inc/functions.inc.php';
|
||||
|
||||
ini_set('error_reporting', '0');
|
||||
$config = array(
|
||||
'useEASforOutlook' => 'yes',
|
||||
'autodiscoverType' => 'activesync',
|
||||
'imap' => array(
|
||||
'server' => $mailcow_hostname,
|
||||
'port' => '993',
|
||||
'ssl' => 'on',
|
||||
),
|
||||
'smtp' => array(
|
||||
'server' => $mailcow_hostname,
|
||||
'port' => '465',
|
||||
'ssl' => 'on'
|
||||
),
|
||||
'activesync' => array(
|
||||
'url' => 'https://'.$mailcow_hostname.'/Microsoft-Server-ActiveSync'
|
||||
)
|
||||
);
|
||||
|
||||
if(file_exists('inc/vars.local.inc.php')) {
|
||||
include_once 'inc/vars.local.inc.php';
|
||||
}
|
||||
|
||||
/* ---------- DO NOT MODIFY ANYTHING BEYOND THIS LINE. IGNORE AT YOUR OWN RISK. ---------- */
|
||||
|
||||
if ($config['useEASforOutlook'] == 'no') {
|
||||
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Outlook')) {
|
||||
$config['autodiscoverType'] = 'imap';
|
||||
}
|
||||
}
|
||||
|
||||
$dsn = "$database_type:host=$database_host;dbname=$database_name";
|
||||
$opt = [
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
];
|
||||
$pdo = new PDO($dsn, $database_user, $database_pass, $opt);
|
||||
$login_user = strtolower(trim($_SERVER['PHP_AUTH_USER']));
|
||||
$as = check_login($login_user, $_SERVER['PHP_AUTH_PW']);
|
||||
|
||||
if (!isset($_SERVER['PHP_AUTH_USER']) OR $as !== "user") {
|
||||
header('WWW-Authenticate: Basic realm=""');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
exit;
|
||||
} else {
|
||||
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
|
||||
if ($as === "user") {
|
||||
header("Content-Type: application/xml");
|
||||
echo '<?xml version="1.0" encoding="utf-8" ?><Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">';
|
||||
|
||||
$data = trim(file_get_contents("php://input"));
|
||||
if(!$data) {
|
||||
list($usec, $sec) = explode(' ', microtime());
|
||||
echo '<Response>';
|
||||
echo '<Error Time="' . date('H:i:s', $sec) . substr($usec, 0, strlen($usec) - 2) . '" Id="2477272013">';
|
||||
echo '<ErrorCode>600</ErrorCode><Message>Invalid Request</Message><DebugData /></Error>';
|
||||
echo '</Response>';
|
||||
echo '</Autodiscover>';
|
||||
exit(0);
|
||||
}
|
||||
$discover = new SimpleXMLElement($data);
|
||||
$email = $discover->Request->EMailAddress;
|
||||
|
||||
if ($config['autodiscoverType'] == 'imap') {
|
||||
?>
|
||||
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
|
||||
<Account>
|
||||
<AccountType>email</AccountType>
|
||||
<Action>settings</Action>
|
||||
<Protocol>
|
||||
<Type>IMAP</Type>
|
||||
<Server><?php echo $config['imap']['server']; ?></Server>
|
||||
<Port><?php echo $config['imap']['port']; ?></Port>
|
||||
<DomainRequired>off</DomainRequired>
|
||||
<LoginName><?php echo $email; ?></LoginName>
|
||||
<SPA>off</SPA>
|
||||
<SSL><?php echo $config['imap']['ssl']; ?></SSL>
|
||||
<AuthRequired>on</AuthRequired>
|
||||
</Protocol>
|
||||
<Protocol>
|
||||
<Type>SMTP</Type>
|
||||
<Server><?php echo $config['smtp']['server']; ?></Server>
|
||||
<Port><?php echo $config['smtp']['port']; ?></Port>
|
||||
<DomainRequired>off</DomainRequired>
|
||||
<LoginName><?php echo $email; ?></LoginName>
|
||||
<SPA>off</SPA>
|
||||
<SSL><?php echo $config['smtp']['ssl']; ?></SSL>
|
||||
<AuthRequired>on</AuthRequired>
|
||||
<UsePOPAuth>on</UsePOPAuth>
|
||||
<SMTPLast>off</SMTPLast>
|
||||
</Protocol>
|
||||
</Account>
|
||||
</Response>
|
||||
<?php
|
||||
}
|
||||
else if ($config['autodiscoverType'] == 'activesync') {
|
||||
$username = trim($email);
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
|
||||
$stmt->execute(array(':username' => $username));
|
||||
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
die("Failed to determine name from SQL");
|
||||
}
|
||||
if (!empty($MailboxData['name'])) {
|
||||
$displayname = utf8_encode($MailboxData['name']);
|
||||
}
|
||||
else {
|
||||
$displayname = $email;
|
||||
}
|
||||
?>
|
||||
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
|
||||
<Culture>en:en</Culture>
|
||||
<User>
|
||||
<DisplayName><?php echo $displayname; ?></DisplayName>
|
||||
<EMailAddress><?php echo $email; ?></EMailAddress>
|
||||
</User>
|
||||
<Action>
|
||||
<Settings>
|
||||
<Server>
|
||||
<Type>MobileSync</Type>
|
||||
<Url><?php echo $config['activesync']['url']; ?></Url>
|
||||
<Name><?php echo $config['activesync']['url']; ?></Name>
|
||||
</Server>
|
||||
</Settings>
|
||||
</Action>
|
||||
</Response>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</Autodiscover>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
|
@ -0,0 +1,40 @@
|
|||
<?php
|
||||
session_start();
|
||||
$AuthUsers = array("admin");
|
||||
if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role'], $AuthUsers)) {
|
||||
echo "Not allowed." . PHP_EOL;
|
||||
exit();
|
||||
}
|
||||
if ($_GET['ACTION'] == "start") {
|
||||
$request = xmlrpc_encode_request("supervisor.startProcessGroup", 'sogo-group', array('encoding'=>'utf-8'));
|
||||
$context = stream_context_create(array('http' => array(
|
||||
'method' => "POST",
|
||||
'header' => "Content-Length: " . strlen($request),
|
||||
'content' => $request
|
||||
)));
|
||||
$file = @file_get_contents("http://sogo:9191/RPC2", false, $context) or die("Cannot connect to $remote_server:$listener_port");
|
||||
$response = xmlrpc_decode($file);
|
||||
if (isset($response['faultString'])) {
|
||||
echo '<b><span class="pull-right text-warning">' . $response['faultString'] . '</span></b>';
|
||||
}
|
||||
else {
|
||||
echo '<b><span class="pull-right text-success">OK</span></b>';
|
||||
}
|
||||
}
|
||||
elseif ($_GET['ACTION'] == "stop") {
|
||||
$request = xmlrpc_encode_request("supervisor.stopProcessGroup", 'sogo-group', array('encoding'=>'utf-8'));
|
||||
$context = stream_context_create(array('http' => array(
|
||||
'method' => "POST",
|
||||
'header' => "Content-Length: " . strlen($request),
|
||||
'content' => $request
|
||||
)));
|
||||
$file = @file_get_contents("http://sogo:9191/RPC2", false, $context) or die("Cannot connect to $remote_server:$listener_port");
|
||||
$response = xmlrpc_decode($file);
|
||||
if (isset($response['faultString'])) {
|
||||
echo '<b><span class="pull-right text-warning">' . $response['faultString'] . '</span></b>';
|
||||
}
|
||||
else {
|
||||
echo '<b><span class="pull-right text-success">OK</span></b>';
|
||||
}
|
||||
}
|
||||
?>
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,19 @@
|
|||
.panel-heading div {
|
||||
margin-top: -18px;
|
||||
font-size: 15px;
|
||||
}
|
||||
.panel-heading div span {
|
||||
margin-left:5px;
|
||||
}
|
||||
.panel-body {
|
||||
display: none;
|
||||
}
|
||||
.clickable {
|
||||
cursor: pointer;
|
||||
}
|
||||
.progress {
|
||||
margin-bottom: 0px;
|
||||
}
|
||||
.table>thead>tr>th {
|
||||
vertical-align: top !important;
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
#maxmsgsize { min-width: 80px; }
|
||||
#slider1 .slider-selection {
|
||||
background: #FFD700;
|
||||
}
|
||||
#slider1 .slider-track-high {
|
||||
background: #FF4500;
|
||||
}
|
||||
#slider1 .slider-track-low {
|
||||
background: #66CD00;
|
||||
}
|
||||
.striped:nth-child(odd) {
|
||||
background-color: #fff;
|
||||
}
|
||||
.striped:nth-child(even) {
|
||||
background-color: #fafafa;
|
||||
border:1px solid white;
|
||||
}
|
||||
.btn {
|
||||
text-transform: none;
|
||||
}
|
||||
.glyphicon-spin {
|
||||
font-size:12px;
|
||||
-webkit-animation: spin 2000ms infinite linear;
|
||||
animation: spin 2000ms infinite linear;
|
||||
}
|
||||
@-webkit-keyframes spin {
|
||||
0% {
|
||||
-webkit-transform: rotate(0deg);
|
||||
transform: rotate(0deg);
|
||||
}
|
||||
100% {
|
||||
-webkit-transform: rotate(359deg);
|
||||
transform: rotate(359deg);
|
||||
}
|
||||
}
|
||||
@keyframes spin {
|
||||
0% {
|
||||
-webkit-transform: rotate(0deg);
|
||||
transform: rotate(0deg);
|
||||
}
|
||||
100% {
|
||||
-webkit-transform: rotate(359deg);
|
||||
transform: rotate(359deg);
|
||||
}
|
||||
}
|
||||
pre{white-space:pre-wrap;white-space:-moz-pre-wrap;white-space:-pre-wrap;white-space:-o-pre-wrap;word-wrap:break-word;}
|
|
@ -0,0 +1,79 @@
|
|||
ul[id*="sortable"] { word-wrap: break-word; list-style-type: none; float: left; padding: 0 15px 0 0; width: 48%; cursor:move}
|
||||
ul[id$="sortable-active"] li {cursor:move; }
|
||||
ul[id$="sortable-inactive"] li {cursor:move }
|
||||
.list-heading { cursor:default !important}
|
||||
.ui-state-disabled { cursor:no-drop; color:#ccc; }
|
||||
.ui-state-highlight {background: #F5F5F5 !important; height: 41px !important; cursor:move }
|
||||
table[data-sortable] {
|
||||
border-collapse: collapse;
|
||||
border-spacing: 0;
|
||||
}
|
||||
table[data-sortable] th {
|
||||
vertical-align: bottom;
|
||||
font-weight: bold;
|
||||
}
|
||||
table[data-sortable] th, table[data-sortable] td {
|
||||
text-align: left;
|
||||
padding: 10px;
|
||||
}
|
||||
table[data-sortable] th:not([data-sortable="false"]) {
|
||||
-webkit-user-select: none;
|
||||
-moz-user-select: none;
|
||||
-ms-user-select: none;
|
||||
-o-user-select: none;
|
||||
user-select: none;
|
||||
-webkit-tap-highlight-color: rgba(0, 0, 0, 0);
|
||||
-webkit-touch-callout: none;
|
||||
cursor: pointer;
|
||||
}
|
||||
table[data-sortable] th:after {
|
||||
content: "";
|
||||
visibility: hidden;
|
||||
display: inline-block;
|
||||
vertical-align: inherit;
|
||||
height: 0;
|
||||
width: 0;
|
||||
border-width: 5px;
|
||||
border-style: solid;
|
||||
border-color: transparent;
|
||||
margin-right: 1px;
|
||||
margin-left: 10px;
|
||||
float: right;
|
||||
}
|
||||
table[data-sortable] th[data-sortable="false"]:after {
|
||||
display: none;
|
||||
}
|
||||
table[data-sortable] th[data-sorted="true"]:after {
|
||||
visibility: visible;
|
||||
}
|
||||
table[data-sortable] th[data-sorted-direction="descending"]:after {
|
||||
border-top-color: inherit;
|
||||
margin-top: 8px;
|
||||
}
|
||||
table[data-sortable] th[data-sorted-direction="ascending"]:after {
|
||||
border-bottom-color: inherit;
|
||||
margin-top: 3px;
|
||||
}
|
||||
table[data-sortable].sortable-theme-bootstrap thead th {
|
||||
border-bottom: 2px solid #e0e0e0;
|
||||
}
|
||||
table[data-sortable].sortable-theme-bootstrap th[data-sorted="true"] {
|
||||
color: #3a87ad;
|
||||
background: #d9edf7;
|
||||
border-bottom-color: #bce8f1;
|
||||
}
|
||||
table[data-sortable].sortable-theme-bootstrap th[data-sorted="true"][data-sorted-direction="descending"]:after {
|
||||
border-top-color: #3a87ad;
|
||||
}
|
||||
table[data-sortable].sortable-theme-bootstrap th[data-sorted="true"][data-sorted-direction="ascending"]:after {
|
||||
border-bottom-color: #3a87ad;
|
||||
}
|
||||
table[data-sortable].sortable-theme-bootstrap.sortable-theme-bootstrap-striped tbody > tr:nth-child(odd) > td {
|
||||
background-color: #f9f9f9;
|
||||
}
|
||||
#data td, #no-data td {
|
||||
vertical-align: middle;
|
||||
}
|
||||
.sort-table:hover {
|
||||
border-bottom-color: #00B7DC !important;
|
||||
}
|
|
@ -0,0 +1,212 @@
|
|||
<?php
|
||||
require_once("inc/prerequisites.inc.php");
|
||||
$AuthUsers = array("admin", "domainadmin", "user");
|
||||
if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role'], $AuthUsers)) {
|
||||
header('Location: /');
|
||||
exit();
|
||||
}
|
||||
require_once("inc/header.inc.php");
|
||||
?>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title"><?=$lang['delete']['title'];?></h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<?php
|
||||
if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin")) {
|
||||
// DELETE DOMAIN
|
||||
if (isset($_GET["domain"]) &&
|
||||
is_valid_domain_name($_GET["domain"]) &&
|
||||
!empty($_GET["domain"]) &&
|
||||
$_SESSION['mailcow_cc_role'] == "admin") {
|
||||
$domain = $_GET["domain"];
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_domain_warning'], htmlspecialchars($_GET["domain"]));?></div>
|
||||
<p><?=$lang['delete']['remove_domain_details'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="/mailbox.php">
|
||||
<input type="hidden" name="domain" value="<?php echo htmlspecialchars($domain) ?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<button type="submit" name="mailbox_delete_domain" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
// DELETE ALIAS
|
||||
elseif (isset($_GET["alias"]) &&
|
||||
(filter_var($_GET["alias"], FILTER_VALIDATE_EMAIL) || is_valid_domain_name(substr(strrchr($_GET["alias"], "@"), 1))) &&
|
||||
!empty($_GET["alias"])) {
|
||||
$domain = substr(strrchr($_GET["alias"], "@"), 1);
|
||||
if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_alias_warning'], htmlspecialchars($_GET["alias"]));?></div>
|
||||
<p><?=$lang['delete']['remove_alias_details'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="/mailbox.php">
|
||||
<input type="hidden" name="address" value="<?php echo htmlspecialchars($_GET["alias"]) ?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<button type="submit" name="mailbox_delete_alias" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
// DELETE ALIAS DOMAIN
|
||||
elseif (
|
||||
isset($_GET["aliasdomain"]) &&
|
||||
is_valid_domain_name($_GET["aliasdomain"]) &&
|
||||
!empty($_GET["aliasdomain"])) {
|
||||
$alias_domain = $_GET["aliasdomain"];
|
||||
$result = mailbox_get_alias_domain_details($alias_domain);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_domainalias_warning'], htmlspecialchars($_GET["aliasdomain"]));?></div>
|
||||
<form class="form-horizontal" role="form" method="post" action="/mailbox.php">
|
||||
<input type="hidden" name="alias_domain" value="<?php echo htmlspecialchars($alias_domain) ?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<button type="submit" name="mailbox_delete_alias_domain" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
// DELETE DOMAIN ADMIN
|
||||
elseif (isset($_GET["domainadmin"]) &&
|
||||
ctype_alnum(str_replace(array('_', '.', '-'), '', $_GET["domainadmin"])) &&
|
||||
!empty($_GET["domainadmin"]) &&
|
||||
$_SESSION['mailcow_cc_role'] == "admin") {
|
||||
$domain_admin = $_GET["domainadmin"];
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_domainadmin_warning'], htmlspecialchars($_GET["domainadmin"]));?></div>
|
||||
<form class="form-horizontal" role="form" method="post" action="/admin.php">
|
||||
<input type="hidden" name="username" value="<?=htmlspecialchars($domain_admin);?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<button type="submit" name="delete_domain_admin" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
// DELETE MAILBOX
|
||||
elseif (isset($_GET["mailbox"]) &&
|
||||
filter_var($_GET["mailbox"], FILTER_VALIDATE_EMAIL) &&
|
||||
!empty($_GET["mailbox"])) {
|
||||
$mailbox = $_GET["mailbox"];
|
||||
if (hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $mailbox)) {
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_mailbox_warning'], htmlspecialchars($mailbox));?></div>
|
||||
<p><?=$lang['delete']['remove_mailbox_details'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="/mailbox.php">
|
||||
<input type="hidden" name="username" value="<?=htmlspecialchars($mailbox);?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<button type="submit" name="mailbox_delete_mailbox" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
// DELETE RESOURCE
|
||||
elseif (isset($_GET["resource"]) &&
|
||||
filter_var($_GET["resource"], FILTER_VALIDATE_EMAIL) &&
|
||||
!empty($_GET["resource"])) {
|
||||
$resource = $_GET["resource"];
|
||||
if (hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resource)) {
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_resource_warning'], htmlspecialchars($resource));?></div>
|
||||
<p><?=$lang['delete']['remove_resource_details'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="/mailbox.php">
|
||||
<input type="hidden" name="name" value="<?=htmlspecialchars($resource);?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<button type="submit" name="mailbox_delete_resource" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "user")) {
|
||||
// DELETE SYNCJOB
|
||||
if (isset($_GET["syncjob"]) &&
|
||||
is_numeric($_GET["syncjob"]) &&
|
||||
filter_var($_SESSION['mailcow_cc_username'], FILTER_VALIDATE_EMAIL)) {
|
||||
$id = $_GET["syncjob"];
|
||||
$result = get_syncjob_details($id);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<div class="alert alert-warning" role="alert"><?=sprintf($lang['delete']['remove_syncjob_warning'], htmlspecialchars($result['user2']));?></div>
|
||||
<p><?=$lang['delete']['remove_syncjob_details'];?></p>
|
||||
<form class="form-horizontal" role="form" method="post" action="/user.php">
|
||||
<input type="hidden" name="username" value="<?=htmlspecialchars($mailbox);?>">
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-1 col-sm-10">
|
||||
<input type="hidden" name="id" value="<?=$_GET["syncjob"];?>">
|
||||
<button type="submit" name="delete_syncjob" value="1" class="btn btn-default btn-sm"><?=$lang['delete']['remove_button'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-danger" role="alert"><?=$lang['danger']['access_denied'];?></div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<a href="<?=$_SESSION['return_to'];?>">← <?=$lang['delete']['previous'];?></a>
|
||||
</div> <!-- /container -->
|
||||
<?php
|
||||
require_once("inc/footer.inc.php");
|
||||
?>
|
|
@ -0,0 +1,664 @@
|
|||
<?php
|
||||
require_once("inc/prerequisites.inc.php");
|
||||
$AuthUsers = array("admin", "domainadmin", "user");
|
||||
if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role'], $AuthUsers)) {
|
||||
header('Location: /');
|
||||
exit();
|
||||
}
|
||||
require_once("inc/header.inc.php");
|
||||
?>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-md-12">
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title"><?=$lang['edit']['title'];?></h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<?php
|
||||
if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin")) {
|
||||
if (isset($_GET["alias"]) &&
|
||||
!empty($_GET["alias"])) {
|
||||
$alias = $_GET["alias"];
|
||||
$result = mailbox_get_alias_details($alias);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['alias'];?></h4>
|
||||
<br />
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="address" value="<?=htmlspecialchars($alias);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="goto"><?=$lang['edit']['target_address'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<textarea class="form-control" autocapitalize="none" autocorrect="off" rows="10" id="goto" name="goto"><?=htmlspecialchars($result['goto']) ?></textarea>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?php if (isset($result['active_int']) && $result['active_int']=="1") { echo "checked"; }; ?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_edit_alias" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['domainadmin']) &&
|
||||
ctype_alnum(str_replace(array('_', '.', '-'), '', $_GET["domainadmin"])) &&
|
||||
!empty($_GET["domainadmin"]) &&
|
||||
$_GET["domainadmin"] != 'admin' &&
|
||||
$_SESSION['mailcow_cc_role'] == "admin") {
|
||||
$domain_admin = $_GET["domainadmin"];
|
||||
$result = get_domain_admin_details($domain_admin);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['domain_admin'];?></h4>
|
||||
<br />
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="username_now" value="<?=htmlspecialchars($domain_admin);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="username"><?=$lang['edit']['username'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input class="form-control" type="text" name="username" value="<?=htmlspecialchars($domain_admin);?>" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="domain"><?=$lang['edit']['domains'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<select id="domain" name="domain[]" multiple>
|
||||
<?php
|
||||
foreach ($result['selected_domains'] as $domain):
|
||||
?>
|
||||
<option selected><?=htmlspecialchars($domain);?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
foreach ($result['unselected_domains'] as $domain):
|
||||
?>
|
||||
<option><?=htmlspecialchars($domain);?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password"><?=$lang['edit']['password'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password" id="password" placeholder="">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password2"><?=$lang['edit']['password_repeat'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password2" id="password2">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?php if (isset($result['active_int']) && $result['active_int']=="1") { echo "checked"; }; ?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="disable_tfa"> <?=$lang['tfa']['disable_tfa'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="edit_domain_admin" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['domain']) &&
|
||||
is_valid_domain_name($_GET["domain"]) &&
|
||||
!empty($_GET["domain"])) {
|
||||
$domain = $_GET["domain"];
|
||||
$result = mailbox_get_domain_details($domain);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['domain'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="domain" value="<?=htmlspecialchars($domain);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="description"><?=$lang['edit']['description'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="description" id="description" value="<?=htmlspecialchars($result['description']);?>">
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
if ($_SESSION['mailcow_cc_role'] == "admin") {
|
||||
?>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="aliases"><?=$lang['edit']['max_aliases'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="aliases" id="aliases" value="<?=intval($result['max_num_aliases_for_domain']);?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="mailboxes"><?=$lang['edit']['max_mailboxes'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="mailboxes" id="mailboxes" value="<?=intval($result['max_num_mboxes_for_domain']);?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="maxquota"><?=$lang['edit']['max_quota'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="maxquota" id="maxquota" value="<?=intval($result['max_new_mailbox_quota'] / 1048576);?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="quota"><?=$lang['edit']['domain_quota'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="quota" id="quota" value="<?=intval($result['max_quota_for_domain'] / 1048576);?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2"><?=$lang['edit']['backup_mx_options'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="backupmx" <?=(isset($result['backupmx_int']) && $result['backupmx_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['relay_domain'];?></label>
|
||||
<br />
|
||||
<label><input type="checkbox" name="relay_all_recipients" <?=(isset($result['relay_all_recipients_int']) && $result['relay_all_recipients_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['relay_all'];?></label>
|
||||
<p><?=$lang['edit']['relay_all_info'];?></p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?=(isset($result['active_int']) && $result['active_int']=="1") ? "checked" : null;?> <?=($_SESSION['mailcow_cc_role'] == "admin") ? null : "disabled";?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_edit_domain" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
if (!empty($dkim = dkim_get_key_details($domain))) {
|
||||
?>
|
||||
<hr>
|
||||
<div class="row">
|
||||
<div class="col-xs-2">
|
||||
<p>Domain: <strong><?=htmlspecialchars($result['domain_name']);?></strong> (dkim._domainkey)</p>
|
||||
</div>
|
||||
<div class="col-xs-10">
|
||||
<pre><?=$dkim['dkim_txt'];?></pre>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
<hr>
|
||||
<div class="row">
|
||||
<div class="col-sm-6">
|
||||
<h4><span class="glyphicon glyphicon-thumbs-up" aria-hidden="true"></span> <?=$lang['user']['spamfilter_wl'];?></h4>
|
||||
<p><?=$lang['user']['spamfilter_wl_desc'];?></p>
|
||||
<div class="row">
|
||||
<div class="col-sm-6"><b><?=$lang['user']['spamfilter_table_rule'];?></b></div>
|
||||
<div class="col-sm-6"><b><?=$lang['user']['spamfilter_table_action'];?></b></div>
|
||||
</div>
|
||||
<?php
|
||||
$get_policy_list = get_policy_list($domain);
|
||||
if (empty($get_policy_list['whitelist'])):
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-sm-12"><i><?=$lang['user']['spamfilter_table_empty'];?></i></div>
|
||||
</div>
|
||||
<?php
|
||||
else:
|
||||
foreach($get_policy_list['whitelist'] as $wl):
|
||||
?>
|
||||
<div class="row striped">
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6"><code><?=$wl['value'];?></code></div>
|
||||
<div class="col-xs-6">
|
||||
<?php
|
||||
if ($wl['object'] == $domain):
|
||||
?>
|
||||
<input type="hidden" name="delete_prefid" value="<?=$wl['prefid'];?>">
|
||||
<input type="hidden" name="delete_policy_list_item">
|
||||
<input type="hidden" name="domain" value="<?=$domain;?>">
|
||||
<a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="left" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<span style="cursor:not-allowed"><?=$lang['user']['spamfilter_table_domain_policy'];?></span>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<?php
|
||||
endforeach;
|
||||
endif;
|
||||
?>
|
||||
<hr style="margin:5px 0px 7px 0px">
|
||||
<div class="row">
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6">
|
||||
<input type="text" class="form-control input-sm" name="object_from" id="object_from" placeholder="*@example.org" required>
|
||||
<input type="hidden" name="object_list" value="wl">
|
||||
<input type="hidden" name="domain" value="<?=$domain;?>">
|
||||
</div>
|
||||
<div class="col-xs-6">
|
||||
<button type="submit" name="add_policy_list_item" class="btn btn-xs btn-default"><?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-sm-6">
|
||||
<h4><span class="glyphicon glyphicon-thumbs-down" aria-hidden="true"></span> <?=$lang['user']['spamfilter_bl'];?></h4>
|
||||
<p><?=$lang['user']['spamfilter_bl_desc'];?></p>
|
||||
<div class="row">
|
||||
<div class="col-sm-6"><b><?=$lang['user']['spamfilter_table_rule'];?></b></div>
|
||||
<div class="col-sm-6"><b><?=$lang['user']['spamfilter_table_action'];?></b></div>
|
||||
</div>
|
||||
<?php
|
||||
if (empty($get_policy_list['blacklist'])):
|
||||
?>
|
||||
<div class="row">
|
||||
<div class="col-sm-12"><i><?=$lang['user']['spamfilter_table_empty'];?></i></div>
|
||||
</div>
|
||||
<?php
|
||||
else:
|
||||
foreach($get_policy_list['blacklist'] as $bl):
|
||||
?>
|
||||
<div class="row striped">
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6"><code><?=$bl['value'];?></code></div>
|
||||
<div class="col-xs-6">
|
||||
<input type="hidden" name="delete_prefid" value="<?=$bl['prefid'];?>">
|
||||
<?php
|
||||
if ($bl['object'] == $domain):
|
||||
?>
|
||||
<input type="hidden" name="delete_policy_list_item">
|
||||
<input type="hidden" name="domain" value="<?=$domain;?>">
|
||||
<a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="left" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<span style="cursor:not-allowed"><?=$lang['user']['spamfilter_table_domain_policy'];?></span>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<?php
|
||||
endforeach;
|
||||
endif;
|
||||
?>
|
||||
<hr style="margin:5px 0px 7px 0px">
|
||||
<div class="row">
|
||||
<form class="form-inline" method="post">
|
||||
<div class="col-xs-6">
|
||||
<input type="text" class="form-control input-sm" name="object_from" id="object_from" placeholder="*@example.org" required>
|
||||
<input type="hidden" name="object_list" value="bl">
|
||||
<input type="hidden" name="domain" value="<?=$domain;?>">
|
||||
</div>
|
||||
<div class="col-xs-6">
|
||||
<button type="submit" name="add_policy_list_item" class="btn btn-xs btn-default"><?=$lang['user']['spamfilter_table_add'];?></button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['aliasdomain']) &&
|
||||
is_valid_domain_name($_GET["aliasdomain"]) &&
|
||||
!empty($_GET["aliasdomain"])) {
|
||||
$alias_domain = $_GET["aliasdomain"];
|
||||
$result = mailbox_get_alias_domain_details($alias_domain);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['edit_alias_domain'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="alias_domain_now" value="<?=htmlspecialchars($alias_domain);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="alias_domain"><?=$lang['edit']['alias_domain'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="alias_domain" id="alias_domain" value="<?=htmlspecialchars($result['alias_domain']);?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?=(isset($result['active_int']) && $result['active_int']=="1") ? "checked" : null ?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_edit_alias_domain" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
if (!empty($dkim = dkim_get_key_details($alias_domain))) {
|
||||
?>
|
||||
<hr>
|
||||
<div class="row">
|
||||
<div class="col-xs-2">
|
||||
<p>Domain: <strong><?=htmlspecialchars($result['alias_domain']);?></strong> (dkim._domainkey)</p>
|
||||
</div>
|
||||
<div class="col-xs-10">
|
||||
<pre><?=$dkim['dkim_txt'];?></pre>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['mailbox']) && filter_var($_GET["mailbox"], FILTER_VALIDATE_EMAIL) && !empty($_GET["mailbox"])) {
|
||||
$mailbox = $_GET["mailbox"];
|
||||
$result = mailbox_get_mailbox_details($mailbox);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['mailbox'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="username" value="<?=htmlspecialchars($result['username']);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="name"><?=$lang['edit']['full_name'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="name" id="name" value="<?=htmlspecialchars($result['name'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="quota"><?=$lang['edit']['quota_mb'];?>:
|
||||
<br /><span id="quotaBadge" class="badge">max. <?=intval($result['max_new_quota'] / 1048576)?> MiB</span>
|
||||
</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" name="quota" id="quota" id="destroyable" style="width:100%" min="1" max="<?=intval($result['max_new_quota'] / 1048576);?>" value="<?=intval($result['quota']) / 1048576;?>" class="form-control">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="sender_acl"><?=$lang['edit']['sender_acl'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select data-width="50%" style="width:100%" id="sender_acl" name="sender_acl[]" size="10" multiple>
|
||||
<?php
|
||||
$sender_acl_handles = mailbox_get_sender_acl_handles($mailbox);
|
||||
|
||||
foreach ($sender_acl_handles['sender_acl_domains']['ro'] as $domain):
|
||||
?>
|
||||
<option data-subtext="Admin" value="<?=htmlspecialchars($domain);?>" disabled selected><?=htmlspecialchars(sprintf($lang['edit']['dont_check_sender_acl'], $domain));?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
foreach ($sender_acl_handles['sender_acl_addresses']['ro'] as $domain):
|
||||
?>
|
||||
<option data-subtext="Admin" disabled selected><?=htmlspecialchars($alias);?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
foreach ($sender_acl_handles['fixed_sender_aliases'] as $alias):
|
||||
?>
|
||||
<option data-subtext="Alias" disabled selected><?=htmlspecialchars($alias);?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
foreach ($sender_acl_handles['sender_acl_domains']['rw'] as $domain):
|
||||
?>
|
||||
<option value="<?=htmlspecialchars($domain);?>" selected><?=htmlspecialchars(sprintf($lang['edit']['dont_check_sender_acl'], $domain));?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
foreach ($sender_acl_handles['sender_acl_domains']['selectable'] as $domain):
|
||||
?>
|
||||
<option value="<?=htmlspecialchars($domain);?>"><?=htmlspecialchars(sprintf($lang['edit']['dont_check_sender_acl'], $domain));?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
foreach ($sender_acl_handles['sender_acl_addresses']['rw'] as $address):
|
||||
?>
|
||||
<option selected><?=htmlspecialchars($address);?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
foreach ($sender_acl_handles['sender_acl_addresses']['selectable'] as $address):
|
||||
?>
|
||||
<option><?=htmlspecialchars($address);?></option>
|
||||
<?php
|
||||
endforeach;
|
||||
|
||||
?>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password"><?=$lang['edit']['password'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password" id="password" placeholder="<?=$lang['edit']['unchanged_if_empty'];?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password2"><?=$lang['edit']['password_repeat'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" name="password2" id="password2">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?=($result['active_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_edit_mailbox" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['resource']) && filter_var($_GET["resource"], FILTER_VALIDATE_EMAIL) && !empty($_GET["resource"])) {
|
||||
$resource = $_GET["resource"];
|
||||
$result = mailbox_get_resource_details($resource);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['resource'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="name" value="<?=htmlspecialchars($result['name']);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="description"><?=$lang['add']['description'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="description" id="description" value="<?=htmlspecialchars($result['description'], ENT_QUOTES, 'UTF-8');?>" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="domain"><?=$lang['edit']['kind'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select name="kind" id="kind" title="<?=$lang['edit']['select'];?>" required>
|
||||
<option value="location" <?=($result['kind'] == "location") ? "selected" : null;?>>Location</option>
|
||||
<option value="group" <?=($result['kind'] == "group") ? "selected" : null;?>>Group</option>
|
||||
<option value="thing" <?=($result['kind'] == "thing") ? "selected" : null;?>>Thing</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?=($result['active_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="multiple_bookings" <?=($result['multiple_bookings_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['multiple_bookings'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="mailbox_edit_resource" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "user")) {
|
||||
if (isset($_GET['syncjob']) &&
|
||||
is_numeric($_GET['syncjob'])) {
|
||||
$id = $_GET["syncjob"];
|
||||
$result = get_syncjob_details($id);
|
||||
if (!empty($result)) {
|
||||
?>
|
||||
<h4><?=$lang['edit']['syncjob'];?></h4>
|
||||
<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
|
||||
<input type="hidden" name="id" value="<?=htmlspecialchars($result['id']);?>">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="host1"><?=$lang['edit']['hostname'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="host1" id="host1" value="<?=htmlspecialchars($result['host1'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="port1">Port</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="port1" id="port1" min="1" max="65535" value="<?=htmlspecialchars($result['port1'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="user1"><?=$lang['edit']['username'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="user1" id="user1" value="<?=htmlspecialchars($result['user1'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="password1"><?=$lang['edit']['password'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="password1" id="password1" value="<?=htmlspecialchars($result['password1'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="enc1"><?=$lang['edit']['encryption'];?>:</label>
|
||||
<div class="col-sm-10">
|
||||
<select id="enc1" name="enc1">
|
||||
<option <?=($result['enc1'] == "TLS") ? "selected" : null;?>>TLS</option>
|
||||
<option <?=($result['enc1'] == "SSL") ? "selected" : null;?>>SSL</option>
|
||||
<option <?=($result['enc1'] == "PLAIN") ? "selected" : null;?>>PLAIN</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="mins_interval"><?=$lang['edit']['mins_interval'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="mins_interval" min="10" max="3600" value="<?=htmlspecialchars($result['mins_interval'], ENT_QUOTES, 'UTF-8');?>" required>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="subfolder2"><?=$lang['edit']['subfolder2'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="subfolder2" id="subfolder2" value="<?=htmlspecialchars($result['subfolder2'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="maxage"><?=$lang['edit']['maxage'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="number" class="form-control" name="maxage" id="maxage" value="<?=htmlspecialchars($result['maxage'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2" for="exclude"><?=$lang['edit']['exclude'];?></label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" class="form-control" name="exclude" id="exclude" value="<?=htmlspecialchars($result['exclude'], ENT_QUOTES, 'UTF-8');?>">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<div class="checkbox">
|
||||
<label><input type="checkbox" name="active" <?=($result['active']=="1") ? "checked" : "";?>> <?=$lang['edit']['active'];?></label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-offset-2 col-sm-10">
|
||||
<button type="submit" name="edit_syncjob" value="1" class="btn btn-success btn-sm"><?=$lang['edit']['save'];?></button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<?php
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-info" role="alert"><?=$lang['info']['no_action'];?></div>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
else {
|
||||
?>
|
||||
<div class="alert alert-danger" role="alert"><?=$lang['danger']['access_denied'];?></div>
|
||||
<?php
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<a href="<?=$_SESSION['return_to'];?>">← <?=$lang['edit']['previous'];?></a>
|
||||
</div> <!-- /container -->
|
||||
<?php
|
||||
require_once("inc/footer.inc.php");
|
||||
?>
|
Binary file not shown.
After Width: | Height: | Size: 6.7 KiB |
|
@ -0,0 +1,197 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<!-- Generator: Adobe Illustrator 17.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||
|
||||
<svg
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:cc="http://creativecommons.org/ns#"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
|
||||
xmlns:svg="http://www.w3.org/2000/svg"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
||||
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
||||
version="1.1"
|
||||
id="Layer_1"
|
||||
x="0px"
|
||||
y="0px"
|
||||
width="446.22601"
|
||||
height="396.02499"
|
||||
viewBox="0 0 446.226 396.02499"
|
||||
enable-background="new 0 0 1600 1200"
|
||||
xml:space="preserve"
|
||||
inkscape:version="0.91 r13725"
|
||||
sodipodi:docname="cow_mailcow.svg"><metadata
|
||||
id="metadata144"><rdf:RDF><cc:Work
|
||||
rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
|
||||
rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><defs
|
||||
id="defs142" /><sodipodi:namedview
|
||||
pagecolor="#ffffff"
|
||||
bordercolor="#666666"
|
||||
borderopacity="1"
|
||||
objecttolerance="10"
|
||||
gridtolerance="10"
|
||||
guidetolerance="10"
|
||||
inkscape:pageopacity="0"
|
||||
inkscape:pageshadow="2"
|
||||
inkscape:window-width="1097"
|
||||
inkscape:window-height="1138"
|
||||
id="namedview140"
|
||||
showgrid="false"
|
||||
inkscape:zoom="1.1125147"
|
||||
inkscape:cx="261.00704"
|
||||
inkscape:cy="233.97883"
|
||||
inkscape:window-x="814"
|
||||
inkscape:window-y="0"
|
||||
inkscape:window-maximized="0"
|
||||
inkscape:current-layer="Layer_1"
|
||||
fit-margin-top="0"
|
||||
fit-margin-left="0"
|
||||
fit-margin-right="0"
|
||||
fit-margin-bottom="0" /><g
|
||||
id="g3"
|
||||
transform="translate(-576.88698,-401.988)"><g
|
||||
id="g5"><g
|
||||
id="g7"><g
|
||||
id="email"><path
|
||||
d="m 890.306,557.81 29.26,11.373 0,172.027 c 0,9.753 -7.895,17.649 -17.638,17.649 l -235.998,0 c -9.743,0 -17.638,-7.896 -17.638,-17.649 l 0,-172.026 29.259,-8.937"
|
||||
id="path10"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#5a3620" /><path
|
||||
d="M 758.871,656.221 649.49,747.45 c 2.507,6.648 8.901,11.409 16.44,11.409 l 235.998,0 c 7.536,0 13.933,-4.761 16.444,-11.409 l -107.402,-91.229 -52.099,0 z"
|
||||
id="path12"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#fee70f;fill-opacity:0.89499998" /><g
|
||||
id="g14"><path
|
||||
d="m 810.391,656.686 107.981,90.764 c -0.331,0.881 -0.744,1.726 -1.205,2.536 l 0.028,0.035 c 1.501,-2.596 2.371,-5.594 2.371,-8.81 l 0,-172.004 -109.175,87.479 z"
|
||||
id="path16"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#f9e82d;fill-opacity:1" /><path
|
||||
d="m 649.49,747.45 108.864,-90.764 -110.061,-87.479 0,172.003 c 0,3.216 0.876,6.214 2.367,8.81 l 0.039,-0.035 c -0.466,-0.809 -0.877,-1.654 -1.209,-2.535 z"
|
||||
id="path18"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#f9e82d;fill-opacity:1" /></g></g><path
|
||||
d="m 961.81,681.214 c 0,0 -15.232,16.783 -42.244,14.73 l 0,28.14 c 13.328,-5.185 47.061,-20.036 56.854,-40.809 l -14.61,-2.061 z"
|
||||
id="path20"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#b58765" /><path
|
||||
d="m 984.594,658.413 c 3.59,-9.156 7.701,-11 9.346,-11.346 -49.276,4.542 -32.99,38.693 -32.99,38.693 0,0 6.229,14.728 26.532,13.892 27.063,0.461 35.631,-50.166 35.631,-50.166 -6.654,11.655 -26.404,9.876 -38.519,8.927 z"
|
||||
id="path22"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#fef3df" /><ellipse
|
||||
cx="787.75098"
|
||||
cy="788.54498"
|
||||
rx="210.864"
|
||||
ry="9.4680004"
|
||||
id="ellipse24"
|
||||
style="fill:#f1f2f2" /><path
|
||||
d="m 783.931,446.247 c -66.396,0 -120.223,53.827 -120.223,120.223 0,66.396 53.827,120.221 120.223,120.221 66.397,0 120.222,-53.825 120.222,-120.221 0,-66.395 -53.825,-120.223 -120.222,-120.223 z m -11.96,215.702 c -53.009,0 -95.982,-43.855 -95.982,-97.953 0,-54.098 42.973,-97.952 95.982,-97.952 53.007,0 95.98,43.855 95.98,97.952 -10e-4,54.098 -42.973,97.953 -95.98,97.953 z"
|
||||
id="path26"
|
||||
inkscape:connector-curvature="0"
|
||||
style="opacity:0.1;fill:#3d5263" /><g
|
||||
id="g28"><g
|
||||
id="g30"><polyline
|
||||
points="691.144,492.5 673.257,540.276 686.55,605.582 712.496,631.852 "
|
||||
id="polyline32"
|
||||
style="fill:#3d5263" /><g
|
||||
id="g34"><g
|
||||
id="g36"><polyline
|
||||
points="658.248,450.81 673.501,487.076 693.836,496.903 724.04,458.731 "
|
||||
id="polyline38"
|
||||
style="fill:#fef3df" /><g
|
||||
id="g40"><path
|
||||
d="m 710.634,473.205 c 0,0 -22.482,-25.556 -49.793,-18.975 0,0 4.667,34.118 46.349,44.019 l 2.61,8.533 c 0,0 -65.612,-9.689 -59.339,-67.593 0,0 49.008,-19.884 72.598,15.106"
|
||||
id="path42"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#b58765" /><polyline
|
||||
points="909.697,450.81 894.447,487.076 874.114,496.903 843.907,458.731 "
|
||||
id="polyline44"
|
||||
style="fill:#fef3df" /><path
|
||||
d="m 857.314,473.205 c 0,0 22.48,-25.556 49.79,-18.975 0,0 -4.664,34.118 -46.347,44.019 l -2.613,8.533 c 0,0 65.611,-9.689 59.339,-67.593 0,0 -49.006,-19.884 -72.6,15.106"
|
||||
id="path46"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#b58765" /></g></g><path
|
||||
d="m 726.619,647.067 55.945,0 16.40428,-204.81407 c -55.814,0 -112.41728,30.01707 -112.41728,77.85207 0,1.454 0.085,2.787 0.121,4.175 0.127,3.934 0.448,7.585 0.856,11.135 1.689,14.816 5.451,27.177 8.461,43.383 1.452,7.831 5.002,23.374 5.002,23.374 0.056,0.408 0.165,0.804 0.224,1.211 2.535,16.546 11.832,32.027 25.404,43.684 z"
|
||||
id="path48"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#b58765"
|
||||
sodipodi:nodetypes="cccscccccc" /><path
|
||||
d="m 781.992,433.489 0,213.577 55.944,0 c 13.572,-11.657 22.867,-27.138 25.406,-43.684 0.058,-0.407 0.163,-0.803 0.221,-1.211 0,0 3.549,-15.543 5.002,-23.374 3.011,-16.206 6.774,-28.567 8.464,-43.381 0.405,-3.552 0.724,-7.203 0.846,-11.137 0.042,-1.388 0.126,-2.721 0.126,-4.175 0,-47.834 -40.191,-86.615 -96.009,-86.615 z"
|
||||
id="path50"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#b58765" /><g
|
||||
id="g52"><g
|
||||
id="g54"><path
|
||||
d="m 860.944,613.502 c 0,28.321 -35.091,51.289 -78.383,51.289 -43.299,0 -78.388,-22.968 -78.388,-51.289 0,-28.325 35.089,-51.289 78.388,-51.289 43.292,0 78.383,22.964 78.383,51.289 z"
|
||||
id="path56"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#fef3df" /></g></g><g
|
||||
id="g58"><g
|
||||
id="g60"><g
|
||||
id="g62"><path
|
||||
d="m 747.044,605.582 c 0,6.215 -5.04,11.256 -11.261,11.256 -6.21,0 -11.253,-5.041 -11.253,-11.256 0,-6.223 5.043,-11.257 11.253,-11.257 6.22,0 11.261,5.034 11.261,11.257 z"
|
||||
id="path64"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#5a3620" /></g></g><g
|
||||
id="g66"><g
|
||||
id="g68"><path
|
||||
d="m 840.856,605.582 c 0,6.215 -5.037,11.256 -11.257,11.256 -6.218,0 -11.259,-5.041 -11.259,-11.256 0,-6.223 5.041,-11.257 11.259,-11.257 6.22,0 11.257,5.034 11.257,11.257 z"
|
||||
id="path70"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#5a3620" /></g></g></g><g
|
||||
id="g72"><path
|
||||
d="m 875.228,525.835 c 0.354,-3.113 0.634,-6.311 0.743,-9.754 0.035,-1.218 0.109,-2.384 0.109,-3.661 0,-40.785 -33.369,-74.043 -80.237,-75.775 l -7.335,0.005 c -0.003,0 -0.003,0 -0.006,0 -0.007,0.018 -28.632,88.422 76.583,140.268 0.946,-4.317 2.078,-9.585 2.73,-13.088 2.64,-14.196 5.934,-25.021 7.413,-37.995 z"
|
||||
id="path74"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#87654a" /></g><g
|
||||
id="g76"><g
|
||||
id="g78"><g
|
||||
id="g80"><g
|
||||
id="g82"><path
|
||||
d="m 843.907,519.681 c 0,6.964 -5.65,12.611 -12.618,12.611 -6.963,0 -12.614,-5.646 -12.614,-12.611 0,-6.97 5.651,-12.614 12.614,-12.614 6.968,0 12.618,5.644 12.618,12.614 z"
|
||||
id="path84"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#5a3620" /></g></g></g><g
|
||||
id="g86"><g
|
||||
id="g88"><g
|
||||
id="g90"><path
|
||||
d="m 752.028,519.681 c 0,6.964 -5.649,12.611 -12.612,12.611 -6.969,0 -12.612,-5.646 -12.612,-12.611 0,-6.97 5.642,-12.614 12.612,-12.614 6.964,0 12.612,5.644 12.612,12.614 z"
|
||||
id="path92"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#5a3620" /></g></g></g><g
|
||||
id="g94"><g
|
||||
id="g96"><path
|
||||
d="m 748.75,515.894 c 0,2.558 -2.071,4.629 -4.63,4.629 -2.558,0 -4.633,-2.072 -4.633,-4.629 0,-2.552 2.076,-4.626 4.633,-4.626 2.559,0 4.63,2.073 4.63,4.626 z"
|
||||
id="path98"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#ffffff" /></g></g><g
|
||||
id="g100"><g
|
||||
id="g102"><path
|
||||
d="m 839.771,515.894 c 0,2.558 -2.073,4.629 -4.629,4.629 -2.558,0 -4.631,-2.072 -4.631,-4.629 0,-2.552 2.072,-4.626 4.631,-4.626 2.555,0 4.629,2.073 4.629,4.626 z"
|
||||
id="path104"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#ffffff" /></g></g></g></g><path
|
||||
d="m 734.557,443.625 c 0,0 -18.236,-25.199 0,-41.637 0,0 13.125,32.012 40.242,31.502"
|
||||
id="path106"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#fef3df" /><path
|
||||
d="m 834.496,443.625 c 0,0 18.236,-25.199 0,-41.637 0,0 -13.126,32.012 -40.242,31.502"
|
||||
id="path108"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#fef3df" /><path
|
||||
d="m 786.264,431.965 c -66.396,0 -120.223,53.827 -120.223,120.223 0,66.396 53.827,120.221 120.223,120.221 66.397,0 120.222,-53.825 120.222,-120.221 10e-4,-66.395 -53.825,-120.223 -120.222,-120.223 z m -11.96,215.702 c -53.009,0 -95.982,-43.855 -95.982,-97.953 0,-54.098 42.973,-97.952 95.982,-97.952 53.007,0 95.979,43.855 95.979,97.952 0,54.098 -42.972,97.953 -95.979,97.953 z"
|
||||
id="path110"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#f1f2f2" /></g><g
|
||||
id="g112"><path
|
||||
d="m 781.737,436.751 c 66.396,0 120.221,53.827 120.221,120.223 0,30.718 -11.526,58.74 -30.482,79.991 21.636,-21.74 35.01,-51.708 35.01,-84.803 0,-66.395 -53.825,-120.222 -120.222,-120.222 -35.678,0 -67.721,15.549 -89.739,40.233 21.772,-21.879 51.91,-35.422 85.212,-35.422 z"
|
||||
id="path114"
|
||||
inkscape:connector-curvature="0"
|
||||
style="fill:#ffffff" /></g></g><path
|
||||
d="m 919.566,695.944 c 0,0 7.562,0.712 13.317,-0.502 l 13.013,16.12 c 0,0 -17.639,9.525 -26.33,12.523 l 0,-28.141 z"
|
||||
id="path116"
|
||||
inkscape:connector-curvature="0"
|
||||
style="opacity:0.1;fill:#3d5263" /></g><path
|
||||
d="m 648.292,659.614 0,81.645 c 0,9.72 7.88,17.6 17.6,17.6 l 236.073,0 c 9.72,0 17.6,-7.88 17.6,-17.6 l 0,-24.902 c 10e-4,0 -175.814,35.524 -271.273,-56.743 z"
|
||||
id="path124"
|
||||
inkscape:connector-curvature="0"
|
||||
style="opacity:0.1;fill:#3d5263" /></g><g
|
||||
id="g126" /></g></svg>
|
After Width: | Height: | Size: 12 KiB |
Binary file not shown.
After Width: | Height: | Size: 1.1 KiB |
|
@ -0,0 +1,225 @@
|
|||
<?php
|
||||
include("inc/tfa_modals.php");
|
||||
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin"):
|
||||
?>
|
||||
<div id="RestartSOGo" class="modal fade" role="dialog">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal">×</button>
|
||||
<h4 class="modal-title"><?=$lang['footer']['restart_sogo'];?></h4>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<p><?=$lang['footer']['restart_sogo_info'];?></p>
|
||||
<hr />
|
||||
<button class="btn btn-md btn-primary" id="triggerRestartSogo"><?=$lang['footer']['restart_now'];?></button>
|
||||
<br /><br />
|
||||
<div id="statusTriggerRestartSogo"></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<div style="margin-bottom:100px"></div>
|
||||
<script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/js/bootstrap.min.js"></script>
|
||||
<script src="/js/bootstrap-switch.min.js"></script>
|
||||
<script src="/js/bootstrap-slider.min.js"></script>
|
||||
<script src="/js/bootstrap-select.min.js"></script>
|
||||
<script src="/js/u2f-api.js"></script>
|
||||
<script>
|
||||
// Select language and reopen active URL without POST
|
||||
function setLang(sel) {
|
||||
$.post( "<?=$_SERVER['REQUEST_URI'];?>", {lang: sel} );
|
||||
window.location.href = window.location.pathname + window.location.search;
|
||||
}
|
||||
|
||||
$(document).ready(function() {
|
||||
// Confirm TFA modal
|
||||
<?php if (isset($_SESSION['pending_tfa_method'])):?>
|
||||
$('#ConfirmTFAModal').modal({
|
||||
backdrop: 'static',
|
||||
keyboard: false
|
||||
});
|
||||
$('#ConfirmTFAModal').on('shown.bs.modal', function(){
|
||||
$(this).find('#token').focus();
|
||||
// If U2F
|
||||
if(document.getElementById("u2f_auth_data") !== null) {
|
||||
$.ajax({
|
||||
type: "GET",
|
||||
cache: false,
|
||||
dataType: 'script',
|
||||
url: "json_api.php",
|
||||
data: {
|
||||
'action':'get_u2f_auth_challenge',
|
||||
'object':'<?=(isset($_SESSION['pending_mailcow_cc_username'])) ? $_SESSION['pending_mailcow_cc_username'] : null;?>',
|
||||
},
|
||||
success: function(data){
|
||||
data;
|
||||
}
|
||||
});
|
||||
setTimeout(function() {
|
||||
console.log("sign: ", req);
|
||||
u2f.sign(req, function(data) {
|
||||
var form = document.getElementById('u2f_auth_form');
|
||||
var auth = document.getElementById('u2f_auth_data');
|
||||
console.log("Authenticate callback", data);
|
||||
auth.value = JSON.stringify(data);
|
||||
form.submit();
|
||||
});
|
||||
}, 1000);
|
||||
}
|
||||
});
|
||||
<?php endif; ?>
|
||||
|
||||
// Set TFA modals
|
||||
|
||||
$('#selectTFA').change(function () {
|
||||
if ($(this).val() == "yubi_otp") {
|
||||
$('#YubiOTPModal').modal('show');
|
||||
$("option:selected").prop("selected", false);
|
||||
}
|
||||
if ($(this).val() == "u2f") {
|
||||
$('#U2FModal').modal('show');
|
||||
$("option:selected").prop("selected", false);
|
||||
$.ajax({
|
||||
type: "GET",
|
||||
cache: false,
|
||||
dataType: 'script',
|
||||
url: "json_api.php",
|
||||
data: {
|
||||
'action':'get_u2f_reg_challenge',
|
||||
'object':'<?=(isset($_SESSION['mailcow_cc_username'])) ? $_SESSION['mailcow_cc_username'] : null;?>',
|
||||
},
|
||||
success: function(data){
|
||||
data;
|
||||
}
|
||||
});
|
||||
setTimeout(function() {
|
||||
console.log("Register: ", req);
|
||||
u2f.register([req], sigs, function(data) {
|
||||
var form = document.getElementById('u2f_reg_form');
|
||||
var reg = document.getElementById('u2f_register_data');
|
||||
console.log("Register callback", data);
|
||||
if (data.errorCode && data.errorCode != 0) {
|
||||
var u2f_return_code = document.getElementById('u2f_return_code');
|
||||
u2f_return_code.style.display = u2f_return_code.style.display === 'none' ? '' : null;
|
||||
if (data.errorCode == "4") { data.errorCode = "4 - The presented device is not eligible for this request. For a registration request this may mean that the token is already registered, and for a sign request it may mean that the token does not know the presented key handle"; }
|
||||
u2f_return_code.innerHTML = 'Error code: ' + data.errorCode;
|
||||
return;
|
||||
}
|
||||
reg.value = JSON.stringify(data);
|
||||
form.submit();
|
||||
});
|
||||
}, 1000);
|
||||
}
|
||||
if ($(this).val() == "none") {
|
||||
$('#DisableTFAModal').modal('show');
|
||||
$("option:selected").prop("selected", false);
|
||||
}
|
||||
});
|
||||
|
||||
// Activate tooltips
|
||||
$(function () {
|
||||
$('[data-toggle="tooltip"]').tooltip()
|
||||
})
|
||||
// Hide alerts after n seconds
|
||||
$("#alert-fade").fadeTo(7000, 500).slideUp(500, function(){
|
||||
$("#alert-fade").alert('close');
|
||||
});
|
||||
|
||||
// Remember last navigation pill
|
||||
(function () {
|
||||
'use strict';
|
||||
$('a[data-toggle="tab"]').on('shown.bs.tab', function (e) {
|
||||
var id = $(this).parents('[role="tablist"]').attr('id');
|
||||
var key = 'lastTag';
|
||||
if (id) {
|
||||
key += ':' + id;
|
||||
}
|
||||
localStorage.setItem(key, $(e.target).attr('href'));
|
||||
});
|
||||
$('[role="tablist"]').each(function (idx, elem) {
|
||||
var id = $(elem).attr('id');
|
||||
var key = 'lastTag';
|
||||
if (id) {
|
||||
key += ':' + id;
|
||||
}
|
||||
var lastTab = localStorage.getItem(key);
|
||||
if (lastTab) {
|
||||
$('[href="' + lastTab + '"]').tab('show');
|
||||
}
|
||||
});
|
||||
})();
|
||||
|
||||
// Disable submit after submitting form
|
||||
$('form').submit(function() {
|
||||
if ($('form button[type="submit"]').data('submitted') == '1') {
|
||||
return false;
|
||||
} else {
|
||||
$(this).find('button[type="submit"]').first().text('<?=$lang['footer']['loading'];?>');
|
||||
$('form button[type="submit"]').attr('data-submitted', '1');
|
||||
function disableF5(e) { if ((e.which || e.keyCode) == 116 || (e.which || e.keyCode) == 82) e.preventDefault(); };
|
||||
$(document).on("keydown", disableF5);
|
||||
}
|
||||
});
|
||||
|
||||
// IE fix to hide scrollbars when table body is empty
|
||||
$('tbody').filter(function (index) {
|
||||
return $(this).children().length < 1;
|
||||
}).remove();
|
||||
|
||||
// Init Bootstrap Selectpicker
|
||||
$('select').selectpicker();
|
||||
|
||||
// Trigger SOGo restart
|
||||
$('#triggerRestartSogo').click(function(){
|
||||
$(this).prop("disabled",true);
|
||||
$(this).html('<span class="glyphicon glyphicon-refresh glyphicon-spin"></span> ');
|
||||
$('#statusTriggerRestartSogo').text('Stopping SOGo workers, this may take a while... ');
|
||||
$.ajax({
|
||||
method: 'get',
|
||||
url: 'call_sogo_ctrl.php',
|
||||
data: {
|
||||
'ajax': true,
|
||||
'ACTION': 'stop'
|
||||
},
|
||||
success: function(data) {
|
||||
$('#statusTriggerRestartSogo').append(data);
|
||||
$('#statusTriggerRestartSogo').append('<br />Starting SOGo... ');
|
||||
$.ajax({
|
||||
method: 'get',
|
||||
url: 'call_sogo_ctrl.php',
|
||||
data: {
|
||||
'ajax': true,
|
||||
'ACTION': 'start'
|
||||
},
|
||||
success: function(data) {
|
||||
$('#statusTriggerRestartSogo').append(data);
|
||||
$('#triggerRestartSogo').html('<span class="glyphicon glyphicon-ok"></span> ');
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
});
|
||||
});
|
||||
</script>
|
||||
<?php
|
||||
if (isset($_SESSION['return'])):
|
||||
?>
|
||||
<div class="container">
|
||||
<div style="position:fixed;bottom:8px;right:25px;min-width:300px;max-width:350px;z-index:2000">
|
||||
<div <?=($_SESSION['return']['type'] == 'danger') ? null : 'id="alert-fade"'?> class="alert alert-<?=$_SESSION['return']['type'];?>" role="alert">
|
||||
<a href="#" class="close" data-dismiss="alert"> ×</a>
|
||||
<?=htmlspecialchars($_SESSION['return']['msg']);?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
unset($_SESSION['return']);
|
||||
endif;
|
||||
?>
|
||||
</body>
|
||||
</html>
|
||||
<?php $stmt = null; $pdo = null; ?>
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,104 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="<?= $_SESSION['mailcow_locale'] ?>">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<title>mailcow UI</title>
|
||||
<!--[if lt IE 9]>
|
||||
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
|
||||
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
|
||||
<![endif]-->
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.0/jquery.min.js" integrity="sha384-XxcvoeNF5V0ZfksTnV+bejnCsJjOOIzN6UVwF85WBsAnU3zeYh5bloN+L4WLgeNE" crossorigin="anonymous"></script>
|
||||
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/css/bootstrap.min.css">
|
||||
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.6/<?=strtolower(trim($DEFAULT_THEME));?>/bootstrap.min.css">
|
||||
<link rel="stylesheet" href="/css/bootstrap-select.min.css">
|
||||
<link rel="stylesheet" href="/css/bootstrap-slider.min.css">
|
||||
<link rel="stylesheet" href="/css/bootstrap-switch.min.css">
|
||||
<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&subset=latin,latin-ext">
|
||||
<link rel="stylesheet" href="/inc/languages.min.css">
|
||||
<link rel="stylesheet" href="/css/mailcow.css">
|
||||
<link rel="stylesheet" href="/css/tables.css">
|
||||
<?=(preg_match("/mailbox.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/mailbox.css">' : null;?>
|
||||
<link rel="shortcut icon" href="/favicon.png" type="image/png">
|
||||
<link rel="icon" href="/favicon.png" type="image/png">
|
||||
</head>
|
||||
<body style="padding-top:70px">
|
||||
<nav class="navbar navbar-default navbar-fixed-top" role="navigation">
|
||||
<div class="container-fluid">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="/"><img height="32" alt="mailcow-logo" style="margin-top:-5px;" src="/img/cow_mailcow.svg" /></a>
|
||||
</div>
|
||||
<div id="navbar" class="navbar-collapse collapse">
|
||||
<ul class="nav navbar-nav navbar-right">
|
||||
<?php
|
||||
if (isset($_SESSION['mailcow_locale'])) {
|
||||
?>
|
||||
<li class="dropdown">
|
||||
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><span class="lang-sm lang-lbl" lang="<?=$_SESSION['mailcow_locale'];?>"></span><span class="caret"></span></a>
|
||||
<ul class="dropdown-menu" role="menu">
|
||||
<li <?=($_SESSION['mailcow_locale'] == 'de') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "de"))) ?>"><span class="lang-xs lang-lbl-full" lang="de"></span></a></li>
|
||||
<li <?=($_SESSION['mailcow_locale'] == 'en') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "en"))) ?>"><span class="lang-xs lang-lbl-full" lang="en"></span></a></li>
|
||||
<li <?=($_SESSION['mailcow_locale'] == 'es') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "es"))) ?>"><span class="lang-xs lang-lbl-full" lang="es"></span></a></li>
|
||||
<li <?=($_SESSION['mailcow_locale'] == 'nl') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "nl"))) ?>"><span class="lang-xs lang-lbl-full" lang="nl"></span></a></li>
|
||||
<li <?=($_SESSION['mailcow_locale'] == 'pt') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "pt"))) ?>"><span class="lang-xs lang-lbl-full" lang="pt"></span></a></li>
|
||||
</ul>
|
||||
</li>
|
||||
<?php
|
||||
}
|
||||
if (isset($_SESSION['mailcow_cc_role'])) {
|
||||
?>
|
||||
<li class="dropdown">
|
||||
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><?=$lang['header']['mailcow_settings'];?><span class="caret"></span></a>
|
||||
<ul class="dropdown-menu" role="menu">
|
||||
<?php
|
||||
if (isset($_SESSION['mailcow_cc_role'])) {
|
||||
if ($_SESSION['mailcow_cc_role'] == "admin") {
|
||||
?>
|
||||
<li <?=(preg_match("/admin/i", $_SERVER['REQUEST_URI'])) ? 'class="active"' : ''?>><a href="/admin.php"><?=$lang['header']['administration'];?></a></li>
|
||||
<?php
|
||||
}
|
||||
if ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin") {
|
||||
?>
|
||||
<li <?=(preg_match("/mailbox/i", $_SERVER['REQUEST_URI'])) ? 'class="active"' : ''?>><a href="/mailbox.php"><?=$lang['header']['mailboxes'];?></a></li>
|
||||
<?php
|
||||
}
|
||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||
?>
|
||||
<li <?=(preg_match("/user/i", $_SERVER['REQUEST_URI'])) ? 'class="active"' : ''?>><a href="/user.php"><?=$lang['header']['user_settings'];?></a></li>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
</li>
|
||||
<?php
|
||||
if ($_SESSION['mailcow_cc_role'] == "admin"):
|
||||
?>
|
||||
<li><a href data-toggle="modal" data-target="#RestartSOGo"><span style="font-size:12px" class="glyphicon glyphicon-refresh" aria-hidden="true"></span> <?=$lang['header']['restart_sogo'];?></a></li>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<?php
|
||||
}
|
||||
if (!isset($_SESSION["dual-login"]) && isset($_SESSION['mailcow_cc_username'])):
|
||||
?>
|
||||
<li><a style="border-left:1px solid #E7E7E7" href="#" onclick="logout.submit()"><?=sprintf($lang['header']['logged_in_as_logout'], $_SESSION['mailcow_cc_username']);?></a></li>
|
||||
<?php
|
||||
elseif (isset($_SESSION["dual-login"])):
|
||||
?>
|
||||
<li><a style="border-left:1px solid #E7E7E7" href="#" onclick="logout.submit()"><?=sprintf($lang['header']['logged_in_as_logout_dual'], $_SESSION['mailcow_cc_username'], $_SESSION["dual-login"]["username"]);?></a></li>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
</ul>
|
||||
</div><!--/.nav-collapse -->
|
||||
</div><!--/.container-fluid -->
|
||||
</nav>
|
||||
<form action="/" method="post" id="logout"><input type="hidden" name="logout"></form>
|
|
@ -0,0 +1,281 @@
|
|||
CREATE TABLE IF NOT EXISTS `admin` (
|
||||
`username` VARCHAR(255) NOT NULL,
|
||||
`password` VARCHAR(255) NOT NULL,
|
||||
`superadmin` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`created` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`modified` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
PRIMARY KEY (`username`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `alias` (
|
||||
`address` VARCHAR(255) NOT NULL,
|
||||
`goto` TEXT NOT NULL,
|
||||
`domain` VARCHAR(255) NOT NULL,
|
||||
`created` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`modified` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
PRIMARY KEY (`address`),
|
||||
KEY `domain` (`domain`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `sender_acl` (
|
||||
`logged_in_as` VARCHAR(255) NOT NULL,
|
||||
`send_as` VARCHAR(255) NOT NULL
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `spamalias` (
|
||||
`address` VARCHAR(255) NOT NULL,
|
||||
`goto` TEXT NOT NULL,
|
||||
`validity` INT(11) NOT NULL,
|
||||
PRIMARY KEY (`address`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `alias_domain` (
|
||||
`alias_domain` VARCHAR(255) NOT NULL,
|
||||
`target_domain` VARCHAR(255) NOT NULL,
|
||||
`created` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`modified` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
PRIMARY KEY (`alias_domain`),
|
||||
KEY `active` (`active`),
|
||||
KEY `target_domain` (`target_domain`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `domain` (
|
||||
`domain` VARCHAR(255) NOT NULL,
|
||||
`description` VARCHAR(255),
|
||||
`aliases` INT(10) NOT NULL DEFAULT '0',
|
||||
`mailboxes` INT(10) NOT NULL DEFAULT '0',
|
||||
`maxquota` BIGINT(20) NOT NULL DEFAULT '0',
|
||||
`quota` BIGINT(20) NOT NULL DEFAULT '0',
|
||||
`transport` VARCHAR(255) NOT NULL,
|
||||
`backupmx` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`relay_all_recipients` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`created` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`modified` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
PRIMARY KEY (`domain`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `domain_admins` (
|
||||
`username` VARCHAR(255) NOT NULL,
|
||||
`domain` VARCHAR(255) NOT NULL,
|
||||
`created` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
KEY `username` (`username`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `mailbox` (
|
||||
`username` VARCHAR(255) NOT NULL,
|
||||
`password` VARCHAR(255) NOT NULL,
|
||||
`name` VARCHAR(255),
|
||||
`maildir` VARCHAR(255) NOT NULL,
|
||||
`quota` BIGINT(20) NOT NULL DEFAULT '0',
|
||||
`local_part` VARCHAR(255) NOT NULL,
|
||||
`domain` VARCHAR(255) NOT NULL,
|
||||
`created` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`modified` DATETIME NOT NULL DEFAULT '2016-01-01 00:00:00',
|
||||
`tls_enforce_in` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`tls_enforce_out` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`kind` VARCHAR(100) NOT NULL DEFAULT '',
|
||||
`multiple_bookings` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`wants_tagged_subject` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
PRIMARY KEY (`username`),
|
||||
KEY `domain` (`domain`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `quota2` (
|
||||
`username` VARCHAR(100) NOT NULL,
|
||||
`bytes` BIGINT(20) NOT NULL DEFAULT '0',
|
||||
`messages` INT(11) NOT NULL DEFAULT '0',
|
||||
PRIMARY KEY (`username`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `filterconf` (
|
||||
`object` VARCHAR(100) NOT NULL DEFAULT '',
|
||||
`option` VARCHAR(50) NOT NULL DEFAULT '',
|
||||
`value` VARCHAR(100) NOT NULL DEFAULT '',
|
||||
`prefid` INT(11) NOT NULL AUTO_INCREMENT,
|
||||
PRIMARY KEY (`prefid`),
|
||||
KEY `object` (`object`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `imapsync` (
|
||||
`id` INT NOT NULL AUTO_INCREMENT,
|
||||
`user2` VARCHAR(255) NOT NULL,
|
||||
`host1` VARCHAR(255) NOT NULL,
|
||||
`authmech1` ENUM('PLAIN','LOGIN','CRAM-MD5') DEFAULT 'PLAIN',
|
||||
`regextrans2` VARCHAR(255) DEFAULT '',
|
||||
`authmd51` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
`domain2` VARCHAR(255) NOT NULL DEFAULT '',
|
||||
`subfolder2` VARCHAR(255) NOT NULL DEFAULT '',
|
||||
`user1` VARCHAR(255) NOT NULL,
|
||||
`password1` VARCHAR(255) NOT NULL,
|
||||
`exclude` VARCHAR(500) NOT NULL DEFAULT '',
|
||||
`maxage` SMALLINT NOT NULL DEFAULT '0',
|
||||
`mins_interval` VARCHAR(50) NOT NULL,
|
||||
`port1` SMALLINT NOT NULL,
|
||||
`enc1` ENUM('TLS','SSL','PLAIN') DEFAULT 'TLS',
|
||||
`delete2duplicates` TINYINT(1) NOT NULL DEFAULT '1',
|
||||
`returned_text` TEXT,
|
||||
`last_run` TIMESTAMP NULL DEFAULT NULL,
|
||||
`created` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
`modified` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `tfa` (
|
||||
`id` INT NOT NULL AUTO_INCREMENT,
|
||||
`username` VARCHAR(255) NOT NULL,
|
||||
`authmech` ENUM('yubi_otp', 'u2f', 'hotp', 'totp'),
|
||||
`secret` VARCHAR(255) DEFAULT NULL,
|
||||
`keyHandle` VARCHAR(255) DEFAULT NULL,
|
||||
`publicKey` VARCHAR(255) DEFAULT NULL,
|
||||
`counter` INT NOT NULL DEFAULT '0',
|
||||
`certificate` TEXT,
|
||||
`active` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
DROP VIEW IF EXISTS grouped_mail_aliases;
|
||||
DROP VIEW IF EXISTS grouped_sender_acl;
|
||||
DROP VIEW IF EXISTS grouped_domain_alias_address;
|
||||
|
||||
CREATE VIEW grouped_mail_aliases (username, aliases) AS
|
||||
SELECT goto, IFNULL(GROUP_CONCAT(address SEPARATOR ' '), '') AS address FROM alias
|
||||
WHERE address!=goto
|
||||
AND active = '1'
|
||||
AND address NOT LIKE '@%'
|
||||
GROUP BY goto;
|
||||
|
||||
CREATE VIEW grouped_sender_acl (username, send_as) AS
|
||||
SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as FROM sender_acl
|
||||
WHERE send_as NOT LIKE '@%'
|
||||
GROUP BY logged_in_as;
|
||||
|
||||
CREATE VIEW grouped_domain_alias_address (username, ad_alias) AS
|
||||
SELECT username, IFNULL(GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ' '), '') AS ad_alias FROM mailbox
|
||||
LEFT OUTER JOIN alias_domain on target_domain=domain GROUP BY username;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_acl (
|
||||
c_folder_id INTEGER NOT NULL,
|
||||
c_object character varying(255) NOT NULL,
|
||||
c_uid character varying(255) NOT NULL,
|
||||
c_role character varying(80) NOT NULL
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_alarms_folder (
|
||||
c_path VARCHAR(255) NOT NULL,
|
||||
c_name VARCHAR(255) NOT NULL,
|
||||
c_uid VARCHAR(255) NOT NULL,
|
||||
c_recurrence_id INT(11) DEFAULT NULL,
|
||||
c_alarm_number INT(11) NOT NULL,
|
||||
c_alarm_date INT(11) NOT NULL
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_cache_folder (
|
||||
c_uid VARCHAR(255) NOT NULL,
|
||||
c_path VARCHAR(255) NOT NULL,
|
||||
c_parent_path VARCHAR(255) DEFAULT NULL,
|
||||
c_type TINYINT(3) unsigned NOT NULL,
|
||||
c_creationdate INT(11) NOT NULL,
|
||||
c_lastmodified INT(11) NOT NULL,
|
||||
c_version INT(11) NOT NULL DEFAULT '0',
|
||||
c_deleted TINYINT(4) NOT NULL DEFAULT '0',
|
||||
c_content longTEXT,
|
||||
PRIMARY KEY (c_uid,c_path)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_folder_info (
|
||||
c_folder_id BIGINT(20) unsigned NOT NULL AUTO_INCREMENT,
|
||||
c_path VARCHAR(255) NOT NULL,
|
||||
c_path1 VARCHAR(255) NOT NULL,
|
||||
c_path2 VARCHAR(255) DEFAULT NULL,
|
||||
c_path3 VARCHAR(255) DEFAULT NULL,
|
||||
c_path4 VARCHAR(255) DEFAULT NULL,
|
||||
c_foldername VARCHAR(255) NOT NULL,
|
||||
c_location INTeger NULL,
|
||||
c_quick_location VARCHAR(2048) DEFAULT NULL,
|
||||
c_acl_location VARCHAR(2048) DEFAULT NULL,
|
||||
c_folder_type VARCHAR(255) NOT NULL,
|
||||
PRIMARY KEY (c_path),
|
||||
UNIQUE KEY c_folder_id (c_folder_id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_quick_appointment (
|
||||
c_folder_id INTeger NOT NULL,
|
||||
c_name character varying(255) NOT NULL,
|
||||
c_uid character varying(255) NOT NULL,
|
||||
c_startdate INTeger,
|
||||
c_enddate INTeger,
|
||||
c_cycleenddate INTeger,
|
||||
c_title character varying(1000) NOT NULL,
|
||||
c_participants TEXT,
|
||||
c_isallday INTeger,
|
||||
c_iscycle INTeger,
|
||||
c_cycleinfo TEXT,
|
||||
c_classification INTeger NOT NULL,
|
||||
c_isopaque INTeger NOT NULL,
|
||||
c_status INTeger NOT NULL,
|
||||
c_priority INTeger,
|
||||
c_location character varying(255),
|
||||
c_orgmail character varying(255),
|
||||
c_partmails TEXT,
|
||||
c_partstates TEXT,
|
||||
c_category character varying(255),
|
||||
c_sequence INTeger,
|
||||
c_component character varying(10) NOT NULL,
|
||||
c_nextalarm INTeger,
|
||||
c_description TEXT,
|
||||
CONSTRAINT sogo_quick_appointment_pkey PRIMARY KEY (c_folder_id, c_name)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_quick_contact (
|
||||
c_folder_id INTeger NOT NULL,
|
||||
c_name character varying(255) NOT NULL,
|
||||
c_givenname character varying(255),
|
||||
c_cn character varying(255),
|
||||
c_sn character varying(255),
|
||||
c_screenname character varying(255),
|
||||
c_l character varying(255),
|
||||
c_mail character varying(255),
|
||||
c_o character varying(255),
|
||||
c_ou character varying(255),
|
||||
c_telephonenumber character varying(255),
|
||||
c_categories character varying(255),
|
||||
c_component character varying(10) NOT NULL,
|
||||
CONSTRAINT sogo_quick_contact_pkey PRIMARY KEY (c_folder_id, c_name)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_sessions_folder (
|
||||
c_id VARCHAR(255) NOT NULL,
|
||||
c_value VARCHAR(255) NOT NULL,
|
||||
c_creationdate INT(11) NOT NULL,
|
||||
c_lastseen INT(11) NOT NULL,
|
||||
PRIMARY KEY (c_id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_store (
|
||||
c_folder_id INTeger NOT NULL,
|
||||
c_name character varying(255) NOT NULL,
|
||||
c_content mediumTEXT NOT NULL,
|
||||
c_creationdate INTeger NOT NULL,
|
||||
c_lastmodified INTeger NOT NULL,
|
||||
c_version INTeger NOT NULL,
|
||||
c_deleted INTeger,
|
||||
CONSTRAINT sogo_store_pkey PRIMARY KEY (c_folder_id, c_name)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS sogo_user_profile (
|
||||
c_uid VARCHAR(255) NOT NULL,
|
||||
c_defaults TEXT,
|
||||
c_settings TEXT,
|
||||
PRIMARY KEY (c_uid)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC;
|
||||
|
||||
INSERT INTO `admin` (username, password, superadmin, created, modified, active) SELECT 'admin', '{SSHA256}K8eVJ6YsZbQCfuJvSUbaQRLr0HPLz5rC9IAp0PAFl0tmNDBkMDc0NDAyOTAxN2Rk', 1, NOW(), NOW(), 1 WHERE NOT EXISTS (SELECT * FROM `admin`);
|
||||
DELETE FROM `domain_admins`;
|
||||
INSERT INTO `domain_admins` (username, domain, created, active) SELECT `username`, 'ALL', NOW(), 1 FROM `admin` WHERE superadmin='1' AND `username` NOT IN (SELECT `username` FROM `domain_admins`);
|
File diff suppressed because one or more lines are too long
Binary file not shown.
After Width: | Height: | Size: 44 KiB |
|
@ -0,0 +1,506 @@
|
|||
<?php
|
||||
/* Copyright (c) 2014 Yubico AB
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions are
|
||||
* met:
|
||||
*
|
||||
* * Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* * Redistributions in binary form must reproduce the above
|
||||
* copyright notice, this list of conditions and the following
|
||||
* disclaimer in the documentation and/or other materials provided
|
||||
* with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
namespace u2flib_server;
|
||||
|
||||
/** Constant for the version of the u2f protocol */
|
||||
const U2F_VERSION = "U2F_V2";
|
||||
|
||||
/** Error for the authentication message not matching any outstanding
|
||||
* authentication request */
|
||||
const ERR_NO_MATCHING_REQUEST = 1;
|
||||
|
||||
/** Error for the authentication message not matching any registration */
|
||||
const ERR_NO_MATCHING_REGISTRATION = 2;
|
||||
|
||||
/** Error for the signature on the authentication message not verifying with
|
||||
* the correct key */
|
||||
const ERR_AUTHENTICATION_FAILURE = 3;
|
||||
|
||||
/** Error for the challenge in the registration message not matching the
|
||||
* registration challenge */
|
||||
const ERR_UNMATCHED_CHALLENGE = 4;
|
||||
|
||||
/** Error for the attestation signature on the registration message not
|
||||
* verifying */
|
||||
const ERR_ATTESTATION_SIGNATURE = 5;
|
||||
|
||||
/** Error for the attestation verification not verifying */
|
||||
const ERR_ATTESTATION_VERIFICATION = 6;
|
||||
|
||||
/** Error for not getting good random from the system */
|
||||
const ERR_BAD_RANDOM = 7;
|
||||
|
||||
/** Error when the counter is lower than expected */
|
||||
const ERR_COUNTER_TOO_LOW = 8;
|
||||
|
||||
/** Error decoding public key */
|
||||
const ERR_PUBKEY_DECODE = 9;
|
||||
|
||||
/** Error user-agent returned error */
|
||||
const ERR_BAD_UA_RETURNING = 10;
|
||||
|
||||
/** Error old OpenSSL version */
|
||||
const ERR_OLD_OPENSSL = 11;
|
||||
|
||||
/** @internal */
|
||||
const PUBKEY_LEN = 65;
|
||||
|
||||
class U2F
|
||||
{
|
||||
/** @var string */
|
||||
private $appId;
|
||||
|
||||
/** @var null|string */
|
||||
private $attestDir;
|
||||
|
||||
/** @internal */
|
||||
private $FIXCERTS = array(
|
||||
'349bca1031f8c82c4ceca38b9cebf1a69df9fb3b94eed99eb3fb9aa3822d26e8',
|
||||
'dd574527df608e47ae45fbba75a2afdd5c20fd94a02419381813cd55a2a3398f',
|
||||
'1d8764f0f7cd1352df6150045c8f638e517270e8b5dda1c63ade9c2280240cae',
|
||||
'd0edc9a91a1677435a953390865d208c55b3183c6759c9b5a7ff494c322558eb',
|
||||
'6073c436dcd064a48127ddbf6032ac1a66fd59a0c24434f070d4e564c124c897',
|
||||
'ca993121846c464d666096d35f13bf44c1b05af205f9b4a1e00cf6cc10c5e511'
|
||||
);
|
||||
|
||||
/**
|
||||
* @param string $appId Application id for the running application
|
||||
* @param string|null $attestDir Directory where trusted attestation roots may be found
|
||||
* @throws Error If OpenSSL older than 1.0.0 is used
|
||||
*/
|
||||
public function __construct($appId, $attestDir = null)
|
||||
{
|
||||
if(OPENSSL_VERSION_NUMBER < 0x10000000) {
|
||||
throw new Error('OpenSSL has to be at least version 1.0.0, this is ' . OPENSSL_VERSION_TEXT, ERR_OLD_OPENSSL);
|
||||
}
|
||||
$this->appId = $appId;
|
||||
$this->attestDir = $attestDir;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called to get a registration request to send to a user.
|
||||
* Returns an array of one registration request and a array of sign requests.
|
||||
*
|
||||
* @param array $registrations List of current registrations for this
|
||||
* user, to prevent the user from registering the same authenticator several
|
||||
* times.
|
||||
* @return array An array of two elements, the first containing a
|
||||
* RegisterRequest the second being an array of SignRequest
|
||||
* @throws Error
|
||||
*/
|
||||
public function getRegisterData(array $registrations = array())
|
||||
{
|
||||
$challenge = $this->createChallenge();
|
||||
$request = new RegisterRequest($challenge, $this->appId);
|
||||
$signs = $this->getAuthenticateData($registrations);
|
||||
return array($request, $signs);
|
||||
}
|
||||
|
||||
/**
|
||||
* Called to verify and unpack a registration message.
|
||||
*
|
||||
* @param RegisterRequest $request this is a reply to
|
||||
* @param object $response response from a user
|
||||
* @param bool $includeCert set to true if the attestation certificate should be
|
||||
* included in the returned Registration object
|
||||
* @return Registration
|
||||
* @throws Error
|
||||
*/
|
||||
public function doRegister($request, $response, $includeCert = true)
|
||||
{
|
||||
if( !is_object( $request ) ) {
|
||||
throw new \InvalidArgumentException('$request of doRegister() method only accepts object.');
|
||||
}
|
||||
|
||||
if( !is_object( $response ) ) {
|
||||
throw new \InvalidArgumentException('$response of doRegister() method only accepts object.');
|
||||
}
|
||||
|
||||
if( property_exists( $response, 'errorCode') && $response->errorCode !== 0 ) {
|
||||
throw new Error('User-agent returned error. Error code: ' . $response->errorCode, ERR_BAD_UA_RETURNING );
|
||||
}
|
||||
|
||||
if( !is_bool( $includeCert ) ) {
|
||||
throw new \InvalidArgumentException('$include_cert of doRegister() method only accepts boolean.');
|
||||
}
|
||||
|
||||
$rawReg = $this->base64u_decode($response->registrationData);
|
||||
$regData = array_values(unpack('C*', $rawReg));
|
||||
$clientData = $this->base64u_decode($response->clientData);
|
||||
$cli = json_decode($clientData);
|
||||
|
||||
if($cli->challenge !== $request->challenge) {
|
||||
throw new Error('Registration challenge does not match', ERR_UNMATCHED_CHALLENGE );
|
||||
}
|
||||
|
||||
$registration = new Registration();
|
||||
$offs = 1;
|
||||
$pubKey = substr($rawReg, $offs, PUBKEY_LEN);
|
||||
$offs += PUBKEY_LEN;
|
||||
// decode the pubKey to make sure it's good
|
||||
$tmpKey = $this->pubkey_to_pem($pubKey);
|
||||
if($tmpKey === null) {
|
||||
throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE );
|
||||
}
|
||||
$registration->publicKey = base64_encode($pubKey);
|
||||
$khLen = $regData[$offs++];
|
||||
$kh = substr($rawReg, $offs, $khLen);
|
||||
$offs += $khLen;
|
||||
$registration->keyHandle = $this->base64u_encode($kh);
|
||||
|
||||
// length of certificate is stored in byte 3 and 4 (excluding the first 4 bytes)
|
||||
$certLen = 4;
|
||||
$certLen += ($regData[$offs + 2] << 8);
|
||||
$certLen += $regData[$offs + 3];
|
||||
|
||||
$rawCert = $this->fixSignatureUnusedBits(substr($rawReg, $offs, $certLen));
|
||||
$offs += $certLen;
|
||||
$pemCert = "-----BEGIN CERTIFICATE-----\r\n";
|
||||
$pemCert .= chunk_split(base64_encode($rawCert), 64);
|
||||
$pemCert .= "-----END CERTIFICATE-----";
|
||||
if($includeCert) {
|
||||
$registration->certificate = base64_encode($rawCert);
|
||||
}
|
||||
if($this->attestDir) {
|
||||
if(openssl_x509_checkpurpose($pemCert, -1, $this->get_certs()) !== true) {
|
||||
throw new Error('Attestation certificate can not be validated', ERR_ATTESTATION_VERIFICATION );
|
||||
}
|
||||
}
|
||||
|
||||
if(!openssl_pkey_get_public($pemCert)) {
|
||||
throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE );
|
||||
}
|
||||
$signature = substr($rawReg, $offs);
|
||||
|
||||
$dataToVerify = chr(0);
|
||||
$dataToVerify .= hash('sha256', $request->appId, true);
|
||||
$dataToVerify .= hash('sha256', $clientData, true);
|
||||
$dataToVerify .= $kh;
|
||||
$dataToVerify .= $pubKey;
|
||||
|
||||
if(openssl_verify($dataToVerify, $signature, $pemCert, 'sha256') === 1) {
|
||||
return $registration;
|
||||
} else {
|
||||
throw new Error('Attestation signature does not match', ERR_ATTESTATION_SIGNATURE );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Called to get an authentication request.
|
||||
*
|
||||
* @param array $registrations An array of the registrations to create authentication requests for.
|
||||
* @return array An array of SignRequest
|
||||
* @throws Error
|
||||
*/
|
||||
public function getAuthenticateData(array $registrations)
|
||||
{
|
||||
$sigs = array();
|
||||
foreach ($registrations as $reg) {
|
||||
if( !is_object( $reg ) ) {
|
||||
throw new \InvalidArgumentException('$registrations of getAuthenticateData() method only accepts array of object.');
|
||||
}
|
||||
|
||||
$sig = new SignRequest();
|
||||
$sig->appId = $this->appId;
|
||||
$sig->keyHandle = $reg->keyHandle;
|
||||
$sig->challenge = $this->createChallenge();
|
||||
$sigs[] = $sig;
|
||||
}
|
||||
return $sigs;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called to verify an authentication response
|
||||
*
|
||||
* @param array $requests An array of outstanding authentication requests
|
||||
* @param array $registrations An array of current registrations
|
||||
* @param object $response A response from the authenticator
|
||||
* @return Registration
|
||||
* @throws Error
|
||||
*
|
||||
* The Registration object returned on success contains an updated counter
|
||||
* that should be saved for future authentications.
|
||||
* If the Error returned is ERR_COUNTER_TOO_LOW this is an indication of
|
||||
* token cloning or similar and appropriate action should be taken.
|
||||
*/
|
||||
public function doAuthenticate(array $requests, array $registrations, $response)
|
||||
{
|
||||
if( !is_object( $response ) ) {
|
||||
throw new \InvalidArgumentException('$response of doAuthenticate() method only accepts object.');
|
||||
}
|
||||
|
||||
if( property_exists( $response, 'errorCode') && $response->errorCode !== 0 ) {
|
||||
throw new Error('User-agent returned error. Error code: ' . $response->errorCode, ERR_BAD_UA_RETURNING );
|
||||
}
|
||||
|
||||
/** @var object|null $req */
|
||||
$req = null;
|
||||
|
||||
/** @var object|null $reg */
|
||||
$reg = null;
|
||||
|
||||
$clientData = $this->base64u_decode($response->clientData);
|
||||
$decodedClient = json_decode($clientData);
|
||||
foreach ($requests as $req) {
|
||||
if( !is_object( $req ) ) {
|
||||
throw new \InvalidArgumentException('$requests of doAuthenticate() method only accepts array of object.');
|
||||
}
|
||||
|
||||
if($req->keyHandle === $response->keyHandle && $req->challenge === $decodedClient->challenge) {
|
||||
break;
|
||||
}
|
||||
|
||||
$req = null;
|
||||
}
|
||||
if($req === null) {
|
||||
throw new Error('No matching request found', ERR_NO_MATCHING_REQUEST );
|
||||
}
|
||||
foreach ($registrations as $reg) {
|
||||
if( !is_object( $reg ) ) {
|
||||
throw new \InvalidArgumentException('$registrations of doAuthenticate() method only accepts array of object.');
|
||||
}
|
||||
|
||||
if($reg->keyHandle === $response->keyHandle) {
|
||||
break;
|
||||
}
|
||||
$reg = null;
|
||||
}
|
||||
if($reg === null) {
|
||||
throw new Error('No matching registration found', ERR_NO_MATCHING_REGISTRATION );
|
||||
}
|
||||
$pemKey = $this->pubkey_to_pem($this->base64u_decode($reg->publicKey));
|
||||
if($pemKey === null) {
|
||||
throw new Error('Decoding of public key failed', ERR_PUBKEY_DECODE );
|
||||
}
|
||||
|
||||
$signData = $this->base64u_decode($response->signatureData);
|
||||
$dataToVerify = hash('sha256', $req->appId, true);
|
||||
$dataToVerify .= substr($signData, 0, 5);
|
||||
$dataToVerify .= hash('sha256', $clientData, true);
|
||||
$signature = substr($signData, 5);
|
||||
|
||||
if(openssl_verify($dataToVerify, $signature, $pemKey, 'sha256') === 1) {
|
||||
$ctr = unpack("Nctr", substr($signData, 1, 4));
|
||||
$counter = $ctr['ctr'];
|
||||
/* TODO: wrap-around should be handled somehow.. */
|
||||
if($counter > $reg->counter) {
|
||||
$reg->counter = $counter;
|
||||
return $reg;
|
||||
} else {
|
||||
throw new Error('Counter too low.', ERR_COUNTER_TOO_LOW );
|
||||
}
|
||||
} else {
|
||||
throw new Error('Authentication failed', ERR_AUTHENTICATION_FAILURE );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
private function get_certs()
|
||||
{
|
||||
$files = array();
|
||||
$dir = $this->attestDir;
|
||||
if($dir && $handle = opendir($dir)) {
|
||||
while(false !== ($entry = readdir($handle))) {
|
||||
if(is_file("$dir/$entry")) {
|
||||
$files[] = "$dir/$entry";
|
||||
}
|
||||
}
|
||||
closedir($handle);
|
||||
}
|
||||
return $files;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
private function base64u_encode($data)
|
||||
{
|
||||
return trim(strtr(base64_encode($data), '+/', '-_'), '=');
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $data
|
||||
* @return string
|
||||
*/
|
||||
private function base64u_decode($data)
|
||||
{
|
||||
return base64_decode(strtr($data, '-_', '+/'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $key
|
||||
* @return null|string
|
||||
*/
|
||||
private function pubkey_to_pem($key)
|
||||
{
|
||||
if(strlen($key) !== PUBKEY_LEN || $key[0] !== "\x04") {
|
||||
return null;
|
||||
}
|
||||
|
||||
/*
|
||||
* Convert the public key to binary DER format first
|
||||
* Using the ECC SubjectPublicKeyInfo OIDs from RFC 5480
|
||||
*
|
||||
* SEQUENCE(2 elem) 30 59
|
||||
* SEQUENCE(2 elem) 30 13
|
||||
* OID1.2.840.10045.2.1 (id-ecPublicKey) 06 07 2a 86 48 ce 3d 02 01
|
||||
* OID1.2.840.10045.3.1.7 (secp256r1) 06 08 2a 86 48 ce 3d 03 01 07
|
||||
* BIT STRING(520 bit) 03 42 ..key..
|
||||
*/
|
||||
$der = "\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01";
|
||||
$der .= "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07\x03\x42";
|
||||
$der .= "\0".$key;
|
||||
|
||||
$pem = "-----BEGIN PUBLIC KEY-----\r\n";
|
||||
$pem .= chunk_split(base64_encode($der), 64);
|
||||
$pem .= "-----END PUBLIC KEY-----";
|
||||
|
||||
return $pem;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
* @throws Error
|
||||
*/
|
||||
private function createChallenge()
|
||||
{
|
||||
$challenge = openssl_random_pseudo_bytes(32, $crypto_strong );
|
||||
if( $crypto_strong !== true ) {
|
||||
throw new Error('Unable to obtain a good source of randomness', ERR_BAD_RANDOM);
|
||||
}
|
||||
|
||||
$challenge = $this->base64u_encode( $challenge );
|
||||
|
||||
return $challenge;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fixes a certificate where the signature contains unused bits.
|
||||
*
|
||||
* @param string $cert
|
||||
* @return mixed
|
||||
*/
|
||||
private function fixSignatureUnusedBits($cert)
|
||||
{
|
||||
if(in_array(hash('sha256', $cert), $this->FIXCERTS)) {
|
||||
$cert[strlen($cert) - 257] = "\0";
|
||||
}
|
||||
return $cert;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Class for building a registration request
|
||||
*
|
||||
* @package u2flib_server
|
||||
*/
|
||||
class RegisterRequest
|
||||
{
|
||||
/** Protocol version */
|
||||
public $version = U2F_VERSION;
|
||||
|
||||
/** Registration challenge */
|
||||
public $challenge;
|
||||
|
||||
/** Application id */
|
||||
public $appId;
|
||||
|
||||
/**
|
||||
* @param string $challenge
|
||||
* @param string $appId
|
||||
* @internal
|
||||
*/
|
||||
public function __construct($challenge, $appId)
|
||||
{
|
||||
$this->challenge = $challenge;
|
||||
$this->appId = $appId;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Class for building up an authentication request
|
||||
*
|
||||
* @package u2flib_server
|
||||
*/
|
||||
class SignRequest
|
||||
{
|
||||
/** Protocol version */
|
||||
public $version = U2F_VERSION;
|
||||
|
||||
/** Authentication challenge */
|
||||
public $challenge;
|
||||
|
||||
/** Key handle of a registered authenticator */
|
||||
public $keyHandle;
|
||||
|
||||
/** Application id */
|
||||
public $appId;
|
||||
}
|
||||
|
||||
/**
|
||||
* Class returned for successful registrations
|
||||
*
|
||||
* @package u2flib_server
|
||||
*/
|
||||
class Registration
|
||||
{
|
||||
/** The key handle of the registered authenticator */
|
||||
public $keyHandle;
|
||||
|
||||
/** The public key of the registered authenticator */
|
||||
public $publicKey;
|
||||
|
||||
/** The attestation certificate of the registered authenticator */
|
||||
public $certificate;
|
||||
|
||||
/** The counter associated with this registration */
|
||||
public $counter = -1;
|
||||
}
|
||||
|
||||
/**
|
||||
* Error class, returned on errors
|
||||
*
|
||||
* @package u2flib_server
|
||||
*/
|
||||
class Error extends \Exception
|
||||
{
|
||||
/**
|
||||
* Override constructor and make message and code mandatory
|
||||
* @param string $message
|
||||
* @param int $code
|
||||
* @param \Exception|null $previous
|
||||
*/
|
||||
public function __construct($message, $code, \Exception $previous = null) {
|
||||
parent::__construct($message, $code, $previous);
|
||||
}
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue