Merge branch 'develop' of git.ispconfig.org:ispconfig/ispconfig3 into develop

Author: florian030

install/tpl/debian6_dovecot2.conf.master

@@ -66,10 +66,12 @@ service imap-login {
 }
 protocol imap {
   mail_plugins = quota imap_quota
+  auth_verbose = yes
 }
 protocol pop3 {
   pop3_uidl_format = %08Xu%08Xv
   mail_plugins = quota
+  auth_verbose = yes
 }
 protocol lda {
   postmaster_address = webmaster@localhost

install/tpl/debian_dovecot2.conf.master

@@ -63,10 +63,12 @@ service imap-login {
 }
 protocol imap {
   mail_plugins = quota imap_quota
+  auth_verbose = yes
 }
 protocol pop3 {
   pop3_uidl_format = %08Xu%08Xv
   mail_plugins = quota
+  auth_verbose = yes
 }
 protocol lda {
   postmaster_address = webmaster@localhost

install/tpl/debian_postfix.conf.master

@@ -15,7 +15,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/fedora_dovecot2.conf.master

@@ -60,10 +60,12 @@ service imap-login {
 }
 protocol imap {
   mail_plugins = quota imap_quota
+  auth_verbose = yes
 }
 protocol pop3 {
   pop3_uidl_format = %08Xu%08Xv
   mail_plugins = quota
+  auth_verbose = yes
 }
 protocol lda {
   mail_plugins = sieve quota

install/tpl/fedora_postfix.conf.master

@@ -11,7 +11,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/gentoo_postfix.conf.master

@@ -10,7 +10,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

install/tpl/opensuse_dovecot2.conf.master

@@ -60,10 +60,12 @@ service imap-login {
 }
 protocol imap {
   mail_plugins = quota imap_quota
+  auth_verbose = yes
 }
 protocol pop3 {
   pop3_uidl_format = %08Xu%08Xv
   mail_plugins = quota
+  auth_verbose = yes
 }
 protocol lda {
   mail_plugins = sieve quota

install/tpl/opensuse_postfix.conf.master

@@ -13,7 +13,7 @@ broken_sasl_auth_clients = yes
 smtpd_sasl_authenticated_header = yes
 smtpd_restriction_classes = greylisting
 greylisting = check_policy_service inet:127.0.0.1:10023
-smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
+smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:{config_dir}/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:{config_dir}/mysql-virtual_recipient.cf{greylisting}, check_policy_service unix:private/quota-status
 smtpd_use_tls = yes
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = {config_dir}/smtpd.cert

interface/web/admin/form/firewall.tform.php

@@ -76,7 +76,7 @@
 			'datatype' => 'VARCHAR',
 			'formtype' => 'TEXT',
 			'validators' => array (  0 => array ( 'type' => 'REGEX',
-					'regex' => '/^\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
+					'regex' => '/^$|\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
 					'errmsg'=> 'tcp_ports_error_regex'),
 			),
 			'default' => '20,21,22,25,53,80,110,143,443,465,587,993,995,3306,8080,8081,10000',
@@ -88,7 +88,7 @@
 			'datatype' => 'VARCHAR',
 			'formtype' => 'TEXT',
 			'validators' => array (  0 => array ( 'type' => 'REGEX',
-					'regex' => '/^\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
+					'regex' => '/^$|\d{1,5}(?::\d{1,5})?(?:,\d{1,5}(?::\d{1,5})?)*$/',
 					'errmsg'=> 'udp_ports_error_regex'),
 			),
 			'default' => '53,3306',

server/plugins-available/postfix_server_plugin.inc.php

@@ -91,13 +91,13 @@ function update($event_name, $data) {
 			if (!empty($mail_config['relayhost_user']) || !empty($mail_config['relayhost_password'])) {
 				$content .= "\n".$mail_config['relayhost'].'   '.$mail_config['relayhost_user'].':'.$mail_config['relayhost_password'];
 			}
-			
+
 			if (preg_replace('/^(#[^\n]*|\s+)(:?\n+|)/m','',$content) != '') {
 				exec("postconf -e 'smtp_sasl_auth_enable = yes'");
 			} else {
 				exec("postconf -e 'smtp_sasl_auth_enable = no'");
 			}
-			
+
 			$app->system->exec_safe("postconf -e ?", 'relayhost = '.$mail_config['relayhost']);
 			file_put_contents('/etc/postfix/sasl_passwd', $content);
 			chmod('/etc/postfix/sasl_passwd', 0600);
@@ -281,7 +281,7 @@ function update($event_name, $data) {
 				exec("postconf -X 'smtpd_timeout'");
 			}
 		}
-		
+
 		if($app->system->is_installed('dovecot')) {
 			$virtual_transport = 'dovecot';
 			$configure_lmtp = false;
@@ -347,15 +347,15 @@ function update($event_name, $data) {
 			if($mail_config['content_filter'] == 'rspamd'){
 				exec("postconf -X 'receive_override_options'");
 				exec("postconf -X 'content_filter'");
-				
+
 				exec("postconf -e 'smtpd_milters = inet:localhost:11332'");
 				exec("postconf -e 'non_smtpd_milters = inet:localhost:11332'");
 				exec("postconf -e 'milter_protocol = 6'");
 				exec("postconf -e 'milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}'");
 				exec("postconf -e 'milter_default_action = accept'");
 
 				exec("postconf -e 'smtpd_sender_restrictions = ${raslm} permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
-				
+
 				$new_options = array();
 				$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
 				foreach ($options as $key => $value) {
@@ -367,7 +367,7 @@ function update($event_name, $data) {
 					$new_options[] = $value;
 				}
 				exec("postconf -e 'smtpd_recipient_restrictions = ".implode(", ", $new_options)."'");
-				
+
 				// get all domains that have dkim enabled
 				if ( substr($mail_config['dkim_path'], strlen($mail_config['dkim_path'])-1) == '/' ) {
 					$mail_config['dkim_path'] = substr($mail_config['dkim_path'], 0, strlen($mail_config['dkim_path'])-1);
@@ -384,18 +384,19 @@ function update($event_name, $data) {
 				unset($dkim_domains);
 			} else {
 				exec("postconf -X 'smtpd_milters'");
+				exec("postconf -X 'non_smtpd_milters'");
 				exec("postconf -X 'milter_protocol'");
 				exec("postconf -X 'milter_mail_macros'");
 				exec("postconf -X 'milter_default_action'");
-				
+
 				exec("postconf -e 'receive_override_options = no_address_mappings'");
 				exec("postconf -e 'content_filter = " . ($configure_lmtp ? "lmtp" : "amavis" ) . ":[127.0.0.1]:10024'");
 
 				// fixme: should read this from conf templates
 				exec("postconf -e 'smtpd_sender_restrictions = ${raslm} check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
 			}
 		}
-		
+
 		if($mail_config['content_filter'] == 'rspamd' && ($mail_config['rspamd_password'] != $old_ini_data['mail']['rspamd_password'] || $mail_config['content_filter'] != $old_ini_data['mail']['content_filter'])) {
 			$app->load('tpl');
 
@@ -404,7 +405,7 @@ function update($event_name, $data) {
 			if($crypted_password) {
 				$rspamd_password = $crypted_password;
 			}
-			
+
 			$tpl = new tpl();
 			$tpl->newTemplate('rspamd_worker-controller.inc.master');
 			$tpl->setVar('rspamd_password', $rspamd_password);