diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php
index c188ac93a5b32727d28b26e8709621e10193b77e..2d31b89bbd63bd459b1721e911e979820bcb0e60 100644
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -153,9 +153,16 @@ class installer_dist extends installer_base {
 		}
 
 		$reject_sender_login_mismatch = '';
+		$reject_authenticated_sender_login_mismatch = '';
 		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
-			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+			$reject_sender_login_mismatch = ', reject_sender_login_mismatch';
+			$reject_authenticated_sender_login_mismatch = 'reject_authenticated_sender_login_mismatch, ';
 		}
+
+		# placeholder includes comment char
+		$stress_adaptive_placeholder = '#{stress_adaptive} ';
+		$stress_adaptive = (isset($server_ini_array['mail']['stress_adaptive']) && ($server_ini_array['mail']['stress_adaptive'] == 'y')) ? '' : $stress_adaptive_placeholder;
+
 		unset($server_ini_array);
 
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
@@ -165,6 +172,8 @@ class installer_dist extends installer_base {
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
 			'{reject_slm}' => $reject_sender_login_mismatch,
+			'{reject_aslm}' => $reject_authenticated_sender_login_mismatch,
+			$stress_adaptive_placeholder => $stress_adaptive,
 		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php
index 324fe06e9adb2183cc7621216f6fe1ddfa93dd7a..342a583facb64e433a8410abf136c570f7e34df2 100644
--- a/install/dist/lib/gentoo.lib.php
+++ b/install/dist/lib/gentoo.lib.php
@@ -102,9 +102,16 @@ class installer extends installer_base
 		}
 
 		$reject_sender_login_mismatch = '';
+		$reject_authenticated_sender_login_mismatch = '';
 		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
-			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+			$reject_sender_login_mismatch = ', reject_sender_login_mismatch';
+			$reject_authenticated_sender_login_mismatch = 'reject_authenticated_sender_login_mismatch, ';
 		}
+
+		# placeholder includes comment char
+		$stress_adaptive_placeholder = '#{stress_adaptive} ';
+		$stress_adaptive = (isset($server_ini_array['mail']['stress_adaptive']) && ($server_ini_array['mail']['stress_adaptive'] == 'y')) ? '' : $stress_adaptive_placeholder;
+
 		unset($server_ini_array);
 
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
@@ -114,6 +121,8 @@ class installer extends installer_base
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
 			'{reject_slm}' => $reject_sender_login_mismatch,
+			'{reject_aslm}' => $reject_authenticated_sender_login_mismatch,
+			$stress_adaptive_placeholder => $stress_adaptive,
 		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master');
diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php
index da31ad6b571d204836e6b9c5ea878c70ab2ecbb5..07dd5cc690f36cb46d6556e1a67cd9dae38c416e 100644
--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -164,9 +164,16 @@ class installer_dist extends installer_base {
 		}
 
 		$reject_sender_login_mismatch = '';
+		$reject_authenticated_sender_login_mismatch = '';
 		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
-			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+			$reject_sender_login_mismatch = ', reject_sender_login_mismatch';
+			$reject_authenticated_sender_login_mismatch = 'reject_authenticated_sender_login_mismatch, ';
 		}
+
+		# placeholder includes comment char
+		$stress_adaptive_placeholder = '#{stress_adaptive} ';
+		$stress_adaptive = (isset($server_ini_array['mail']['stress_adaptive']) && ($server_ini_array['mail']['stress_adaptive'] == 'y')) ? '' : $stress_adaptive_placeholder;
+
 		unset($server_ini_array);
 
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
@@ -176,6 +183,8 @@ class installer_dist extends installer_base {
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
 			'{reject_slm}' => $reject_sender_login_mismatch,
+			'{reject_aslm}' => $reject_authenticated_sender_login_mismatch,
+			$stress_adaptive_placeholder => $stress_adaptive,
 		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 6a4d771e16b184ac23af5d3335d436c98176856a..fc27da8df38899cab84b71419ee3f7ff5e2fa626 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -967,6 +967,11 @@ class installer_base {
 			$this->error("The postfix configuration directory '$config_dir' does not exist.");
 		}
 
+		//* Get postfix version
+		exec('postconf -d mail_version 2>&1', $out);
+		$postfix_version = preg_replace('/.*=\s*/', '', $out[0]);
+		unset($out);
+
 		//* mysql-virtual_domains.cf
 		$this->process_postfix_config('mysql-virtual_domains.cf');
 
@@ -1072,12 +1077,28 @@ class installer_base {
 		}
 
 		$reject_sender_login_mismatch = '';
-		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
-			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
+		$reject_authenticated_sender_login_mismatch = '';
+		if (isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
+			$reject_sender_login_mismatch = ',reject_sender_login_mismatch,';
+			$reject_authenticated_sender_login_mismatch = 'reject_authenticated_sender_login_mismatch, ';
 		}
-		unset($server_ini_array);
 
-		$tmp = str_replace('.','\.',$conf['hostname']);
+		# placeholder includes comment char
+		$stress_adaptive_placeholder = '#{stress_adaptive}';
+		$stress_adaptive = (isset($server_ini_array['mail']['stress_adaptive']) && ($server_ini_array['mail']['stress_adaptive'] == 'y')) ? '' : $stress_adaptive_placeholder;
+
+		$reject_unknown_client_hostname='';
+		if (isset($server_ini_array['mail']['reject_unknown']) && ($server_ini_array['mail']['reject_unknown'] == 'client' || $server_ini_array['mail']['reject_unknown'] == 'client_helo')) {
+			$reject_unknown_client_hostname=',reject_unknown_client_hostname';
+		}
+		$reject_unknown_helo_hostname='';
+		if ((!isset($server_ini_array['mail']['reject_unknown'])) || $server_ini_array['mail']['reject_unknown'] == 'helo' || $server_ini_array['mail']['reject_unknown'] == 'client_helo') {
+			$reject_unknown_helo_hostname=',reject_unknown_helo_hostname';
+		}
+
+		unset($server_ini_array);
+		
+		$myhostname = str_replace('.','\.',$conf['hostname']);
 
 		$postconf_placeholders = array('{config_dir}' => $config_dir,
 			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
@@ -1086,13 +1107,43 @@ class installer_base {
 			'{rbl_list}' => $rbl_list,
 			'{greylisting}' => $greylisting,
 			'{reject_slm}' => $reject_sender_login_mismatch,
-			'{myhostname}' => $tmp,
+			'{reject_aslm}' => $reject_authenticated_sender_login_mismatch,
+			'{myhostname}' => $myhostname,
+			$stress_adaptive_placeholder => $stress_adaptive,
+			'{reject_unknown_client_hostname}' => $reject_unknown_client_hostname,
+			'{reject_unknown_helo_hostname}' => $reject_unknown_helo_hostname,
 		);
 
 		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
 		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
 		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
 
+		//* Merge version-specific postfix config
+		if(version_compare($postfix_version , '2.5', '>=')) {
+		    $configfile = 'postfix_2-5.conf';
+		    $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
+		    $content = strtr($content, $postconf_placeholders);
+		    $postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
+		}
+		if(version_compare($postfix_version , '2.10', '>=')) {
+		    $configfile = 'postfix_2-10.conf';
+		    $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
+		    $content = strtr($content, $postconf_placeholders);
+		    $postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
+		}
+		if(version_compare($postfix_version , '3.0', '>=')) {
+		    $configfile = 'postfix_3-0.conf';
+		    $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
+		    $content = strtr($content, $postconf_placeholders);
+		    $postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
+		}
+		if(version_compare($postfix_version , '3.3', '>=')) {
+		    $configfile = 'postfix_3-3.conf';
+		    $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
+		    $content = strtr($content, $postconf_placeholders);
+		    $postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
+		}
+
 		//* These postconf commands will be executed on installation only
 		if($this->is_update == false) {
 			$postconf_commands = array_merge($postconf_commands, array(
@@ -1399,7 +1450,7 @@ class installer_base {
 		if ($configure_lmtp) {
 			for ($i = 0; isset($new_options[$i]); $i++) {
 				if ($new_options[$i] == 'reject_unlisted_recipient') {
-					array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${config_dir}/mysql-verify_recipients.cf"));
+					array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${quoted_config_dir}/mysql-verify_recipients.cf"));
 					break;
 				}
 			}
@@ -1408,7 +1459,6 @@ class installer_base {
 				$postconf_commands[] = "enable_original_recipient = yes";
 			}
 		}
-		#exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'");
 		$postconf_commands[] = "smtpd_recipient_restrictions = ".implode(", ", $new_options);
 
 		// Executing the postconf commands
@@ -1630,7 +1680,7 @@ class installer_base {
 
 	public function configure_rspamd() {
 		global $conf;
-
+		
 		//* These postconf commands will be executed on installation and update
 		$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
 		$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
@@ -1647,8 +1697,33 @@ class installer_base {
 			exec("postconf -e 'milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}'");
 			exec("postconf -e 'milter_default_action = accept'");
 
-			exec("postconf -e 'smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, permit_mynetworks, permit_sasl_authenticated'");
+			if(! isset($mail_config['reject_sender_login_mismatch'])) {
+				$mail_config['reject_sender_login_mismatch'] = 'n';
+			}
+			$options = preg_split("/,\s*/", exec("postconf -h smtpd_sender_restrictions"));
+			$new_options = array();
+			foreach ($options as $key => $value) {
+				$value = trim($value);
+				if ($value == '') continue;
+				if (preg_match('/tag_as_(originating|foreign)\.re/', $value)) {
+					continue;
+				}
+				if (preg_match('/reject_(authenticated_)?sender_login_mismatch/', $value)) {
+					continue;
+				}
+				$new_options[] = $value;
+			}
+			if ($mail_config['reject_sender_login_mismatch'] == 'y') {
+				array_splice($new_options, 0, 0, array('reject_authenticated_sender_login_mismatch'));
 
+				for ($i = 0; isset($new_options[$i]); $i++) {
+					if ($new_options[$i] == 'permit_mynetworks') {
+						array_splice($new_options, $i+1, 0, array('reject_sender_login_mismatch'));
+						break;
+					}
+				}
+			}
+			exec("postconf -e 'smtpd_sender_restrictions = ".implode(", ", $new_options)."'");
 
 			$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
 			$new_options = array();
diff --git a/install/tpl/debian_postfix.conf.master b/install/tpl/debian_postfix.conf.master
index 8e3fa50f229239baff06e54f70a2bcedf4d8a9e0..07128357e4d5441addb8757927e869e6af51be47 100644
--- a/install/tpl/debian_postfix.conf.master
+++ b/install/tpl/debian_postfix.conf.master
@@ -5,8 +5,8 @@ virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{co
 virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
 virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
 virtual_mailbox_base = {vmail_mailbox_base}
-virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
-virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
+virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
+virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
 sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 inet_protocols=all
 inet_interfaces = all
@@ -15,20 +15,22 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
 smtpd_tls_key_file = {config_dir}/smtpd.key
 transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:{config_dir}/mysql-virtual_transports.cf
-relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
-relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
+relay_domains = proxy:mysql:{config_dir}/mysql-virtual_relaydomains.cf
+relay_recipient_maps = proxy:mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
-proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $smtpd_recipient_restrictions
+proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
-smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
-smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
+smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
+smtpd_sender_restrictions =  {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
+smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks{rbl_list}, permit_sasl_authenticated, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
+smtpd_etrn_restrictions = permit_mynetworks, reject
+smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
 maildrop_destination_recipient_limit   = 1
diff --git a/install/tpl/fedora_postfix.conf.master b/install/tpl/fedora_postfix.conf.master
index ffe831286c689cf2779d13fec0b36070c19c5383..a580f6a04268fdb9698e00270e6666399bdbd495 100644
--- a/install/tpl/fedora_postfix.conf.master
+++ b/install/tpl/fedora_postfix.conf.master
@@ -3,28 +3,30 @@ virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{co
 virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
 virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
 virtual_mailbox_base = {vmail_mailbox_base}
-virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
-virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
+virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
+virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
 sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
 smtpd_tls_key_file = {config_dir}/smtpd.key
 transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:{config_dir}/mysql-virtual_transports.cf
-relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
-relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
+relay_domains = proxy:mysql:{config_dir}/mysql-virtual_relaydomains.cf
+relay_recipient_maps = proxy:mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
-proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $smtpd_recipient_restrictions
+proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
-smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
-smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
+smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
+smtpd_sender_restrictions =  {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
+smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks{rbl_list}, permit_sasl_authenticated, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
+smtpd_etrn_restrictions = permit_mynetworks, reject
+smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
 maildrop_destination_recipient_limit   = 1
diff --git a/install/tpl/gentoo_postfix.conf.master b/install/tpl/gentoo_postfix.conf.master
index 52b48f92743317c652e22f2792c902a3f96eea5b..d0ed3d69f78e749a0d92656e770d6c5a5f43d3ee 100644
--- a/install/tpl/gentoo_postfix.conf.master
+++ b/install/tpl/gentoo_postfix.conf.master
@@ -3,27 +3,29 @@ virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{co
 virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
 virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
 virtual_mailbox_base = {vmail_mailbox_base}
-virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
-virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
+virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
+virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
 smtpd_tls_key_file = {config_dir}/smtpd.key
 transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:{config_dir}/mysql-virtual_transports.cf
-relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
-relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
+relay_domains = proxy:mysql:{config_dir}/mysql-virtual_relaydomains.cf
+relay_recipient_maps = proxy:mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
-proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $smtpd_recipient_restrictions
+proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
-smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
-smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
+smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
+smtpd_sender_restrictions =  {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
+smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks{rbl_list}, permit_sasl_authenticated, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
+smtpd_etrn_restrictions = permit_mynetworks, reject
+smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
 maildrop_destination_recipient_limit   = 1
diff --git a/install/tpl/opensuse_postfix.conf.master b/install/tpl/opensuse_postfix.conf.master
index 545dcb10806b739dd99a394dc55cea986acf85f1..9065e9fa037036bade4f9460576e6151d9c39ab4 100644
--- a/install/tpl/opensuse_postfix.conf.master
+++ b/install/tpl/opensuse_postfix.conf.master
@@ -5,28 +5,30 @@ virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{co
 virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
 virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
 virtual_mailbox_base = {vmail_mailbox_base}
-virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
-virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
+virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
+virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
 sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
 smtpd_tls_key_file = {config_dir}/smtpd.key
 transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:{config_dir}/mysql-virtual_transports.cf
-relay_domains = mysql:{config_dir}/mysql-virtual_relaydomains.cf
-relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
+relay_domains = proxy:mysql:{config_dir}/mysql-virtual_relaydomains.cf
+relay_recipient_maps = proxy:mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
-proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $smtpd_recipient_restrictions
+proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps $virtual_uid_maps $virtual_gid_maps $smtpd_client_restrictions $smtpd_sender_restrictions $smtpd_recipient_restrictions
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
-smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
-smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
+smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
+smtpd_sender_restrictions =  {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
+smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks{rbl_list}, permit_sasl_authenticated, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
+smtpd_etrn_restrictions = permit_mynetworks, reject
+smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
 smtpd_client_message_rate_limit = 100
 maildrop_destination_concurrency_limit = 1
 maildrop_destination_recipient_limit   = 1
diff --git a/install/tpl/postfix_2-10.conf.master b/install/tpl/postfix_2-10.conf.master
new file mode 100644
index 0000000000000000000000000000000000000000..d77f37e0a07bdedea1d15c629a07c871ba496b0c
--- /dev/null
+++ b/install/tpl/postfix_2-10.conf.master
@@ -0,0 +1,5 @@
+# Postfix configuration for version 2.10 and up
+smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
+
+# This is supported in version 2.9, but lets not create another conf file for it
+address_verify_sender_ttl = 15686s
diff --git a/install/tpl/postfix_2-5.conf.master b/install/tpl/postfix_2-5.conf.master
new file mode 100644
index 0000000000000000000000000000000000000000..132c80822e488b6b123e88002f1092e7dbd5b633
--- /dev/null
+++ b/install/tpl/postfix_2-5.conf.master
@@ -0,0 +1,13 @@
+# Postfix configuration for version 2.5 and up
+
+# These will make postfix adapt more to load spikes
+#{stress_adaptive} in_flow_delay = ${stress?3}${stress:1}s
+#{stress_adaptive} smtp_connect_timeout = ${stress?10}${stress:30}s
+#{stress_adaptive} smtp_helo_timeout = ${stress?10}${stress:60}s
+#{stress_adaptive} smtp_mail_timeout = ${stress?10}${stress:60}s
+#{stress_adaptive} smtpd_error_sleep_time = ${stress?1}${stress:2}s
+#{stress_adaptive} smtpd_hard_error_limit = ${stress?1}${stress:10}
+#{stress_adaptive} smtpd_recipient_overshoot_limit = ${stress?60}${stress:600}
+#{stress_adaptive} smtpd_soft_error_limit = ${stress?2}${stress:5}
+#{stress_adaptive} smtpd_timeout = ${stress?10}${stress:60}s
+
diff --git a/install/tpl/postfix_3-0.conf.master b/install/tpl/postfix_3-0.conf.master
new file mode 100644
index 0000000000000000000000000000000000000000..aa205679ad7818e0a19621a8f930e5838250d161
--- /dev/null
+++ b/install/tpl/postfix_3-0.conf.master
@@ -0,0 +1,13 @@
+# Postfix configuration for version 3.0 and up
+
+# These will make postfix adapt more to load spikes
+#{stress_adaptive} in_flow_delay = ${stress?{3}:{1}}s
+#{stress_adaptive} smtp_connect_timeout = ${stress?{10}:{30}}s
+#{stress_adaptive} smtp_helo_timeout = ${stress?{10}:{60}}s
+#{stress_adaptive} smtp_mail_timeout = ${stress?{10}:{60}}s
+#{stress_adaptive} smtpd_error_sleep_time = ${stress?{1}:{2}}s
+#{stress_adaptive} smtpd_hard_error_limit = ${stress?{1}:{10}}
+#{stress_adaptive} smtpd_recipient_overshoot_limit = ${stress?{60}:{600}}
+#{stress_adaptive} smtpd_soft_error_limit = ${stress?{2}:{5}}
+#{stress_adaptive} smtpd_timeout = ${stress?{10}:{60}}s
+
diff --git a/install/tpl/postfix_3-3.conf.master b/install/tpl/postfix_3-3.conf.master
new file mode 100644
index 0000000000000000000000000000000000000000..01b3e7f59058a3867d1a093f013e5cbaad1afc2a
--- /dev/null
+++ b/install/tpl/postfix_3-3.conf.master
@@ -0,0 +1,4 @@
+# Postfix configuration for version 3.3 and up
+
+# 3.2 and earlier should not have this set when using reject_unverified_recipient
+enable_original_recipient = no
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 6f310284dc6ca052f9b86cd5515987f194ad2ff0..6436e6e792a04aba37ccc56864dc55134f459673 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -131,7 +131,7 @@ class remoting_lib extends tform_base {
 			$this->sys_userid            = $user['userid'];
 			$this->sys_default_group     = $user['default_group'];
 			$this->sys_groups             = $user['groups'];
-			// we have to force admin priveliges for the remoting API as some function calls might fail otherwise.
+			// we have to force admin privileges for the remoting API as some function calls might fail otherwise.
 			if($client_login == false) $_SESSION["s"]["user"]["typ"] = 'admin';
 		}
 
diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php
index 680a52c57455e5e98d95512660752325b2add360..bc2f05840bf441d5cd6fab35a2c221e94a665920 100644
--- a/interface/web/admin/form/server_config.tform.php
+++ b/interface/web/admin/form/server_config.tform.php
@@ -456,11 +456,13 @@ $form["tabs"]['mail'] = array(
 			'datatype' => 'VARCHAR',
 			'formtype' => 'TEXT',
 			'default' => '/home/vmail/',
-			'validators' => array(	0 => array('type' => 'NOTEMPTY',
-										'errmsg' => 'homedir_path_error_empty'),
-									1 => array ( 	'type' => 'REGEX',
-										'regex' => '/^\/[a-zA-Z0-9\.\-\_\/]{5,128}$/',
-										'errmsg'=> 'homedir_path_error_regex'),
+			'validators' => array(	0 => array ( 'type' => 'NOTEMPTY',
+						           'errmsg' => 'homedir_path_error_empty'
+						    ),
+						1 => array ( 'type' => 'REGEX',
+						            'regex' => '/^\/[a-zA-Z0-9\.\-\_\/]{5,128}$/',
+							    'errmsg'=> 'homedir_path_error_regex'
+						    ),
 			),
 			'value' => '',
 			'width' => '40',
@@ -638,6 +640,17 @@ $form["tabs"]['mail'] = array(
 			'default' => 'n',
 			'value' => array(0 => 'n', 1 => 'y')
 		),
+		'reject_unknown' => array(
+			'datatype' => 'VARCHAR',
+			'formtype' => 'SELECT',
+			'default' => 'helo',
+			'value' => array(
+				'helo' => 'reject_unknown_helo_txt',
+				'client' => 'reject_unknown_client_txt',
+				'client_helo' => 'reject_unknown_client_helo_txt',
+				'none' => 'disabled_txt',
+			)
+		),
 		'mailbox_size_limit' => array(
 			'datatype' => 'INTEGER',
 			'formtype' => 'TEXT',
@@ -654,12 +667,6 @@ $form["tabs"]['mail'] = array(
 			'width' => '10',
 			'maxlength' => '15'
 		),
-		'mailbox_quota_stats' => array (
-			'datatype' => 'VARCHAR',
-			'formtype' => 'CHECKBOX',
-			'default' => 'y',
-			'value' => array(0 => 'n', 1 => 'y')
-		),
 		'realtime_blackhole_list' => array(
 			'datatype' => 'VARCHAR',
 			'formtype' => 'TEXT',
@@ -672,6 +679,18 @@ $form["tabs"]['mail'] = array(
 			'width' => '40',
 			'maxlength' => '255'
 		),
+		'stress_adaptive' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'y',
+			'value' => array(0 => 'n', 1 => 'y')
+		),
+		'mailbox_quota_stats' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'y',
+			'value' => array(0 => 'n', 1 => 'y')
+		),
 		'overquota_notify_admin' => array(
 			'datatype' => 'VARCHAR',
 			'formtype' => 'CHECKBOX',
diff --git a/interface/web/admin/lib/lang/ar_server_config.lng b/interface/web/admin/lib/lang/ar_server_config.lng
index 2daeadecc8be7e8315e1ad298637ea1cc7714717..ed8e236071c42a01934b9a1cfa087901e77fd7c6 100644
--- a/interface/web/admin/lib/lang/ar_server_config.lng
+++ b/interface/web/admin/lib/lang/ar_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost User';
 $wb['relayhost_password_txt'] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
 $wb['message_size_limit_txt'] = 'Message Size Limit';
 $wb['ip_address_txt'] = 'IP Address';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/bg_server_config.lng b/interface/web/admin/lib/lang/bg_server_config.lng
index 7bf8b2c73c74dde9e64dc4215968321069fbb8e0..71e5bfd5c6c5229e6864bd3f0bdca49668aeb46f 100644
--- a/interface/web/admin/lib/lang/bg_server_config.lng
+++ b/interface/web/admin/lib/lang/bg_server_config.lng
@@ -38,6 +38,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost User';
 $wb['relayhost_password_txt'] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
 $wb['message_size_limit_txt'] = 'Message Size Limit';
 $wb['ip_address_txt'] = 'IP адрес';
@@ -170,6 +175,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/br_server_config.lng b/interface/web/admin/lib/lang/br_server_config.lng
index 48ed0395b74e64331bd9110067bda10708d8dbbe..e7b59e3cdbb99122565f4e83f4623f8a22b63533 100644
--- a/interface/web/admin/lib/lang/br_server_config.lng
+++ b/interface/web/admin/lib/lang/br_server_config.lng
@@ -51,6 +51,11 @@ $wb['relayhost_txt'] = 'Servidor de retransmissão';
 $wb['relayhost_user_txt'] = 'Usuário de retransmissão';
 $wb['relayhost_password_txt'] = 'Senha do usuário de retransmissão';
 $wb['reject_sender_login_mismatch_txt'] = 'Rejeitar acesso com erro de usuário e/ou senha';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Limite do tamanho da conta de e-mail';
 $wb['message_size_limit_txt'] = 'Limite do tamanho da mensagem';
 $wb['ip_address_txt'] = 'Endereço IP';
@@ -179,6 +184,8 @@ $wb['connect_userid_to_webid_txt'] = 'Conectar o UID do usuário no sistema para
 $wb['connect_userid_to_webid_start_txt'] = 'Conexão do ID inicial do usuário com o webID';
 $wb['realtime_blackhole_list_txt'] = 'Lista RBL em tempo real';
 $wb['realtime_blackhole_list_note_txt'] = '(separar as RBLs com vírgulas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'Configurações SSL';
 $wb['permissions_txt'] = 'Permissões';
 $wb['php_settings_txt'] = 'Configurações php';
diff --git a/interface/web/admin/lib/lang/ca_server_config.lng b/interface/web/admin/lib/lang/ca_server_config.lng
index 89c426fc52f46a94a82713aaced35d9185ff26f1..effc175e85b921e3d654d57212c595b1a5f9af8b 100644
--- a/interface/web/admin/lib/lang/ca_server_config.lng
+++ b/interface/web/admin/lib/lang/ca_server_config.lng
@@ -51,6 +51,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost User';
 $wb['relayhost_password_txt'] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
 $wb['message_size_limit_txt'] = 'Message Size Limit';
 $wb['ip_address_txt'] = 'IP Address';
@@ -175,6 +180,8 @@ $wb['connect_userid_to_webid_txt'] = 'Connect Linux userid to webid';
 $wb['connect_userid_to_webid_start_txt'] = 'Start ID for userid/webid connect';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/cz_server_config.lng b/interface/web/admin/lib/lang/cz_server_config.lng
index f52af24a87e818b5c211310c8fba46d059b262a7..6e4f4c7faafd114ba50560f411acbd6d59286c45 100644
--- a/interface/web/admin/lib/lang/cz_server_config.lng
+++ b/interface/web/admin/lib/lang/cz_server_config.lng
@@ -163,6 +163,8 @@ $wb['backup_mode_userzip'] = 'Zálohování všech souborů v adresáři web jak
 $wb['backup_mode_rootgz'] = 'Zálohování všech souborů v adresáři web jako uživatel root';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(jednotlivé RBL databáze oddělujte čárkou)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Nastavení';
 $wb['permissions_txt'] = 'Nastavit oprávnění';
 $wb['php_settings_txt'] = 'PHP Nastavení';
@@ -254,6 +256,11 @@ $wb['mailbox_virtual_uidgid_maps_error_nosingleserver'] = 'Uid cannot be mapped
 $wb['mailbox_virtual_uidgid_maps_error_nodovecot'] = 'Uid-mapping can only be used with dovecot.';
 $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be changed if there are already mail users.';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['do_not_try_rescue_mongodb_txt'] = 'Zakázat  MongoDB monitorování';
 $wb['v6_prefix_txt'] = 'IPv6 Prefix';
 $wb['vhost_rewrite_v6_txt'] = 'Rewrite IPv6 on Mirror';
diff --git a/interface/web/admin/lib/lang/de_server_config.lng b/interface/web/admin/lib/lang/de_server_config.lng
index 0746e6bfdf14d0d15a14f60cce61b382e8b89fa0..9a236d92e1e8ef3178fcb123926b06e435e1c3c9 100644
--- a/interface/web/admin/lib/lang/de_server_config.lng
+++ b/interface/web/admin/lib/lang/de_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost Benutzer';
 $wb['relayhost_password_txt'] = 'Relayhost Passwort';
 $wb['reject_sender_login_mismatch_txt'] = 'Zurückweisen von Mails, wenn Sender nicht gleich Login';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'E-Mailkonto Beschränkung';
 $wb['message_size_limit_txt'] = 'E-Mailgrößen Beschränkung';
 $wb['ip_address_txt'] = 'IP Adresse';
@@ -174,6 +179,8 @@ $wb['connect_userid_to_webid_txt'] = 'Linux Userid mit webid verknüpfen';
 $wb['connect_userid_to_webid_start_txt'] = 'Start ID für userid/webid Verknüpfung';
 $wb['realtime_blackhole_list_txt'] = 'Realtime Blackhole Liste';
 $wb['realtime_blackhole_list_note_txt'] = '(Mehrere Realtime Blackhole Listen mit Kommas trennen)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Einstellungen';
 $wb['permissions_txt'] = 'Berechtigungen';
 $wb['php_settings_txt'] = 'PHP Einstellungen';
diff --git a/interface/web/admin/lib/lang/dk_server_config.lng b/interface/web/admin/lib/lang/dk_server_config.lng
index 772d46080fc140c0be1ec6e4106bfb60dff4f39e..41eaa1fe758ec8a072447278fe1236249538ae58 100644
--- a/interface/web/admin/lib/lang/dk_server_config.lng
+++ b/interface/web/admin/lib/lang/dk_server_config.lng
@@ -166,6 +166,8 @@ $wb['connect_userid_to_webid_txt'] = 'Forbinde Linux brugerid til webid';
 $wb['connect_userid_to_webid_start_txt'] = 'Start ID for brugerid/webid forbinde';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Adskille RBL\'er med kommaer)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Indstillinger';
 $wb['permissions_txt'] = 'Tilladelser';
 $wb['php_settings_txt'] = 'PHP Indstillinger';
@@ -256,6 +258,11 @@ $wb['mailbox_virtual_uidgid_maps_error_nosingleserver'] = 'Uid cannot be mapped
 $wb['mailbox_virtual_uidgid_maps_error_nodovecot'] = 'Uid-mapping can only be used with dovecot.';
 $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be changed if there are already mail users.';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['backup_time_txt'] = 'Backup time';
 $wb['do_not_try_rescue_mongodb_txt'] = 'Disable MongoDB monitoring';
 $wb['v6_prefix_txt'] = 'IPv6 Prefix';
diff --git a/interface/web/admin/lib/lang/el_server_config.lng b/interface/web/admin/lib/lang/el_server_config.lng
index 808cd63afefe3e1fc108c3e8ba8668b0872efa96..491aa69cb6b82cc7800b169a9878de1232c044e9 100644
--- a/interface/web/admin/lib/lang/el_server_config.lng
+++ b/interface/web/admin/lib/lang/el_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Χρήστης Relayhost';
 $wb['relayhost_password_txt'] = 'Συνθηματικό Relayhost';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Όριο χώρου θυρίδας';
 $wb['message_size_limit_txt'] = 'Μήνυμα ορίου χώρου';
 $wb['ip_address_txt'] = 'Διεύθυνση IP';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/en_server_config.lng b/interface/web/admin/lib/lang/en_server_config.lng
index ff7e39c70578b2e14634a26d1dad3f6d0e7a1f03..4858ed2eb8ce1a90b4f8fbccf08643a905e9d1a4 100644
--- a/interface/web/admin/lib/lang/en_server_config.lng
+++ b/interface/web/admin/lib/lang/en_server_config.lng
@@ -52,6 +52,16 @@ $wb["relayhost_txt"] = 'Relayhost';
 $wb["relayhost_user_txt"] = 'Relayhost User';
 $wb["relayhost_password_txt"] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb["mailbox_size_limit_txt"] = 'Mailbox Size Limit';
 $wb["message_size_limit_txt"] = 'Message Size Limit';
 $wb["ip_address_txt"] = 'IP Address';
@@ -180,6 +190,8 @@ $wb["connect_userid_to_webid_txt"] = 'Connect Linux userid to webid';
 $wb["connect_userid_to_webid_start_txt"] = 'Start ID for userid/webid connect';
 $wb["realtime_blackhole_list_txt"] = 'Real-time Blackhole List';
 $wb["realtime_blackhole_list_note_txt"] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb["ssl_settings_txt"] = 'SSL Settings';
 $wb["permissions_txt"] = 'Permissions';
 $wb["php_settings_txt"] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/es_server_config.lng b/interface/web/admin/lib/lang/es_server_config.lng
index 9cf590a619b89edc59bcc59282facab049f02ec5..866871de9a35c0bf62b4f21ea86c6d795e64ca5a 100644
--- a/interface/web/admin/lib/lang/es_server_config.lng
+++ b/interface/web/admin/lib/lang/es_server_config.lng
@@ -230,7 +230,14 @@ $wb['pop3_imap_daemon_txt'] = 'Servicio POP3/IMAP';
 $wb['rbl_error_regex'] = 'Por favor especifique nombres de host RBL válidos.';
 $wb['realtime_blackhole_list_note_txt'] = '(Separe las listas RBL con una coma)';
 $wb['realtime_blackhole_list_txt'] = 'Lista de filtrado en tiempo real';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['reject_sender_login_mismatch_txt'] = 'Rechazar remitente e inicio de sesión diferentes';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['relayhost_password_txt'] = 'Contraseña del servidor de retransmisión';
 $wb['relayhost_txt'] = 'Servidor de retransmisión';
 $wb['relayhost_user_txt'] = 'Usuario del servidor de retransmisión';
diff --git a/interface/web/admin/lib/lang/fi_server_config.lng b/interface/web/admin/lib/lang/fi_server_config.lng
index 654a63a501325f9cf5deb39e39121655bc7f7e07..61edf1e6020d9aa724ed2e400019730798307720 100644
--- a/interface/web/admin/lib/lang/fi_server_config.lng
+++ b/interface/web/admin/lib/lang/fi_server_config.lng
@@ -38,6 +38,11 @@ $wb['relayhost_txt'] = 'Edelleenlähetyspalvelin';
 $wb['relayhost_user_txt'] = 'Edelleenlähetyspalvelimen käyttäjätunnus';
 $wb['relayhost_password_txt'] = 'Edelleenlähetyspalvelimen salasana';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Postilaatikon koko';
 $wb['message_size_limit_txt'] = 'Viestien enimmäiskoko';
 $wb['ip_address_txt'] = 'IP-osoite';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/fr_server_config.lng b/interface/web/admin/lib/lang/fr_server_config.lng
index 8ba5123460f934bc3acf3ea1e1b09ab2422c2cec..657a4e1b54bb4027661ef8353167711b44f125e8 100644
--- a/interface/web/admin/lib/lang/fr_server_config.lng
+++ b/interface/web/admin/lib/lang/fr_server_config.lng
@@ -165,6 +165,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL’s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
@@ -256,6 +258,11 @@ $wb['mailbox_virtual_uidgid_maps_error_nosingleserver'] = 'Uid cannot be mapped
 $wb['mailbox_virtual_uidgid_maps_error_nodovecot'] = 'Uid-mapping can only be used with dovecot.';
 $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be changed if there are already mail users.';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['do_not_try_rescue_mongodb_txt'] = 'Disable MongoDB monitoring';
 $wb['v6_prefix_txt'] = 'IPv6 Prefix';
 $wb['vhost_rewrite_v6_txt'] = 'Rewrite IPv6 on Mirror';
diff --git a/interface/web/admin/lib/lang/hr_server_config.lng b/interface/web/admin/lib/lang/hr_server_config.lng
index 6dd61c1b9257163986af752b6c317f046b49c7f7..c7be0b3df01d4d5c8331e2449e8219da984afce8 100644
--- a/interface/web/admin/lib/lang/hr_server_config.lng
+++ b/interface/web/admin/lib/lang/hr_server_config.lng
@@ -39,6 +39,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost korisnik';
 $wb['relayhost_password_txt'] = 'Relayhost Å¡ifra';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Dozvoljena veličina mailboxa';
 $wb['message_size_limit_txt'] = 'Dozvoljena veličina emaila';
 $wb['ip_address_txt'] = 'IP adresa';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL postavke';
 $wb['permissions_txt'] = 'Dozvole';
 $wb['php_settings_txt'] = 'PHP postavke';
diff --git a/interface/web/admin/lib/lang/hu_server_config.lng b/interface/web/admin/lib/lang/hu_server_config.lng
index a62b7c3834ea84ef19677dbc292217f537373a52..979eacb0e8d6f5aed08a64340cacdc283edbc5e5 100644
--- a/interface/web/admin/lib/lang/hu_server_config.lng
+++ b/interface/web/admin/lib/lang/hu_server_config.lng
@@ -38,6 +38,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost User';
 $wb['relayhost_password_txt'] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
 $wb['message_size_limit_txt'] = 'Message Size Limit';
 $wb['ip_address_txt'] = 'IP Address';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/id_server_config.lng b/interface/web/admin/lib/lang/id_server_config.lng
index 7d1a85626fdf9ccf5b13e5432e2a3178358804da..717948646926f1eae04b9b25fa9701aedd4b47d4 100644
--- a/interface/web/admin/lib/lang/id_server_config.lng
+++ b/interface/web/admin/lib/lang/id_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Pengguna Relayhost';
 $wb['relayhost_password_txt'] = 'Kata Sandi Relayhost';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Batasan Ukuran Mailbox';
 $wb['message_size_limit_txt'] = 'Batasan Ukuran Pesan';
 $wb['ip_address_txt'] = 'Alamat IP';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/it_server_config.lng b/interface/web/admin/lib/lang/it_server_config.lng
index 9db4bb523a04e2a6bc348bd8433b3061b97f081e..9aa049a4889fafe0087addb56f6e94006a04a59a 100644
--- a/interface/web/admin/lib/lang/it_server_config.lng
+++ b/interface/web/admin/lib/lang/it_server_config.lng
@@ -165,6 +165,8 @@ $wb['backup_mode_userzip'] = 'Backup files siti web come utente web in formato z
 $wb['backup_mode_rootgz'] = 'Backup di tutti i files nella cartella sito come utente root';
 $wb['realtime_blackhole_list_txt'] = 'Lista Real-Time Blackhole';
 $wb['realtime_blackhole_list_note_txt'] = '(Separare RBL con le virgole)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'Impostazioni SSL';
 $wb['permissions_txt'] = 'Permessi';
 $wb['php_settings_txt'] = 'Impostazioni PHP';
@@ -256,6 +258,11 @@ $wb['mailbox_virtual_uidgid_maps_error_nosingleserver'] = 'Uid cannot be mapped
 $wb['mailbox_virtual_uidgid_maps_error_nodovecot'] = 'Uid-mapping can only be used with dovecot.';
 $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be changed if there are already mail users.';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['do_not_try_rescue_mongodb_txt'] = 'Disable MongoDB monitoring';
 $wb['v6_prefix_txt'] = 'IPv6 Prefix';
 $wb['vhost_rewrite_v6_txt'] = 'Rewrite IPv6 on Mirror';
diff --git a/interface/web/admin/lib/lang/ja_server_config.lng b/interface/web/admin/lib/lang/ja_server_config.lng
index 9956c4ea942313db2ad46759aa07e5f5646a5158..3de4d2ca1ab35fec48efad324b23d441c5ed18f5 100644
--- a/interface/web/admin/lib/lang/ja_server_config.lng
+++ b/interface/web/admin/lib/lang/ja_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'リレーホスト';
 $wb['relayhost_user_txt'] = 'リレーホストユーザー';
 $wb['relayhost_password_txt'] = 'リレーホストパスワード';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'メールボックスのサイズ';
 $wb['message_size_limit_txt'] = 'メッセージの最大サイズ';
 $wb['ip_address_txt'] = 'IPアドレス';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/nl_server_config.lng b/interface/web/admin/lib/lang/nl_server_config.lng
index a904e4e3d6cd92b2167f357cd84e3de1058fa7f1..7e3edc43982b99105169fe53309561d33cb7094c 100644
--- a/interface/web/admin/lib/lang/nl_server_config.lng
+++ b/interface/web/admin/lib/lang/nl_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost gebruiker';
 $wb['relayhost_password_txt'] = 'Relayhost wachtwoord';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox grootte limiet';
 $wb['message_size_limit_txt'] = 'Message grootte limiet';
 $wb['ip_address_txt'] = 'IP adres';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/pl_server_config.lng b/interface/web/admin/lib/lang/pl_server_config.lng
index d85c337d6470e61215723957045e38276fee98c8..294ed44ee7b76bfd5262676502e125cfff9d97a1 100644
--- a/interface/web/admin/lib/lang/pl_server_config.lng
+++ b/interface/web/admin/lib/lang/pl_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Adres Relayhost';
 $wb['relayhost_user_txt'] = 'Użytkownik Relayhost';
 $wb['relayhost_password_txt'] = 'Hasło Relayhost';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Maksymalna wielkość skrzynki pocztowej';
 $wb['message_size_limit_txt'] = 'Maksymalna wielkość wiadomości';
 $wb['ip_address_txt'] = 'Adres IP';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Pliki kopii z prawami użytkownika jako zip';
 $wb['backup_mode_rootgz'] = 'Twórz kopie wszystkich plików w katalogu web jako root';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(oddziel RBL-e przecinkami)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'Ustawienia SSL';
 $wb['permissions_txt'] = 'Uprawnienia';
 $wb['php_settings_txt'] = 'Ustawienia PHP';
diff --git a/interface/web/admin/lib/lang/pt_server_config.lng b/interface/web/admin/lib/lang/pt_server_config.lng
index e2051d0fffbbc52a9c36a1ccbdb5e4c1f8a0abeb..8b9d78d151f8523a8d8aeeab5870f37335f089bb 100644
--- a/interface/web/admin/lib/lang/pt_server_config.lng
+++ b/interface/web/admin/lib/lang/pt_server_config.lng
@@ -39,6 +39,11 @@ $wb['relayhost_txt'] = 'Host Relay';
 $wb['relayhost_user_txt'] = 'Utilizador do Host Relay';
 $wb['relayhost_password_txt'] = 'Senha do Host Relay';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Tamanho máximo da Caixa Postal';
 $wb['message_size_limit_txt'] = 'Tamanho máximo de mensagem';
 $wb['ip_address_txt'] = 'Endereço IP';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/ro_server_config.lng b/interface/web/admin/lib/lang/ro_server_config.lng
index 33b430de8363396706bb0ca4bfd939690842e360..a1ce64839ff9e1cf38ecd0442259a6fa150d07ab 100644
--- a/interface/web/admin/lib/lang/ro_server_config.lng
+++ b/interface/web/admin/lib/lang/ro_server_config.lng
@@ -39,6 +39,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost User';
 $wb['relayhost_password_txt'] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
 $wb['message_size_limit_txt'] = 'Message Size Limit';
 $wb['ip_address_txt'] = 'IP Address';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/ru_server_config.lng b/interface/web/admin/lib/lang/ru_server_config.lng
index 07aa94b967bcb621edf26a716c528fc47043ca14..8583ccd43464be391edbe9d720d72d68a313a666 100644
--- a/interface/web/admin/lib/lang/ru_server_config.lng
+++ b/interface/web/admin/lib/lang/ru_server_config.lng
@@ -37,6 +37,11 @@ $wb['relayhost_txt'] = 'Relay-хост';
 $wb['relayhost_user_txt'] = 'Логин Relay-хоста';
 $wb['relayhost_password_txt'] = 'Пароль Relay-хоста';
 $wb['reject_sender_login_mismatch_txt'] = 'Отклонить при несовпадении отправителя и логина';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Лимит объема почтового ящика';
 $wb['message_size_limit_txt'] = 'Лимит размера сообщения';
 $wb['ip_address_txt'] = 'IP-адрес';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Делать резервные копии web ф
 $wb['backup_mode_rootgz'] = 'Делать резервные копии всех файлов в веб-каталог как корневой пользователь';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Разделяйте RBL запятыми)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'Настройки SSL';
 $wb['permissions_txt'] = 'Разрешения';
 $wb['php_settings_txt'] = 'Параметры PHP';
diff --git a/interface/web/admin/lib/lang/se_server_config.lng b/interface/web/admin/lib/lang/se_server_config.lng
index a8ece108ca2bd3acbad4b6488034b96a44aed05e..ff44861126f5b25bb1b453c5169791a7e6c63bb3 100644
--- a/interface/web/admin/lib/lang/se_server_config.lng
+++ b/interface/web/admin/lib/lang/se_server_config.lng
@@ -38,6 +38,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost User';
 $wb['relayhost_password_txt'] = 'Relayhost Password';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
 $wb['message_size_limit_txt'] = 'Message Size Limit';
 $wb['ip_address_txt'] = 'IP Address';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/sk_server_config.lng b/interface/web/admin/lib/lang/sk_server_config.lng
index d8ca8233b3d2713d54c097d53d4c50b633789d5c..1efac9e6e66db15bfcf572e06e136a3bb52b55e4 100644
--- a/interface/web/admin/lib/lang/sk_server_config.lng
+++ b/interface/web/admin/lib/lang/sk_server_config.lng
@@ -40,6 +40,11 @@ $wb['relayhost_txt'] = 'Relayhost';
 $wb['relayhost_user_txt'] = 'Relayhost uživateľ';
 $wb['relayhost_password_txt'] = 'Relayhost heslo';
 $wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'Limit ve?kosti poštovej schránky';
 $wb['message_size_limit_txt'] = 'Limit ve?kosti správy';
 $wb['ip_address_txt'] = 'IP Adresa';
@@ -172,6 +177,8 @@ $wb['backup_mode_userzip'] = 'Backup web files owned by web user as zip';
 $wb['backup_mode_rootgz'] = 'Backup all files in web directory as root user';
 $wb['realtime_blackhole_list_txt'] = 'Real-time Blackhole List';
 $wb['realtime_blackhole_list_note_txt'] = '(Separate RBL\'s with commas)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Settings';
 $wb['permissions_txt'] = 'Permissions';
 $wb['php_settings_txt'] = 'PHP Settings';
diff --git a/interface/web/admin/lib/lang/tr_server_config.lng b/interface/web/admin/lib/lang/tr_server_config.lng
index 497116a00de3fbb89a5f7a2033f9420d608d4343..25380413fa36a2ad8d269c3642b45e2fd35bb004 100644
--- a/interface/web/admin/lib/lang/tr_server_config.lng
+++ b/interface/web/admin/lib/lang/tr_server_config.lng
@@ -51,6 +51,11 @@ $wb['relayhost_txt'] = 'Aktarım Sunucusu';
 $wb['relayhost_user_txt'] = 'Aktarım Sunucu Kullanıcı Adı';
 $wb['relayhost_password_txt'] = 'Aktarım Sunucu Parolası';
 $wb['reject_sender_login_mismatch_txt'] = 'Gönderen ile Oturum Açmış Kullanıcı Eşleşmiyorsa Reddedilsin';
+$wb['reject_unknown_txt'] = 'Reject unknown hostnames';
+$wb['tooltip_reject_unknown_txt'] = 'Requires hostnames to pass DNS checks.  Not checked for authenticated users.';
+$wb['reject_unknown_helo_txt'] = 'Reject unknown helo hostnames';
+$wb['reject_unknown_client_txt'] = 'Reject unknown client hostnames';
+$wb['reject_unknown_client_helo_txt'] = 'Reject unknown helo and client hostnames';
 $wb['mailbox_size_limit_txt'] = 'E-posta Kutusu Boyutu Sınırı';
 $wb['message_size_limit_txt'] = 'İleti Boyutu Sınırı';
 $wb['ip_address_txt'] = 'IP Adresi';
@@ -179,6 +184,8 @@ $wb['connect_userid_to_webid_txt'] = 'Linux kullanıcıkodu webkoduna bağlansı
 $wb['connect_userid_to_webid_start_txt'] = 'Bağlanacak kullanıcıkodu/webkodu için başlangıç kodu';
 $wb['realtime_blackhole_list_txt'] = 'Gerçek Zamanlı Karadelik Listesi (RBL)';
 $wb['realtime_blackhole_list_note_txt'] = '(RBL adlarını virgül ile ayırarak yazın)';
+$wb['stress_adaptive_txt'] = 'Adapt to temporary load spikes';
+$wb['tooltip_stress_adaptive_txt'] = 'Enables Postfix stress-adaptive behavior.';
 $wb['ssl_settings_txt'] = 'SSL Ayarları';
 $wb['permissions_txt'] = 'Ä°zinler';
 $wb['php_settings_txt'] = 'PHP Ayarları';
diff --git a/interface/web/admin/server_config_edit.php b/interface/web/admin/server_config_edit.php
index 5214d14037ac98987929feaa713527abd87e2991..339ac2f2f5605d9b6ad0ccb2d2d462113aee3b4f 100644
--- a/interface/web/admin/server_config_edit.php
+++ b/interface/web/admin/server_config_edit.php
@@ -79,7 +79,7 @@ class page_action extends tform_actions {
 	function onShowEdit() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 
 		if($app->tform->errorMessage == '') {
 			$app->uses('ini_parser,getconf');
@@ -115,7 +115,7 @@ class page_action extends tform_actions {
 	function onUpdateSave($sql) {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		$app->uses('ini_parser,getconf');
 
 		if($conf['demo_mode'] != true) {
diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index 9b3102e60e337c7a2dcef9a131cd444e3b5fa08e..941f6e0bbe90adbad455c37b270115477fcb666f 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -56,7 +56,7 @@ class page_action extends tform_actions {
 	function onShowEdit() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 
 		if($app->tform->errorMessage == '') {
 			$app->uses('ini_parser,getconf');
@@ -133,7 +133,7 @@ class page_action extends tform_actions {
 	function onUpdateSave($sql) {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		$app->uses('ini_parser,getconf');
 
 		$section = $app->tform->getCurrentTab();
diff --git a/interface/web/admin/templates/server_config_mail_edit.htm b/interface/web/admin/templates/server_config_mail_edit.htm
index 6ba37104ef111f91d555c2fd8610e88f7dae6660..1e63cecca8b4a215ccf34e999576d513a3261a4b 100644
--- a/interface/web/admin/templates/server_config_mail_edit.htm
+++ b/interface/web/admin/templates/server_config_mail_edit.htm
@@ -99,6 +99,24 @@
                 <label for="message_size_limit" class="col-sm-3 control-label">{tmpl_var name='message_size_limit_txt'}</label>
                 <div class="col-sm-6"><input type="text" name="message_size_limit" id="message_size_limit" value="{tmpl_var name='message_size_limit'}" class="form-control" /></div><div class="col-sm-3 input-sm">&nbsp;MB
             </div></div>
+            <div class="form-group">
+                <label for="realtime_blackhole_list" class="col-sm-3 control-label">{tmpl_var name='realtime_blackhole_list_txt'}</label>
+                <div class="col-sm-6"><input type="text" name="realtime_blackhole_list" id="realtime_blackhole_list" value="{tmpl_var name='realtime_blackhole_list'}" class="form-control" /></div><div class="col-sm-3 input-sm">&nbsp;{tmpl_var name='realtime_blackhole_list_note_txt'}
+            </div></div>
+            <div class="form-group">
+                <label class="col-sm-3 control-label">{tmpl_var name='reject_unknown_txt'}</label>
+                <div class="col-sm-9"><a href="#" data-toggle="tooltip" title="{tmpl_var name='tooltip_reject_unknown_txt'}">
+                    <select name="reject_unknown" id="reject_unknown" class="form-control">
+                        {tmpl_var name='reject_unknown'}
+                    </select></a>
+                </div>
+            </div>
+            <div class="form-group">
+                <label class="col-sm-3 control-label">{tmpl_var name='stress_adaptive_txt'}</label>
+                <div class="col-sm-9">
+                    <a href="#" data-toggle="tooltip" title="{tmpl_var name='tooltip_stress_adaptive_txt'}">{tmpl_var name="stress_adaptive"}</a>
+                </div>
+            </div>
             <div class="form-group">
                 <label class="col-sm-3 control-label">{tmpl_var name='mailbox_quota_stats_txt'}</label>
                 <div class="col-sm-9">
@@ -106,10 +124,6 @@
                 </div>
             </div>
             <div class="form-group">
-                <label for="realtime_blackhole_list" class="col-sm-3 control-label">{tmpl_var name='realtime_blackhole_list_txt'}</label>
-                <div class="col-sm-6"><input type="text" name="realtime_blackhole_list" id="realtime_blackhole_list" value="{tmpl_var name='realtime_blackhole_list'}" class="form-control" /></div><div class="col-sm-3 input-sm">&nbsp;{tmpl_var name='realtime_blackhole_list_note_txt'}
-            </div></div>
-			<div class="form-group">
                 <label class="col-sm-3 control-label">{tmpl_var name='overquota_notify_admin_txt'}</label>
                 <div class="col-sm-9">
                     {tmpl_var name='overquota_notify_admin'}
diff --git a/interface/web/mail/mail_blacklist_del.php b/interface/web/mail/mail_blacklist_del.php
index d3bbc5d5d581991078d44997aa583d1550243181..aa671c488714f0f76af47e45aafad673ecb32eca 100644
--- a/interface/web/mail/mail_blacklist_del.php
+++ b/interface/web/mail/mail_blacklist_del.php
@@ -43,7 +43,7 @@ require_once '../../lib/config.inc.php';
 require_once '../../lib/app.inc.php';
 
 
-if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges');
+if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin privileges');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('mail');
diff --git a/interface/web/mail/mail_blacklist_edit.php b/interface/web/mail/mail_blacklist_edit.php
index e2f284a34ed84df3a0c397aee67107eeabb15468..b86729b919e9d08a8855d972d8c447e48a36bc3b 100644
--- a/interface/web/mail/mail_blacklist_edit.php
+++ b/interface/web/mail/mail_blacklist_edit.php
@@ -53,7 +53,7 @@ class page_action extends tform_actions {
 	function onShowNew() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		parent::onShowNew();
 	}
 
@@ -61,7 +61,7 @@ class page_action extends tform_actions {
 	function onBeforeUpdate() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 
 		//* Check if the server has been changed
 		// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
@@ -79,7 +79,7 @@ class page_action extends tform_actions {
 	function onSubmit() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		
 		if(substr($this->dataRecord['source'], 0, 1) === '@') $this->dataRecord['source'] = substr($this->dataRecord['source'], 1);
 		
diff --git a/interface/web/mail/mail_blacklist_list.php b/interface/web/mail/mail_blacklist_list.php
index 2bdc1e93b8270148285eb4d705dfa7b47cadcfce..ecb24d867c740f2f7853fd46d4d7f52ed1a5bf6b 100644
--- a/interface/web/mail/mail_blacklist_list.php
+++ b/interface/web/mail/mail_blacklist_list.php
@@ -12,7 +12,7 @@ $list_def_file = "list/mail_blacklist.list.php";
 * End Form configuration
 ******************************************/
 
-if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges');
+if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin privileges');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('mail');
diff --git a/interface/web/mail/mail_whitelist_del.php b/interface/web/mail/mail_whitelist_del.php
index 2294f4486806d41ffc7777d5bec207ae9c519c48..06ce88550bcef2a2e00d674759ddf310842bba3a 100644
--- a/interface/web/mail/mail_whitelist_del.php
+++ b/interface/web/mail/mail_whitelist_del.php
@@ -42,7 +42,7 @@ $tform_def_file = "form/mail_whitelist.tform.php";
 require_once '../../lib/config.inc.php';
 require_once '../../lib/app.inc.php';
 
-if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges');
+if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin privileges');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('mail');
diff --git a/interface/web/mail/mail_whitelist_edit.php b/interface/web/mail/mail_whitelist_edit.php
index 2cf56b1ec451626491830f41acb54196341d6505..35fa825ec78cbdb8d237594cd276ae94ce9199b2 100644
--- a/interface/web/mail/mail_whitelist_edit.php
+++ b/interface/web/mail/mail_whitelist_edit.php
@@ -53,7 +53,7 @@ class page_action extends tform_actions {
 	function onShowNew() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		
 		parent::onShowNew();
 	}
@@ -61,7 +61,7 @@ class page_action extends tform_actions {
 	function onBeforeUpdate() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		
 		//* Check if the server has been changed
 		// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
@@ -77,7 +77,7 @@ class page_action extends tform_actions {
 	function onSubmit() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 
 		if(substr($this->dataRecord['source'], 0, 1) === '@') $this->dataRecord['source'] = substr($this->dataRecord['source'], 1);
 
diff --git a/interface/web/mail/mail_whitelist_list.php b/interface/web/mail/mail_whitelist_list.php
index 1a09b6b16578dd81455536a425d110597ed99168..73877797b4c97e40a333427c4e606793d70e2651 100644
--- a/interface/web/mail/mail_whitelist_list.php
+++ b/interface/web/mail/mail_whitelist_list.php
@@ -12,7 +12,7 @@ $list_def_file = "list/mail_whitelist.list.php";
 * End Form configuration
 ******************************************/
 
-if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin priveliges');
+if($_SESSION["s"]["user"]["typ"] != 'admin') $app->error('This function needs admin privileges');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('mail');
diff --git a/interface/web/mail/spamfilter_config_edit.php b/interface/web/mail/spamfilter_config_edit.php
index 5b3062ab771341d8214ca589d628621f55d53da8..9314feeccc95411b8e05b6eaaec7119af0d369a8 100644
--- a/interface/web/mail/spamfilter_config_edit.php
+++ b/interface/web/mail/spamfilter_config_edit.php
@@ -53,7 +53,7 @@ class page_action extends tform_actions {
 	function onShowEdit() {
 		global $app, $conf;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 
 		if($app->tform->errorMessage == '') {
 			$app->uses('ini_parser,getconf');
@@ -73,7 +73,7 @@ class page_action extends tform_actions {
 	function onUpdateSave($sql) {
 		global $app;
 
-		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
+		if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin privileges');
 		$app->uses('ini_parser,getconf');
 
 		$section = $app->tform->getCurrentTab();
diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
index 72f602f9dae2e7ac46da32d4aaf72803e9c979b6..e1fba6e18082c4fda64addbb5a293bc3b9940f95 100644
--- a/server/plugins-available/mysql_clientdb_plugin.inc.php
+++ b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -529,7 +529,7 @@ class mysql_clientdb_plugin {
 			//* Remote access option has changed.
 			if($data['new']['remote_access'] != $data['old']['remote_access']) {
 
-				//* set new priveliges
+				//* set new privileges
 				if($data['new']['remote_access'] == 'y') {
 					if($db_user) {
 						if($db_user['database_user'] == 'root'){
diff --git a/server/plugins-available/postfix_server_plugin.inc.php b/server/plugins-available/postfix_server_plugin.inc.php
index 5a0b222a2491bb62125adbaa096d887ed28aee85..2d6f063cd855752aa730a5bda6c34961949a00e2 100644
--- a/server/plugins-available/postfix_server_plugin.inc.php
+++ b/server/plugins-available/postfix_server_plugin.inc.php
@@ -70,6 +70,7 @@ class postfix_server_plugin {
 	// The purpose of this plugin is to rewrite the main.cf file
 	function update($event_name, $data) {
 		global $app, $conf;
+		$postfix_restart = false;
 
 		// get the config
 		$app->uses("getconf,system");
@@ -105,7 +106,7 @@ class postfix_server_plugin {
 			exec("postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd'");
 			exec("postconf -e 'smtp_sasl_security_options ='");
 			exec('postmap /etc/postfix/sasl_passwd');
-			exec($conf['init_scripts'] . '/' . 'postfix restart');
+			$postfix_restart=true;
 		}
 
 		if($mail_config['realtime_blackhole_list'] != $old_ini_data['mail']['realtime_blackhole_list']) {
@@ -139,27 +140,147 @@ class postfix_server_plugin {
 				}
 			}
 			$app->system->exec_safe("postconf -e ?", 'smtpd_recipient_restrictions = '.implode(", ", $new_options));
-			exec('postfix reload');
 		}
-		
-		if($mail_config['reject_sender_login_mismatch'] != $old_ini_data['mail']['reject_sender_login_mismatch']) {
+
+		if ($mail_config['reject_sender_login_mismatch'] != $old_ini_data['mail']['reject_sender_login_mismatch']) {
 			$options = preg_split("/,\s*/", exec("postconf -h smtpd_sender_restrictions"));
 			$new_options = array();
 			foreach ($options as $key => $value) {
-				if (!preg_match('/reject_authenticated_sender_login_mismatch/', $value)) {
-					$new_options[] = $value;
+				$value = trim($value);
+				if ($value == '') continue;
+				if (preg_match('/reject_(authenticated_)?sender_login_mismatch/', $value)) {
+					continue;
 				}
+				$new_options[] = $value;
 			}
-				
+
 			if ($mail_config['reject_sender_login_mismatch'] == 'y') {
-				reset($new_options); $i = 0;
-				// insert after check_sender_access but before permit_...
-				while (isset($new_options[$i]) && substr($new_options[$i], 0, 19) == 'check_sender_access') ++$i;
-				array_splice($new_options, $i, 0, array('reject_authenticated_sender_login_mismatch'));
+				array_splice($new_options, 0, 0, array('reject_authenticated_sender_login_mismatch'));
+
+				for ($i = 0; isset($new_options[$i]); $i++) {
+					if ($new_options[$i] == 'permit_mynetworks') {
+						array_splice($new_options, $i+1, 0, array('reject_sender_login_mismatch'));
+						break;
+					}
+				}
 			}
+
 			$app->system->exec_safe("postconf -e ?", 'smtpd_sender_restrictions = '.implode(", ", $new_options));
-			exec('postfix reload');
-		}		
+		}
+
+		if ($mail_config['reject_unknown']) {
+			if (($mail_config['reject_unknown'] === 'client') || ($mail_config['reject_unknown'] === 'client_helo')) {
+				$options = preg_split("/,\s*/", exec("postconf -h smtpd_client_restrictions"));
+				$new_options = array();
+				foreach ($options as $key => $value) {
+					$value = trim($value);
+					if ($value == '') continue;
+					if (preg_match('/reject_unknown(_client)?_hostname/', $value)) {
+						continue;
+					}
+					$new_options[] = $value;
+				}
+
+				// insert before explicit permit, or append
+				for ($i = 0; isset($new_options[$i]); $i++) {
+					if ($new_options[$i] == 'permit') {
+						array_splice($new_options, $i, 0, array('reject_unknown_client_hostname'));
+						break;
+					}
+				}
+				if ($i == count($new_options)) {
+					$new_options[] = array('reject_unknown_client_hostname');
+				}
+
+				$app->system->exec_safe("postconf -e ?", 'smtpd_client_restrictions = '.implode(", ", $new_options));
+			} else {
+				$options = preg_split("/,\s*/", exec("postconf -h smtpd_client_restrictions"));
+				$new_options = array();
+				foreach ($options as $key => $value) {
+					$value = trim($value);
+					if ($value == '') continue;
+					if (preg_match('/reject_unknown(_client)?_hostname/', $value)) {
+						continue;
+					}
+					$new_options[] = $value;
+				}
+				$app->system->exec_safe("postconf -e ?", 'smtpd_client_restrictions = '.implode(", ", $new_options));
+			}
+
+			if (($mail_config['reject_unknown'] === 'helo') || ($mail_config['reject_unknown'] === 'client_helo')) {
+				$options = preg_split("/,\s*/", exec("postconf -h smtpd_helo_restrictions"));
+				$new_options = array();
+				foreach ($options as $key => $value) {
+					$value = trim($value);
+					if ($value == '') continue;
+					if (preg_match('/reject_unknown(_helo)?_hostname/', $value)) {
+						continue;
+					}
+					$new_options[] = $value;
+				}
+
+				// insert before explicit permit, or append
+				for ($i = 0; isset($new_options[$i]); $i++) {
+					if ($new_options[$i] == 'permit') {
+						array_splice($new_options, $i, 0, array('reject_unknown_helo_hostname'));
+						break;
+					}
+				}
+				if ($i == count($new_options)) {
+					$new_options[] = array('reject_unknown_helo_hostname');
+				}
+
+				$app->system->exec_safe("postconf -e ?", 'smtpd_helo_restrictions = '.implode(", ", $new_options));
+			} else {
+				$options = preg_split("/,\s*/", exec("postconf -h smtpd_helo_restrictions"));
+				$new_options = array();
+				foreach ($options as $key => $value) {
+					$value = trim($value);
+					if ($value == '') continue;
+					if (preg_match('/reject_unknown(_helo)?_hostname/', $value)) {
+						continue;
+					}
+					$new_options[] = $value;
+				}
+				$app->system->exec_safe("postconf -e ?", 'smtpd_helo_restrictions = '.implode(", ", $new_options));
+			}
+		}
+
+		if ($mail_config['stress_adaptive']) {
+			if ($mail_config['stress_adaptive'] == 'y') {
+				if (version_compare($postfix_version , '3.0', '>=')) {
+					$app->system->exec_safe("postconf -e ?", 'in_flow_delay = ${stress?{3}:{1}}s');
+					$app->system->exec_safe("postconf -e ?", 'smtp_connect_timeout = ${stress?{10}:{30}}s');
+					$app->system->exec_safe("postconf -e ?", 'smtp_helo_timeout = ${stress?{10}:{60}}s');
+					$app->system->exec_safe("postconf -e ?", 'smtp_mail_timeout = ${stress?{10}:{60}}s');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_error_sleep_time = ${stress?{1}:{2}}s');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_hard_error_limit = ${stress?{1}:{10}}');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_recipient_overshoot_limit = ${stress?{60}:{600}}');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_soft_error_limit = ${stress?{2}:{5}}');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_timeout = ${stress?{10}:{60}}s');
+				} elseif (version_compare($postfix_version , '2.5', '>=')) {
+					$app->system->exec_safe("postconf -e ?", 'in_flow_delay = ${stress?3}${stress:1}s');
+					$app->system->exec_safe("postconf -e ?", 'smtp_connect_timeout = ${stress?10}${stress:30}s');
+					$app->system->exec_safe("postconf -e ?", 'smtp_helo_timeout = ${stress?10}${stress:60}s');
+					$app->system->exec_safe("postconf -e ?", 'smtp_mail_timeout = ${stress?10}${stress:60}s');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_error_sleep_time = ${stress?1}${stress:2}s');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_hard_error_limit = ${stress?1}${stress:10}');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_recipient_overshoot_limit = ${stress?60}${stress:600}');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_soft_error_limit = ${stress?2}${stress:5}');
+					$app->system->exec_safe("postconf -e ?", 'smtpd_timeout = ${stress?10}${stress:60}s');
+				}
+			} else { // mail_config['stress_adaptive'] == 'n'
+				exec("postconf -X 'in_flow_delay'");
+				exec("postconf -X 'smtp_connect_timeout'");
+				exec("postconf -X 'smtp_helo_timeout'");
+				exec("postconf -X 'smtp_mail_timeout'");
+				exec("postconf -X 'smtpd_error_sleep_time'");
+				exec("postconf -X 'smtpd_hard_error_limit'");
+				exec("postconf -X 'smtpd_recipient_overshoot_limit'");
+				exec("postconf -X 'smtpd_soft_error_limit'");
+				exec("postconf -X 'smtpd_timeout'");
+			}
+		}
 		
 		if($app->system->is_installed('dovecot')) {
 			$virtual_transport = 'dovecot';
@@ -208,7 +329,7 @@ class postfix_server_plugin {
 		if (defined($configure_lmtp) && $configure_lmtp) {
 			for ($i = 0; isset($new_options[$i]); $i++) {
 				if ($new_options[$i] == 'reject_unlisted_recipient') {
-					array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${postfix_config_dir}/mysql-verify_recipients.cf"));
+					array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${quoted_postfix_config_dir}/mysql-verify_recipients.cf"));
 					break;
 				}
 			}
@@ -220,6 +341,9 @@ class postfix_server_plugin {
 		exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'");
 
 		if($mail_config['content_filter'] != $old_ini_data['mail']['content_filter']) {
+			$rslm = ($mail_config['reject_sender_login_mismatch'] == 'y') ? "reject_sender_login_mismatch," : "";
+			$raslm = ($mail_config['reject_sender_login_mismatch'] == 'y') ? "reject_authenticated_sender_login_mismatch," : "";
+
 			if($mail_config['content_filter'] == 'rspamd'){
 				exec("postconf -X 'receive_override_options'");
 				exec("postconf -X 'content_filter'");
@@ -229,8 +353,8 @@ class postfix_server_plugin {
 				exec("postconf -e 'milter_protocol = 6'");
 				exec("postconf -e 'milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}'");
 				exec("postconf -e 'milter_default_action = accept'");
-				
-				exec("postconf -e 'smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, permit_mynetworks, permit_sasl_authenticated'");
+
+				exec("postconf -e 'smtpd_sender_restrictions = ${raslm} permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
 				
 				$new_options = array();
 				$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
@@ -266,8 +390,9 @@ class postfix_server_plugin {
 				
 				exec("postconf -e 'receive_override_options = no_address_mappings'");
 				exec("postconf -e 'content_filter = " . ($configure_lmtp ? "lmtp" : "amavis" ) . ":[127.0.0.1]:10024'");
-				
-				exec("postconf -e 'smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, check_sender_access regexp:/etc/postfix/tag_as_foreign.re'");
+
+				// fixme: should read this from conf templates
+				exec("postconf -e 'smtpd_sender_restrictions = ${raslm} check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
 			}
 		}
 		
@@ -290,6 +415,6 @@ class postfix_server_plugin {
 
 		exec("postconf -e 'mailbox_size_limit = ".intval($mail_config['mailbox_size_limit']*1024*1024)."'");
 		exec("postconf -e 'message_size_limit = ".intval($mail_config['message_size_limit']*1024*1024)."'");
-		$app->services->restartServiceDelayed('postfix', 'reload');
+		$app->services->restartServiceDelayed('postfix', ($postfix_restart ? 'restart' : 'reload'));
 	}
 } // end class