interface/web/client/lib/lang/se_client_template.lng

@@ -15,6 +15,7 @@ $wb['limit_spamfilter_wblist_txt'] = 'Max. number of spamfilter white / blacklis
 $wb['limit_spamfilter_user_txt'] = 'Max. number of spamfilter users';
 $wb['limit_spamfilter_policy_txt'] = 'Max. number of spamfilter policies';
 $wb['limit_client_txt'] = 'Max. number of Clients';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domain';
 $wb['limit_subdomain_txt'] = 'limit_subdomain';
 $wb['limit_webquota_txt'] = 'limit_webquota';

interface/web/client/lib/lang/se_reseller.lng

@@ -37,6 +37,7 @@ $wb['company_txt'] = 'Company';
 $wb['title_txt'] = 'Title';
 $wb['firstname_txt'] = 'Firstname';
 $wb['surname_txt'] = 'Surname';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domain';
 $wb['limit_subdomain_txt'] = 'limit_subdomain';
 $wb['limit_webquota_txt'] = 'limit_webquota';

interface/web/client/lib/lang/sk_client.lng

@@ -37,6 +37,7 @@ $wb['company_txt'] = 'Spoločnosť';
 $wb['title_txt'] = 'Názov';
 $wb['firstname_txt'] = 'Krstné meno';
 $wb['surname_txt'] = 'Priezvisko';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domén';
 $wb['limit_subdomain_txt'] = 'limit_subdomén';
 $wb['limit_webquota_txt'] = 'limit_webkvóta';

interface/web/client/lib/lang/sk_client_template.lng

@@ -14,6 +14,7 @@ $wb['limit_mailquota_txt'] = 'Kvóta schránky';
 $wb['limit_spamfilter_wblist_txt'] = 'Max. počet Spamfilter bielych / čiernych listín filtrov';
 $wb['limit_spamfilter_user_txt'] = 'Max. počet poUžívateľských Spamfilterov';
 $wb['limit_spamfilter_policy_txt'] = 'Max. number of spamfilter policies';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domén';
 $wb['limit_subdomain_txt'] = 'limit_subdomén';
 $wb['limit_webquota_txt'] = 'limit_webkvôt';

interface/web/client/lib/lang/sk_reseller.lng

@@ -37,6 +37,7 @@ $wb['company_txt'] = 'Spoločnosť';
 $wb['title_txt'] = 'Nadpis';
 $wb['firstname_txt'] = 'Krstné meno';
 $wb['surname_txt'] = 'Priezvisko';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domén';
 $wb['limit_subdomain_txt'] = 'limit_subdomén';
 $wb['limit_webquota_txt'] = 'limit_webkvóta';

interface/web/client/lib/lang/tr_client.lng

@@ -40,6 +40,7 @@ $wb['company_txt'] = 'Kuruluş';
 $wb['title_txt'] = 'Unvan';
 $wb['firstname_txt'] = 'Ad';
 $wb['surname_txt'] = 'Soyad';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domain';
 $wb['limit_subdomain_txt'] = 'limit_subdomain';
 $wb['limit_webquota_txt'] = 'limit_webquota';

interface/web/client/lib/lang/tr_client_template.lng

@@ -19,6 +19,7 @@ $wb['limit_mailquota_txt'] = 'E-posta Kutusu Kotası';
 $wb['limit_spamfilter_wblist_txt'] = 'En Fazla Önemsiz İleti Beyaz/Kara Liste Süzgeci Sayısı';
 $wb['limit_spamfilter_user_txt'] = 'En Fazla Önemsiz İleti Süzgeci Kullanıcı Sayısı';
 $wb['limit_spamfilter_policy_txt'] = 'En Fazla Önemsiz İleti Süzgeci Kuralı Sayısı';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domain';
 $wb['limit_subdomain_txt'] = 'limit_subdomain';
 $wb['limit_webquota_txt'] = 'limit_webquota';

interface/web/client/lib/lang/tr_reseller.lng

@@ -40,6 +40,7 @@ $wb['company_txt'] = 'Kuruluş';
 $wb['title_txt'] = 'Unvan';
 $wb['firstname_txt'] = 'Adı';
 $wb['surname_txt'] = 'Soyadı';
+$wb['limit_relayhost_txt'] = 'Show SMTP relay host options';
 $wb['limit_domain_txt'] = 'limit_domain';
 $wb['limit_subdomain_txt'] = 'limit_subdomain';
 $wb['limit_webquota_txt'] = 'limit_webquota';

interface/web/client/templates/client_edit_limits.htm

@@ -235,6 +235,14 @@
                     <label for="limit_spamfilter_policy" class="col-sm-3 control-label">{tmpl_var name='limit_spamfilter_policy_txt'}</label>
                     <div class="col-sm-9"><input type="text" name="limit_spamfilter_policy" id="limit_spamfilter_policy" value="{tmpl_var name='limit_spamfilter_policy'}" class="form-control" /></div>
 				</div>
+				<tmpl_if name="show_per_domain_relay_options">
+				<div class="form-group">
+						<label class="col-sm-3 control-label">{tmpl_var name='limit_relayhost_txt'}</label>
+						<div class="col-sm-9">
+								{tmpl_var name='limit_relayhost'}
+						</div>
+				</div>
+			</tmpl_if>
       </div>
   </div>
   </div>

interface/web/client/templates/client_template_edit_limits.htm

@@ -192,6 +192,14 @@
                     <label for="limit_spamfilter_policy" class="col-sm-3 control-label">{tmpl_var name='limit_spamfilter_policy_txt'}</label>
                     <div class="col-sm-9"><input type="text" name="limit_spamfilter_policy" id="limit_spamfilter_policy" value="{tmpl_var name='limit_spamfilter_policy'}" class="form-control" /></div>
 				</div>
+        <tmpl_if name="show_per_domain_relay_options">
+				<div class="form-group">
+						<label class="col-sm-3 control-label">{tmpl_var name='limit_relayhost_txt'}</label>
+						<div class="col-sm-9">
+								{tmpl_var name='limit_relayhost'}
+						</div>
+				</div>
+			</tmpl_if>
 			</div>
       </div>
   </div>

interface/web/client/templates/reseller_edit_limits.htm

@@ -236,6 +236,14 @@
                     <label for="limit_spamfilter_policy" class="col-sm-3 control-label">{tmpl_var name='limit_spamfilter_policy_txt'}</label>
                     <div class="col-sm-9"><input type="text" name="limit_spamfilter_policy" id="limit_spamfilter_policy" value="{tmpl_var name='limit_spamfilter_policy'}" class="form-control" /></div>
 				</div>
+        <tmpl_if name="show_per_domain_relay_options">
+				<div class="form-group">
+						<label class="col-sm-3 control-label">{tmpl_var name='limit_relayhost_txt'}</label>
+						<div class="col-sm-9">
+								{tmpl_var name='limit_relayhost'}
+						</div>
+				</div>
+			</tmpl_if>
 			</div>
       </div>
   </div>

interface/web/dns/dns_dmarc_edit.php

@@ -226,16 +226,20 @@ class page_action extends tform_actions {
 
 		$domain_name = rtrim($soa['origin'], '.');
 		// DMARC requieres at least one active dkim-record...
-		$sql = "SELECT * FROM dns_rr WHERE name LIKE ? AND type='TXT' AND data like 'v=DKIM1;%' AND active='Y'";
-		$temp = $app->db->queryAllRecords($sql, '%._domainkey.'.$domain_name.'.');
+		$sql = "SELECT * FROM dns_rr
+					LEFT JOIN dns_soa ON (dns_rr.zone=dns_soa.id)
+					WHERE dns_soa.origin = ? AND dns_rr.name LIKE ? AND type='TXT' AND data like 'v=DKIM1;%' AND dns_rr.active='Y'";
+		$temp = $app->db->queryAllRecords($sql, $soa['origin'], '%._domainkey%');
 		if (empty($temp)) {
 			if (isset($app->tform->errorMessage )) $app->tform->errorMessage = '<br/>' . $app->tform->errorMessage;
 			$app->tform->errorMessage .= $app->tform->wordbook['dmarc_no_dkim_txt'].$email;
 		}
 
 		// ... and an active spf-record (this breaks the current draft but DMARC is useless if you use DKIM or SPF
-		$sql = "SELECT * FROM dns_rr WHERE name LIKE ? AND type='TXT' AND (data LIKE 'v=spf1%' AND active = 'y')";
-		$temp = $app->db->queryAllRecords($sql, $domain_name.'.');
+		$sql = "SELECT * FROM dns_rr
+					LEFT JOIN dns_soa ON (dns_rr.zone=dns_soa.id)
+					WHERE dns_soa.origin = ? AND (dns_rr.name LIKE ? OR dns_rr.name = '') AND type='TXT' AND data like 'v=spf1%' AND dns_rr.active='Y'";
+		$temp = $app->db->queryAllRecords($sql, $soa['origin'], $soa['origin']);
 		// abort if more than 1 active spf-records (backward-compatibility)
 		if (is_array($temp[1])) {
 			if (isset($app->tform->errorMessage )) $app->tform->errorMessage = '<br/>' . $app->tform->errorMessage;

interface/web/mail/mail_domain_edit.php

@@ -190,7 +190,6 @@ class page_action extends tform_actions {
 			$app->tpl->setVar("domain_module", 0);
 		}
 
-
 		// Get the spamfilter policys for the user
 		$tmp_user = $app->db->queryOneRecord("SELECT policy_id FROM spamfilter_users WHERE email = ?", '@' . $this->dataRecord["domain"]);
 		$sql = "SELECT id, policy_name FROM spamfilter_policy WHERE ".$app->tform->getAuthSQL('r')." ORDER BY policy_name";
@@ -215,24 +214,43 @@ class page_action extends tform_actions {
 			$app->tpl->setVar("edit_disabled", 0);
 		}
 
+		// Check wether per domain relaying is enabled or not
+		$global_config = $app->getconf->get_global_config('mail');
+		if($global_config['show_per_domain_relay_options'] == 'y') {
+			$app->tpl->setVar("show_per_domain_relay_options", 1);
+		} else {
+			$app->tpl->setVar("show_per_domain_relay_options", 0);
+		}
+
+		// Get the limits of the client
+		$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+		$client = $app->db->queryOneRecord("SELECT limit_relayhost FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
+		if ($client["limit_relayhost"] == 'y' || $_SESSION["s"]["user"]["typ"] == 'admin') {
+			$app->tpl->setVar("limit_relayhost", 1);
+		} else {
+			$app->tpl->setVar("limit_relayhost", 0);
+		}
+
 		// load relayhost-values
-		$sql = "SELECT relay_host, relay_user, relay_pass FROM mail_domain WHERE domain_id = ?";
-		$rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id']));
-		$app->tpl->setVar('relay_host', $rec['relay_host'], true);
-		$app->tpl->setVar('relay_user', $rec['relay_user'], true);
-		$app->tpl->setVar('relay_pass', $rec['relay_pass'], true);
+		if ($client["limit_relayhost"] == 'y') {
+			$sql = "SELECT relay_host, relay_user, relay_pass FROM mail_domain WHERE domain_id = ?";
+			$rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id']));
+			$app->tpl->setVar('relay_host', $rec['relay_host'], true);
+			$app->tpl->setVar('relay_user', $rec['relay_user'], true);
+			$app->tpl->setVar('relay_pass', $rec['relay_pass'], true);
+		}
 
 		// load dkim-values
 		$sql = "SELECT domain, dkim_private, dkim_public, dkim_selector FROM mail_domain WHERE domain_id = ?";
 		$rec = $app->db->queryOneRecord($sql, $app->functions->intval($_GET['id']));
 		$dns_key = str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"),'',$rec['dkim_public']);
-                
+
                 $keyparts = str_split('v=DKIM1; t=s; p=' . $dns_key, 200);
                 array_walk($keyparts, function(&$value, $key) { $value = '"'.$value.'"'; } );
                 $dkim_txt = implode('', $keyparts);
 
 		$dns_record = $rec['dkim_selector'] . '._domainkey.' . $rec['domain'] . '. 3600  IN  TXT   '.$dkim_txt;
-                
+
 		$app->tpl->setVar('dkim_selector', $rec['dkim_selector'], true);
 		$app->tpl->setVar('dkim_private', $rec['dkim_private'], true);
 		$app->tpl->setVar('dkim_public', $rec['dkim_public'], true);
@@ -267,8 +285,14 @@ class page_action extends tform_actions {
 			// When the record is updated
 			if($this->id > 0) {
 				// restore the server ID if the user is not admin and record is edited
-				$tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_domain WHERE domain_id = ?", $this->id);
+				$tmp = $app->db->queryOneRecord("SELECT server_id, relay_host, relay_user, relay_pass FROM mail_domain WHERE domain_id = ?", $this->id);
 				$this->dataRecord["server_id"] = $tmp["server_id"];
+
+				// set the settings to current if not provided (or cleared due to limits)
+				if($this->dataRecord['relay_host'] == '') $this->dataRecord['relay_host'] = $tmp['relay_host'];
+				if($this->dataRecord['relay_user'] == '') $this->dataRecord['relay_user'] = $tmp['relay_user'];
+				if($this->dataRecord['relay_pass'] == '') $this->dataRecord['relay_pass'] = $tmp['relay_pass'];
+
 				unset($tmp);
 				// When the record is inserted
 			} else {
@@ -296,7 +320,7 @@ class page_action extends tform_actions {
 			$this->dataRecord["domain"] = $app->functions->idn_encode($this->dataRecord["domain"]);
 			$this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
 		}
-		
+
 		//* server_id must be > 0
 		if(isset($this->dataRecord["server_id"]) && $this->dataRecord["server_id"] < 1) $app->tform->errorMessage .= $app->lng("server_id_0_error_txt");
 
@@ -305,7 +329,7 @@ class page_action extends tform_actions {
 
 	function onAfterInsert() {
 		global $app, $conf;
-		
+
 		$domain = $app->functions->idn_encode($this->dataRecord["domain"]);
 
 		// Spamfilter policy
@@ -319,10 +343,10 @@ class page_action extends tform_actions {
 				$tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ?", $this->id);
 				// We create a new record
 				$insert_data = array(
-					"sys_userid" => $_SESSION["s"]["user"]["userid"], 
+					"sys_userid" => $_SESSION["s"]["user"]["userid"],
 					"sys_groupid" => $tmp_domain["sys_groupid"],
-					"sys_perm_user" => 'riud', 
-					"sys_perm_group" => 'riud', 
+					"sys_perm_user" => 'riud',
+					"sys_perm_group" => 'riud',
 					"sys_perm_other" => '',
 					"server_id" => $this->dataRecord["server_id"],
 					"priority" => 5,
@@ -350,7 +374,7 @@ class page_action extends tform_actions {
 
 	function onBeforeUpdate() {
 		global $app, $conf;
-		
+
 		$domain = $app->functions->idn_encode($this->dataRecord["domain"]);
 
 		//* Check if the server has been changed
@@ -381,7 +405,7 @@ class page_action extends tform_actions {
 		global $app, $conf;
 
 		$domain = $app->functions->idn_encode($this->dataRecord["domain"]);
-		
+
 		// Spamfilter policy
 		$policy_id = $app->functions->intval($this->dataRecord["policy"]);
 		$tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = ?", '@' . $domain);
@@ -393,10 +417,10 @@ class page_action extends tform_actions {
 				$tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ?", $this->id);
 				// We create a new record
 				$insert_data = array(
-					"sys_userid" => $_SESSION["s"]["user"]["userid"], 
+					"sys_userid" => $_SESSION["s"]["user"]["userid"],
 					"sys_groupid" => $tmp_domain["sys_groupid"],
-					"sys_perm_user" => 'riud', 
-					"sys_perm_group" => 'riud', 
+					"sys_perm_user" => 'riud',
+					"sys_perm_group" => 'riud',
 					"sys_perm_other" => '',
 					"server_id" => $this->dataRecord["server_id"],
 					"priority" => 5,
@@ -422,7 +446,7 @@ class page_action extends tform_actions {
 			//* Update the mailboxes
 			$mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like ?", '%@' . $this->oldDataRecord['domain']);
 			$sys_groupid = $app->functions->intval((isset($this->dataRecord['client_group_id']))?$this->dataRecord['client_group_id']:$this->oldDataRecord['sys_groupid']);
-			$tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $client_group_id);
+			$tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $sys_groupid);
 			$client_user_id = $app->functions->intval(($tmp['userid'] > 0)?$tmp['userid']:1);
 			if(is_array($mailusers)) {
 				foreach($mailusers as $rec) {
@@ -447,7 +471,7 @@ class page_action extends tform_actions {
 
 			//* Update the mailinglist
 			$app->db->query("UPDATE mail_mailinglist SET sys_userid = ?, sys_groupid = ? WHERE domain = ?", $client_user_id, $sys_groupid, $this->oldDataRecord['domain']);
-			
+
 			//* Update fetchmail accounts
 			$fetchmail = $app->db->queryAllRecords("SELECT * FROM mail_get WHERE destination like ?", '%@' . $this->oldDataRecord['domain']);
 			if(is_array($fetchmail)) {
@@ -456,7 +480,7 @@ class page_action extends tform_actions {
 					$app->db->datalogUpdate('mail_get', array("destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailget_id', $rec['mailget_id']);
 				}
 			}
-			
+
 			//* Delete the old spamfilter record
 			$tmp = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = ?", '@' . $this->oldDataRecord["domain"]);
 			$app->db->datalogDelete('spamfilter_users', 'id', $tmp["id"]);
@@ -467,10 +491,10 @@ class page_action extends tform_actions {
 		//* update dns-record when the dkim record was changed
 		// NOTE: only if the domain-name was not changed
 		if ( $this->dataRecord['active'] == 'y' && $domain ==  $this->oldDataRecord['domain'] ) {
-			$dkim_active = @($this->dataRecord['dkim'] == 'y') ? true : false; 
+			$dkim_active = @($this->dataRecord['dkim'] == 'y') ? true : false;
 			$selector = @($this->dataRecord['dkim_selector'] != $this->oldDataRecord['dkim_selector']) ? true : false;
 			$dkim_private = @($this->dataRecord['dkim_private'] != $this->oldDataRecord['dkim_private']) ? true : false;
-			
+
 			$soaDomain = $domain.'.';
 			while ((!isset($soa) && (substr_count($soaDomain,'.') > 1))) {
 				$soa = $app->db->queryOneRecord("SELECT id AS zone, sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, server_id, ttl, serial FROM dns_soa WHERE active = 'Y' AND origin = ?", $soaDomain);
@@ -493,7 +517,7 @@ class page_action extends tform_actions {
 						$soa_id = $app->functions->intval($soa['zone']);
 						$serial = $app->validate_dns->increase_serial($soa["serial"]);
 						$app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id);
-					}	
+					}
 				}
 		}
 
@@ -510,8 +534,8 @@ class page_action extends tform_actions {
 				$app->db->datalogDelete('dns_rr', 'id', $r['id']);
 			}
 		}
-		
-		// also delete a dsn-records with same selector 
+
+		// also delete a dsn-records with same selector
 		$sql = "SELECT * from dns_rr WHERE name ? AND data LIKE 'v=DKIM1%' AND " . $app->tform->getAuthSQL('r');
 		$rec = $app->db->queryAllRecords($sql, '._domainkey.'.$dataRecord['dkim_selector'].'.', $dataRecord['domain']);
 		if (is_array($rec))

interface/web/mail/templates/mail_domain_edit.htm

@@ -75,24 +75,28 @@
                     {tmpl_var name='policy'}
                 </select></div>
             </div>
-            <div class="form-group">
+            <tmpl_if name="show_per_domain_relay_options">
+            <tmpl_if name="limit_relayhost">
+              <div class="form-group">
                 <label for="relay_host" class="col-sm-3 control-label">{tmpl_var name='relayhost_txt'}</label>
                 <div class="col-sm-9">
-                    <input type="text" name="relay_host" id="relay_host" value="{tmpl_var name='relay_host'}" class="form-control" />
+                  <input type="text" name="relay_host" id="relay_host" value="{tmpl_var name='relay_host'}" class="form-control" />
                 </div>
-            </div>
-            <div class="form-group">
+              </div>
+              <div class="form-group">
                 <label for="relay_user" class="col-sm-3 control-label">{tmpl_var name='relayhost_user_txt'}</label>
                 <div class="col-sm-9">
-                    <input type="text" name="relay_user" id="relay_user" value="{tmpl_var name='relay_user'}" class="form-control" />
+                  <input type="text" name="relay_user" id="relay_user" value="{tmpl_var name='relay_user'}" class="form-control" />
                 </div>
-            </div>
-            <div class="form-group">
+              </div>
+              <div class="form-group">
                 <label for="relay_pass" class="col-sm-3 control-label">{tmpl_var name='relayhost_password_txt'}</label>
                 <div class="col-sm-9">
-                    <input type="text" name="relay_pass" id="relay_pass" value="{tmpl_var name='relay_pass'}" class="form-control" />
+                  <input type="text" name="relay_pass" id="relay_pass" value="{tmpl_var name='relay_pass'}" class="form-control" />
                 </div>
-            </div>
+              </div>
+            </tmpl_if>
+            </tmpl_if>
             <div class="form-group">
                 <label class="col-sm-3 control-label">{tmpl_var name='active_txt'}</label>
                 <div class="col-sm-9">
@@ -131,7 +135,7 @@
 
             </div>
 
-        
+
 
         <input type="hidden" name="id" value="{tmpl_var name='id'}">
         <input type="hidden" name="type" value="local">
@@ -150,11 +154,11 @@
 			domain_id : domain_id,
 			dkim_public : dkim_public,
 			dkim_selector : dkim_selector,
-			type : "create_dkim" 
+			type : "create_dkim"
 		}, function(data) {
                         var dkim_txt = 'v=DKIM1; t=s; p=' + data['dns_record'].replace(/(\r\n|\n|\r)/gm, "");
 			var dns=data['dkim_selector'] + '._domainkey.' + data['domain'] + '. 3600   IN	TXT	' + dkim_txt.match(new RegExp('.{1,' + '200' + '}', 'g')).map(chunk =>  '"' + chunk + '"').join('');
-                        
+
 			$("#dkim_selector").val(data.dkim_selector);
 			$("#dkim_public").val(data.dkim_public);
 			$("#dkim_private").val(data.dkim_private);
@@ -162,5 +166,3 @@
 		});
 	};
 </script>
-
-

interface/web/sites/ajax_get_ip.php

@@ -45,7 +45,7 @@ $ip_type = $_GET['ip_type'];
 	$web_config = $app->getconf->get_server_config($server_id, 'web');
 	
 	$tmp = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ?", $client_group_id);
-	$sql = "SELECT ip_address FROM server_ip WHERE ip_type = ? AND server_id = ? AND (client_id = 0 OR client_id=?)";
+	$sql = "SELECT ip_address FROM server_ip WHERE ip_type = ? AND server_id = ? AND virtualhost = 'y' AND (client_id = 0 OR client_id=?)";
 
 	$ips = $app->db->queryAllRecords($sql, $ip_type, $server_id, $tmp['client_id']);
 	// $ip_select = "<option value=''></option>";

interface/web/sites/templates/web_vhost_domain_redirect.htm

@@ -86,7 +86,7 @@
                 jQuery('#redirect_type option[value="redirect"]').hide();
                 jQuery('#redirect_type option[value="permanent"]').hide();
 				//jQuery('#redirect_type option[value="proxy"]').hide();
-                if(selected != "no" && selected != "" && selected != "R" && selected != "L" && selected != "R,L" && selected != "R=301,L") jQuery('#redirect_type option[value="no"]').attr('selected', 'selected');
+                if(selected != "no" && selected != "" && selected != "R" && selected != "L" && selected != "R,L" && selected != "R=301,L" && selected != "proxy") jQuery('#redirect_type option[value="no"]').attr('selected', 'selected');
 				jQuery('.nginx').hide();
             }
         });

server/conf/rspamd_options.inc.master

+# Addrs local to this server.
+local_addrs = [
+	"127.0.0.0/8",
+	"::1",
+<tmpl_loop name="local_addrs">	<tmpl_var name='quoted_ip'></tmpl_loop>];
+
+# This list is generated by ISPConfig, place custom addresses/networks in local_networks.inc.
+local_networks = "/etc/rspamd/local.d/local_networks.inc";
+
+dns {
+	nameserver = ["127.0.0.1:53:10"];
+}

server/conf/rspamd_users.conf.master

-settings {
-	authenticated {
-		priority = 10;
-		authenticated = yes;
-		#apply "default" { groups_disabled = ["rbl", "spf"]; }
-		apply "default" {
-			#symbols_enabled = [];
-			symbols_disabled = [];
-			#groups_enabled = [];
-			groups_disabled = ["rbl"];
-		}
-	}
-	whitelist {
-		priority = 10;
-		rcpt = "postmaster";
-		rcpt = "hostmaster";
-		rcpt = "abuse";
-		want_spam = yes;
-	}
-	whitelist-ip {
-		priority = 10;
-<tmpl_loop name="whitelist_ips">
-		ip = "<tmpl_var name='ip'>";
-</tmpl_loop>
-		
-		want_spam = yes;
-	}
-#	whitelist-timmehosting {
-#		priority = 20;
-#		from = "@xxx";
-#		from = "@xxx";
-#		want_spam = yes;
-#	}
-	whitelist-ca {
-		priority = 20;
-		from = "@comodo.com";
-		from = "@geotrust.com";
-		from = "@geotrusteurope.com";
-		want_spam = yes;
-	}
-	.include(try=true; glob=true) "$LOCAL_CONFDIR/local.d/users/*.conf"
-	.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/users.local.conf"
-}

server/lib/classes/ispcmail.inc.php

@@ -612,6 +612,9 @@ class ispcmail {
 			if (stream_socket_enable_crypto($this->_smtp_conn, true, $crypto_method) != true) {
 				return false;
 			}
+
+			fputs($this->_smtp_conn, 'HELO ' . $this->smtp_helo . $this->_crlf);
+			$response = fgets($this->_smtp_conn, 515);
 		}
 
 		//AUTH LOGIN

server/lib/classes/letsencrypt.inc.php

@@ -137,6 +137,7 @@ class letsencrypt {
 			return false;
 		}
 
+		$primary_domain = $domains[0];
 		$matches = array();
 		$ret = null;
 		$val = 0;
@@ -151,18 +152,22 @@ class letsencrypt {
 			$acme_version = 'https://acme-v01.api.letsencrypt.org/directory';
 		}
 		if (version_compare($letsencrypt_version, '0.30', '>=')) {
-			$app->log("LE version is " . $letsencrypt_version . ", so using certificates command", LOGLEVEL_DEBUG);
+			$app->log("LE version is " . $letsencrypt_version . ", so using certificates command and --cert-name instead of --expand", LOGLEVEL_DEBUG);
 			$this->certbot_use_certcommand = true;
 			$webroot_map = array();
 			for($i = 0; $i < count($domains); $i++) {
 				$webroot_map[$domains[$i]] = '/usr/local/ispconfig/interface/acme';
 			}
 			$webroot_args = "--webroot-map " . escapeshellarg(str_replace(array("\r", "\n"), '', json_encode($webroot_map)));
+			// --cert-name might be working with earlier versions of certbot, but there is no exact version documented
+			// So for safety reasons we add it to the 0.30 version check as it is documented to work as expected in this version
+			$cert_selection_command = "--cert-name $primary_domain";
 		} else {
 			$webroot_args = "$cmd --webroot-path /usr/local/ispconfig/interface/acme";
+			$cert_selection_command = "--expand";
 		}
 
-		$cmd = $letsencrypt . " certonly -n --text --agree-tos --expand --authenticator webroot --server $acme_version --rsa-key-size 4096 --email postmaster@$domain $webroot_args";
+		$cmd = $letsencrypt . " certonly -n --text --agree-tos $cert_selection_command --authenticator webroot --server $acme_version --rsa-key-size 4096 --email webmaster@$primary_domain $webroot_args";
 
 		return $cmd;
 	}