install/tpl/debian_dovecot2.conf.master

@@ -65,3 +65,19 @@ protocol lmtp {
   mail_plugins = quota sieve
 }
 mail_plugins = $mail_plugins quota
+imap_capability=+SEPCIAL-USE XLIST
+namespace inbox {
+  inbox = yes
+  mailbox Drafts {
+    special_use = \Drafts
+  }
+  mailbox Junk {
+    special_use = \Junk
+  }
+  mailbox Sent {
+    special_use = \Sent
+  }
+  mailbox Trash {
+    special_use = \Trash
+  }
+}

install/tpl/debian_postfix.conf.master

@@ -9,12 +9,13 @@ virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
 virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
 sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
 inet_protocols=all
+inet_interfaces = all
 smtpd_sasl_auth_enable = yes
 broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023 
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination{rbl_list}, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
@@ -25,7 +26,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
+smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
 smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100

install/tpl/fedora_amavisd_conf.master

@@ -785,6 +785,7 @@ $LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)
 
 $log_level = 0;                # (defaults to 0)
 
+include_config_files('{amavis_config_dir}/60-dkim');
 
 $enable_dkim_verification = 1;
 $enable_dkim_signing = 1; # load DKIM signing code

install/tpl/fedora_dovecot2.conf.master

@@ -62,3 +62,19 @@ protocol lmtp {
   mail_plugins = quota sieve
 }
 mail_plugins = $mail_plugins quota
+imap_capability=+SEPCIAL-USE XLIST
+namespace inbox {
+  inbox = yes
+  mailbox Drafts {
+    special_use = \Drafts
+  }
+  mailbox Junk {
+    special_use = \Junk
+  }
+  mailbox Sent {
+    special_use = \Sent
+  }
+  mailbox Trash {
+    special_use = \Trash
+  }
+}

install/tpl/fedora_postfix.conf.master

@@ -11,7 +11,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination{rbl_list}, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
@@ -22,7 +22,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
+smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
 smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100

install/tpl/gentoo_postfix.conf.master

@@ -10,7 +10,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination{rbl_list}, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/master_cf_amavis10027.master

@@ -12,7 +12,7 @@
         -o strict_rfc821_envelopes=yes
         -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
         -o smtp_send_xforward_command=yes
-	    -o milter_default_action=accept
-    	-o milter_macro_daemon_name=ORIGINATING
+        -o milter_default_action=accept
+        -o milter_macro_daemon_name=ORIGINATING
         -o disable_dns_lookups=yes
 

install/tpl/mysql-virtual_outgoing_bcc.cf

-user = {mysql_server_ispconfig_user}
-password = {mysql_server_ispconfig_password}
-dbname = {mysql_server_database}
-table = mail_user
-select_field = sender_cc
-where_field = email
-additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disables$
-hosts = 127.0.0.1
\ No newline at end of file

install/tpl/mysql-virtual_outgoing_bcc.cf.master

@@ -5,4 +5,4 @@ table = mail_user
 select_field = sender_cc
 where_field = email
 additional_conditions = and postfix = 'y' and disabledeliver = 'n' and disablesmtp = 'n' and sender_cc != ''
-hosts = 127.0.0.1
\ No newline at end of file
+hosts = {mysql_server_ip}

install/tpl/mysql-virtual_policy_greylist.cf.master

 user = {mysql_server_ispconfig_user}
 password = {mysql_server_ispconfig_password}
 dbname = {mysql_server_database}
-query = SELECT 'greylisting' FROM (SELECT greylisting, source AS email FROM mail_forwarding WHERE server_id = {server_id} UNION SELECT greylisting, email FROM mail_user WHERE server_id = {server_id}) addresses WHERE addresses.email='%s' AND addresses.greylisting='y'
+query = SELECT 'greylisting' FROM (SELECT greylisting, source AS email FROM mail_forwarding WHERE server_id = {server_id} UNION SELECT greylisting, email FROM mail_user WHERE server_id = {server_id}) addresses WHERE addresses.email='%s' AND addresses.greylisting='y' UNION SELECT 'greylisting' FROM `mail_forwarding` f CROSS JOIN `mail_user` u ON u.email = f.destination WHERE f.type = 'catchall' AND u.greylisting = 'y' AND u.server_id = {server_id} AND f.source = '@%s'
 hosts = {mysql_server_ip}
\ No newline at end of file

install/tpl/named.conf.options.master

@@ -22,8 +22,7 @@ options {
 	dnssec-validation yes;
 	dnssec-lookaside auto;
 
-	version "DNS managed by ISPConfig";
-	
+	version "DNS-Server";
 	auth-nxdomain no;    # conform to RFC1035
 	listen-on-v6 { any; };
 };

install/tpl/nginx_apps.vhost.master

@@ -97,7 +97,7 @@ server {
 
                        # PHP only, required if PHP was built with --enable-force-cgi-redirect
                        fastcgi_param   REDIRECT_STATUS         200;
-                       # To access phpMyAdmin, the default user (like www-data on Debian/Ubuntu) must be used
+                       # To access phpMyAdmin, the default user (like www-data on Debian/Devuan/Ubuntu) must be used
                        {use_tcp}fastcgi_pass 127.0.0.1:9000;
                        {use_socket}fastcgi_pass unix:/var/run/php5-fpm.sock;
                        fastcgi_index index.php;
@@ -147,7 +147,7 @@ server {
 
                        # PHP only, required if PHP was built with --enable-force-cgi-redirect
                        fastcgi_param   REDIRECT_STATUS         200;
-                       # To access SquirrelMail, the default user (like www-data on Debian/Ubuntu) must be used
+                       # To access SquirrelMail, the default user (like www-data on Debian/Devuan/Ubuntu) must be used
                        {use_tcp}fastcgi_pass 127.0.0.1:9000;
                        {use_socket}fastcgi_pass unix:/var/run/php5-fpm.sock;
                        fastcgi_index index.php;

install/tpl/opensuse_amavisd_conf.master

@@ -779,7 +779,7 @@ $DO_SYSLOG = 1;
 $LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)
 
 # DKIM
-
+include_config_files('{amavis_config_dir}/60-dkim');
 $enable_dkim_verification = 1;
 $enable_dkim_signing = 1; # load DKIM signing code
 $signed_header_fields{'received'} = 0;  # turn off signing of Received

install/tpl/opensuse_dovecot2.conf.master

@@ -61,3 +61,19 @@ protocol lmtp {
   mail_plugins = quota sieve
 }
 mail_plugins = $mail_plugins quota
+imap_capability=+SEPCIAL-USE XLIST
+namespace inbox {
+  inbox = yes
+  mailbox Drafts {
+    special_use = \Drafts
+  }
+  mailbox Junk {
+    special_use = \Junk
+  }
+  mailbox Sent {
+    special_use = \Sent
+  }
+  mailbox Trash {
+    special_use = \Trash
+  }
+}

install/tpl/opensuse_postfix.conf.master

@@ -13,7 +13,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{rbl_list}{greylisting}
+smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination{rbl_list}, check_recipient_access mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert
@@ -24,7 +24,7 @@ relay_recipient_maps = mysql:{config_dir}/mysql-virtual_relayrecipientmaps.cf
 smtpd_sender_login_maps = proxy:mysql:{config_dir}/mysql-virtual_sender_login_maps.cf
 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
 smtpd_helo_required = yes
-smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
+smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo
 smtpd_sender_restrictions = check_sender_access regexp:{config_dir}/tag_as_originating.re {reject_slm}, permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:{config_dir}/mysql-virtual_sender.cf, check_sender_access regexp:{config_dir}/tag_as_foreign.re
 smtpd_client_restrictions = check_client_access mysql:{config_dir}/mysql-virtual_client.cf
 smtpd_client_message_rate_limit = 100

install/tpl/postfix-tag_as_foreign.re.master

+/^/ FILTER amavis:[127.0.0.1]:10024

install/tpl/postfix-tag_as_originating.re.master

+/^/ FILTER amavis:[127.0.0.1]:10026

install/tpl/pureftpd_mysql.conf.master

@@ -5,45 +5,30 @@
 #                                            #
 ##############################################
 
-
 # Optional : MySQL server name or IP. Don't define this for unix sockets.
-
 MYSQLServer     {mysql_server_ip}
 
-
 # Optional : MySQL port. Don't define this if a local unix socket is used.
-
 # MYSQLPort       3306
 
-
 # Optional : define the location of mysql.sock if the server runs on this host.
-
 # MYSQLSocket      /var/run/mysqld/mysqld.sock
 
-
 # Mandatory : user to bind the server as.
-
 MYSQLUser       {mysql_server_ispconfig_user}
 
-
 # Mandatory : user password. You must have a password.
-
 MYSQLPassword   {mysql_server_ispconfig_password}
 
-
 # Mandatory : database to open.
-
 MYSQLDatabase   {mysql_server_database}
 
-
 # Mandatory : how passwords are stored
 # Valid values are : "cleartext", "crypt", "md5" and "password"
 # ("password" = MySQL password() function)
 # You can also use "any" to try "crypt", "md5" *and* "password"
-
 MYSQLCrypt      crypt
 
-
 # In the following directives, parts of the strings are replaced at
 # run-time before performing queries :
 #
@@ -56,73 +41,50 @@ MYSQLCrypt      crypt
 # Very complex queries can be performed using these substitution strings,
 # especially for virtual hosting.
 
-
 # Query to execute in order to fetch the password
-
 MYSQLGetPW      SELECT password FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Query to execute in order to fetch the system user name or uid
-
 MYSQLGetUID     SELECT uid FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Optional : default UID - if set this overrides MYSQLGetUID
-
 #MYSQLDefaultUID 1000
 
-
 # Query to execute in order to fetch the system user group or gid
-
 MYSQLGetGID     SELECT gid FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Optional : default GID - if set this overrides MYSQLGetGID
-
 #MYSQLDefaultGID 1000
 
-
 # Query to execute in order to fetch the home directory
-
 MYSQLGetDir     SELECT dir FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Optional : query to get the maximal number of files 
 # Pure-FTPd must have been compiled with virtual quotas support.
-
 MySQLGetQTAFS  SELECT quota_files FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND quota_files != '-1' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Optional : query to get the maximal disk usage (virtual quotas)
 # The number should be in Megabytes.
 # Pure-FTPd must have been compiled with virtual quotas support.
-
 MySQLGetQTASZ  SELECT quota_size FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND quota_size != '-1' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Optional : ratios. The server has to be compiled with ratio support.
-
 MySQLGetRatioUL SELECT ul_ratio FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND ul_ratio != '-1' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 MySQLGetRatioDL SELECT dl_ratio FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND dl_ratio != '-1' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
-
 # Optional : bandwidth throttling.
 # The server has to be compiled with throttling support.
 # Values are in KB/s .
-
 MySQLGetBandwidthUL SELECT ul_bandwidth FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND ul_bandwidth != '-1' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 MySQLGetBandwidthDL SELECT dl_bandwidth FROM ftp_user WHERE active = 'y' AND server_id = '{server_id}' AND dl_bandwidth != '-1' AND username="\L" AND (expires IS NULL OR expires="0000-00-00 00:00:00" OR expires > NOW())
 
 # Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
 # 1) You know what you are doing.
 # 2) Real and virtual users match.
-
 # MySQLForceTildeExpansion 1
 
-
 # If you upgraded your tables to transactionnal tables (Gemini,
 # BerkeleyDB, Innobase...), you can enable SQL transactions to
 # avoid races. Leave this commented if you are using the
 # traditionnal MyIsam databases or old (< 3.23.x) MySQL versions.
-
-MySQLTransactions On
+# MySQLTransactions On
\ No newline at end of file

install/tpl/server.ini.master

@@ -16,6 +16,7 @@ firewall=bastille
 loglevel=2
 admin_notify_events=1
 backup_dir=/var/backup
+backup_tmp=/tmp
 backup_dir_is_mount=n
 backup_mode=rootgz
 backup_time=0:00
@@ -27,6 +28,7 @@ munin_url=
 munin_user=
 munin_password=
 monitor_system_updates=y
+migration_mode=n
 
 [mail]
 module=postfix_mysql
@@ -90,6 +92,7 @@ php_ini_path_cgi=/etc/php5/cgi/php.ini
 check_apache_config=y
 enable_sni=y
 enable_spdy=n
+skip_le_check=n
 enable_ip_wildcard=y
 overtraffic_notify_admin=y
 overtraffic_notify_client=y
@@ -151,9 +154,10 @@ do_not_try_rescue_mysql=n
 do_not_try_rescue_mail=n
 
 [xmpp]
+xmpp_daemon=prosody
 xmpp_use_ispv6=n
 xmpp_bosh_max_inactivity=30
-xmpp_server_admins=admin@service.com, superuser@service.com
+xmpp_server_admins=
 xmpp_modules_enabled=saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons
 xmpp_port_http=5290
 xmpp_port_https=5291

install/tpl/system.ini.master

@@ -15,6 +15,8 @@ mailbox_show_backup_tab=y
 mailboxlist_webmail_link=y
 webmail_url=/webmail
 dkim_path=/var/lib/amavis/dkim
+smtp_enabled=y
+smtp_host=localhost
 
 [monitor]
 
@@ -32,6 +34,7 @@ vhost_aliasdomains=n
 client_username_web_check_disabled=n
 backups_include_into_web_quota=n
 reseller_can_use_options=n
+asp_new_package_disabled=y
 
 
 [tools]
@@ -44,14 +47,16 @@ new_domain_html=Please contact our support to create a new domain for you.
 company_name=
 custom_login_text=
 custom_login_link=
-dashboard_atom_url_admin=http://www.ispconfig.org/atom
-dashboard_atom_url_reseller=http://www.ispconfig.org/atom
-dashboard_atom_url_client=http://www.ispconfig.org/atom
+dashboard_atom_url_admin=https://www.ispconfig.org/atom
+dashboard_atom_url_reseller=https://www.ispconfig.org/atom
+dashboard_atom_url_client=https://www.ispconfig.org/atom
 monitor_key=
 tab_change_discard=n
 tab_change_warning=n
 use_loadindicator=y
 use_combobox=y
+use_ipsuggestions=y
+ipsuggestions_max=50
 maintenance_mode=n
 admin_dashlets_left=
 admin_dashlets_right=
@@ -64,5 +69,5 @@ customer_no_start=1
 customer_no_counter=0
 session_timeout=0
 session_allow_endless=0
-min_password_length=5
-min_password_strength=0
+min_password_length=8
+min_password_strength=3