Client configuration guides

- iOS mobileconfig generator
- non-443 HTTPS ports in autoconfig etc.
- disabling POP service via SRV record
- fix display name in Outlook IMAP autodiscover
- allow multiple calls to TLSA generator and support Sieve STARTTLS
This commit is contained in:
Michael Kuron 2017-07-02 13:44:05 +02:00
parent 56a652fbf3
commit 96ed94dedd
12 changed files with 460 additions and 56 deletions

View File

@ -8,6 +8,7 @@ ENV GOSU_VERSION 1.9
# Prerequisites # Prerequisites
RUN apt-get update && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
apt-transport-https \ apt-transport-https \
bind9-host \
ca-certificates \ ca-certificates \
cron \ cron \
gnupg \ gnupg \

View File

@ -5,6 +5,16 @@ if (empty($mailcow_hostname)) {
exit(); exit();
} }
$domain_dot = strpos($_SERVER['HTTP_HOST'], '.');
$domain_port = strpos($_SERVER['HTTP_HOST'], ':');
if ($domain_port === FALSE) {
$domain = substr($_SERVER['HTTP_HOST'], $domain_dot+1);
$port = 443;
} else {
$domain = substr($_SERVER['HTTP_HOST'], $domain_dot+1, $domain_port-$domain_dot-1);
$port = substr($_SERVER['HTTP_HOST'], $domain_port+1);
}
header('Content-Type: application/xml'); header('Content-Type: application/xml');
?> ?>
<?= '<?xml version="1.0"?>'; ?> <?= '<?xml version="1.0"?>'; ?>
@ -15,52 +25,59 @@ header('Content-Type: application/xml');
<displayShortName>mail server</displayShortName> <displayShortName>mail server</displayShortName>
<incomingServer type="imap"> <incomingServer type="imap">
<hostname><?= $mailcow_hostname; ?></hostname> <hostname><?= $autodiscover_config['imap']['server']; ?></hostname>
<port>993</port> <port><?= $autodiscover_config['imap']['port']; ?></port>
<socketType>SSL</socketType> <socketType>SSL</socketType>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
</incomingServer> </incomingServer>
<incomingServer type="imap"> <incomingServer type="imap">
<hostname><?= $mailcow_hostname; ?></hostname> <hostname><?= $autodiscover_config['imap']['server']; ?></hostname>
<port>143</port> <port><?= $autodiscover_config['imap']['tlsport']; ?></port>
<socketType>STARTTLS</socketType> <socketType>STARTTLS</socketType>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
</incomingServer> </incomingServer>
<?php
$records = dns_get_record('_pop3s._tcp.' . $domain, DNS_SRV); // check if POP3 is announced as "not provided" via SRV record
if (count($records) == 0 || $records[0]['target'] != '') { ?>
<incomingServer type="pop3"> <incomingServer type="pop3">
<hostname><?= $mailcow_hostname; ?></hostname> <hostname><?= $autodiscover_config['pop3']['server']; ?></hostname>
<port>995</port> <port><?= $autodiscover_config['pop3']['port']; ?></port>
<socketType>SSL</socketType> <socketType>SSL</socketType>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
</incomingServer> </incomingServer>
<?php } ?>
<?php
$records = dns_get_record('_pop3._tcp.' . $domain, DNS_SRV); // check if POP3 is announced as "not provided" via SRV record
if (count($records) == 0 || $records[0]['target'] != '') { ?>
<incomingServer type="pop3"> <incomingServer type="pop3">
<hostname><?= $mailcow_hostname; ?></hostname> <hostname><?= $autodiscover_config['pop3']['server']; ?></hostname>
<port>110</port> <port><?= $autodiscover_config['pop3']['tlsport']; ?></port>
<socketType>STARTTLS</socketType> <socketType>STARTTLS</socketType>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
</incomingServer> </incomingServer>
<?php } ?>
<outgoingServer type="smtp"> <outgoingServer type="smtp">
<hostname><?= $mailcow_hostname; ?></hostname> <hostname><?= $autodiscover_config['smtp']['server']; ?></hostname>
<port>465</port> <port><?= $autodiscover_config['smtp']['port']; ?></port>
<socketType>SSL</socketType> <socketType>SSL</socketType>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
</outgoingServer> </outgoingServer>
<outgoingServer type="smtp"> <outgoingServer type="smtp">
<hostname><?= $mailcow_hostname; ?></hostname> <hostname><?= $autodiscover_config['smtp']['server']; ?></hostname>
<port>587</port> <port><?= $autodiscover_config['smtp']['tlsport']; ?></port>
<socketType>STARTTLS</socketType> <socketType>STARTTLS</socketType>
<username>%EMAILADDRESS%</username> <username>%EMAILADDRESS%</username>
<authentication>password-cleartext</authentication> <authentication>password-cleartext</authentication>
</outgoingServer> </outgoingServer>
<enable visiturl="https://<?= $mailcow_hostname; ?>/admin.php"> <enable visiturl="https://<?= $mailcow_hostname; ?><?php if ($port != 443) echo ':'.$port; ?>/admin.php">
<instruction>If you didn't change the password given to you by the administrator or if you didn't change it in a long time, please consider doing that now.</instruction> <instruction>If you didn't change the password given to you by the administrator or if you didn't change it in a long time, please consider doing that now.</instruction>
<instruction lang="de">Sollten Sie das Ihnen durch den Administrator vergebene Passwort noch nicht geändert haben, empfehlen wir dies nun zu tun. Auch ein altes Passwort sollte aus Sicherheitsgründen geändert werden.</instruction> <instruction lang="de">Sollten Sie das Ihnen durch den Administrator vergebene Passwort noch nicht geändert haben, empfehlen wir dies nun zu tun. Auch ein altes Passwort sollte aus Sicherheitsgründen geändert werden.</instruction>
</enable> </enable>
@ -68,6 +85,6 @@ header('Content-Type: application/xml');
</emailProvider> </emailProvider>
<webMail> <webMail>
<loginPage url="https://<?= $mailcow_hostname; ?>/SOGo/" /> <loginPage url="https://<?= $mailcow_hostname; ?><?php if ($port != 443) echo ':'.$port; ?>/SOGo/" />
</webMail> </webMail>
</clientConfig> </clientConfig>

View File

@ -12,13 +12,14 @@ error_reporting(0);
$data = trim(file_get_contents("php://input")); $data = trim(file_get_contents("php://input"));
// Desktop client needs IMAP, unless it's Outlook 2013 or higher on Windows // Desktop client needs IMAP, unless it's Outlook 2013 or higher on Windows
if (strpos($data, 'autodiscover/outlook/responseschema')) { // desktop client if (strpos($data, 'autodiscover/outlook/responseschema') !== false) { // desktop client
$configuration['autodiscoverType'] = 'imap'; $configuration['autodiscoverType'] = 'imap';
if ($configuration['useEASforOutlook'] == 'yes' && if ($configuration['useEASforOutlook'] == 'yes' &&
// Office for macOS does not support EAS // Office for macOS does not support EAS
strpos($_SERVER['HTTP_USER_AGENT'], 'Mac') === false && strpos($_SERVER['HTTP_USER_AGENT'], 'Mac') === false &&
// Outlook 2013 (version 15) or higher // Outlook 2013 (version 15) or higher
preg_match('/(Outlook|Office).+1[5-9]\./', $_SERVER['HTTP_USER_AGENT'])) { preg_match('/(Outlook|Office).+1[5-9]\./', $_SERVER['HTTP_USER_AGENT'])
) {
$configuration['autodiscoverType'] = 'activesync'; $configuration['autodiscoverType'] = 'activesync';
} }
} }
@ -60,8 +61,28 @@ else {
<?php <?php
exit(0); exit(0);
} }
$discover = new SimpleXMLElement($data); try {
$email = $discover->Request->EMailAddress; $discover = new SimpleXMLElement($data);
$email = $discover->Request->EMailAddress;
} catch (Exception $e) {
$email = $_SERVER['PHP_AUTH_USER'];
}
$username = trim($email);
try {
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
$stmt->execute(array(':username' => $username));
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
}
catch(PDOException $e) {
die("Failed to determine name from SQL");
}
if (!empty($MailboxData['name'])) {
$displayname = utf8_encode($MailboxData['name']);
}
else {
$displayname = $email;
}
if ($configuration['autodiscoverType'] == 'imap') { if ($configuration['autodiscoverType'] == 'imap') {
?> ?>
@ -96,13 +117,13 @@ else {
</Protocol> </Protocol>
<Protocol> <Protocol>
<Type>CalDAV</Type> <Type>CalDAV</Type>
<Server><?=$configuration['caldav']['server'];?>/SOGo/dav/<?=$email;?>/Calendar</Server> <Server>https://<?=$configuration['caldav']['server'];?><?php if ($configuration['caldav']['port'] != 443) echo ':'.$configuration['caldav']['port']; ?>/SOGo/dav/<?=$email;?>/Calendar</Server>
<DomainRequired>off</DomainRequired> <DomainRequired>off</DomainRequired>
<LoginName><?=$email;?></LoginName> <LoginName><?=$email;?></LoginName>
</Protocol> </Protocol>
<Protocol> <Protocol>
<Type>CardDAV</Type> <Type>CardDAV</Type>
<Server><?=$configuration['carddav']['server'];?>/SOGo/dav/<?=$email;?>/Contacts</Server> <Server>https://<?=$configuration['carddav']['server'];?><?php if ($configuration['caldav']['port'] != 443) echo ':'.$configuration['carddav']['port']; ?>/SOGo/dav/<?=$email;?>/Contacts</Server>
<DomainRequired>off</DomainRequired> <DomainRequired>off</DomainRequired>
<LoginName><?=$email;?></LoginName> <LoginName><?=$email;?></LoginName>
</Protocol> </Protocol>
@ -111,21 +132,6 @@ else {
<?php <?php
} }
else if ($configuration['autodiscoverType'] == 'activesync') { else if ($configuration['autodiscoverType'] == 'activesync') {
$username = trim($email);
try {
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
$stmt->execute(array(':username' => $username));
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
}
catch(PDOException $e) {
die("Failed to determine name from SQL");
}
if (!empty($MailboxData['name'])) {
$displayname = utf8_encode($MailboxData['name']);
}
else {
$displayname = $email;
}
?> ?>
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006"> <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
<Culture>en:en</Culture> <Culture>en:en</Culture>

185
data/web/clientconfig.php Normal file
View File

@ -0,0 +1,185 @@
<?php
require_once 'inc/prerequisites.inc.php';
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "user") {
require_once("inc/header.inc.php");
if (file_exists('thunderbird-plugins/version.csv'))
{
$fh = fopen('thunderbird-plugins/version.csv', 'r');
if ($fh)
{
while (($row = fgetcsv($fh, 1000, ';')) !== FALSE)
{
if ($row[0] == 'sogo-integrator@inverse.ca') {
$integrator_file = $row[2];
}
}
fclose($fh);
}
}
$email = $_SESSION['mailcow_cc_username'];
$domain = explode('@', $_SESSION['mailcow_cc_username'])[1];
$username = trim($email);
try {
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
$stmt->execute(array(':username' => $username));
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
}
catch(PDOException $e) {
die("Failed to determine name from SQL");
}
if (!empty($MailboxData['name'])) {
$displayname = utf8_encode($MailboxData['name']);
}
else {
$displayname = $email;
}
?>
<div class="container">
<h2>Client Configuration Guide</h2>
<p>Select your email client or operating system below to view a step-by-step guide to setting up your email account.</p>
<h3><a href="#" onclick="document.getElementById('client_apple').style.display = 'block'">Apple macOS / iOS</a></h3>
<div id="client_apple" style="display: none">
<ol>
<li>Download and open <a href="mobileconfig.php">Mailcow.mobileconfig</a>.</li>
<li>Enter the unlock code (iPhone) or computer password (Mac).</li>
<li>Enter your email password three times when prompted.</li>
</ol>
<p>On iOS, Exchange is also supported as an alternative to the procedure above. It has the advantage of supporting push email (i.e. you are immediately notified of incoming messages), but has some limitations, e.g. it does not support more than three email addresses per contact in your address book. Follow the steps below if you decide to use Exchange instead.</p>
<ol>
<li>Open the <em>Settings</em> app, tap <em>Mail</em>, tap <em>Accounts</em>, tap <em>Add Acccount</em>, select <em>Exchange</em>.</li>
<li>Enter your email address (<code><?php echo $email; ?></code>) and tap <em>Next</em>.</li>
<li>Enter your password, tap <em>Next</em> again.</li>
<li>Finally, tap <em>Save</em>.</li>
</ol>
</div>
<h3><a href="#" onclick="document.getElementById('client_android').style.display = 'block'">Android</a></h3>
<ol id="client_android" style="display: none">
<li>Open the <em>Email</em> app.</li>
<li>If this is your first email account, tap <em>Add Account</em>; if not, tap <em>More</em> and <em>Settings</em> and then <em>Add account</em>.</li>
<li>Select <em>Microsoft Exchange ActiveSync</em>.</li>
<li>Enter your email address (<code><?php echo $email; ?></code>) and password.</li>
<li>Tap <em>Sign in</em>.</li>
</ol>
<h3><a href="#" onclick="document.getElementById('client_emclient').style.display = 'block'">eM Client</a></h3>
<ol id="client_emclient" style="display: none">
<li>Launch eM Client.</li>
<li>If this is the first time you launched eM Client, it asks you to set up your account. Proceed to step 4.</li>
<li>Go to <em>Menu</em> at the top, select <em>Tools</em> and <em>Accounts</em>.</li>
<li>Enter your email address (<code><?php echo $email; ?></code>) and click <em>Start Now</em>.</li>
<li>Enter your password and click <em>Continue</em>.</li>
<li>Enter your name (<code><?php echo $displayname; ?></code>) and click <em>Next</em>.</li>
<li>Click <em>Finish</em>.</li>
</ol>
<h3><a href="#" onclick="document.getElementById('client_kontact').style.display = 'block'">KDE Kontact</a></h3>
<div id="client_kontact" style="display: none">
<ol>
<li>Launch Kontact.</li>
<li>If this is the first time you launched Kontact or KMail, it asks you to set up your account. Proceed to step 4.</li>
<li>Go to <em>Mail</em> in the sidebar. Go to the <em>Tools</em> menu and select <em>Account Wizard</em>.</li>
<li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
<li>Click <em>Create Account</em>. If prompted, re-enter your password and click <em>OK</em>.</li>
<li>Close the window by clicking <em>Finish</em>.</li>
<li>Go to <em>Calendar</em> in the sidebar.</li>
<li>Go to the <em>Settings</em> menu and select <em>Configure KOrganizer</em>.</li>
<li>Go to the <em>Calendars</em> tab and click the <em>Add</em> button.</li>
<li>Choose <em>DAV groupware resource</em> and click <em>OK</em>.</li>
<li>Enter your email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
<li>Select <em>ScalableOGo</em> from the dropdown menu and click <em>Next</em>.</li>
<li>Enter <code><?= $autodiscover_config['caldav']['server']; ?></code> into the <em>Host</em> field and click <em>Next</em>.</li>
<li>Click <em>Test Connection</em> and then <em>Finish</em>. Finally, click <em>OK</em> twice.</li>
</ol>
<p>Once you have set up Kontact, you can also use KMail, KOrganizer and KAddressBook individually.</p>
</div>
<h3><a href="#" onclick="document.getElementById('client_outlook').style.display = 'block'">Microsoft Outlook</a></h3>
<div id="client_outlook" style="display: none">
<?php if ($autodiscover_config['useEASforOutlook'] == 'yes') { ?>
<h4>Outlook 2013 or higher on Windows</h4>
<ol>
<li>Launch Outlook.</li>
<li>If this is the first time you launched Outlook, it asks you to set up your account. Proceed to step 4.</li>
<li>Go to the <em>File</em> menu and click <em>Add Account</em>.</li>
<li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
<li>When prompted, enter your password again, check <em>Remember my credentials</em> and click <em>OK</em>.</li>
<li>Click the <em>Allow</em> button.</li>
<li>Click <em>Finish</em>.</li>
</ol>
<h4>Outlook 2007 or 2010 on Windows</h4>
<?php } else { ?>
<h4>Outlook 2007 or higher on Windows</h4>
<?php } ?>
<ol>
<li>Download and install <a href="https://caldavsynchronizer.org" target="_blank">Outlook CalDav Synchronizer</a>.</li>
<li>Launch Outlook.</li>
<li>If this is the first time you launched Outlook, it asks you to set up your account. Proceed to step 5.</li>
<li>Go to the <em>File</em> menu and click <em>Add Account</em>.</li>
<li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Click <em>Next</em>.</li>
<li>Click <em>Finish</em>.</li>
<li>Go to the <em>CalDav Synchronizer</em> ribbon, click <em>Synchronization Profiles</em>.</li>
<li>Click the second button at top (<em>Add multiple profiles</em>), select <em>Sogo</em>, click <em>Ok</em>.</li>
<li>Click the <em>Get IMAP/POP3 account settings</em> button.</li>
<li>Click <em>Discover resources and assign to Outlook folders</em>.</li>
<li>In the <em>Select Resource</em> window that pops up, select your main calendar (usually <em>Personal Calendar</em>), click the <em>...</em> button, assign it to <em>Calendar</em>, and click <em>OK</em>. Go to the <em>Address Books</em> and <em>Tasks</em> tabs and repeat repeat the process accordingly. Do not assign multiple calendars, address books or task lists!</li>
<li>Close all windows with the <em>OK</em> buttons.</li>
</ol>
<h4>Outlook 2011 or higher on macOS</h4>
<p>The Mac version of Outlook does not synchronize calendars and contacts and therefore is not supported.</p>
</div>
<h3><a href="#" onclick="document.getElementById('client_thunderbird').style.display = 'block'">Mozilla Thunderbird</a></h3>
<div id="client_thunderbird" style="display: none">
<ol>
<li>Launch Thunderbird.</li>
<li>If this is the first time you launched Thunderbird, it asks you whether you would like a new email address. Click <em>Skip this and use my existing email</em> and proceed to step 4.</li>
<li>Go to the <em>Tools</em> menu and select <em>Account Settings</em>.</li>
<li>Click the <em>Account Actions</em> dropdown menu at the bottom left and select <em>Add Mail Account</em>.</li>
<li>Enter your name (<code><?php echo $displayname; ?></code>), email address (<code><?php echo $email; ?></code>) and your password. Make sure the <em>Remember password</em> checkbox is selected and click <em>Continue</em>.</li>
<li>Once the configuration has been automatically detected, click <em>Done</em>.</li>
<li>If you already had other accounts configured in Thunderbird, select the new one (<?php echo $email; ?>) on the left, click the <em>Account Actions</em> dropdown and select <em>Set as Default</em>.</li>
<li>Close the account settings window with the <em>OK</em> button.</li>
<li>In your web browser, download <a href="thunderbird-plugins/<?php echo str_replace('__DOMAIN__', $domain, $integrator_file); ?>">SOGo Integrator</a>.</li>
<li>Back in Thunderbird, go to the <em>Tools</em> menu and select <em>Add-ons</em>.</li>
<li>Click <em>Extensions</em> on the left, click the little gear icon at the top and select <em>Install Add-on From File</em>. Select the file you downloaded in step 9, click <em>Open</em> and, after waiting for a few seconds, <em>Install Now</em>.</li>
<li>Click the <em>Restart Now</em> button at the top that appears.</li>
<li>Thunderbird briefly shows a message that it is updating extensions, then restarts automatically once more.</li>
<li>When you are prompted to authenticate for <?= $autodiscover_config['caldav']['server']; ?>, enter your email address and password, check <em>Use Password Manager</em> and click <em>OK</em>.</li>
</ol>
</div>
<h3><a href="#" onclick="document.getElementById('client_windows').style.display = 'block'">Windows</a></h3>
<div id="client_windows" style="display: none">
<ol>
<li>Open the <em>Mail</em> app.</li>
<li>If you have not previously used Mail, you can click <em>Add Account</em> in the main window. Proceed to step 4.</li>
<li>Click <em>Accounts</em> in the sidebar on the left, then click <em>Add Account</em> on the far right.</li>
<li>Select <em>Exchange</em>.</li>
<li>Enter your email address (<code><?php echo $email; ?></code>) and click Next.</li>
<li>Enter your password and click <em>Log in</em>.</li>
</ol>
<p>Once you have set up the Mail app, you can also use the People and Calendar apps.</p>
</div>
<h3><a href="#" onclick="document.getElementById('client_windowsphone').style.display = 'block'">Windows Phone</a></h3>
<ol id="client_windowsphone" style="display: none">
<li>Open the <em>Settings</em> app. Select <em>email + accounts</em> and tap <em>add an account</em>.</li>
<li>Tap Exchange.</li>
<li>Enter your email address (<code><?php echo $email; ?></code>) and your password. Tap <em>Sign in</em>.</li>
<li>Tap <em>done</em>.</li>
</ol>
</div>
<?php
require_once("inc/footer.inc.php");
} else {
header('Location: index.php');
exit();
}
?>

View File

@ -62,17 +62,17 @@ function hasMailboxObjectAccess($username, $role, $object) {
} }
return false; return false;
} }
function pem_to_der($pem_key) {
// Need to remove BEGIN/END PUBLIC KEY
$lines = explode("\n", trim($pem_key));
unset($lines[count($lines)-1]);
unset($lines[0]);
return base64_decode(implode('', $lines));
}
function generate_tlsa_digest($hostname, $port, $starttls = null) { function generate_tlsa_digest($hostname, $port, $starttls = null) {
if (!is_valid_domain_name($hostname)) { if (!is_valid_domain_name($hostname)) {
return "Not a valid hostname"; return "Not a valid hostname";
} }
function pem_to_der($pem_key) {
// Need to remove BEGIN/END PUBLIC KEY
$lines = explode("\n", trim($pem_key));
unset($lines[count($lines)-1]);
unset($lines[0]);
return base64_decode(implode('', $lines));
}
if (empty($starttls)) { if (empty($starttls)) {
$context = stream_context_create(array("ssl" => array("capture_peer_cert" => true, 'verify_peer' => false, 'allow_self_signed' => true))); $context = stream_context_create(array("ssl" => array("capture_peer_cert" => true, 'verify_peer' => false, 'allow_self_signed' => true)));
@ -88,20 +88,24 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
return $error_nr . ': ' . $error_msg; return $error_nr . ': ' . $error_msg;
} }
$banner = fread($stream, 512 ); $banner = fread($stream, 512 );
if (preg_match("/^220/i", $banner)) { if (preg_match("/^220/i", $banner)) { // SMTP
fwrite($stream,"HELO tlsa.generator.local\r\n"); fwrite($stream,"HELO tlsa.generator.local\r\n");
fread($stream, 512); fread($stream, 512);
fwrite($stream,"STARTTLS\r\n"); fwrite($stream,"STARTTLS\r\n");
fread($stream, 512); fread($stream, 512);
} }
elseif (preg_match("/imap.+starttls/i", $banner)) { elseif (preg_match("/imap.+starttls/i", $banner)) { // IMAP
fwrite($stream,"A1 STARTTLS\r\n"); fwrite($stream,"A1 STARTTLS\r\n");
fread($stream, 512); fread($stream, 512);
} }
elseif (preg_match("/^\+OK/", $banner)) { elseif (preg_match("/^\+OK/", $banner)) { // POP3
fwrite($stream,"STLS\r\n"); fwrite($stream,"STLS\r\n");
fread($stream, 512); fread($stream, 512);
} }
elseif (preg_match("/^OK/m", $banner)) { // Sieve
fwrite($stream,"STARTTLS\r\n");
fread($stream, 512);
}
else { else {
return 'Unknown banner: "' . htmlspecialchars(trim($banner)) . '"'; return 'Unknown banner: "' . htmlspecialchars(trim($banner)) . '"';
} }

View File

@ -18,31 +18,48 @@ $database_name = getenv('DBNAME');
$mailcow_hostname = getenv('MAILCOW_HOSTNAME'); $mailcow_hostname = getenv('MAILCOW_HOSTNAME');
// Autodiscover settings // Autodiscover settings
$https_port = strpos($_SERVER['HTTP_HOST'], ':');
if ($https_port === FALSE) {
$https_port = 443;
} else {
$https_port = substr($_SERVER['HTTP_HOST'], $https_port+1);
}
$autodiscover_config = array( $autodiscover_config = array(
// Enable the autodiscover service for Outlook desktop clients // Enable the autodiscover service for Outlook desktop clients
'useEASforOutlook' => 'yes', 'useEASforOutlook' => 'yes',
// General autodiscover service type: "activesync" or "imap" // General autodiscover service type: "activesync" or "imap"
'autodiscoverType' => 'activesync', 'autodiscoverType' => 'activesync',
// Please don't use STARTTLS-enabled service ports here. // Please don't use STARTTLS-enabled service ports in the "port" variable.
// The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services). // The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
// The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable.
'imap' => array( 'imap' => array(
'server' => $mailcow_hostname, 'server' => $mailcow_hostname,
'port' => getenv('IMAPS_PORT'), 'port' => getenv('IMAPS_PORT'),
'tlsport' => getenv('IMAP_PORT'),
),
'pop3' => array(
'server' => $mailcow_hostname,
'port' => getenv('POPS_PORT'),
'tlsport' => getenv('POP_PORT'),
), ),
'smtp' => array( 'smtp' => array(
'server' => $mailcow_hostname, 'server' => $mailcow_hostname,
'port' => getenv('SMTPS_PORT'), 'port' => getenv('SMTPS_PORT'),
'tlsport' => getenv('SUBMISSION_PORT'),
), ),
'activesync' => array( 'activesync' => array(
'url' => 'https://'.$mailcow_hostname.'/Microsoft-Server-ActiveSync' 'url' => 'https://'.$mailcow_hostname.($https_port == 443 ? '' : ':'.$https_port).'/Microsoft-Server-ActiveSync',
), ),
'caldav' => array( 'caldav' => array(
'url' => 'https://'.$mailcow_hostname 'server' => $mailcow_hostname,
'port' => $https_port,
), ),
'carddav' => array( 'carddav' => array(
'url' => 'https://'.$mailcow_hostname 'server' => $mailcow_hostname,
) 'port' => $https_port,
),
); );
unset($https_port);
// Where to go after adding and editing objects // Where to go after adding and editing objects
// Can be "form" or "previous" // Can be "form" or "previous"

View File

@ -108,6 +108,7 @@ $lang['user']['user_settings'] = 'Benutzereinstellungen';
$lang['user']['mailbox_settings'] = 'Mailbox-Einstellungen'; $lang['user']['mailbox_settings'] = 'Mailbox-Einstellungen';
$lang['user']['mailbox_details'] = 'Mailbox-Details'; $lang['user']['mailbox_details'] = 'Mailbox-Details';
$lang['user']['change_password'] = 'Passwort ändern'; $lang['user']['change_password'] = 'Passwort ändern';
$lang['user']['client_configuration'] = 'Konfigurationsanleitungen für E-Mail-Programme und Smartphones anzeigen';
$lang['user']['new_password'] = 'Neues Passwort'; $lang['user']['new_password'] = 'Neues Passwort';
$lang['user']['save_changes'] = 'Änderungen speichern'; $lang['user']['save_changes'] = 'Änderungen speichern';
$lang['user']['password_now'] = 'Aktuelles Passwort (Änderungen bestätigen)'; $lang['user']['password_now'] = 'Aktuelles Passwort (Änderungen bestätigen)';

View File

@ -110,6 +110,7 @@ $lang['user']['user_settings'] = 'User settings';
$lang['user']['mailbox_settings'] = 'Mailbox settings'; $lang['user']['mailbox_settings'] = 'Mailbox settings';
$lang['user']['mailbox_details'] = 'Mailbox details'; $lang['user']['mailbox_details'] = 'Mailbox details';
$lang['user']['change_password'] = 'Change password'; $lang['user']['change_password'] = 'Change password';
$lang['user']['client_configuration'] = 'Show configuration guides for email clients and smartphones';
$lang['user']['new_password'] = 'New password'; $lang['user']['new_password'] = 'New password';
$lang['user']['save_changes'] = 'Save changes'; $lang['user']['save_changes'] = 'Save changes';
$lang['user']['password_now'] = 'Current password (confirm changes)'; $lang['user']['password_now'] = 'Current password (confirm changes)';

167
data/web/mobileconfig.php Normal file
View File

@ -0,0 +1,167 @@
<?php
require_once 'inc/prerequisites.inc.php';
if (empty($mailcow_hostname)) {
exit();
}
if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'user') {
header("Location: index.php");
die("This page is only available to logged-in users, not admins.");
}
header('Content-Type: application/x-apple-aspen-config');
header('Content-Disposition: attachment; filename="Mailcow.mobileconfig"');
$email = $_SESSION['mailcow_cc_username'];
$domain = explode('@', $_SESSION['mailcow_cc_username'])[1];
$identifier = implode('.', array_reverse(explode('.', $domain))) . '.iphoneprofile.mailcow';
try {
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
$stmt->execute(array(':username' => $email));
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
}
catch(PDOException $e) {
die("Failed to determine name from SQL");
}
if (!empty($MailboxData['name'])) {
$displayname = utf8_encode($MailboxData['name']);
}
else {
$displayname = $email;
}
echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>CalDAVAccountDescription</key>
<string><?php echo $domain; ?></string>
<key>CalDAVHostName</key>
<string><?php echo $autodiscover_config['caldav']['server']; ?></string>
<key>CalDAVPort</key>
<real><?php echo $autodiscover_config['caldav']['port']; ?></real>
<key>CalDAVPrincipalURL</key>
<string>/SOGo/dav/<?php echo $email; ?></string>
<key>CalDAVUseSSL</key>
<true/>
<key>CalDAVUsername</key>
<string><?php echo $email; ?></string>
<key>PayloadDescription</key>
<string>Configures CalDAV account.</string>
<key>PayloadDisplayName</key>
<string>CalDAV (<?php echo $domain; ?>)</string>
<key>PayloadIdentifier</key>
<string><?php echo $identifier; ?>.CalDAV</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.caldav.account</string>
<key>PayloadUUID</key>
<string>FC898573-EBA8-48AF-93BD-BFA0C9778FA7</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
<dict>
<key>EmailAccountDescription</key>
<string><?php echo $domain; ?></string>
<key>EmailAccountType</key>
<string>EmailTypeIMAP</string>
<key>EmailAccountName</key>
<string><?php echo $displayname; ?></string>
<key>EmailAddress</key>
<string><?php echo $email; ?></string>
<key>IncomingMailServerAuthentication</key>
<string>EmailAuthPassword</string>
<key>IncomingMailServerHostName</key>
<string><?php echo $autodiscover_config['imap']['server']; ?></string>
<key>IncomingMailServerPortNumber</key>
<integer><?php echo $autodiscover_config['imap']['port']; ?></integer>
<key>IncomingMailServerUseSSL</key>
<true/>
<key>IncomingMailServerUsername</key>
<string><?php echo $email; ?></string>
<key>OutgoingMailServerAuthentication</key>
<string>EmailAuthPassword</string>
<key>OutgoingMailServerHostName</key>
<string><?php echo $autodiscover_config['smtp']['server']; ?></string>
<key>OutgoingMailServerPortNumber</key>
<integer><?php echo $autodiscover_config['smtp']['port']; ?></integer>
<key>OutgoingMailServerUseSSL</key>
<true/>
<key>OutgoingMailServerUsername</key>
<string><?php echo $email; ?></string>
<key>OutgoingPasswordSameAsIncomingPassword</key>
<true/>
<key>PayloadDescription</key>
<string>Configures email account.</string>
<key>PayloadDisplayName</key>
<string>IMAP Account (<?php echo $domain; ?>)</string>
<key>PayloadIdentifier</key>
<string><?php echo $identifier; ?>.email</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.mail.managed</string>
<key>PayloadUUID</key>
<string>00294FBB-1016-413E-87B9-652D856D6875</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PreventAppSheet</key>
<false/>
<key>PreventMove</key>
<false/>
<key>SMIMEEnabled</key>
<false/>
</dict>
<dict>
<key>CardDAVAccountDescription</key>
<string><?php echo $domain; ?></string>
<key>CardDAVHostName</key>
<string><?php echo $autodiscover_config['carddav']['server']; ?></string>
<key>CardDAVPort</key>
<integer><?php echo $autodiscover_config['carddav']['port']; ?></integer>
<key>CardDAVPrincipalURL</key>
<string>/SOGo/dav/<?php echo $email; ?></string>
<key>CardDAVUseSSL</key>
<true/>
<key>CardDAVUsername</key>
<string><?php echo $email; ?></string>
<key>PayloadDescription</key>
<string>Configures CardDAV accounts</string>
<key>PayloadDisplayName</key>
<string>CardDAV (<?php echo $domain; ?>)</string>
<key>PayloadIdentifier</key>
<string><?php echo $identifier; ?>.carddav</string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadType</key>
<string>com.apple.carddav.account</string>
<key>PayloadUUID</key>
<string>0797EF2B-B1F1-4BC7-ABCD-4580862252B4</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDescription</key>
<string>IMAP, CalDAV, CardDAV</string>
<key>PayloadDisplayName</key>
<string><?php echo $domain; ?> Mailcow</string>
<key>PayloadIdentifier</key>
<string><?php echo $identifier; ?></string>
<key>PayloadOrganization</key>
<string></string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>5EE248C5-ACCB-42D8-9199-8F8ED08D5624</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>

View File

@ -16,11 +16,15 @@ tar --strip-components=1 -C connector -xf connector.tar.gz
# build custom integrator # build custom integrator
while read DOMAIN; do while read DOMAIN; do
echo "Building SOGo Integrator for $DOMAIN hosted on $MAILHOST" echo "Building SOGo Integrator for $DOMAIN hosted on $MAILHOST"
PORT_NUM=$(dig -t srv _autodiscover._tcp.$DOMAIN +short | tail -n 1 | awk '{print $3}')
if [[ -z ${PORT_NUM} ]]; then
PORT_NUM=443
fi
cd integrator cd integrator
echo > defaults/preferences/site.js echo > defaults/preferences/site.js
mkdir -p custom/${DOMAIN} mkdir -p custom/${DOMAIN}
cp -r custom/sogo-demo/* custom/${DOMAIN}/ cp -r custom/sogo-demo/* custom/${DOMAIN}/
sed -i "s/http:\/\/sogo-demo\.inverse\.ca/https:\/\/${MAILHOST}/g" custom/${DOMAIN}/chrome/content/extensions.rdf sed -i "s/http:\/\/sogo-demo\.inverse\.ca/https:\/\/${MAILHOST}:${PORT_NUM}/g" custom/${DOMAIN}/chrome/content/extensions.rdf
sed -i "s/plugins\/updates\.php[?]/thunderbird-plugins.php?domain=${DOMAIN}\&amp;/g" custom/${DOMAIN}/chrome/content/extensions.rdf sed -i "s/plugins\/updates\.php[?]/thunderbird-plugins.php?domain=${DOMAIN}\&amp;/g" custom/${DOMAIN}/chrome/content/extensions.rdf
echo 'pref("sogo-integrator.autocomplete.server.urlid", "'${DOMAIN}'");' > custom/${DOMAIN}/defaults/preferences/site.js echo 'pref("sogo-integrator.autocomplete.server.urlid", "'${DOMAIN}'");' > custom/${DOMAIN}/defaults/preferences/site.js
echo 'pref("mail.collect_email_address_outgoing", false);' >> custom/${DOMAIN}/defaults/preferences/site.js echo 'pref("mail.collect_email_address_outgoing", false);' >> custom/${DOMAIN}/defaults/preferences/site.js

View File

@ -74,6 +74,7 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<div class="row"> <div class="row">
<div class="col-sm-offset-3 col-sm-9"> <div class="col-sm-offset-3 col-sm-9">
<p><a href="#pwChangeModal" data-toggle="modal">[<?=$lang['user']['change_password'];?>]</a></p> <p><a href="#pwChangeModal" data-toggle="modal">[<?=$lang['user']['change_password'];?>]</a></p>
<p><a href="clientconfig.php">[<?=$lang['user']['client_configuration'];?>]</a></p>
</div> </div>
</div> </div>
<hr> <hr>

View File

@ -143,7 +143,7 @@ services:
- phpfpm - phpfpm
sogo-mailcow: sogo-mailcow:
image: mailcow/sogo:1.0 image: mailcow/sogo:1.1
build: ./data/Dockerfiles/sogo build: ./data/Dockerfiles/sogo
depends_on: depends_on:
unbound-mailcow: unbound-mailcow: