diff --git a/install/tpl/debian6_dovecot2.conf.master b/install/tpl/debian6_dovecot2.conf.master
index 53eff3864251823aea98a4b5907b02b223d3df7d..a27728ef693e072d2158388668fcaf2eadfde642 100644
--- a/install/tpl/debian6_dovecot2.conf.master
+++ b/install/tpl/debian6_dovecot2.conf.master
@@ -66,10 +66,12 @@ service imap-login {
}
protocol imap {
mail_plugins = quota imap_quota
+ auth_verbose = yes
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
+ auth_verbose = yes
}
protocol lda {
postmaster_address = webmaster@localhost
diff --git a/install/tpl/debian_dovecot2.conf.master b/install/tpl/debian_dovecot2.conf.master
index ac19e7ad04fd2e2b631e0ac33b59e779c79fe4ea..524291c5d8816b0cfeecfb3330c3feb175e1ddfe 100644
--- a/install/tpl/debian_dovecot2.conf.master
+++ b/install/tpl/debian_dovecot2.conf.master
@@ -63,10 +63,12 @@ service imap-login {
}
protocol imap {
mail_plugins = quota imap_quota
+ auth_verbose = yes
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
+ auth_verbose = yes
}
protocol lda {
postmaster_address = webmaster@localhost
diff --git a/install/tpl/debian_postfix.conf.master b/install/tpl/debian_postfix.conf.master
index c03e0dac13db83c28b22be9edece920b61ca5e16..87ce6fc662e8e31cee4e549e49ba6630e10f383c 100644
--- a/install/tpl/debian_postfix.conf.master
+++ b/install/tpl/debian_postfix.conf.master
@@ -15,7 +15,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
diff --git a/install/tpl/fedora_dovecot2.conf.master b/install/tpl/fedora_dovecot2.conf.master
index d6218be41804a1d6252cb3b4010e21c1afe2634a..e62fd7289a340c275101d02f637e287a457f57f8 100644
--- a/install/tpl/fedora_dovecot2.conf.master
+++ b/install/tpl/fedora_dovecot2.conf.master
@@ -60,10 +60,12 @@ service imap-login {
}
protocol imap {
mail_plugins = quota imap_quota
+ auth_verbose = yes
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
+ auth_verbose = yes
}
protocol lda {
mail_plugins = sieve quota
diff --git a/install/tpl/fedora_postfix.conf.master b/install/tpl/fedora_postfix.conf.master
index dfa6140bc4ed7932b3548c3d9cca5ce56f50e36f..a87c7daed9955bab9295af08244e345bc1edb137 100644
--- a/install/tpl/fedora_postfix.conf.master
+++ b/install/tpl/fedora_postfix.conf.master
@@ -11,7 +11,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
diff --git a/install/tpl/gentoo_postfix.conf.master b/install/tpl/gentoo_postfix.conf.master
index adc8c836c05f67b25fb6fa4d2a39a4377512f2a9..605344bd749d98177884538c8198b5e060aa30e5 100644
--- a/install/tpl/gentoo_postfix.conf.master
+++ b/install/tpl/gentoo_postfix.conf.master
@@ -10,7 +10,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
diff --git a/install/tpl/opensuse_dovecot2.conf.master b/install/tpl/opensuse_dovecot2.conf.master
index 9624c05684e4564f49613cf101a5eef60e2fdc8e..f7a78c34f2a25c5d2292b67f1c0eb762b14e5b15 100644
--- a/install/tpl/opensuse_dovecot2.conf.master
+++ b/install/tpl/opensuse_dovecot2.conf.master
@@ -60,10 +60,12 @@ service imap-login {
}
protocol imap {
mail_plugins = quota imap_quota
+ auth_verbose = yes
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
mail_plugins = quota
+ auth_verbose = yes
}
protocol lda {
mail_plugins = sieve quota
diff --git a/install/tpl/opensuse_postfix.conf.master b/install/tpl/opensuse_postfix.conf.master
index f14d5b26aa4d828c48e3d3d522ec57d2fa1b45ba..4cb46786a3f0435f7c6d3340f1bc9d29a96d3ba0 100644
--- a/install/tpl/opensuse_postfix.conf.master
+++ b/install/tpl/opensuse_postfix.conf.master
@@ -13,7 +13,7 @@ broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = {config_dir}/smtpd.cert
diff --git a/interface/web/admin/form/firewall.tform.php b/interface/web/admin/form/firewall.tform.php
index 7c5a29b016023a26a5a88fd4492300a96ac654ef..eb7dcb3acf83bf7d603d7a3454fe62b2610b2ee9 100644
--- a/interface/web/admin/form/firewall.tform.php
+++ b/interface/web/admin/form/firewall.tform.php
@@ -76,7 +76,7 @@ $form["tabs"]['firewall'] = array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'REGEX',
- 'regex' => '/^\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
+ 'regex' => '/^$|\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
'errmsg'=> 'tcp_ports_error_regex'),
),
'default' => '20,21,22,25,53,80,110,143,443,465,587,993,995,3306,8080,8081,10000',
@@ -88,7 +88,7 @@ $form["tabs"]['firewall'] = array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'REGEX',
- 'regex' => '/^\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
+ 'regex' => '/^$|\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
'errmsg'=> 'udp_ports_error_regex'),
),
'default' => '53,3306',
diff --git a/server/plugins-available/postfix_server_plugin.inc.php b/server/plugins-available/postfix_server_plugin.inc.php
index 34a8509e4f0c90b48b4fa8af7517df6997050d71..cf73cf93e75024b8ceaa123b1900667316c524b2 100644
--- a/server/plugins-available/postfix_server_plugin.inc.php
+++ b/server/plugins-available/postfix_server_plugin.inc.php
@@ -91,13 +91,13 @@ class postfix_server_plugin {
if (!empty($mail_config['relayhost_user']) || !empty($mail_config['relayhost_password'])) {
$content .= "\n".$mail_config['relayhost'].' '.$mail_config['relayhost_user'].':'.$mail_config['relayhost_password'];
}
-
+
if (preg_replace('/^(#[^\n]*|\s+)(:?\n+|)/m','',$content) != '') {
exec("postconf -e 'smtp_sasl_auth_enable = yes'");
} else {
exec("postconf -e 'smtp_sasl_auth_enable = no'");
}
-
+
$app->system->exec_safe("postconf -e ?", 'relayhost = '.$mail_config['relayhost']);
file_put_contents('/etc/postfix/sasl_passwd', $content);
chmod('/etc/postfix/sasl_passwd', 0600);
@@ -281,7 +281,7 @@ class postfix_server_plugin {
exec("postconf -X 'smtpd_timeout'");
}
}
-
+
if($app->system->is_installed('dovecot')) {
$virtual_transport = 'dovecot';
$configure_lmtp = false;
@@ -347,7 +347,7 @@ class postfix_server_plugin {
if($mail_config['content_filter'] == 'rspamd'){
exec("postconf -X 'receive_override_options'");
exec("postconf -X 'content_filter'");
-
+
exec("postconf -e 'smtpd_milters = inet:localhost:11332'");
exec("postconf -e 'non_smtpd_milters = inet:localhost:11332'");
exec("postconf -e 'milter_protocol = 6'");
@@ -355,7 +355,7 @@ class postfix_server_plugin {
exec("postconf -e 'milter_default_action = accept'");
exec("postconf -e 'smtpd_sender_restrictions = ${raslm} permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
-
+
$new_options = array();
$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
foreach ($options as $key => $value) {
@@ -367,7 +367,7 @@ class postfix_server_plugin {
$new_options[] = $value;
}
exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'");
-
+
// get all domains that have dkim enabled
if ( substr($mail_config['dkim_path'], strlen($mail_config['dkim_path'])-1) == '/' ) {
$mail_config['dkim_path'] = substr($mail_config['dkim_path'], 0, strlen($mail_config['dkim_path'])-1);
@@ -384,10 +384,11 @@ class postfix_server_plugin {
unset($dkim_domains);
} else {
exec("postconf -X 'smtpd_milters'");
+ exec("postconf -X 'non_smtpd_milters'");
exec("postconf -X 'milter_protocol'");
exec("postconf -X 'milter_mail_macros'");
exec("postconf -X 'milter_default_action'");
-
+
exec("postconf -e 'receive_override_options = no_address_mappings'");
exec("postconf -e 'content_filter = " . ($configure_lmtp ? "lmtp" : "amavis" ) . ":[127.0.0.1]:10024'");
@@ -395,7 +396,7 @@ class postfix_server_plugin {
exec("postconf -e 'smtpd_sender_restrictions = ${raslm} check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
}
}
-
+
if($mail_config['content_filter'] == 'rspamd' && ($mail_config['rspamd_password'] != $old_ini_data['mail']['rspamd_password'] || $mail_config['content_filter'] != $old_ini_data['mail']['content_filter'])) {
$app->load('tpl');
@@ -404,7 +405,7 @@ class postfix_server_plugin {
if($crypted_password) {
$rspamd_password = $crypted_password;
}
-
+
$tpl = new tpl();
$tpl->newTemplate('rspamd_worker-controller.inc.master');
$tpl->setVar('rspamd_password', $rspamd_password);