Configuration fixes

Added Rspamd installation

.github/FUNDING.yml

@@ -0,0 +1,3 @@
+# These are supported funding model platforms
+
+github: [modoboa]

.github/workflows/installer.yml

@@ -0,0 +1,61 @@
+name: Modoboa installer
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9, '3.10', '3.11', '3.12']
+      fail-fast: false
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          pip install -r test-requirements.txt
+      - name: Run tests
+        if: ${{ matrix.python-version != '3.12' }}
+        run: |
+          python tests.py
+      - name: Run tests and coverage
+        if: ${{ matrix.python-version == '3.12' }}
+        run: |
+          coverage run tests.py
+      - name: Upload coverage result
+        if: ${{ matrix.python-version == '3.12' }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: coverage-results
+          path: .coverage
+          include-hidden-files: true
+
+  coverage:
+    needs: test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+      - name: Install dependencies
+        run: |
+          pip install codecov
+      - name: Download coverage results
+        uses: actions/download-artifact@v4
+        with:
+          name: coverage-results
+      - name: Report coverage
+        run: |
+          coverage report
+          codecov

.github/workflows/versioning.yml

@@ -0,0 +1,32 @@
+name: Update version file
+
+on:
+  workflow_run:
+    branches: [ master ]
+    workflows: [Modoboa installer]
+    types:
+      - completed
+
+jobs:
+  update-version:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+        with:
+            fetch-depth: 0 # otherwise, there would be errors pushing refs to the destination repository.
+            ref: ${{ github.head_ref }}
+      - name: Overwrite file
+        uses: "DamianReeves/write-file-action@master"
+        with:
+          path: version.txt
+          write-mode: overwrite
+          contents: ${{ github.sha }}
+
+      - name: Commit & Push
+        uses: Andro999b/push@v1.3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ github.ref_name }}
+          force: true
+          message: '[GitHub Action] Updated version file'

.gitignore

@@ -55,3 +55,11 @@ docs/_build/
 
 # PyBuilder
 target/
+
+# PyCharm
+.idea/
+
+#KDE
+*.kdev4
+
+installer.cfg

.travis.yml

@@ -1,15 +0,0 @@
-sudo: false
-language: python
-cache: pip
-python:
-  - "2.7"
-  - "3.4"
-
-before_install:
-  - pip install -r test-requirements.txt
-
-script:
-  - coverage run tests.py
-
-after_success:
-  - codecov

README.rst

@@ -1,7 +1,7 @@
-modoboa-installer
-=================
+**modoboa-installer**
+=====================
 
-|travis| |codecov|
+|workflow| |codecov|
 
 An installer which deploy a complete mail server based on Modoboa.
 
@@ -9,12 +9,11 @@ An installer which deploy a complete mail server based on Modoboa.
 
    This tool is still in beta stage, it has been tested on:
 
-   * Debian Buster (10) / Bullseye (11)
-   * Ubuntu Bionic Beaver (18.04) and upper
-   * CentOS 7
+   * Debian 12 and upper
+   * Ubuntu Focal Fossa (20.04) and upper
 
 .. warning::
-      
+
    ``/tmp`` partition must be mounted without the ``noexec`` option.
 
 .. note::
@@ -44,7 +43,7 @@ The following components are installed by the installer:
 * Nginx and uWSGI
 * Postfix
 * Dovecot
-* Amavis (with SpamAssassin and ClamAV)
+* Amavis (with SpamAssassin and ClamAV) or Rspamd
 * automx (autoconfiguration service)
 * OpenDKIM
 * Radicale (CalDAV and CardDAV server)
@@ -77,7 +76,7 @@ If you want more information about the installation process, add the
 ``--debug`` option to your command line.
 
 Upgrade mode
-------------
+============
 
 An experimental upgrade mode is available.
 
@@ -92,8 +91,68 @@ You can activate it as follows::
 
 It will automatically install latest versions of modoboa and its plugins.
 
+Backup mode
+===========
+
+An experimental backup mode is available.
+
+.. warning::
+
+   You must keep the original configuration file, i.e. the one used for
+   the installation. Otherwise, you will need to recreate it manually with the right information!
+
+You can start the process as follows::
+
+  $ sudo ./run.py --backup <your domain>
+
+Then follow the step on the console.
+
+There is also a non-interactive mode::
+
+  $ sudo ./run.py --silent-backup <your domain>
+
+You can also add a path, else it will be saved in ./modoboa_backup/Backup_M_Y_d_H_M::
+
+  $ sudo ./run.py --silent-backup --backup-path "/My_Backup_Path" <your domain>
+
+if you want to disable mail backup::
+
+  $ sudo ./run.py --backup --no-mail <your domain>
+
+This can be useful for larger instance
+
+1. Silent mode
+
+Command::
+
+  $ sudo ./run.py --silent-backup <your domain>
+
+This mode will run silently. When executed, it will create
+/modoboa_backup/ and each time you execute it, it will create a new
+backup directory with current date and time.
+
+You can supply a custom path if needed::
+
+  $ sudo ./run.py --silent-backup --backup-path /path/of/backup/directory <your domain>
+
+If you want to disable emails backup, disable dovecot in the
+configuration file (set enabled to False).
+
+This can be useful for larger instance.
+
+Restore mode
+============
+
+An experimental restore mode is available.
+
+You can start the process as follows::
+
+  $ sudo ./run.py --restore /path/to/backup/directory/ <your domain>
+
+Then wait for the process to finish.
+
 Change the generated hostname
------------------------------
+=============================
 
 By default, the installer will setup your email server using the
 following hostname: ``mail.<your domain>``. If you want a different
@@ -112,14 +171,26 @@ modifications.
 Finally, run the installer without the
 ``--stop-after-configfile-check`` option.
 
-Let's Encrypt certificate
--------------------------
+Certificate
+===========
+
+Self-signed
+-----------
+
+It is the default type of certificate the installer will generate, it
+is however not recommended for production use.
+
+Letsencrypt
+-----------
 
 .. warning::
 
-   Please note this option requires the hostname you're using to be
-   valid (ie. it can be resolved with a DNS query) and to match the
-   server you're installing Modoboa on.
+  Please note that by using this option, you agree to the `ToS
+  <https://community.letsencrypt.org/tos>`_ of
+  letsencrypt and that your IP will be logged (see ToS).
+  Please also note this option requires the hostname you're using to be
+  valid (ie. it can be resolved with a DNS query) and to match the
+  server you're installing Modoboa on.
 
 If you want to generate a valid certificate using `Let's Encrypt
 <https://letsencrypt.org/>`_, edit the ``installer.cfg`` file and
@@ -128,6 +199,8 @@ modify the following settings::
   [certificate]
   generate = true
   type = letsencrypt
+  tls_cert_file_path =
+  tls_key_file_path =
 
   [letsencrypt]
   email = admin@example.com
@@ -135,7 +208,43 @@ modify the following settings::
 Change the ``email`` setting to a valid value since it will be used
 for account recovery.
 
-.. |travis| image:: https://travis-ci.org/modoboa/modoboa-installer.png?branch=master
-   :target: https://travis-ci.org/modoboa/modoboa-installer
-.. |codecov| image:: http://codecov.io/github/modoboa/modoboa-installer/coverage.svg?branch=master
-   :target: http://codecov.io/github/modoboa/modoboa-installer?branch=master
+Manual
+------
+
+.. warning::
+
+  It is not possible to configure manual certs interactively, so
+  you'll have to do it in 2 steps. Please run ``run.py`` with
+  `--stop-after-configfile-check` first, configure your file as
+  desired and apply the configuration as written bellow. Then run
+  ``run.py`` again but without `--stop-after-configfile-check` or
+  `--interactive`.
+
+If you want to use already generated certs, simply edit the
+``installer.cfg`` file and modify the following settings::
+
+    [certificate]
+    generate = true
+    type = manual
+    tls_cert_file_path = *path to tls fullchain file*
+    tls_key_file_path = *path to tls key file*
+
+Antispam
+========
+
+You have 3 options regarding antispam : disabled, Amavis, Rspamd
+
+Amavis
+------
+
+Amavis
+
+Rspamd
+------
+
+Rspamd
+
+
+.. |workflow| image:: https://github.com/modoboa/modoboa-installer/workflows/Modoboa%20installer/badge.svg
+.. |codecov| image:: https://codecov.io/gh/modoboa/modoboa-installer/graph/badge.svg?token=Fo2o1GdHZq
+   :target: https://codecov.io/gh/modoboa/modoboa-installer

modoboa_installer/checks.py

@@ -0,0 +1,37 @@
+"""Checks to be performed before any install or upgrade"""
+
+import sys
+from urllib.request import urlopen
+
+from modoboa_installer import utils
+
+
+def check_version():
+    local_version = ""
+    with open("version.txt", "r") as version:
+        local_version = version.readline()
+    remote_version = ""
+    with urlopen("https://raw.githubusercontent.com/modoboa/modoboa-installer/master/version.txt") as r_version:
+        remote_version = r_version.read().decode()
+    if local_version == "" or remote_version == "":
+        utils.printcolor(
+            "Could not check that your installer is up-to-date: "
+            f"local version: {local_version}, "
+            f"remote version: {remote_version}",
+            utils.YELLOW
+        )
+    if remote_version != local_version:
+        utils.error(
+            "Your installer seems outdated.\n"
+            "Check README file for instructions about how to update.\n"
+            "No support will be provided without an up-to-date installer!"
+        )
+        answer = utils.user_input("Continue anyway? (y/N) ")
+        if not answer.lower().startswith("y"):
+            sys.exit(0)
+    else:
+        utils.success("Installer seems up to date!")
+
+
+def handle():
+    check_version()

modoboa_installer/compatibility_matrix.py

@@ -20,9 +20,27 @@ COMPATIBILITY_MATRIX = {
         "modoboa-pdfcredentials": ">=1.1.1",
         "modoboa-sievefilters": ">=1.1.1",
         "modoboa-webmail": ">=1.2.0",
-    }
+    },
 }
 
 EXTENSIONS_AVAILABILITY = {
     "modoboa-contacts": "1.7.4",
 }
+
+REMOVED_EXTENSIONS = {
+    "modoboa-pdfcredentials": "2.1.0",
+    "modoboa-dmarc": "2.1.0",
+    "modoboa-imap-migration": "2.1.0",
+    "modoboa-sievefilters": "2.3.0",
+    "modoboa-postfix-autoreply": "2.3.0",
+    "modoboa-contacts": "2.4.0",
+    "modoboa-radicale": "2.4.0",
+    "modoboa-webmail": "2.4.0",
+}
+
+APP_INCOMPATIBILITY = {
+    "opendkim": ["rspamd"],
+    "amavis": ["rspamd"],
+    "postwhite": ["rspamd"],
+    "spamassassin": ["rspamd"]
+}

modoboa_installer/config_dict_template.py

@@ -1,6 +1,8 @@
 import random
 import string
 
+from .constants import DEFAULT_BACKUP_DIRECTORY
+
 
 def make_password(length=16):
     """Create a random password."""
@@ -26,24 +28,49 @@ ConfigDictTemplate = [
         ]
     },
     {
-        "name": "certificate",
+        "name": "antispam",
         "values": [
             {
-                "option": "generate",
+                "option": "enabled",
                 "default": "true",
+                "customizable": True,
+                "values": ["true", "false"],
+                "question": "Do you want to setup an antispam utility?"
             },
+            {
+                "option": "type",
+                "default": "amavis",
+                "customizable": True,
+                "question": "Please select your antispam utility",
+                "values": ["rspamd", "amavis"],
+                "if": ["antispam.enabled=true"]
+            }
+        ]
+    },
+    {
+        "name": "certificate",
+        "values": [
             {
                 "option": "type",
                 "default": "self-signed",
                 "customizable": True,
                 "question": "Please choose your certificate type",
-                "values": ["self-signed", "letsencrypt"],
+                "values": ["self-signed", "letsencrypt", "manual"],
+                "non_interactive_values": ["manual"],
+            },
+            {
+                "option": "tls_cert_file_path",
+                "default": ""
+            },
+            {
+                "option": "tls_key_file_path",
+                "default": ""
             }
         ],
     },
     {
         "name": "letsencrypt",
-        "if": "certificate.type=letsencrypt",
+        "if": ["certificate.type=letsencrypt"],
         "values": [
             {
                 "option": "email",
@@ -78,7 +105,7 @@ ConfigDictTemplate = [
     },
     {
         "name": "postgres",
-        "if": "database.engine=postgres",
+        "if": ["database.engine=postgres"],
         "values": [
             {
                 "option": "user",
@@ -94,7 +121,7 @@ ConfigDictTemplate = [
     },
     {
         "name": "mysql",
-        "if": "database.engine=mysql",
+        "if": ["database.engine=mysql"],
         "values": [
             {
                 "option": "user",
@@ -116,6 +143,31 @@ ConfigDictTemplate = [
             }
         ]
     },
+    {
+        "name": "fail2ban",
+        "values": [
+            {
+                "option": "enabled",
+                "default": "true",
+            },
+            {
+                "option": "config_dir",
+                "default": "/etc/fail2ban"
+            },
+            {
+                "option": "max_retry",
+                "default": "20"
+            },
+            {
+                "option": "ban_time",
+                "default": "3600"
+            },
+            {
+                "option": "find_time",
+                "default": "30"
+            },
+        ]
+    },
     {
         "name": "modoboa",
         "values": [
@@ -153,14 +205,16 @@ ConfigDictTemplate = [
                 "customizable": True,
                 "question": "Please enter Modoboa db password",
             },
+            {
+                "option": "cron_error_recipient",
+                "default": "root",
+                "customizable": True,
+                "question":
+                    "Please enter a mail recipient for cron error reports"
+            },
             {
                 "option": "extensions",
-                "default": (
-                    "modoboa-amavis modoboa-pdfcredentials "
-                    "modoboa-postfix-autoreply modoboa-sievefilters "
-                    "modoboa-webmail modoboa-contacts "
-                    "modoboa-radicale"
-                ),
+                "default": ""
             },
             {
                 "option": "devmode",
@@ -197,12 +251,60 @@ ConfigDictTemplate = [
             },
         ]
     },
+    {
+        "name": "rspamd",
+        "if": ["antispam.enabled=true", "antispam.type=rspamd"],
+        "values": [
+            {
+                "option": "enabled",
+                "default": ["antispam.enabled=true", "antispam.type=rspamd"],
+            },
+            {
+                "option": "user",
+                "default": "_rspamd",
+            },
+            {
+                "option": "password",
+                "default": make_password,
+                "customizable": True,
+                "question": "Please enter Rspamd interface password",
+            },
+            {
+                "option": "dnsbl",
+                "default": "true",
+            },
+            {
+                "option": "dkim_keys_storage_dir",
+                "default": "/var/lib/dkim"
+            },
+            {
+                "option": "key_map_path",
+                "default": "/var/lib/dkim/keys.path.map"
+            },
+            {
+                "option": "selector_map_path",
+                "default": "/var/lib/dkim/selectors.path.map"
+            },
+            {
+                "option": "greylisting",
+                "default": "true"
+            },
+            {
+                "option": "whitelist_auth",
+                "default": "true"
+            },
+            {
+                "option": "whitelist_auth_weigth",
+                "default": "-5"
+            }
+        ],
+    },
     {
         "name": "amavis",
         "values": [
             {
                 "option": "enabled",
-                "default": "true",
+                "default": ["antispam.enabled=true", "antispam.type=amavis"],
             },
             {
                 "option": "user",
@@ -210,7 +312,7 @@ ConfigDictTemplate = [
             },
             {
                 "option": "max_servers",
-                "default": "1",
+                "default": "2",
             },
             {
                 "option": "dbname",
@@ -223,8 +325,6 @@ ConfigDictTemplate = [
             {
                 "option": "dbpassword",
                 "default": make_password,
-                "customizable": True,
-                "question": "Please enter amavis db password"
             },
         ],
     },
@@ -254,7 +354,7 @@ ConfigDictTemplate = [
             },
             {
                 "option": "user",
-                "default": "vmail",
+                "default": "dovecot",
             },
             {
                 "option": "home_dir",
@@ -274,7 +374,11 @@ ConfigDictTemplate = [
             },
             {
                 "option": "radicale_auth_socket_path",
-                "default": "/var/run/dovecot/auth-radicale"
+                "default": "/var/run/dovecot/auth-radicale",
+            },
+            {
+                "option": "move_spam_to_junk",
+                "default": "true",
             },
         ]
     },
@@ -296,7 +400,7 @@ ConfigDictTemplate = [
         "values": [
             {
                 "option": "enabled",
-                "default": "true",
+                "default": "false",
             },
             {
                 "option": "config_dir",
@@ -319,6 +423,10 @@ ConfigDictTemplate = [
                 "option": "message_size_limit",
                 "default": "11534336",
             },
+            {
+                "option": "dhe_group",
+                "default": "4096"
+            }
         ]
     },
     {
@@ -326,7 +434,7 @@ ConfigDictTemplate = [
         "values": [
             {
                 "option": "enabled",
-                "default": "true",
+                "default": ["antispam.enabled=true", "antispam.type=amavis"],
             },
             {
                 "option": "config_dir",
@@ -336,10 +444,11 @@ ConfigDictTemplate = [
     },
     {
         "name": "spamassassin",
+        "if": ["antispam.enabled=true", "antispam.type=amavis"],
         "values": [
             {
                 "option": "enabled",
-                "default": "true",
+                "default": ["antispam.enabled=true", "antispam.type=amavis"],
             },
             {
                 "option": "config_dir",
@@ -374,7 +483,7 @@ ConfigDictTemplate = [
             },
             {
                 "option": "nb_processes",
-                "default": "2",
+                "default": "4",
             },
         ]
     },
@@ -405,10 +514,11 @@ ConfigDictTemplate = [
     },
     {
         "name": "opendkim",
+        "if": ["antispam.enabled=true", "antispam.type=amavis"],
         "values": [
             {
                 "option": "enabled",
-                "default": "true",
+                "default": ["antispam.enabled=true", "antispam.type=amavis"],
             },
             {
                 "option": "user",
@@ -439,4 +549,13 @@ ConfigDictTemplate = [
 
         ]
     },
+    {
+        "name": "backup",
+        "values": [
+            {
+                "option": "default_path",
+                "default": DEFAULT_BACKUP_DIRECTORY
+            }
+        ]
+    }
 ]

modoboa_installer/constants.py

@@ -0,0 +1 @@
+DEFAULT_BACKUP_DIRECTORY = "./modoboa_backup/"

modoboa_installer/database.py

@@ -103,7 +103,7 @@ class PostgreSQL(Database):
     def create_database(self, name, owner):
         """Create a database."""
         code, output = utils.exec_cmd(
-            "psql -lqt | cut -d \| -f 1 | grep -w {} | wc -l"
+            "psql -lqt | cut -d \\| -f 1 | grep -w {} | wc -l"
             .format(name), sudo_user=self.dbuser)
         if code:
             return
@@ -146,6 +146,15 @@ class PostgreSQL(Database):
             self.dbhost, self.dbport, dbname, dbuser, path)
         utils.exec_cmd(cmd, sudo_user=self.dbuser)
 
+    def dump_database(self, dbname, dbuser, dbpassword, path):
+        """Dump DB to SQL file."""
+        # Reset pgpass since we backup multiple db (different secret set)
+        self._pgpass_done = False
+        self._setup_pgpass(dbname, dbuser, dbpassword)
+        cmd = "pg_dump -h {} -d {} -U {} -O  -w > {}".format(
+            self.dbhost, dbname, dbuser, path)
+        utils.exec_cmd(cmd, sudo_user=self.dbuser)
+
 
 class MySQL(Database):
 
@@ -169,12 +178,16 @@ class MySQL(Database):
         if name.startswith("debian"):
             if version.startswith("8"):
                 self.packages["deb"].append("libmysqlclient-dev")
-            elif version.startswith("11"):
+            elif version.startswith("11") or version.startswith("12"):
                 self.packages["deb"].append("libmariadb-dev")
             else:
                 self.packages["deb"].append("libmariadbclient-dev")
         elif name == "ubuntu":
-            self.packages["deb"].append("libmysqlclient-dev")
+            if version.startswith("2"):
+                # Works for Ubuntu 20, 22, and 24.
+                self.packages["deb"].append("libmariadb-dev")
+            else:
+                self.packages["deb"].append("libmysqlclient-dev")
         super(MySQL, self).install_package()
         queries = []
         if name.startswith("debian"):
@@ -186,12 +199,15 @@ class MySQL(Database):
                     "mariadb-server", "root_password_again", "password",
                     self.dbpassword)
                 return
-            if version.startswith("11"):
-                queries = [
-                    "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('{}')"
-                    .format(self.dbpassword),
-                    "flush privileges"
-                ]
+        if (
+            (name.startswith("debian") and (version.startswith("11") or version.startswith("12"))) or
+            (name.startswith("ubuntu") and int(version[:2]) >= 22)
+        ):
+            queries = [
+                "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('{}')"
+                .format(self.dbpassword),
+                "flush privileges"
+            ]
         if not queries:
             queries = [
                 "UPDATE user SET plugin='' WHERE user='root'",
@@ -258,6 +274,12 @@ class MySQL(Database):
                 self.dbhost, self.dbport, dbuser, dbpassword, dbname, path)
         )
 
+    def dump_database(self, dbname, dbuser, dbpassword, path):
+        """Dump DB to SQL file."""
+        cmd = "mysqldump -h {} -u {} -p{} {} > {}".format(
+            self.dbhost, dbuser, dbpassword, dbname, path)
+        utils.exec_cmd(cmd, sudo_user=self.dbuser)
+
 
 def get_backend(config):
     """Return appropriate backend."""

modoboa_installer/disclaimers.py

@@ -0,0 +1,51 @@
+from . import utils
+
+
+def installation_disclaimer(args, config):
+    """Display installation disclaimer."""
+    hostname = config.get("general", "hostname")
+    utils.printcolor(
+        "Notice:\n"
+        "It is recommanded to run this installer on a FRESHLY installed server.\n"
+        "(ie. with nothing special already installed on it)\n",
+        utils.CYAN
+        )
+    utils.printcolor(
+        "Warning:\n"
+        "Before you start the installation, please make sure the following "
+        "DNS records exist for domain '{}':\n"
+        "  {} IN A   <IP ADDRESS OF YOUR SERVER>\n"
+        "     @ IN MX  {}.\n".format(
+            args.domain,
+            hostname.replace(".{}".format(args.domain), ""),
+            hostname
+            ),
+        utils.YELLOW
+        )
+    utils.printcolor(
+            "Your mail server will be installed with the following components:",
+            utils.BLUE)
+
+
+def upgrade_disclaimer(config):
+    """Display upgrade disclaimer."""
+    utils.printcolor(
+        "Your mail server is about to be upgraded and the following components"
+        " will be impacted:", utils.BLUE
+        )
+
+
+def backup_disclaimer():
+    """Display backup disclamer. """
+    utils.printcolor(
+        "Your mail server will be backed up locally.\n"
+        " !! You should really transfer the backup somewhere else...\n"
+        " !! Custom configuration (like for postfix) won't be saved.", utils.BLUE)
+
+
+def restore_disclaimer():
+    """Display restore disclamer. """
+    utils.printcolor(
+        "You are about to restore a previous installation of Modoboa.\n"
+        "If a new version has been released in between, please update your database!",
+        utils.BLUE)

modoboa_installer/package.py

@@ -2,10 +2,12 @@
 
 import re
 
+from os.path import isfile as file_exists
+
 from . import utils
 
 
-class Package(object):
+class Package:
     """Base classe."""
 
     def __init__(self, dist_name):
@@ -29,10 +31,17 @@ class DEBPackage(Package):
     FORMAT = "deb"
 
     def __init__(self, dist_name):
-        super(DEBPackage, self).__init__(dist_name)
+        super().__init__(dist_name)
         self.index_updated = False
         self.policy_file = "/usr/sbin/policy-rc.d"
 
+    def enable_backports(self, codename):
+        code, output = utils.exec_cmd(f"grep {codename}-backports /etc/apt/sources.list")
+        if code:
+            with open(f"/etc/apt/sources.list.d/backports.list", "w") as fp:
+                fp.write(f"deb http://deb.debian.org/debian {codename}-backports main\n")
+            self.update(force=True)
+
     def prepare_system(self):
         """Make sure services don't start at installation."""
         with open(self.policy_file, "w") as fp:
@@ -42,11 +51,34 @@ class DEBPackage(Package):
     def restore_system(self):
         utils.exec_cmd("rm -f {}".format(self.policy_file))
 
-    def update(self):
+    def add_custom_repository(self,
+                              name: str,
+                              url: str,
+                              key_url: str,
+                              codename: str,
+                              with_source: bool = True):
+        key_file = f"/etc/apt/keyrings/{name}.gpg"
+        utils.exec_cmd(
+            f"wget -O - {key_url} | gpg --dearmor | tee {key_file} > /dev/null"
+        )
+        line_types = ["deb"]
+        if with_source:
+            line_types.append("deb-src")
+        for line_type in line_types:
+            line = (
+                f"{line_type} [arch=amd64 signed-by={key_file}] "
+                f"{url} {codename} main"
+            )
+            target_file = f"/etc/apt/sources.list.d/{name}.list"
+            tee_option = "-a" if file_exists(target_file) else ""
+            utils.exec_cmd(f'echo "{line}" | tee {tee_option} {target_file}')
+        self.index_updated = False
+
+    def update(self, force=False):
         """Update local cache."""
-        if self.index_updated:
+        if self.index_updated and not force:
             return
-        utils.exec_cmd("apt-get update --quiet")
+        utils.exec_cmd("apt-get -o Dpkg::Progress-Fancy=0 update --quiet")
         self.index_updated = True
 
     def preconfigure(self, name, question, qtype, answer):
@@ -57,18 +89,18 @@ class DEBPackage(Package):
     def install(self, name):
         """Install a package."""
         self.update()
-        utils.exec_cmd("apt-get install --quiet --assume-yes {}".format(name))
+        utils.exec_cmd("apt-get -o Dpkg::Progress-Fancy=0 install --quiet --assume-yes -o DPkg::options::=--force-confold {}".format(name))
 
     def install_many(self, names):
         """Install many packages."""
         self.update()
-        return utils.exec_cmd("apt-get install --quiet --assume-yes {}".format(
+        return utils.exec_cmd("apt-get -o Dpkg::Progress-Fancy=0 install --quiet --assume-yes -o DPkg::options::=--force-confold {}".format(
             " ".join(names)))
 
     def get_installed_version(self, name):
         """Get installed package version."""
         code, output = utils.exec_cmd(
-            "dpkg -s {} | grep Version".format(name), capture_output=True)
+            "dpkg -s {} | grep Version".format(name))
         match = re.match(r"Version: (\d:)?(.+)-\d", output.decode())
         if match:
             return match.group(2)
@@ -82,7 +114,7 @@ class RPMPackage(Package):
 
     def __init__(self, dist_name):
         """Initialize backend."""
-        super(RPMPackage, self).__init__(dist_name)
+        super().__init__(dist_name)
         if "centos" in dist_name:
             self.install("epel-release")
 
@@ -97,7 +129,7 @@ class RPMPackage(Package):
     def get_installed_version(self, name):
         """Get installed package version."""
         code, output = utils.exec_cmd(
-            "rpm -qi {} | grep Version".format(name), capture_output=True)
+            "rpm -qi {} | grep Version".format(name))
         match = re.match(r"Version\s+: (.+)", output.decode())
         if match:
             return match.group(1)
@@ -108,7 +140,7 @@ def get_backend():
     """Return the appropriate package backend."""
     distname = utils.dist_name()
     backend = None
-    if distname in ["debian", "debian gnu/linux", "ubuntu"]:
+    if distname in ["debian", "debian gnu/linux", "ubuntu", "linuxmint"]:
         backend = DEBPackage
     elif "centos" in distname:
         backend = RPMPackage

modoboa_installer/python.py

@@ -1,6 +1,7 @@
 """Python related tools."""
 
 import os
+import sys
 
 from . import package
 from . import utils
@@ -45,6 +46,40 @@ def install_packages(names, venv=None, upgrade=False, **kwargs):
     utils.exec_cmd(cmd, **kwargs)
 
 
+def get_package_version(name, venv=None, **kwargs):
+    """Returns the version of an installed package."""
+    cmd = "{} show {}".format(
+        get_pip_path(venv),
+        name
+    )
+    exit_code, output = utils.exec_cmd(cmd, **kwargs)
+    if exit_code != 0:
+        utils.error(f"Failed to get version of {name}. "
+                    f"Output is: {output}")
+        sys.exit(1)
+
+    version_list_clean = []
+    for line in output.decode().split("\n"):
+        if not line.startswith("Version:"):
+            continue
+        version_item_list = line.split(":")
+        version_list = version_item_list[1].split(".")
+        for element in version_list:
+            try:
+                version_list_clean.append(int(element))
+            except ValueError:
+                utils.printcolor(
+                    f"Failed to decode some part of the version of {name}",
+                    utils.YELLOW)
+                version_list_clean.append(element)
+    if len(version_list_clean) == 0:
+        utils.printcolor(
+            f"Failed to find the version of {name}",
+            utils.RED)
+        sys.exit(1)
+    return version_list_clean
+
+
 def install_package_from_repository(name, url, vcs="git", venv=None, **kwargs):
     """Install a Python package from its repository."""
     if vcs == "git":
@@ -54,26 +89,17 @@ def install_package_from_repository(name, url, vcs="git", venv=None, **kwargs):
     utils.exec_cmd(cmd, **kwargs)
 
 
-def setup_virtualenv(path, sudo_user=None, python_version=2):
+def setup_virtualenv(path, sudo_user=None):
     """Install a virtualenv if needed."""
     if os.path.exists(path):
         return
-    if python_version == 2:
-        python_binary = "python"
-        packages = ["python-virtualenv"]
-        if utils.dist_name() == "debian":
-            packages.append("virtualenv")
+    if utils.dist_name().startswith("centos"):
+        python_binary = "python3"
+        packages = ["python3"]
     else:
-        if utils.dist_name().startswith("centos"):
-            python_binary = "python3"
-            packages = ["python3"]
-        else:
-            python_binary = "python3"
-            packages = ["python3-venv"]
+        python_binary = "python3"
+        packages = ["python3-venv"]
     package.backend.install_many(packages)
     with utils.settings(sudo_user=sudo_user):
-        if python_version == 2:
-            utils.exec_cmd("virtualenv {}".format(path))
-        else:
-            utils.exec_cmd("{} -m venv {}".format(python_binary, path))
-        install_packages(["pip", "setuptools\<58.0.0"], venv=path, upgrade=True)
+        utils.exec_cmd("{} -m venv {}".format(python_binary, path))
+        install_packages(["pip", "setuptools"], venv=path, upgrade=True)

modoboa_installer/scripts/__init__.py

@@ -6,20 +6,49 @@ import sys
 from .. import utils
 
 
-def install(appname, config, upgrade):
-    """Install an application."""
-    if (config.has_option(appname, "enabled") and
-            not config.getboolean(appname, "enabled")):
-        return
-    utils.printcolor("Installing {}".format(appname), utils.MAGENTA)
+def load_app_script(appname):
+    """Load module corresponding to the given appname."""
     try:
         script = importlib.import_module(
             "modoboa_installer.scripts.{}".format(appname))
     except ImportError:
         print("Unknown application {}".format(appname))
         sys.exit(1)
+    return script
+
+
+def install(appname: str, config, upgrade: bool, archive_path: str):
+    """Install an application."""
+    if (config.has_option(appname, "enabled") and
+            not config.getboolean(appname, "enabled")):
+        return
+
+    utils.printcolor("Installing {}".format(appname), utils.MAGENTA)
+    script = load_app_script(appname)
     try:
-        getattr(script, appname.capitalize())(config, upgrade).run()
+        getattr(script, appname.capitalize())(config, upgrade, archive_path).run()
     except utils.FatalError as inst:
-        utils.printcolor(u"{}".format(inst), utils.RED)
+        utils.error("{}".format(inst))
         sys.exit(1)
+
+
+def backup(appname, config, path):
+    """Backup an application."""
+    if (config.has_option(appname, "enabled") and
+            not config.getboolean(appname, "enabled")):
+        return
+
+    utils.printcolor("Backing up {}".format(appname), utils.MAGENTA)
+    script = load_app_script(appname)
+    try:
+        getattr(script, appname.capitalize())(config, False, False).backup(path)
+    except utils.FatalError as inst:
+        utils.error("{}".format(inst))
+        sys.exit(1)
+
+
+def restore_prep(restore):
+    """Restore instance"""
+    script = importlib.import_module(
+        "modoboa_installer.scripts.restore")
+    getattr(script, "Restore")(restore)

modoboa_installer/scripts/amavis.py

@@ -1,13 +1,12 @@
 """Amavis related functions."""
 
 import os
-import platform
 
 from .. import package
 from .. import utils
 
 from . import base
-from . import install
+from . import backup, install
 
 
 class Amavis(base.Installer):
@@ -83,7 +82,7 @@ class Amavis(base.Installer):
             path = self.get_file_path(
                 "amavis_{}_{}.sql".format(self.dbengine, version))
             if not os.path.exists(path):
-               raise utils.FatalError("Failed to find amavis database schema")
+                raise utils.FatalError("Failed to find amavis database schema")
         return path
 
     def pre_run(self):
@@ -93,5 +92,25 @@ class Amavis(base.Installer):
 
     def post_run(self):
         """Additional tasks."""
-        install("spamassassin", self.config, self.upgrade)
-        install("clamav", self.config, self.upgrade)
+        install("spamassassin", self.config, self.upgrade, self.archive_path)
+        install("clamav", self.config, self.upgrade, self.archive_path)
+
+    def custom_backup(self, path):
+        """Backup custom configuration if any."""
+        if package.backend.FORMAT == "deb":
+            amavis_custom = f"{self.config_dir}/conf.d/99-custom"
+            if os.path.isfile(amavis_custom):
+                utils.copy_file(amavis_custom, path)
+                utils.success("Amavis custom configuration saved!")
+        backup("spamassassin", self.config, os.path.dirname(path))
+
+    def restore(self):
+        """Restore custom config files."""
+        if package.backend.FORMAT != "deb":
+            return
+        amavis_custom_configuration = os.path.join(
+            self.archive_path, "custom/99-custom")
+        if os.path.isfile(amavis_custom_configuration):
+            utils.copy_file(amavis_custom_configuration, os.path.join(
+                self.config_dir, "conf.d"))
+            utils.success("Custom amavis configuration restored.")

modoboa_installer/scripts/automx.py

@@ -44,22 +44,21 @@ class Automx(base.Installer):
             sql_query = (
                 "SELECT first_name || ' ' || last_name AS display_name, email"
                 ", SPLIT_PART(email, '@', 2) AS domain "
-                "FROM core_user WHERE email='%s' AND is_active")
+                "FROM core_user WHERE email='%s' AND is_active;")
         else:
             sql_query = (
                 "SELECT concat(first_name, ' ', last_name) AS display_name, "
                 "email, SUBSTRING_INDEX(email, '@', -1) AS domain "
-                "FROM core_user WHERE email='%s' AND is_active=1"
+                "FROM core_user WHERE email='%s' AND is_active=1;"
             )
         context.update({"sql_dsn": sql_dsn, "sql_query": sql_query})
         return context
 
     def _setup_venv(self):
         """Prepare a python virtualenv."""
-        python.setup_virtualenv(
-            self.venv_path, sudo_user=self.user, python_version=3)
+        python.setup_virtualenv(self.venv_path, sudo_user=self.user)
         packages = [
-            "future", "lxml", "ipaddress", "sqlalchemy", "python-memcached",
+            "future", "lxml", "ipaddress", "sqlalchemy < 2.0", "python-memcached",
             "python-dateutil", "configparser"
         ]
         if self.dbengine == "postgres":

modoboa_installer/scripts/backup.py

@@ -0,0 +1,226 @@
+"""Backup script for pre-installed instance."""
+
+import os
+import pwd
+import shutil
+import stat
+import sys
+import datetime
+
+from .. import database
+from .. import utils
+from ..constants import DEFAULT_BACKUP_DIRECTORY
+
+
+class Backup:
+    """
+    Backup structure ( {optional} ):
+    {{backup_directory}}
+    ||
+    ||--> installer.cfg
+    ||--> custom
+        |--> { (copy of) /etc/amavis/conf.d/99-custom }
+        |--> { (copy of) /etc/postfix/custom_whitelist.cidr }
+        |--> { (copy of) dkim directory }
+            |--> {dkim.pem}...
+        |--> { (copy of) radicale home_dir }
+    ||--> databases
+        |--> modoboa.sql
+        |--> { amavis.sql }
+        |--> { spamassassin.sql }
+    ||--> mails
+        |--> vmails
+    """
+
+    def __init__(self, config, silent_backup, backup_path, nomail):
+        self.config = config
+        self.backup_path = backup_path
+        self.nomail = nomail
+        self.silent_backup = silent_backup
+
+    def validate_path(self, path):
+        """Check basic condition for backup directory."""
+
+        path_exists = os.path.exists(path)
+
+        if path_exists and os.path.isfile(path):
+            utils.error("Error, you provided a file instead of a directory!")
+            return False
+
+        if not path_exists:
+            if not self.silent_backup:
+                create_dir = input(
+                    f"\"{path}\" doesn't exist, would you like to create it? [Y/n]\n").lower()
+
+            if self.silent_backup or (not self.silent_backup and create_dir.startswith("y")):
+                pw = pwd.getpwnam("root")
+                utils.mkdir_safe(path, stat.S_IRWXU |
+                                 stat.S_IRWXG, pw[2], pw[3])
+            else:
+                utils.error("Error, backup directory not present.")
+                return False
+
+        if len(os.listdir(path)) != 0:
+            if not self.silent_backup:
+                delete_dir = input(
+                    "Warning: backup directory is not empty, it will be purged if you continue... [Y/n]\n").lower()
+
+            if self.silent_backup or (not self.silent_backup and delete_dir.startswith("y")):
+                try:
+                    os.remove(os.path.join(path, "installer.cfg"))
+                except FileNotFoundError:
+                    pass
+
+                shutil.rmtree(os.path.join(path, "custom"),
+                              ignore_errors=False)
+                shutil.rmtree(os.path.join(path, "mails"), ignore_errors=False)
+                shutil.rmtree(os.path.join(path, "databases"),
+                              ignore_errors=False)
+            else:
+                utils.error("Error: backup directory not clean.")
+                return False
+
+        self.backup_path = path
+
+        pw = pwd.getpwnam("root")
+        for dir in ["custom/", "databases/"]:
+            utils.mkdir_safe(os.path.join(self.backup_path, dir),
+                             stat.S_IRWXU | stat.S_IRWXG, pw[2], pw[3])
+        return True
+
+    def set_path(self):
+        """Setup backup directory."""
+        if self.silent_backup:
+            if self.backup_path is None:
+                if self.config.has_option("backup", "default_path"):
+                    path = self.config.get("backup", "default_path")
+                else:
+                    path = DEFAULT_BACKUP_DIRECTORY
+                date = datetime.datetime.now().strftime("%m_%d_%Y_%H_%M")
+                path = os.path.join(path, f"backup_{date}")
+                self.validate_path(path)
+            else:
+                if not self.validate_path(self.backup_path):
+                    utils.printcolor(
+                        f"Path provided: {self.backup_path}", utils.BLUE)
+                    sys.exit(1)
+        else:
+            user_value = None
+            while user_value == "" or user_value is None or not self.validate_path(user_value):
+                utils.printcolor(
+                    "Enter backup path (it must be an empty directory)", utils.MAGENTA)
+                utils.printcolor("CTRL+C to cancel", utils.MAGENTA)
+                user_value = utils.user_input("-> ")
+
+    def config_file_backup(self):
+        utils.copy_file("installer.cfg", self.backup_path)
+
+    def mail_backup(self):
+        if self.nomail:
+            utils.printcolor(
+                "Skipping mail backup, no-mail argument provided", utils.MAGENTA)
+            return
+
+        utils.printcolor("Backing up mails", utils.MAGENTA)
+
+        home_path = self.config.get("dovecot", "home_dir")
+
+        if not os.path.exists(home_path) or os.path.isfile(home_path):
+            utils.error("Error backing up Email, provided path "
+                        f" ({home_path}) seems not right...")
+
+        else:
+            dst = os.path.join(self.backup_path, "mails/")
+
+            if os.path.exists(dst):
+                shutil.rmtree(dst)
+
+            shutil.copytree(home_path, dst)
+            utils.printcolor("Mail backup complete!", utils.GREEN)
+
+    def custom_config_backup(self):
+        """
+        Custom config :
+        - DKIM keys: {{keys_storage_dir}}
+        - Radicale collection (calendars, contacts): {{home_dir}}
+        - Amavis : /etc/amavis/conf.d/99-custom
+        - Postwhite : /etc/postwhite.conf
+        Feel free to suggest to add others!
+        """
+        utils.printcolor(
+            "Backing up some custom configuration...", utils.MAGENTA)
+
+        custom_path = os.path.join(
+            self.backup_path, "custom")
+
+        # DKIM Key
+        if (self.config.has_option("opendkim", "enabled") and
+                self.config.getboolean("opendkim", "enabled")):
+            dkim_keys = self.config.get(
+                "opendkim", "keys_storage_dir", fallback="/var/lib/dkim")
+            if os.path.isdir(dkim_keys):
+                shutil.copytree(dkim_keys, os.path.join(custom_path, "dkim"))
+                utils.printcolor(
+                    "DKIM keys saved!", utils.GREEN)
+
+        # Radicale Collections
+        if (self.config.has_option("radicale", "enabled") and
+                self.config.getboolean("radicale", "enabled")):
+            radicale_backup = os.path.join(self.config.get(
+                "radicale", "home_dir", fallback="/srv/radicale"), "collections")
+            if os.path.isdir(radicale_backup):
+                shutil.copytree(radicale_backup, os.path.join(
+                    custom_path, "radicale"))
+                utils.printcolor("Radicale files saved", utils.GREEN)
+
+        # AMAVIS
+        if (self.config.has_option("amavis", "enabled") and
+                self.config.getboolean("amavis", "enabled")):
+            amavis_custom = "/etc/amavis/conf.d/99-custom"
+            if os.path.isfile(amavis_custom):
+                utils.copy_file(amavis_custom, custom_path)
+                utils.printcolor(
+                    "Amavis custom configuration saved!", utils.GREEN)
+
+        # POSTWHITE
+        if (self.config.has_option("postwhite", "enabled") and
+                self.config.getboolean("postwhite", "enabled")):
+            postswhite_custom = "/etc/postwhite.conf"
+            if os.path.isfile(postswhite_custom):
+                utils.copy_file(postswhite_custom, custom_path)
+                utils.printcolor(
+                    "Postwhite configuration saved!", utils.GREEN)
+
+    def database_backup(self):
+        """Backing up databases"""
+
+        utils.printcolor("Backing up databases...", utils.MAGENTA)
+
+        self.database_dump("modoboa")
+        self.database_dump("amavis")
+        self.database_dump("spamassassin")
+
+    def database_dump(self, app_name):
+
+        dump_path = os.path.join(self.backup_path, "databases")
+        backend = database.get_backend(self.config)
+
+        if app_name == "modoboa" or (self.config.has_option(app_name, "enabled") and
+                                     self.config.getboolean(app_name, "enabled")):
+            dbname = self.config.get(app_name, "dbname")
+            dbuser = self.config.get(app_name, "dbuser")
+            dbpasswd = self.config.get(app_name, "dbpassword")
+            backend.dump_database(dbname, dbuser, dbpasswd,
+                                  os.path.join(dump_path, f"{app_name}.sql"))
+
+    def backup_completed(self):
+        utils.printcolor("Backup process done, your backup is available here:"
+                         f"--> {self.backup_path}", utils.GREEN)
+
+    def run(self):
+        self.set_path()
+        self.config_file_backup()
+        self.mail_backup()
+        self.custom_config_backup()
+        self.database_backup()
+        self.backup_completed()

modoboa_installer/scripts/base.py

@@ -5,11 +5,12 @@ import sys
 
 from .. import database
 from .. import package
+from .. import python
 from .. import system
 from .. import utils
 
 
-class Installer(object):
+class Installer:
     """Simple installer for one application."""
 
     appname = None
@@ -20,10 +21,11 @@ class Installer(object):
     with_db = False
     config_files = []
 
-    def __init__(self, config, upgrade):
+    def __init__(self, config, upgrade: bool, archive_path: str):
         """Get configuration."""
         self.config = config
         self.upgrade = upgrade
+        self.archive_path = archive_path
         if self.config.has_section(self.appname):
             self.app_config = dict(self.config.items(self.appname))
         self.dbengine = self.config.get("database", "engine")
@@ -41,6 +43,20 @@ class Installer(object):
         self.dbuser = self.config.get(self.appname, "dbuser")
         self.dbpasswd = self.config.get(self.appname, "dbpassword")
 
+    @property
+    def modoboa_2_2_or_greater(self):
+        # Check if modoboa version > 2.2
+        modoboa_version = python.get_package_version(
+            "modoboa",
+            self.config.get("modoboa", "venv_path"),
+            sudo_user=self.config.get("modoboa", "user")
+            )
+        condition = (
+            (int(modoboa_version[0]) == 2 and int(modoboa_version[1]) >= 2) or
+            int(modoboa_version[0]) > 2
+            )
+        return condition
+
     @property
     def config_dir(self):
         """Return main configuration directory."""
@@ -53,6 +69,19 @@ class Installer(object):
         """Return a schema to install."""
         return None
 
+    def get_sql_schema_from_backup(self):
+        """Retrieve a dump path from a previous backup."""
+        utils.printcolor(
+            f"Trying to restore {self.appname} database from backup.",
+            utils.MAGENTA
+        )
+        database_backup_path = os.path.join(
+            self.archive_path, f"databases/{self.appname}.sql")
+        if os.path.isfile(database_backup_path):
+            utils.success(f"SQL dump found in backup for {self.appname}!")
+            return database_backup_path
+        return None
+
     def get_file_path(self, fname):
         """Return the absolute path of this file."""
         return os.path.abspath(
@@ -66,7 +95,11 @@ class Installer(object):
             return
         self.backend.create_user(self.dbuser, self.dbpasswd)
         self.backend.create_database(self.dbname, self.dbuser)
-        schema = self.get_sql_schema_path()
+        schema = None
+        if self.archive_path:
+            schema = self.get_sql_schema_from_backup()
+        if not schema:
+            schema = self.get_sql_schema_path()
         if schema:
             self.backend.load_sql_file(
                 self.dbname, self.dbuser, self.dbpasswd, schema)
@@ -113,7 +146,7 @@ class Installer(object):
             return
         exitcode, output = package.backend.install_many(packages)
         if exitcode:
-            utils.printcolor("Failed to install dependencies", utils.RED)
+            utils.error("Failed to install dependencies")
             sys.exit(1)
 
     def get_config_files(self):
@@ -137,6 +170,20 @@ class Installer(object):
                 dst = os.path.join(self.config_dir, dst)
             utils.copy_from_template(src, dst, context)
 
+    def backup(self, path):
+        if self.with_db:
+            self._dump_database(path)
+        custom_backup_path = os.path.join(path, "custom")
+        self.custom_backup(custom_backup_path)
+
+    def custom_backup(self, path):
+        """Override this method in subscripts to add custom backup content."""
+        pass
+
+    def restore(self):
+        """Restore from a previous backup."""
+        pass
+
     def get_daemon_name(self):
         """Return daemon name if defined."""
         return self.daemon_name if self.daemon_name else self.appname
@@ -157,8 +204,17 @@ class Installer(object):
             self.setup_database()
         self.install_config_files()
         self.post_run()
+        if self.archive_path:
+            self.restore()
         self.restart_daemon()
 
+    def _dump_database(self, backup_path: str):
+        """Create a new database dump for this app."""
+        target_dir = os.path.join(backup_path, "databases")
+        target_file = os.path.join(target_dir, f"{self.appname}.sql")
+        self.backend.dump_database(
+            self.dbname, self.dbuser, self.dbpasswd, target_file)
+
     def pre_run(self):
         """Tasks to execute before the installer starts."""
         pass

modoboa_installer/scripts/clamav.py

@@ -42,9 +42,10 @@ class Clamav(base.Installer):
         """Additional tasks."""
         if package.backend.FORMAT == "deb":
             user = self.config.get(self.appname, "user")
-            system.add_user_to_group(
-                user, self.config.get("amavis", "user")
-            )
+            if self.config.getboolean("amavis", "enabled"):
+                system.add_user_to_group(
+                    user, self.config.get("amavis", "user")
+                )
             pattern = (
                 "s/^AllowSupplementaryGroups false/"
                 "AllowSupplementaryGroups true/")
@@ -57,7 +58,7 @@ class Clamav(base.Installer):
             # Check if not present before
             path = "/usr/lib/systemd/system/clamd@.service"
             code, output = utils.exec_cmd(
-                "grep 'WantedBy=multi-user.target' {}".format(path))
+                r"grep 'WantedBy\s*=\s*multi-user.target' {}".format(path))
             if code:
                 utils.exec_cmd(
                     """cat <<EOM >> {}

modoboa_installer/scripts/dovecot.py

@@ -3,6 +3,8 @@
 import glob
 import os
 import pwd
+import shutil
+import stat
 
 from .. import database
 from .. import package
@@ -13,32 +15,88 @@ from . import base
 
 
 class Dovecot(base.Installer):
-
     """Dovecot installer."""
 
     appname = "dovecot"
     packages = {
         "deb": [
-            "dovecot-imapd", "dovecot-lmtpd", "dovecot-managesieved",
-            "dovecot-sieve"],
+            "dovecot-imapd",
+            "dovecot-lmtpd",
+            "dovecot-managesieved",
+            "dovecot-sieve"
+        ],
         "rpm": [
             "dovecot", "dovecot-pigeonhole"]
     }
-    config_files = [
-        "dovecot.conf", "dovecot-dict-sql.conf.ext", "conf.d/10-ssl.conf",
-        "conf.d/10-master.conf", "conf.d/20-lmtp.conf"]
+    per_version_config_files = {
+        "2.3": [
+            "dovecot.conf",
+            "dovecot-dict-sql.conf.ext",
+            "conf.d/10-ssl.conf",
+            "conf.d/10-master.conf",
+            "conf.d/20-lmtp.conf",
+            "conf.d/10-ssl-keys.try",
+            "conf.d/dovecot-oauth2.conf.ext",
+        ],
+        "2.4": [
+            "dovecot.conf",
+            "conf.d/10-mail.conf",
+            "conf.d/10-master.conf",
+            "conf.d/10-ssl.conf",
+            "conf.d/10-ssl-keys.try",
+            "conf.d/20-lmtp.conf",
+            "conf.d/30-dict-server.conf",
+            "conf.d/auth-oauth2.conf.ext",
+        ]
+    }
     with_user = True
 
-    def get_config_files(self):
+    @property
+    def version(self) -> str:
+        if not hasattr(self, "_version"):
+            self._version = package.backend.get_installed_version("dovecot-core")[:3]
+        return self._version
+
+    def setup_user(self):
+        """Setup mailbox user."""
+        super().setup_user()
+        self.mailboxes_owner = self.app_config["mailboxes_owner"]
+        system.create_user(self.mailboxes_owner, self.home_dir)
+
+    def _get_config_files_for_version(self, version: str) -> list[str]:
+        files = self.per_version_config_files[version]
+        if version == "2.4":
+            files += [
+                f"conf.d/auth-sql-{self.dbengine}.conf.ext=conf.d/auth-sql.conf.ext",
+                f"conf.d/auth-master-{self.dbengine}.conf.ext=conf.d/auth-master.conf.ext",
+            ]
+        else:
+            files += [
+                f"dovecot-sql-{self.dbengine}.conf.ext=dovecot-sql.conf.ext",
+                f"dovecot-sql-master-{self.dbengine}.conf.ext=dovecot-sql-master.conf.ext"
+            ]
+        result = []
+        for path in files:
+            if "=" not in path:
+                result.append(f"{version}/{path}={path}")
+            else:
+                src, dst = path.split("=")
+                result.append(f"{version}/{src}={dst}")
+        return result
+
+    def get_config_files(self) -> list[str]:
         """Additional config files."""
-        return self.config_files + [
-            "dovecot-sql-{}.conf.ext=dovecot-sql.conf.ext"
-            .format(self.dbengine),
-            "dovecot-sql-master-{}.conf.ext=dovecot-sql-master.conf.ext"
-            .format(self.dbengine),
-            "postlogin-{}.sh=/usr/local/bin/postlogin.sh"
-            .format(self.dbengine),
-        ]
+        _config_files = self._get_config_files_for_version(self.version)
+        _config_files.append(
+            f"postlogin-{self.dbengine}.sh=/usr/local/bin/postlogin.sh"
+        )
+        if self.app_config["move_spam_to_junk"]:
+            _config_files += [
+                "custom_after_sieve/spam-to-junk.sieve=conf.d/custom_after_sieve/spam-to-junk.sieve",
+                f"{self.version}/conf.d/90-sieve.conf=conf.d/90-sieve.conf",
+            ]
+
+        return _config_files
 
     def get_packages(self):
         """Additional packages."""
@@ -46,21 +104,37 @@ class Dovecot(base.Installer):
         if package.backend.FORMAT == "deb":
             if "pop3" in self.config.get("dovecot", "extra_protocols"):
                 packages += ["dovecot-pop3d"]
-        return super(Dovecot, self).get_packages() + packages
+        packages += super().get_packages()
+        backports_codename = getattr(self, "backports_codename", None)
+        if backports_codename:
+            packages = [f"{package}/{backports_codename}-backports" for package in packages]
+        return packages
 
     def install_packages(self):
         """Preconfigure Dovecot if needed."""
+        name, version = utils.dist_info()
+        name = name.lower()
+        if name.startswith("debian") and version.startswith("12"):
+            package.backend.enable_backports("bookworm")
+            self.backports_codename = "bookworm"
         package.backend.preconfigure(
             "dovecot-core", "create-ssl-cert", "boolean", "false")
-        super(Dovecot, self).install_packages()
+        super().install_packages()
 
     def get_template_context(self):
         """Additional variables."""
-        context = super(Dovecot, self).get_template_context()
-        pw = pwd.getpwnam(self.user)
+        context = super().get_template_context()
+        pw_mailbox = pwd.getpwnam(self.mailboxes_owner)
+        dovecot_package = {"deb": "dovecot-core", "rpm": "dovecot"}
+        ssl_protocol_parameter = "ssl_protocols"
+        if package.backend.get_installed_version(dovecot_package[package.backend.FORMAT]) > "2.3":
+            ssl_protocol_parameter = "ssl_min_protocol"
         ssl_protocols = "!SSLv2 !SSLv3"
-        if package.backend.get_installed_version("openssl").startswith("1.1"):
+        if package.backend.get_installed_version("openssl").startswith("1.1") \
+                or package.backend.get_installed_version("openssl").startswith("3"):
             ssl_protocols = "!SSLv3"
+        if ssl_protocol_parameter == "ssl_min_protocol":
+            ssl_protocols = "TLSv1.2"
         if "centos" in utils.dist_name():
             protocols = "protocols = imap lmtp sieve"
             extra_protocols = self.config.get("dovecot", "extra_protocols")
@@ -69,25 +143,49 @@ class Dovecot(base.Installer):
         else:
             # Protocols are automatically guessed on debian/ubuntu
             protocols = ""
+
+        oauth2_client_id, oauth2_client_secret = utils.create_oauth2_app(
+            "Dovecot", "dovecot", self.config)
+        hostname = self.config.get("general", "hostname")
+        oauth2_introspection_url = (
+            f"https://{oauth2_client_id}:{oauth2_client_secret}"
+            f"@{hostname}/api/o/introspect/"
+        )
+
         context.update({
             "db_driver": self.db_driver,
-            "mailboxes_owner_uid": pw[2],
-            "mailboxes_owner_gid": pw[3],
+            "mailboxes_owner_uid": pw_mailbox[2],
+            "mailboxes_owner_gid": pw_mailbox[3],
+            "mailbox_owner": self.mailboxes_owner,
             "modoboa_user": self.config.get("modoboa", "user"),
             "modoboa_dbname": self.config.get("modoboa", "dbname"),
             "modoboa_dbuser": self.config.get("modoboa", "dbuser"),
             "modoboa_dbpassword": self.config.get("modoboa", "dbpassword"),
             "protocols": protocols,
             "ssl_protocols": ssl_protocols,
+            "ssl_protocol_parameter": ssl_protocol_parameter,
+            "modoboa_2_2_or_greater": "" if self.modoboa_2_2_or_greater else "#",
+            "not_modoboa_2_2_or_greater": "" if not self.modoboa_2_2_or_greater else "#",
+            "do_move_spam_to_junk": "" if self.app_config["move_spam_to_junk"] else "#",
+            "oauth2_introspection_url": oauth2_introspection_url,
             "radicale_user": self.config.get("radicale", "user"),
-            "radicale_auth_socket_path": os.path.basename(
-                self.config.get("dovecot", "radicale_auth_socket_path"))
         })
         return context
 
+    def install_config_files(self):
+        """Create sieve dir if needed."""
+        if self.app_config["move_spam_to_junk"]:
+            utils.mkdir_safe(
+                f"{self.config_dir}/conf.d/custom_after_sieve",
+                stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP |
+                stat.S_IROTH | stat.S_IXOTH,
+                0, 0
+                )
+        super().install_config_files()
+
     def post_run(self):
         """Additional tasks."""
-        if self.dbengine == "postgres":
+        if self.version == "2.3" and self.dbengine == "postgres":
             dbname = self.config.get("modoboa", "dbname")
             dbuser = self.config.get("modoboa", "dbuser")
             dbpassword = self.config.get("modoboa", "dbpassword")
@@ -100,16 +198,21 @@ class Dovecot(base.Installer):
                 dbname, dbuser, dbpassword,
                 self.get_file_path("fix_modoboa_postgres_schema.sql")
             )
-        for f in glob.glob("{}/*".format(self.get_file_path("conf.d"))):
-            utils.copy_file(f, "{}/conf.d".format(self.config_dir))
+        for f in glob.glob(f"{self.version}/{self.get_file_path('conf.d')}/*"):
+            if os.path.isfile(f):
+                utils.copy_file(f, "{}/conf.d".format(self.config_dir))
         # Make postlogin script executable
         utils.exec_cmd("chmod +x /usr/local/bin/postlogin.sh")
+        # Only root should have read access to the 10-ssl-keys.try
+        # See https://github.com/modoboa/modoboa/issues/2570
+        utils.exec_cmd("chmod 600 /etc/dovecot/conf.d/10-ssl-keys.try")
         # Add mailboxes user to dovecot group for modoboa mailbox commands.
         # See https://github.com/modoboa/modoboa/issues/2157.
-        system.add_user_to_group(
-            self.config.get("dovecot", "mailboxes_owner"),
-            'dovecot'
-        )
+        if self.app_config["move_spam_to_junk"]:
+            # Compile sieve script
+            sieve_file = f"{self.config_dir}/conf.d/custom_after_sieve/spam-to-junk.sieve"
+            utils.exec_cmd(f"/usr/bin/sievec {sieve_file}")
+        system.add_user_to_group(self.mailboxes_owner, 'dovecot')
 
     def restart_daemon(self):
         """Restart daemon process.
@@ -125,3 +228,39 @@ class Dovecot(base.Installer):
             "service {} {} > /dev/null 2>&1".format(self.appname, action),
             capture_output=False)
         system.enable_service(self.get_daemon_name())
+
+    def backup(self, path):
+        """Backup emails."""
+        home_dir = self.config.get("dovecot", "home_dir")
+        utils.printcolor("Backing up mails", utils.MAGENTA)
+        if not os.path.exists(home_dir) or os.path.isfile(home_dir):
+            utils.error("Error backing up emails, provided path "
+                        f" ({home_dir}) seems not right...")
+            return
+
+        dst = os.path.join(path, "mails/")
+        if os.path.exists(dst):
+            shutil.rmtree(dst)
+        shutil.copytree(home_dir, dst)
+        utils.success("Mail backup complete!")
+
+    def restore(self):
+        """Restore emails."""
+        home_dir = self.config.get("dovecot", "home_dir")
+        mail_dir = os.path.join(self.archive_path, "mails/")
+        if len(os.listdir(mail_dir)) > 0:
+            utils.success("Copying mail backup over dovecot directory.")
+            if os.path.exists(home_dir):
+                shutil.rmtree(home_dir)
+            shutil.copytree(mail_dir, home_dir)
+            # Resetting permission for vmail
+            for dirpath, dirnames, filenames in os.walk(home_dir):
+                shutil.chown(dirpath, self.mailboxes_owner, self.mailboxes_owner)
+                for filename in filenames:
+                    shutil.chown(os.path.join(dirpath, filename),
+                                 self.mailboxes_owner, self.mailboxes_owner)
+        else:
+            utils.printcolor(
+                "It seems that emails were not backed up, skipping restoration.",
+                utils.MAGENTA
+            )

modoboa_installer/scripts/fail2ban.py

@@ -0,0 +1,17 @@
+"""fail2ban related functions."""
+
+from . import base
+
+
+class Fail2ban(base.Installer):
+    """Fail2ban installer."""
+
+    appname = "fail2ban"
+    packages = {
+        "deb": ["fail2ban"],
+        "rpm": ["fail2ban"]
+    }
+    config_files = [
+        "jail.d/modoboa.conf",
+        "filter.d/modoboa-auth.conf",
+    ]

modoboa_installer/scripts/files/amavis/amavis_mysql_2.13.X.sql

@@ -0,0 +1,213 @@
+-- Amavis 2.11.0 MySQL schema
+-- Provided by Modoboa
+-- Warning: foreign key creations are enabled
+
+-- local users
+CREATE TABLE users (
+  id         int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,  -- unique id
+  priority   integer      NOT NULL DEFAULT '7',  -- sort field, 0 is low prior.
+  policy_id  integer unsigned NOT NULL DEFAULT '1',  -- JOINs with policy.id
+  email      varbinary(255) NOT NULL UNIQUE,
+  fullname   varchar(255) DEFAULT NULL    -- not used by amavisd-new
+  -- local   char(1)      -- Y/N  (optional field, see note further down)
+);
+
+-- any e-mail address (non- rfc2822-quoted), external or local,
+-- used as senders in wblist
+CREATE TABLE mailaddr (
+  id         int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
+  priority   integer      NOT NULL DEFAULT '7',  -- 0 is low priority
+  email      varbinary(255) NOT NULL UNIQUE
+);
+
+-- per-recipient whitelist and/or blacklist,
+-- puts sender and recipient in relation wb  (white or blacklisted sender)
+CREATE TABLE wblist (
+  rid        integer unsigned NOT NULL,  -- recipient: users.id
+  sid        integer unsigned NOT NULL,  -- sender: mailaddr.id
+  wb         varchar(10)  NOT NULL,  -- W or Y / B or N / space=neutral / score
+  PRIMARY KEY (rid,sid)
+);
+
+CREATE TABLE policy (
+  id  int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
+                                    -- 'id' this is the _only_ required field
+  policy_name      varchar(32),     -- not used by amavisd-new, a comment
+
+  virus_lover           char(1) default NULL,     -- Y/N
+  spam_lover            char(1) default NULL,     -- Y/N
+  unchecked_lover       char(1) default NULL,     -- Y/N
+  banned_files_lover    char(1) default NULL,     -- Y/N
+  bad_header_lover      char(1) default NULL,     -- Y/N
+
+  bypass_virus_checks   char(1) default NULL,     -- Y/N
+  bypass_spam_checks    char(1) default NULL,     -- Y/N
+  bypass_banned_checks  char(1) default NULL,     -- Y/N
+  bypass_header_checks  char(1) default NULL,     -- Y/N
+
+  virus_quarantine_to      varchar(64) default NULL,
+  spam_quarantine_to       varchar(64) default NULL,
+  banned_quarantine_to     varchar(64) default NULL,
+  unchecked_quarantine_to  varchar(64) default NULL,
+  bad_header_quarantine_to varchar(64) default NULL,
+  clean_quarantine_to      varchar(64) default NULL,
+  archive_quarantine_to    varchar(64) default NULL,
+
+  spam_tag_level  float default NULL, -- higher score inserts spam info headers
+  spam_tag2_level float default NULL, -- inserts 'declared spam' header fields
+  spam_tag3_level float default NULL, -- inserts 'blatant spam' header fields
+  spam_kill_level float default NULL, -- higher score triggers evasive actions
+                                      -- e.g. reject/drop, quarantine, ...
+                                     -- (subject to final_spam_destiny setting)
+  spam_dsn_cutoff_level        float default NULL,
+  spam_quarantine_cutoff_level float default NULL,
+
+  addr_extension_virus      varchar(64) default NULL,
+  addr_extension_spam       varchar(64) default NULL,
+  addr_extension_banned     varchar(64) default NULL,
+  addr_extension_bad_header varchar(64) default NULL,
+
+  warnvirusrecip      char(1)     default NULL, -- Y/N
+  warnbannedrecip     char(1)     default NULL, -- Y/N
+  warnbadhrecip       char(1)     default NULL, -- Y/N
+  newvirus_admin      varchar(64) default NULL,
+  virus_admin         varchar(64) default NULL,
+  banned_admin        varchar(64) default NULL,
+  bad_header_admin    varchar(64) default NULL,
+  spam_admin          varchar(64) default NULL,
+  spam_subject_tag    varchar(64) default NULL,
+  spam_subject_tag2   varchar(64) default NULL,
+  spam_subject_tag3   varchar(64) default NULL,
+  message_size_limit  integer     default NULL, -- max size in bytes, 0 disable
+  banned_rulenames    varchar(64) default NULL, -- comma-separated list of ...
+        -- names mapped through %banned_rules to actual banned_filename tables
+  disclaimer_options  varchar(64) default NULL,
+  forward_method      varchar(64) default NULL,
+  sa_userconf         varchar(64) default NULL,
+  sa_username         varchar(64) default NULL
+);
+
+
+-- R/W part of the dataset (optional)
+--   May reside in the same or in a separate database as lookups database;
+--   REQUIRES SUPPORT FOR TRANSACTIONS; specified in @storage_sql_dsn
+--
+--   MySQL note ( http://dev.mysql.com/doc/mysql/en/storage-engines.html ):
+--     ENGINE is the preferred term, but cannot be used before MySQL 4.0.18.
+--     TYPE is available beginning with MySQL 3.23.0, the first version of
+--     MySQL for which multiple storage engines were available. If you omit
+--     the ENGINE or TYPE option, the default storage engine is used.
+--     By default this is MyISAM.
+--
+--  Please create additional indexes on keys when needed, or drop suggested
+--  ones as appropriate to optimize queries needed by a management application.
+--  See your database documentation for further optimization hints. With MySQL
+--  see Chapter 15 of the reference manual. For example the chapter 15.17 says:
+--  InnoDB does not keep an internal count of rows in a table. To process a
+--  SELECT COUNT(*) FROM T statement, InnoDB must scan an index of the table,
+--  which takes some time if the index is not entirely in the buffer pool.
+--
+--        Wayne Smith adds: When using MySQL with InnoDB one might want to
+--  increase buffer size for both pool and log, and might also want
+--  to change flush settings for a little better performance. Example:
+--    innodb_buffer_pool_size = 384M
+--    innodb_log_buffer_size = 8M
+--    innodb_flush_log_at_trx_commit = 0
+--  The big performance increase is the first two, the third just helps with
+--  lowering disk activity. Consider also adjusting the key_buffer_size.
+
+-- provide unique id for each e-mail address, avoids storing copies
+CREATE TABLE maddr (
+  partition_tag integer      DEFAULT 0, -- see $partition_tag
+  id         bigint unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
+  email      varbinary(255)  NOT NULL,  -- full mail address
+  domain     varchar(255)    NOT NULL,  -- only domain part of the email address
+                                        -- with subdomain fields in reverse
+  CONSTRAINT part_email UNIQUE (partition_tag,email)
+) ENGINE=InnoDB;
+
+-- information pertaining to each processed message as a whole;
+-- NOTE: records with NULL msgs.content should be ignored by utilities,
+--   as such records correspond to messages just being processes, or were lost
+-- NOTE: instead of a character field time_iso, one might prefer:
+--   time_iso TIMESTAMP NOT NULL DEFAULT 0,
+--   but the following MUST then be set in amavisd.conf: $timestamp_fmt_mysql=1
+CREATE TABLE msgs (
+  partition_tag integer     DEFAULT 0,   -- see $partition_tag
+  mail_id     varbinary(16) NOT NULL,    -- long-term unique mail id, dflt 12 ch
+  secret_id   varbinary(16) DEFAULT '',  -- authorizes release of mail_id, 12 ch
+  am_id       varchar(20)   NOT NULL,    -- id used in the log
+  time_num    integer unsigned NOT NULL, -- rx_time: seconds since Unix epoch
+  time_iso    char(16)      NOT NULL,    -- rx_time: ISO8601 UTC ascii time
+  sid         bigint unsigned NOT NULL,  -- sender: maddr.id
+  policy      varchar(255)  DEFAULT '',  -- policy bank path (like macro %p)
+  client_addr varchar(255)  DEFAULT '',  -- SMTP client IP address (IPv4 or v6)
+  size        integer unsigned NOT NULL, -- message size in bytes
+  originating char(1) DEFAULT ' ' NOT NULL,  -- sender from inside or auth'd
+  content     char(1),                   -- content type: V/B/U/S/Y/M/H/O/T/C
+    -- virus/banned/unchecked/spam(kill)/spammy(tag2)/
+    -- /bad-mime/bad-header/oversized/mta-err/clean
+    -- is NULL on partially processed mail
+    -- (prior to 2.7.0 the CC_SPAMMY was logged as 's', now 'Y' is used;
+    -- to avoid a need for case-insenstivity in queries)
+  quar_type  char(1),                   -- quarantined as: ' '/F/Z/B/Q/M/L
+                                        --  none/file/zipfile/bsmtp/sql/
+                                        --  /mailbox(smtp)/mailbox(lmtp)
+  quar_loc   varbinary(255) DEFAULT '', -- quarantine location (e.g. file)
+  dsn_sent   char(1),                   -- was DSN sent? Y/N/q (q=quenched)
+  spam_level float,                     -- SA spam level (no boosts)
+  message_id varchar(255)  DEFAULT '',  -- mail Message-ID header field
+  from_addr  varchar(255)  CHARACTER SET utf8mb4 COLLATE utf8mb4_bin  DEFAULT '',
+                                        -- mail From header field,    UTF8
+  subject    varchar(255)  CHARACTER SET utf8mb4 COLLATE utf8mb4_bin  DEFAULT '',
+                                        -- mail Subject header field, UTF8
+  host       varchar(255)  NOT NULL,    -- hostname where amavisd is running
+  PRIMARY KEY (partition_tag,mail_id),
+  FOREIGN KEY (sid) REFERENCES maddr(id) ON DELETE RESTRICT
+) ENGINE=InnoDB;
+CREATE INDEX msgs_idx_sid      ON msgs (sid);
+CREATE INDEX msgs_idx_mess_id  ON msgs (message_id); -- useful with pen pals
+CREATE INDEX msgs_idx_time_num ON msgs (time_num);
+-- alternatively when purging based on time_iso (instead of msgs_idx_time_num):
+CREATE INDEX msgs_idx_time_iso ON msgs (time_iso);
+-- When using FOREIGN KEY contraints, InnoDB requires index on a field
+-- (an the field must be the first field in the index).  Hence create it:
+CREATE INDEX msgs_idx_mail_id  ON msgs (mail_id);
+
+-- per-recipient information related to each processed message;
+-- NOTE: records in msgrcpt without corresponding msgs.mail_id record are
+--  orphaned and should be ignored and eventually deleted by external utilities
+CREATE TABLE msgrcpt (
+  partition_tag integer    DEFAULT 0,    -- see $partition_tag
+  mail_id    varbinary(16) NOT NULL,     -- (must allow duplicates)
+  rseqnum    integer  DEFAULT 0   NOT NULL, -- recip's enumeration within msg
+  rid        bigint unsigned NOT NULL,   -- recipient: maddr.id (dupl. allowed)
+  is_local   char(1)  DEFAULT ' ' NOT NULL, -- recip is: Y=local, N=foreign
+  content    char(1)  DEFAULT ' ' NOT NULL, -- content type V/B/U/S/Y/M/H/O/T/C
+  ds         char(1)  NOT NULL,          -- delivery status: P/R/B/D/T
+                                         -- pass/reject/bounce/discard/tempfail
+  rs         char(1)  NOT NULL,          -- release status: initialized to ' '
+  bl         char(1)  DEFAULT ' ',       -- sender blacklisted by this recip
+  wl         char(1)  DEFAULT ' ',       -- sender whitelisted by this recip
+  bspam_level float,                     -- per-recipient (total) spam level
+  smtp_resp  varchar(255)  DEFAULT '',   -- SMTP response given to MTA
+  PRIMARY KEY (partition_tag,mail_id,rseqnum),
+  FOREIGN KEY (rid)     REFERENCES maddr(id)     ON DELETE RESTRICT,
+  FOREIGN KEY (mail_id) REFERENCES msgs(mail_id) ON DELETE CASCADE
+) ENGINE=InnoDB;
+CREATE INDEX msgrcpt_idx_mail_id  ON msgrcpt (mail_id);
+CREATE INDEX msgrcpt_idx_rid      ON msgrcpt (rid);
+-- Additional index on rs since Modoboa uses it to filter its quarantine
+CREATE INDEX msgrcpt_idx_rs       ON msgrcpt (rs);
+
+-- mail quarantine in SQL, enabled by $*_quarantine_method='sql:'
+-- NOTE: records in quarantine without corresponding msgs.mail_id record are
+--  orphaned and should be ignored and eventually deleted by external utilities
+CREATE TABLE quarantine (
+  partition_tag integer    DEFAULT 0,    -- see $partition_tag
+  mail_id    varbinary(16) NOT NULL,     -- long-term unique mail id
+  chunk_ind  integer unsigned NOT NULL,  -- chunk number, starting with 1
+  mail_text  blob          NOT NULL,     -- store mail as chunks of octets
+  PRIMARY KEY (partition_tag,mail_id,chunk_ind),
+  FOREIGN KEY (mail_id) REFERENCES msgs(mail_id) ON DELETE CASCADE
+) ENGINE=InnoDB;

modoboa_installer/scripts/files/amavis/amavis_postgres_2.13.X.sql

@@ -0,0 +1,189 @@
+CREATE TABLE policy (
+  id            serial PRIMARY KEY, -- 'id' is the _only_ required field
+  policy_name   varchar(32),        -- not used by amavisd-new, a comment
+
+  virus_lover           char(1) default NULL,     -- Y/N
+  spam_lover            char(1) default NULL,     -- Y/N
+  unchecked_lover       char(1) default NULL,     -- Y/N
+  banned_files_lover    char(1) default NULL,     -- Y/N
+  bad_header_lover      char(1) default NULL,     -- Y/N
+
+  bypass_virus_checks   char(1) default NULL,     -- Y/N
+  bypass_spam_checks    char(1) default NULL,     -- Y/N
+  bypass_banned_checks  char(1) default NULL,     -- Y/N
+  bypass_header_checks  char(1) default NULL,     -- Y/N
+
+  virus_quarantine_to      varchar(64) default NULL,
+  spam_quarantine_to       varchar(64) default NULL,
+  banned_quarantine_to     varchar(64) default NULL,
+  unchecked_quarantine_to  varchar(64) default NULL,
+  bad_header_quarantine_to varchar(64) default NULL,
+  clean_quarantine_to      varchar(64) default NULL,
+  archive_quarantine_to    varchar(64) default NULL,
+
+  spam_tag_level  real default NULL, -- higher score inserts spam info headers
+  spam_tag2_level real default NULL, -- inserts 'declared spam' header fields
+  spam_tag3_level real default NULL, -- inserts 'blatant spam' header fields
+  spam_kill_level real default NULL, -- higher score triggers evasive actions
+                                     -- e.g. reject/drop, quarantine, ...
+                                     -- (subject to final_spam_destiny setting)
+
+  spam_dsn_cutoff_level        real default NULL,
+  spam_quarantine_cutoff_level real default NULL,
+
+  addr_extension_virus      varchar(64) default NULL,
+  addr_extension_spam       varchar(64) default NULL,
+  addr_extension_banned     varchar(64) default NULL,
+  addr_extension_bad_header varchar(64) default NULL,
+
+  warnvirusrecip      char(1)     default NULL, -- Y/N
+  warnbannedrecip     char(1)     default NULL, -- Y/N
+  warnbadhrecip       char(1)     default NULL, -- Y/N
+  newvirus_admin      varchar(64) default NULL,
+  virus_admin         varchar(64) default NULL,
+  banned_admin        varchar(64) default NULL,
+  bad_header_admin    varchar(64) default NULL,
+  spam_admin          varchar(64) default NULL,
+  spam_subject_tag    varchar(64) default NULL,
+  spam_subject_tag2   varchar(64) default NULL,
+  spam_subject_tag3   varchar(64) default NULL,
+  message_size_limit  integer     default NULL, -- max size in bytes, 0 disable
+  banned_rulenames    varchar(64) default NULL, -- comma-separated list of ...
+        -- names mapped through %banned_rules to actual banned_filename tables
+  disclaimer_options  varchar(64) default NULL,
+  forward_method      varchar(64) default NULL,
+  sa_userconf         varchar(64) default NULL,
+  sa_username         varchar(64) default NULL
+);
+
+-- local users
+CREATE TABLE users (
+  id         serial  PRIMARY KEY,  -- unique id
+  priority   integer NOT NULL DEFAULT 7,  -- sort field, 0 is low prior.
+  policy_id  integer NOT NULL DEFAULT 1 CHECK (policy_id >= 0) REFERENCES policy(id),
+  email      bytea   NOT NULL UNIQUE,     -- email address, non-rfc2822-quoted
+  fullname   varchar(255) DEFAULT NULL    -- not used by amavisd-new
+  -- local   char(1)      -- Y/N  (optional, see SQL section in README.lookups)
+);
+
+-- any e-mail address (non- rfc2822-quoted), external or local,
+-- used as senders in wblist
+CREATE TABLE mailaddr (
+  id         serial  PRIMARY KEY,
+  priority   integer NOT NULL DEFAULT 9,  -- 0 is low priority
+  email      bytea   NOT NULL UNIQUE
+);
+
+-- per-recipient whitelist and/or blacklist,
+-- puts sender and recipient in relation wb  (white or blacklisted sender)
+CREATE TABLE wblist (
+  rid        integer NOT NULL CHECK (rid >= 0) REFERENCES users(id),
+  sid        integer NOT NULL CHECK (sid >= 0) REFERENCES mailaddr(id),
+  wb         varchar(10) NOT NULL,  -- W or Y / B or N / space=neutral / score
+  PRIMARY KEY (rid,sid)
+);
+
+-- grant usage rights:
+GRANT select ON policy   TO amavis;
+GRANT select ON users    TO amavis;
+GRANT select ON mailaddr TO amavis;
+GRANT select ON wblist   TO amavis;
+
+
+-- R/W part of the dataset (optional)
+--   May reside in the same or in a separate database as lookups database;
+--   REQUIRES SUPPORT FOR TRANSACTIONS; specified in @storage_sql_dsn
+--
+--  Please create additional indexes on keys when needed, or drop suggested
+--  ones as appropriate to optimize queries needed by a management application.
+--  See your database documentation for further optimization hints.
+
+-- provide unique id for each e-mail address, avoids storing copies
+CREATE TABLE maddr (
+  id         serial       PRIMARY KEY,
+  partition_tag integer   DEFAULT 0,   -- see $partition_tag
+  email      bytea        NOT NULL,    -- full e-mail address
+  domain     varchar(255) NOT NULL,    -- only domain part of the email address
+                                       -- with subdomain fields in reverse
+  CONSTRAINT part_email UNIQUE (partition_tag,email)
+);
+
+-- information pertaining to each processed message as a whole;
+-- NOTE: records with a NULL msgs.content should be ignored by utilities,
+--   as such records correspond to messages just being processed, or were lost
+CREATE TABLE msgs (
+  partition_tag integer     DEFAULT 0,  -- see $partition_tag
+  mail_id     bytea         NOT NULL,   -- long-term unique mail id, dflt 12 ch
+  secret_id   bytea         DEFAULT '', -- authorizes release of mail_id, 12 ch
+  am_id       varchar(20)   NOT NULL,   -- id used in the log
+  time_num    integer NOT NULL CHECK (time_num >= 0),
+                                        -- rx_time: seconds since Unix epoch
+  time_iso timestamp WITH TIME ZONE NOT NULL,-- rx_time: ISO8601 UTC ascii time
+  sid         integer NOT NULL CHECK (sid >= 0), -- sender: maddr.id
+  policy      varchar(255)  DEFAULT '', -- policy bank path (like macro %p)
+  client_addr varchar(255)  DEFAULT '', -- SMTP client IP address (IPv4 or v6)
+  size        integer NOT NULL CHECK (size >= 0), -- message size in bytes
+  originating char(1) DEFAULT ' ' NOT NULL,  -- sender from inside or auth'd
+  content     char(1),                   -- content type: V/B/U/S/Y/M/H/O/T/C
+    -- virus/banned/unchecked/spam(kill)/spammy(tag2)/
+    -- /bad-mime/bad-header/oversized/mta-err/clean
+    -- is NULL on partially processed mail
+    -- (prior to 2.7.0 the CC_SPAMMY was logged as 's', now 'Y' is used;
+    --- to avoid a need for case-insenstivity in queries)
+  quar_type  char(1),                   -- quarantined as: ' '/F/Z/B/Q/M/L
+                                        --  none/file/zipfile/bsmtp/sql/
+                                        --  /mailbox(smtp)/mailbox(lmtp)
+  quar_loc   varchar(255)  DEFAULT '',  -- quarantine location (e.g. file)
+  dsn_sent   char(1),                   -- was DSN sent? Y/N/q (q=quenched)
+  spam_level real,                      -- SA spam level (no boosts)
+  message_id varchar(255)  DEFAULT '',  -- mail Message-ID header field
+  from_addr  varchar(255)  DEFAULT '',  -- mail From header field,    UTF8
+  subject    varchar(255)  DEFAULT '',  -- mail Subject header field, UTF8
+  host       varchar(255)  NOT NULL,    -- hostname where amavisd is running
+  CONSTRAINT msgs_partition_mail UNIQUE (partition_tag,mail_id),
+  PRIMARY KEY (partition_tag,mail_id)
+--FOREIGN KEY (sid) REFERENCES maddr(id) ON DELETE RESTRICT
+);
+CREATE INDEX msgs_idx_sid      ON msgs (sid);
+CREATE INDEX msgs_idx_mess_id  ON msgs (message_id); -- useful with pen pals
+CREATE INDEX msgs_idx_time_iso ON msgs (time_iso);
+CREATE INDEX msgs_idx_time_num ON msgs (time_num);   -- optional
+
+-- per-recipient information related to each processed message;
+-- NOTE: records in msgrcpt without corresponding msgs.mail_id record are
+--  orphaned and should be ignored and eventually deleted by external utilities
+CREATE TABLE msgrcpt (
+  partition_tag integer DEFAULT 0,  -- see $partition_tag
+  mail_id    bytea    NOT NULL,     -- (must allow duplicates)
+  rseqnum    integer  DEFAULT 0   NOT NULL, -- recip's enumeration within msg
+  rid        integer  NOT NULL,     -- recipient: maddr.id (duplicates allowed)
+  is_local   char(1)  DEFAULT ' ' NOT NULL, -- recip is: Y=local, N=foreign
+  content    char(1)  DEFAULT ' ' NOT NULL, -- content type V/B/U/S/Y/M/H/O/T/C
+  ds         char(1)  NOT NULL,     -- delivery status: P/R/B/D/T
+                                    -- pass/reject/bounce/discard/tempfail
+  rs         char(1)  NOT NULL,     -- release status: initialized to ' '
+  bl         char(1)  DEFAULT ' ',  -- sender blacklisted by this recip
+  wl         char(1)  DEFAULT ' ',  -- sender whitelisted by this recip
+  bspam_level real,                 -- per-recipient (total) spam level
+  smtp_resp  varchar(255) DEFAULT '', -- SMTP response given to MTA
+  CONSTRAINT msgrcpt_partition_mail_rseq UNIQUE (partition_tag,mail_id,rseqnum),
+  PRIMARY KEY (partition_tag,mail_id,rseqnum)
+--FOREIGN KEY (rid)     REFERENCES maddr(id)     ON DELETE RESTRICT,
+--FOREIGN KEY (mail_id) REFERENCES msgs(mail_id) ON DELETE CASCADE
+);
+CREATE INDEX msgrcpt_idx_mail_id  ON msgrcpt (mail_id);
+CREATE INDEX msgrcpt_idx_rid      ON msgrcpt (rid);
+-- Additional index on rs since Modoboa uses it to filter its quarantine
+CREATE INDEX msgrcpt_idx_rs       ON msgrcpt (rs);
+
+-- mail quarantine in SQL, enabled by $*_quarantine_method='sql:'
+-- NOTE: records in quarantine without corresponding msgs.mail_id record are
+--  orphaned and should be ignored and eventually deleted by external utilities
+CREATE TABLE quarantine (
+  partition_tag integer  DEFAULT 0,      -- see $partition_tag
+  mail_id    bytea   NOT NULL,           -- long-term unique mail id
+  chunk_ind  integer NOT NULL CHECK (chunk_ind >= 0), -- chunk number, 1..
+  mail_text  bytea   NOT NULL,           -- store mail as chunks of octects
+  PRIMARY KEY (partition_tag,mail_id,chunk_ind)
+--FOREIGN KEY (mail_id) REFERENCES msgs(mail_id) ON DELETE CASCADE
+);

modoboa_installer/scripts/files/automx/automx.conf.tpl

@@ -2,6 +2,9 @@
 provider = %domain
 domains = *
 
+#debug=yes
+#logfile = /srv/automx/automx.log
+
 # Protect against DoS
 memcache = 127.0.0.1:11211
 memcache_ttl = 600
@@ -16,6 +19,8 @@ host = %sql_dsn
 query = %sql_query
 result_attrs = display_name, email
 
+display_name = ${display_name}
+
 smtp = yes
 smtp_server = %hostname
 smtp_port = 587
@@ -32,10 +37,3 @@ imap_encryption = starttls
 imap_auth = plaintext
 imap_auth_identity = ${email}
 imap_refresh_ttl = 6
-
-pop = yes
-pop_server = %hostname
-pop_port = 110
-pop_encryption = starttls
-pop_auth = plaintext
-pop_auth_identity = ${email}

modoboa_installer/scripts/files/dovecot/2.3/conf.d/10-auth.conf

@@ -96,7 +96,7 @@ auth_master_user_separator = *
 #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
 #   gss-spnego
 # NOTE: See also disable_plaintext_auth setting.
-auth_mechanisms = plain login
+auth_mechanisms = plain login oauthbearer xoauth2
 
 ##
 ## Password and user databases
@@ -120,6 +120,7 @@ auth_mechanisms = plain login
 
 #!include auth-system.conf.ext
 !include auth-sql.conf.ext
+!include auth-oauth2.conf.ext
 #!include auth-ldap.conf.ext
 #!include auth-passwdfile.conf.ext
 #!include auth-checkpassword.conf.ext

modoboa_installer/scripts/files/dovecot/2.3/conf.d/10-master.conf.tpl

@@ -92,14 +92,14 @@ service postlogin {
 service stats {
   # To allow modoboa to access available cipher list.
   unix_listener stats-reader {
-    user = vmail
-    group = vmail
+    user = %{mailboxes_owner}
+    group = %{mailboxes_owner}
     mode = 0660
   }
 
   unix_listener stats-writer {
-    user = vmail
-    group = vmail
+    user = %{mailboxes_owner}
+    group = %{mailboxes_owner}
     mode = 0660
   }
 }
@@ -120,7 +120,7 @@ service auth {
   # permissions (e.g. 0777 allows everyone full permissions).
   unix_listener auth-userdb {
     #mode = 0666
-    user = vmail
+    user = %{mailboxes_owner}
     #group = 
   }
 
@@ -131,13 +131,6 @@ service auth {
     group = postfix
   }
 
-  # Radicale auth
-  %{radicale_enabled}unix_listener %{radicale_auth_socket_path} {
-  %{radicale_enabled}  mode = 0666
-  %{radicale_enabled}  user = %{radicale_user}
-  %{radicale_enabled}  group = %{radicale_user}
-  %{radicale_enabled}}
-
   # Auth process is run as this user.
   #user = $default_internal_user
 }
@@ -154,7 +147,7 @@ service dict {
   # For example: mode=0660, group=vmail and global mail_access_groups=vmail
   unix_listener dict {
     mode = 0600
-    user = vmail
+    user = %{mailboxes_owner}
     #group = 
   }
 }

modoboa_installer/scripts/files/dovecot/2.3/conf.d/10-ssl-keys.try.tpl

@@ -0,0 +1,6 @@
+# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+# dropping root privileges, so keep the key file unreadable by anyone but
+# root. Included doc/mkcert.sh can be used to easily generate self-signed
+# certificate, just make sure to update the domains in dovecot-openssl.cnf
+ssl_cert = <%tls_cert_file
+ssl_key = <%tls_key_file

modoboa_installer/scripts/files/dovecot/2.3/conf.d/10-ssl.conf.tpl

@@ -5,12 +5,11 @@
 # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
 #ssl = yes
 
-# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
-# dropping root privileges, so keep the key file unreadable by anyone but
-# root. Included doc/mkcert.sh can be used to easily generate self-signed
-# certificate, just make sure to update the domains in dovecot-openssl.cnf
-ssl_cert = <%tls_cert_file
-ssl_key = <%tls_key_file
+# Workarround https://github.com/modoboa/modoboa/issues/2570 
+# We try to load the key and pass if it fails
+# Keys require root permissions, standard commands would be blocked
+# because dovecot can't load these cert
+!include_try /etc/dovecot/conf.d/10-ssl-keys.try
 
 # If key file is password protected, give the password here. Alternatively
 # give it when starting dovecot with -p parameter. Since this file is often
@@ -41,7 +40,7 @@ ssl_key = <%tls_key_file
 #ssl_parameters_regenerate = 168
 
 # SSL protocols to use
-ssl_protocols = %ssl_protocols
+%ssl_protocol_parameter = %ssl_protocols
 
 
 # SSL ciphers to use

modoboa_installer/scripts/files/dovecot/2.3/conf.d/90-sieve.conf.tpl

@@ -38,7 +38,7 @@ plugin {
   # Identical to sieve_before, only the specified scripts are executed after the
   # user's script (only when keep is still in effect!). Multiple script file or
   # directory paths can be specified by appending an increasing number.
-  #sieve_after =
+  %{do_move_spam_to_junk}sieve_after = /etc/dovecot/conf.d/custom_after_sieve
   #sieve_after2 = 
   #sieve_after2 = (etc...)
 

modoboa_installer/scripts/files/dovecot/2.3/conf.d/auth-oauth2.conf.ext

@@ -0,0 +1,5 @@
+passdb {
+  driver = oauth2
+  mechanisms = xoauth2 oauthbearer
+  args = /etc/dovecot/conf.d/dovecot-oauth2.conf.ext
+}

modoboa_installer/scripts/files/dovecot/2.3/conf.d/dovecot-oauth2.conf.ext.tpl

@@ -0,0 +1,6 @@
+introspection_mode = post
+introspection_url = %{oauth2_introspection_url}
+username_attribute = username
+tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
+active_attribute = active
+active_value = true

modoboa_installer/scripts/files/dovecot/2.3/dovecot-sql-mysql.conf.ext.tpl

@@ -123,7 +123,8 @@ connect = host=%dbhost port=%dbport dbname=%modoboa_dbname user=%modoboa_dbuser
 #user_query = \
 #  SELECT home, uid, gid \
 #  FROM users WHERE username = '%%n' AND domain = '%%d'
-user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, CONCAT('*:bytes=', mb.quota, 'M') AS quota_rule FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE mb.address='%%n' AND dom.name='%%d'
+%{not_modoboa_2_2_or_greater}user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, CONCAT('*:bytes=', mb.quota, 'M') AS quota_rule FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE mb.address='%%n' AND dom.name='%%d'
+%{modoboa_2_2_or_greater}user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, CONCAT('*:bytes=', mb.quota, 'M') AS quota_rule FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE (mb.is_send_only=0 OR '%%s' NOT IN ('imap', 'pop3', 'lmtp')) AND mb.address='%%n' AND dom.name='%%d'
 
 # If you wish to avoid two SQL lookups (passdb + userdb), you can use
 # userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
@@ -133,7 +134,8 @@ user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid,
 #  SELECT userid AS user, password, \
 #    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
 #  FROM users WHERE userid = '%%u'
-password_query = SELECT email AS user, password, '%{home_dir}/%%d/%%n' AS userdb_home, %mailboxes_owner_uid AS userdb_uid, %mailboxes_owner_gid AS userdb_gid, CONCAT('*:bytes=', mb.quota, 'M') AS userdb_quota_rule FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE u.email='%%u' AND u.is_active=1 AND dom.enabled=1
+%{not_modoboa_2_2_or_greater}password_query = SELECT email AS user, password, '%{home_dir}/%%d/%%n' AS userdb_home, %mailboxes_owner_uid AS userdb_uid, %mailboxes_owner_gid AS userdb_gid, CONCAT('*:bytes=', mb.quota, 'M') AS userdb_quota_rule FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE u.email='%%u' AND u.is_active=1 AND dom.enabled=1
+%{modoboa_2_2_or_greater}password_query = SELECT email AS user, password, '%{home_dir}/%%d/%%n' AS userdb_home, %mailboxes_owner_uid AS userdb_uid, %mailboxes_owner_gid AS userdb_gid, CONCAT('*:bytes=', mb.quota, 'M') AS userdb_quota_rule FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE (mb.is_send_only=0 OR '%%s' NOT IN ('imap', 'pop3')) AND u.email='%%u' AND u.is_active=1 AND dom.enabled=1
 
 # Query to get a list of all usernames.
 #iterate_query = SELECT username AS user FROM users

modoboa_installer/scripts/files/dovecot/2.3/dovecot-sql-postgres.conf.ext.tpl

@@ -123,7 +123,8 @@ connect = host=%dbhost port=%dbport dbname=%modoboa_dbname user=%modoboa_dbuser
 #user_query = \
 #  SELECT home, uid, gid \
 #  FROM users WHERE username = '%%n' AND domain = '%%d'
-user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, '*:bytes=' || mb.quota || 'M' AS quota_rule FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE mb.address='%%n' AND dom.name='%%d'
+%{not_modoboa_2_2_or_greater}user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, '*:bytes=' || mb.quota || 'M' AS quota_rule FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE mb.address='%%n' AND dom.name='%%d'
+%{modoboa_2_2_or_greater}user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, '*:bytes=' || mb.quota || 'M' AS quota_rule FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE (mb.is_send_only IS NOT TRUE OR '%%s' NOT IN ('imap', 'pop3', 'lmtp')) AND mb.address='%%n' AND dom.name='%%d'
 
 # If you wish to avoid two SQL lookups (passdb + userdb), you can use
 # userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
@@ -133,7 +134,8 @@ user_query = SELECT '%{home_dir}/%%d/%%n' AS home, %mailboxes_owner_uid as uid,
 #  SELECT userid AS user, password, \
 #    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
 #  FROM users WHERE userid = '%%u'
-password_query = SELECT email AS user, password, '%{home_dir}/%%d/%%n' AS userdb_home, %mailboxes_owner_uid AS userdb_uid, %mailboxes_owner_gid AS userdb_gid, CONCAT('*:bytes=', mb.quota, 'M') AS userdb_quota_rule FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE email='%%u' AND is_active AND dom.enabled
+%{not_modoboa_2_2_or_greater}password_query = SELECT email AS user, password, '%{home_dir}/%%d/%%n' AS userdb_home, %mailboxes_owner_uid AS userdb_uid, %mailboxes_owner_gid AS userdb_gid, CONCAT('*:bytes=', mb.quota, 'M') AS userdb_quota_rule FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE email='%%u' AND is_active AND dom.enabled
+%{modoboa_2_2_or_greater}password_query = SELECT email AS user, password, '%{home_dir}/%%d/%%n' AS userdb_home, %mailboxes_owner_uid AS userdb_uid, %mailboxes_owner_gid AS userdb_gid, CONCAT('*:bytes=', mb.quota, 'M') AS userdb_quota_rule FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE (mb.is_send_only IS NOT TRUE OR '%%s' NOT IN ('imap', 'pop3')) AND email='%%u' AND is_active AND dom.enabled
 
 # Query to get a list of all usernames.
 #iterate_query = SELECT username AS user FROM users

modoboa_installer/scripts/files/dovecot/2.4/conf.d/10-auth.conf

@@ -0,0 +1,122 @@
+#log_debug=category=auth
+#auth_debug_passwords = yes
+##
+## Authentication processes
+##
+
+# Enable LOGIN command and all other plaintext authentications even if
+# SSL/TLS is not used (LOGINDISABLED capability). Note that if the remote IP
+# matches the local IP (ie. you're connecting from the same computer), the
+# connection is considered secure and plaintext authentication is allowed,
+# unless ssl = required.
+#auth_allow_cleartext = yes
+
+# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
+# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used.
+#auth_cache_size = 0
+# Time to live for cached data. After TTL expires the cached record is no
+# longer used, *except* if the main database lookup returns internal failure.
+# We also try to handle password changes automatically: If user's previous
+# authentication was successful, but this one wasn't, the cache isn't used.
+# For now this works only with plaintext authentication.
+#auth_cache_ttl = 1 hour
+# TTL for negative hits (user not found, password mismatch).
+# 0 disables caching them completely.
+#auth_cache_negative_ttl = 1 hour
+
+# Space separated list of realms for SASL authentication mechanisms that need
+# them. You can leave it empty if you don't want to support multiple realms.
+# Many clients simply use the first one listed here, so keep the default realm
+# first.
+#auth_realms =
+#
+# Default realm/domain to use if none was specified. This is used for both
+# SASL realms and appending @domain to username in plaintext logins.
+#auth_default_domain =
+
+# List of allowed characters in username. If the user-given username contains
+# a character not listed in here, the login automatically fails. This is just
+# an extra check to make sure user can't exploit any potential quote escaping
+# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
+# set this value to empty.
+#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
+
+# Username character translations before it's looked up from databases. The
+# value contains series of from -> to characters. For example "#@/@" means
+# that '#' and '/' characters are translated to '@'.
+#auth_username_translation =
+
+# Username formatting before it's looked up from databases.
+auth_username_format = %{user|lower}
+#auth_username_format = %{user|username|lower}
+
+# If you want to allow master users to log in by specifying the master
+# username within the normal username string (ie. not using SASL mechanism's
+# support for it), you can specify the separator character here. The format
+# is then <username><separator><master username>. UW-IMAP uses "*" as the
+# separator, so that could be a good choice.
+auth_master_user_separator = *
+
+# Username to use for users logging in with ANONYMOUS SASL mechanism
+#auth_anonymous_username = anonymous
+
+# Host name to use in GSSAPI principal names. The default is to use the
+# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab
+# entries.
+#auth_gssapi_hostname =
+
+# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
+# default (usually /etc/krb5.keytab) if not specified. You may need to change
+# the auth service to run as root to be able to read this file.
+#auth_krb5_keytab = 
+
+# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
+# ntlm_auth helper. <https://doc.dovecot.org/latest/core/config/auth/mechanisms/winbind.html>
+#auth_use_winbind = no
+
+# Path for Samba's ntlm_auth helper binary.
+#auth_winbind_helper_path = /usr/bin/ntlm_auth
+
+# Time to delay before replying to failed authentications.
+#auth_failure_delay = 2 secs
+
+# Require a valid SSL client certificate or the authentication fails.
+#auth_ssl_require_client_cert = no
+
+# Take the username from client's SSL certificate, using 
+# X509_NAME_get_text_by_NID() which returns the subject's DN's
+# CommonName. 
+#auth_ssl_username_from_cert = no
+
+# Space separated list of wanted authentication mechanisms:
+#   plain login digest-md5 cram-md5 ntlm anonymous gssapi
+#   gss-spnego xoauth2 oauthbearer
+# NOTE: See also auth_allow_cleartext setting.
+auth_mechanisms = plain login oauthbearer xoauth2
+
+##
+## Password and user databases
+##
+
+#
+# Password database is used to verify user's password (and nothing more).
+# You can have multiple passdbs and userdbs. This is useful if you want to
+# allow both system users (/etc/passwd) and virtual users to login without
+# duplicating the system users into virtual database.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/passdb.html>
+#
+# User database specifies where mails are located and what user/group IDs
+# own them. For single-UID configuration use "static" userdb.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/userdb.html>
+
+#!include auth-deny.conf.ext
+!include auth-master.conf.ext
+!include auth-oauth2.conf.ext
+
+#!include auth-system.conf.ext
+!include auth-sql.conf.ext
+#!include auth-ldap.conf.ext
+#!include auth-passwdfile.conf.ext
+#!include auth-static.conf.ext

modoboa_installer/scripts/files/dovecot/2.4/conf.d/10-mail.conf.tpl

@@ -0,0 +1,417 @@
+##
+## Mailbox locations and namespaces
+##
+
+# Location for users' mailboxes. The default is empty, which means that Dovecot
+# tries to find the mailboxes automatically. This won't work if the user
+# doesn't yet have any mail, so you should explicitly tell Dovecot the full
+# location.
+#
+# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%%u)
+# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
+# kept. This is called the "root mail directory", and it must be the first
+# path given in the mail_location setting.
+#
+# There are a few special variables you can use, eg.:
+#
+#   %%{user} - username
+#   %%{user|username} - user part in user@domain, same as %%u if there's no domain
+#   %%{user|domain} - domain part in user@domain, empty if there's no domain
+#   %%{home} - home directory
+#
+# See https://doc.dovecot.org/latest/core/settings/variables.html for full list
+# of variables.
+#
+# Example:
+#  mail_driver = maildir
+#  mail_path = ~/Maildir
+#  mail_inbox_path = ~/Maildir/.INBOX
+#
+
+# Debian defaults
+# Note that upstream considers mbox deprecated and strongly recommends
+# against its use in production environments. See further information
+# at
+# https://doc.dovecot.org/2.4.0/core/config/mailbox/formats/mbox.html
+# mail_driver = mbox
+# mail_home = /home/%%{user|username}
+# mail_path = %%{home}/mail
+# mail_inbox_path = /var/mail/%%{user}
+mail_driver = maildir
+mail_home = %{home_dir}/%%{user|domain}/%%{user|username}
+mail_path = %%{home}/Maildir
+
+# If you need to set multiple mailbox locations or want to change default
+# namespace settings, you can do it by defining namespace sections.
+#
+# You can have private, shared and public namespaces. Private namespaces
+# are for user's personal mails. Shared namespaces are for accessing other
+# users' mailboxes that have been shared. Public namespaces are for shared
+# mailboxes that are managed by sysadmin. If you create any shared or public
+# namespaces you'll typically want to enable ACL plugin also, otherwise all
+# users can access all the shared mailboxes, assuming they have permissions
+# on filesystem level to do so.
+namespace inbox {
+  # Namespace type: private, shared or public
+  #type = private
+
+  # Hierarchy separator to use. You should use the same separator for all
+  # namespaces or some clients get confused. '/' is usually a good one.
+  # The default however depends on the underlying mail storage format.
+  #separator = 
+
+  # Prefix required to access this namespace. This needs to be different for
+  # all namespaces. For example "Public/".
+  #prefix = 
+
+  # Physical location of the mailbox. This is in same format as
+  # mail location, which is also the default for it.
+  # mail_driver = 
+  # mail_path = 
+  #
+  # There can be only one INBOX, and this setting defines which namespace
+  # has it.
+  inbox = yes
+
+  # If namespace is hidden, it's not advertised to clients via NAMESPACE
+  # extension. You'll most likely also want to set list=no. This is mostly
+  # useful when converting from another server with different namespaces which
+  # you want to deprecate but still keep working. For example you can create
+  # hidden namespaces with prefixes "~/mail/", "~%%u/mail/" and "mail/".
+  #hidden = no
+
+  # Show the mailboxes under this namespace with LIST command. This makes the
+  # namespace visible for clients that don't support NAMESPACE extension.
+  # "children" value lists child mailboxes, but hides the namespace prefix.
+  #list = yes
+
+  # Namespace handles its own subscriptions. If set to "no", the parent
+  # namespace handles them (empty prefix should always have this as "yes")
+  #subscriptions = yes
+
+  # See 15-mailboxes.conf for definitions of special mailboxes.
+}
+
+# Example shared namespace configuration
+#namespace shared {
+  #type = shared
+  #separator = /
+
+  # Mailboxes are visible under "shared/user@domain/"
+  # $user, $domain and $username are expanded to the destination user.
+  #prefix = shared/$user/
+
+  # Mail location for other users' mailboxes. Note that %%{variables} and ~/
+  # expands to the logged in user's data. %%{owner_user} and %%{owner_home}
+  # destination user's data.
+  #mail_driver = maildir
+  #mail_path = %%{owner_home}/Maildir
+  #mail_index_path = ~/Maildir/shared/%%{owner_user}
+
+  # Use the default namespace for saving subscriptions.
+  #subscriptions = no
+
+  # List the shared/ namespace only if there are visible shared mailboxes.
+  #list = children
+#}
+# Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"?
+#mail_shared_explicit_inbox = no
+
+# System user and group used to access mails. If you use multiple, userdb
+# can override these by returning uid or gid fields. You can use either numbers
+# or names. <https://doc.dovecot.org/latest/core/config/system_users.html#uids>
+#mail_uid =
+#mail_gid =
+
+#  Group to enable temporarily for privileged operations. Currently this is
+# used only with INBOX when either its initial creation or dotlocking fails.
+# Typically this is set to "mail" to give access to /var/mail.
+mail_privileged_group = mail
+
+# Grant access to these supplementary groups for mail processes. Typically
+# these are used to set up access to shared mailboxes. Note that it may be
+# dangerous to set these if users can create symlinks (e.g. if "mail" group is
+# set here, ln -s /var/mail ~/mail/var could allow a user to delete others'
+# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it).
+#mail_access_groups =
+
+# Allow full filesystem access to clients. There's no access checks other than
+# what the operating system does for the active UID/GID. It works with both
+# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
+# or ~user/.
+#mail_full_filesystem_access = no
+
+# Dictionary for key=value mailbox attributes. This is used for example by
+# URLAUTH and METADATA extensions.
+#mail_attribute {
+#  dict file {
+#    path = %%{home}/Maildir/dovecot-attributes
+#  }
+#}
+
+# A comment or note that is associated with the server. This value is
+# accessible for authenticated users through the IMAP METADATA server
+# entry "/shared/comment". 
+#mail_server_comment = ""
+
+# Indicates a method for contacting the server administrator. According to
+# RFC 5464, this value MUST be a URI (e.g., a mailto: or tel: URL), but that
+# is currently not enforced. Use for example mailto:admin@example.com. This
+# value is accessible for authenticated users through the IMAP METADATA server
+# entry "/shared/admin".
+#mail_server_admin = 
+
+##
+## Mail processes
+##
+
+# Don't use mmap() at all. This is required if you store indexes to shared
+# filesystems (NFS or clustered filesystem).
+#mmap_disable = no
+
+# Rely on O_EXCL to work when creating dotlock files. NFS supports O_EXCL
+# since version 3, so this should be safe to use nowadays by default.
+#dotlock_use_excl = yes
+
+# When to use fsync() or fdatasync() calls:
+#   optimized (default): Whenever necessary to avoid losing important data
+#   always: Useful with e.g. NFS when write()s are delayed
+#   never: Never use it (best performance, but crashes can lose data)
+#mail_fsync = optimized
+
+# Locking method for index files. Alternatives are fcntl, flock and dotlock.
+# Dotlocking uses some tricks which may create more disk I/O than other locking
+# methods. NFS users: flock doesn't work, remember to change mmap_disable.
+#lock_method = fcntl
+
+# Directory where mails can be temporarily stored. Usually it's used only for
+# mails larger than >= 128 kB. It's used by various parts of Dovecot, for
+# example LDA/LMTP while delivering large mails or zlib plugin for keeping
+# uncompressed mails.
+#mail_temp_dir = /tmp
+
+# Valid UID range for users, defaults to 500 and above. This is mostly
+# to make sure that users can't log in as daemons or other system users.
+# Note that denying root logins is hardcoded to dovecot binary and can't
+# be done even if first_valid_uid is set to 0.
+#first_valid_uid = 500
+#last_valid_uid = 0
+
+# Valid GID range for users, defaults to non-root/wheel. Users having
+# non-valid GID as primary group ID aren't allowed to log in. If user
+# belongs to supplementary groups with non-valid GIDs, those groups are
+# not set.
+#first_valid_gid = 1
+#last_valid_gid = 0
+
+# Maximum allowed length for mail keyword name. It's only forced when trying
+# to create new keywords.
+#mail_max_keyword_length = 50
+
+# ':' separated list of directories under which chrooting is allowed for mail
+# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
+# This setting doesn't affect login_chroot, mail_chroot or auth chroot
+# settings. If this setting is empty, "/./" in home dirs are ignored.
+# WARNING: Never add directories here which local users can modify, that
+# may lead to root exploit. Usually this should be done only if you don't
+# allow shell access for users. <doc/wiki/Chrooting.txt>
+#valid_chroot_dirs = 
+
+# Default chroot directory for mail processes. This can be overridden for
+# specific users in user database by giving /./ in user's home directory
+# (eg. /home/./user chroots into /home). Note that usually there is no real
+# need to do chrooting, Dovecot doesn't allow users to access files outside
+# their mail directory anyway. If your home directories are prefixed with
+# the chroot directory, append "/." to mail_chroot. <doc/wiki/Chrooting.txt>
+#mail_chroot = 
+
+# UNIX socket path to master authentication server to find users.
+# This is used by imap (for shared users) and lda.
+#auth_socket_path = /var/run/dovecot/auth-userdb
+
+# Directory where to look up mail plugins.
+#mail_plugin_dir = /usr/lib/dovecot
+
+# Space separated list of plugins to load for all services. Plugins specific to
+# IMAP, LDA, etc. are added to this list in their own .conf files.
+#mail_plugins =
+#
+# To add plugins, use
+#mail_plugins {
+#  plugin = yes
+#}
+mail_plugins {
+  quota = yes
+  quota_clone = yes
+}
+
+##
+## Mailbox handling optimizations
+##
+
+# Mailbox list indexes can be used to optimize IMAP STATUS commands. They are
+# also required for IMAP NOTIFY extension to be enabled.
+#mailbox_list_index = yes
+
+# Trust mailbox list index to be up-to-date. This reduces disk I/O at the cost
+# of potentially returning out-of-date results after e.g. server crashes.
+# The results will be automatically fixed once the folders are opened.
+#mailbox_list_index_very_dirty_syncs = yes
+
+# Should INBOX be kept up-to-date in the mailbox list index? By default it's
+# not, because most of the mailbox accesses will open INBOX anyway.
+#mailbox_list_index_include_inbox = no
+
+# The minimum number of mails in a mailbox before updates are done to cache
+# file. This allows optimizing Dovecot's behavior to do less disk writes at
+# the cost of more disk reads.
+#mail_cache_min_mail_count = 0
+
+# When IDLE command is running, mailbox is checked once in a while to see if
+# there are any new mails or other changes. This setting defines the minimum
+# time to wait between those checks. Dovecot can also use inotify and
+# kqueue to find out immediately when changes occur.
+#mailbox_idle_check_interval = 30 secs
+
+# Save mails with CR+LF instead of plain LF. This makes sending those mails
+# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
+# But it also creates a bit more disk I/O which may just make it slower.
+# Also note that if other software reads the mboxes/maildirs, they may handle
+# the extra CRs wrong and cause problems.
+#mail_save_crlf = no
+
+# Max number of mails to keep open and prefetch to memory. This only works with
+# some mailbox formats and/or operating systems.
+#mail_prefetch_count = 0
+
+# How often to scan for stale temporary files and delete them (0 = never).
+# These should exist only after Dovecot dies in the middle of saving mails.
+#mail_temp_scan_interval = 1w
+
+# How many slow mail accesses sorting can perform before it returns failure.
+# With IMAP the reply is: NO [LIMIT] Requested sort would have taken too long.
+# The untagged SORT reply is still returned, but it's likely not correct.
+#mail_sort_max_read_count = 0
+
+protocol !indexer-worker {
+  # If folder vsize calculation requires opening more than this many mails from
+  # disk (i.e. mail sizes aren't in cache already), return failure and finish
+  # the calculation via indexer process. Disabled by default. This setting must
+  # be 0 for indexer-worker processes.
+  #mail_vsize_bg_after_count = 0
+}
+
+##
+## Maildir-specific settings
+##
+
+# By default LIST command returns all entries in maildir beginning with a dot.
+# Enabling this option makes Dovecot return only entries which are directories.
+# This is done by stat()ing each entry, so it causes more disk I/O.
+# (For systems setting struct dirent->d_type, this check is free and it's
+# done always regardless of this setting)
+#maildir_stat_dirs = no
+
+# When copying a message, do it with hard links whenever possible. This makes
+# the performance much better, and it's unlikely to have any side effects.
+#maildir_copy_with_hardlinks = yes
+
+# Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only
+# when its mtime changes unexpectedly or when we can't find the mail otherwise.
+#maildir_very_dirty_syncs = no
+
+# If enabled, Dovecot doesn't use the S=<size> in the Maildir filenames for
+# getting the mail's physical size, except when recalculating Maildir++ quota.
+# This can be useful in systems where a lot of the Maildir filenames have a
+# broken size. The performance hit for enabling this is very small.
+#maildir_broken_filename_sizes = no
+
+# Always move mails from new/ directory to cur/, even when the \Recent flags
+# aren't being reset.
+#maildir_empty_new = no
+
+##
+## mbox-specific settings
+##
+
+# Which locking methods to use for locking mbox. There are four available:
+#  dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
+#           solution. If you want to use /var/mail/ like directory, the users
+#           will need write access to that directory.
+#  dotlock_try: Same as dotlock, but if it fails because of permissions or
+#               because there isn't enough disk space, just skip it.
+#  fcntl  : Use this if possible. Works with NFS too if lockd is used.
+#  flock  : May not exist in all systems. Doesn't work with NFS.
+#  lockf  : May not exist in all systems. Doesn't work with NFS.
+#
+# You can use multiple locking methods; if you do the order they're declared
+# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
+# locking methods as well. Some operating systems don't allow using some of
+# them simultaneously.
+#mbox_read_locks = fcntl
+#mbox_write_locks = dotlock fcntl
+
+# Maximum time to wait for lock (all of them) before aborting.
+#mbox_lock_timeout = 5 mins
+
+# If dotlock exists but the mailbox isn't modified in any way, override the
+# lock file after this much time.
+#mbox_dotlock_change_timeout = 2 mins
+
+# When mbox changes unexpectedly we have to fully read it to find out what
+# changed. If the mbox is large this can take a long time. Since the change
+# is usually just a newly appended mail, it'd be faster to simply read the
+# new mails. If this setting is enabled, Dovecot does this but still safely
+# fallbacks to re-reading the whole mbox file whenever something in mbox isn't
+# how it's expected to be. The only real downside to this setting is that if
+# some other MUA changes message flags, Dovecot doesn't notice it immediately.
+# Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK 
+# commands.
+#mbox_dirty_syncs = yes
+
+# Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE,
+# EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored.
+#mbox_very_dirty_syncs = no
+
+# Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK
+# commands and when closing the mailbox). This is especially useful for POP3
+# where clients often delete all mails. The downside is that our changes
+# aren't immediately visible to other MUAs.
+#mbox_lazy_writes = yes
+
+# If mbox size is smaller than this (e.g. 100k), don't write index files.
+# If an index file already exists it's still read, just not updated.
+#mbox_min_index_size = 0
+
+# Mail header selection algorithm to use for MD5 POP3 UIDLs when
+# pop3_uidl_format=%%m. For backwards compatibility we use apop3d inspired
+# algorithm, but it fails if the first Received: header isn't unique in all
+# mails. An alternative algorithm is "all" that selects all headers.
+#mbox_md5 = apop3d
+
+##
+## mdbox-specific settings
+##
+
+# Maximum dbox file size until it's rotated.
+#mdbox_rotate_size = 10M
+
+# Maximum dbox file age until it's rotated. Typically in days. Day begins
+# from midnight, so 1d = today, 2d = yesterday, etc. 0 = check disabled.
+#mdbox_rotate_interval = 0
+
+# When creating new mdbox files, immediately preallocate their size to
+# mdbox_rotate_size. This setting currently works only in Linux with some
+# filesystems (ext4, xfs).
+#mdbox_preallocate_space = no
+
+# Settings to control adding $HasAttachment or $HasNoAttachment keywords.
+# By default, all MIME parts with Content-Disposition=attachment, or inlines
+# with filename parameter are consired attachments.
+#   add-flags - Add the keywords when saving new mails or when fetching can
+#      do it efficiently.
+#   content-type=type or !type - Include/exclude content type. Excluding will
+#     never consider the matched MIME part as attachment. Including will only
+#     negate an exclusion (e.g. content-type=!foo/* content-type=foo/bar).
+#   exclude-inlined - Exclude any Content-Disposition=inline MIME part.
+#mail_attachment_detection_options =

modoboa_installer/scripts/files/dovecot/2.4/conf.d/10-master.conf.tpl

@@ -0,0 +1,174 @@
+#default_process_limit = 100
+#default_client_limit = 1000
+
+# Default VSZ (virtual memory size) limit for service processes. This is mainly
+# intended to catch and kill processes that leak memory before they eat up
+# everything.
+#default_vsz_limit = 256M
+
+# Login user is internally used by login processes. This is the most untrusted
+# user in Dovecot system. It shouldn't have access to anything at all.
+#default_login_user = dovenull
+
+# Internal user is used by unprivileged processes. It should be separate from
+# login user, so that login processes can't disturb other processes.
+#default_internal_user = dovecot
+
+service imap-login {
+  inet_listener imap {
+    #port = 143
+  }
+  inet_listener imaps {
+    #port = 993
+    #ssl = yes
+  }
+
+  # Number of connections to handle before starting a new process. Typically
+  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+  # is faster. <d>
+  #service_restart_request_count = 1
+
+  # Number of processes to always keep waiting for more connections.
+  #process_min_avail = 0
+
+  # If you set service_restart_request_count=0, you probably need to grow this.
+  #vsz_limit = 256M # default
+}
+
+service pop3-login {
+  inet_listener pop3 {
+    #port = 110
+  }
+  inet_listener pop3s {
+    #port = 995
+    #ssl = yes
+  }
+}
+
+service submission-login {
+  inet_listener submission {
+    #port = 587
+  }
+  inet_listener submissions {
+    #port = 465
+  }
+}
+
+service lmtp {
+  unix_listener lmtp {
+    #mode = 0666
+  }
+
+  # Create inet listener only if you can't use the above UNIX socket
+  #inet_listener lmtp {
+    # Avoid making LMTP visible for the entire internet
+    #listen = 127.0.0.1
+    #port = 24
+  #}
+
+  unix_listener /var/spool/postfix/private/dovecot-lmtp {
+    mode = 0600
+    user = postfix
+    group = postfix
+  }
+}
+
+service imap {
+  # Most of the memory goes to mmap()ing files. You may need to increase this
+  # limit if you have huge mailboxes.
+  #vsz_limit = 256M # default
+
+  # Max. number of IMAP processes (connections)
+  #process_limit = 1024
+
+  executable = imap postlogin
+}
+
+service pop3 {
+  # Max. number of POP3 processes (connections)
+  #process_limit = 1024
+  executable = imap postlogin
+}
+
+service submission {
+  # Max. number of SMTP Submission processes (connections)
+  #process_limit = 1024
+}
+
+service postlogin {
+  executable = script-login /usr/local/bin/postlogin.sh
+  user = %modoboa_user
+  unix_listener postlogin {
+  }
+}
+
+service stats {
+  # To allow modoboa to access available cipher list.
+  unix_listener stats-reader {
+    user = %{mailboxes_owner}
+    group = %{mailboxes_owner}
+    mode = 0660
+  }
+
+  unix_listener stats-writer {
+    user = %{mailboxes_owner}
+    group = %{mailboxes_owner}
+    mode = 0660
+  }
+}
+
+
+service auth {
+  # auth_socket_path points to this userdb socket by default. It's typically
+  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
+  # full permissions to this socket are able to get a list of all usernames and
+  # get the results of everyone's userdb lookups.
+  #
+  # The default 0666 mode allows anyone to connect to the socket, but the
+  # userdb lookups will succeed only if the userdb returns an "uid" field that
+  # matches the caller process's UID. Also if caller's uid or gid matches the
+  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
+  #
+  # To give the caller full permissions to lookup all users, set the mode to
+  # something else than 0666 and Dovecot lets the kernel enforce the
+  # permissions (e.g. 0777 allows everyone full permissions).
+  unix_listener auth-userdb {
+    #mode = 0666
+    user = %{mailboxes_owner}
+    #group = 
+  }
+
+  # Postfix smtp-auth
+  unix_listener /var/spool/postfix/private/auth {
+    mode = 0666
+    user = postfix
+    group = postfix
+  }
+
+  %{radicale_enabled}unix_listener auth-radicale {
+  %{radicale_enabled}  mode = 0666
+  %{radicale_enabled}  user = %{radicale_user}
+  %{radicale_enabled}  group = %{radicale_user}
+  %{radicale_enabled}  type = auth-legacy
+  %{radicale_enabled}}
+
+  # Auth process is run as this user.
+  #user = $SET:default_internal_user
+}
+
+service auth-worker {
+  # Auth worker process is run as root by default, so that it can access
+  # /etc/shadow. If this isn't necessary, the user should be changed to
+  # $SET:default_internal_user.
+  #user = root
+}
+
+service dict {
+  # If dict proxy is used, mail processes should have access to its socket.
+  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
+  unix_listener dict {
+    mode = 0600
+    user = %{mailboxes_owner}
+    #group = 
+  }
+}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/10-ssl-keys.try.tpl

@@ -0,0 +1,6 @@
+# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+# dropping root privileges, so keep the key file unreadable by anyone but
+# root. Included doc/mkcert.sh can be used to easily generate self-signed
+# certificate, just make sure to update the domains in dovecot-openssl.cnf
+ssl_server_cert_file = %tls_cert_file
+ssl_server_key_file = %tls_key_file

modoboa_installer/scripts/files/dovecot/2.4/conf.d/10-ssl.conf.tpl

@@ -0,0 +1,59 @@
+##
+## SSL settings
+##
+
+# SSL/TLS support: yes, no, required. <https://doc.dovecot.org/latest/core/config/ssl.html>
+ssl = yes
+
+# PEM encoded X.509 SSL/TLS certificate and private key.  By default, Debian
+# installs a self-signed certificate.  This is useful for testing, but you
+# should obtain a real certificate from a recognized certificate authority.
+#
+# These files are opened before dropping root privileges, so keep the key file
+# unreadable by anyone but root. Included /usr/share/dovecot/mkcert.sh can be
+# used to easily generate self-signed certificate, just make sure to update the
+# domains in dovecot-openssl.cnf
+# 
+# Preferred permissions: root:root 0444
+# ssl_server_cert_file = /etc/dovecot/private/dovecot.pem
+# Preferred permissions: root:root 0400
+# ssl_server_key_file = /etc/dovecot/private/dovecot.key
+!include_try /etc/dovecot/conf.d/10-ssl-keys.try
+
+# If key file is password protected, give the password here. Alternatively
+# give it when starting dovecot with -p parameter. Since this file is often
+# world-readable, you may want to place this setting instead to a different
+# root owned 0600 file by using ssl_key_password = <path.
+#ssl_server_key_password =
+
+# PEM encoded trusted certificate authority. Set this only if you intend to use
+# ssl_request_client_cert=yes. The file should contain the CA certificate(s)
+# followed by the matching CRL(s). (e.g. ssl_server_ca_file = /etc/ssl/certs/ca.pem)
+#ssl_server_ca_file = 
+
+# Require that CRL check succeeds for client certificates.
+#ssl_server_require_crl = yes
+
+# Request client to send a certificate. If you also want to require it, set
+# auth_ssl_require_client_cert=yes in auth section.
+#ssl_server_request_client_cert = no
+
+# Which field from certificate to use for username. commonName and
+# x500UniqueIdentifier are the usual choices. You'll also need to set
+# auth_ssl_username_from_cert=yes.
+#ssl_server_cert_username_field = commonName
+
+# SSL protocols to use.  Debian systems specify TLSv1.2 by default, which should
+# be reasonbly secure and compatible with existing clients.
+%ssl_protocol_parameter = %ssl_protocols
+
+# Diffie-Hellman parameters are no longer required and should be phased out.
+# They do not work with ECDH(E) and require DH(E) ciphers.
+#ssl_server_dh_file = /etc/dovecot/dh.pem
+
+# SSL ciphers to use
+#ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+ssl_cipher_list = EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4
+
+# SSL crypto device to use, for valid values run "openssl engine"
+#ssl_crypto_device = /dev/crypto

modoboa_installer/scripts/files/dovecot/2.4/conf.d/20-imap.conf

@@ -0,0 +1,108 @@
+##
+## IMAP specific settings
+##
+
+# If nothing happens for this long while client is IDLEing, move the connection
+# to imap-hibernate process and close the old imap process. This saves memory,
+# because connections use very little memory in imap-hibernate process. The
+# downside is that recreating the imap process back uses some resources.
+#imap_hibernate_timeout = 0
+
+# Maximum IMAP command line length. Some clients generate very long command
+# lines with huge mailboxes, so you may need to raise this if you get
+# "Too long argument" or "IMAP command line too large" errors often.
+#imap_max_line_length = 64k
+
+# IMAP logout format string:
+#  %{input} - total number of bytes read from client
+#  %{output} - total number of bytes sent to client
+#  %{fetch_hdr_count} - Number of mails with mail header data sent to client
+#  %{fetch_hdr_bytes} - Number of bytes with mail header data sent to client
+#  %{fetch_body_count} - Number of mails with mail body data sent to client
+#  %{fetch_body_bytes} - Number of bytes with mail body data sent to client
+#  %{deleted} - Number of mails where client added \Deleted flag
+#  %{expunged} - Number of mails that client expunged, which does not
+#                include automatically expunged mails
+#  %{autoexpunged} - Number of mails that were automatically expunged after
+#                    client disconnected
+#  %{trashed} - Number of mails that client copied/moved to the
+#               special_use=\Trash mailbox.
+#  %{appended} - Number of mails saved during the session
+#imap_logout_format = in=%i out=%o deleted=%{deleted} expunged=%{expunged} \
+#  trashed=%{trashed} hdr_count=%{fetch_hdr_count} \
+#  hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} \
+#  body_bytes=%{fetch_body_bytes}
+
+# Amend or override the IMAP capability response. To override, set the value
+# with imap_capability = 
+# 
+# To amend, you can use a boolean list to specify which capabilities to turn
+# on and off
+#imap_capability {
+#  SPECIAL-USE = yes
+#  "LITERAL+" = no
+#}
+
+# How long to wait between "OK Still here" notifications when client is
+# IDLEing.
+#imap_idle_notify_interval = 2 mins
+
+# ID field names and values to send to clients. Using * as the value makes
+# Dovecot use the default value. The following fields have default values
+# currently: name, version, os, os-version, support-url, support-email,
+# revision.
+#imap_id_send = 
+
+# Use imap_id_received event to log IMAP id
+
+# Workarounds for various client bugs:
+#   delay-newmail:
+#     Send EXISTS/RECENT new mail notifications only when replying to NOOP
+#     and CHECK commands. Some clients ignore them otherwise, for example OSX
+#     Mail (<v2.1). Outlook Express breaks more badly though, without this it
+#     may show user "Message no longer in server" errors. Note that OE6 still
+#     breaks even with this workaround if synchronization is set to
+#     "Headers Only".
+#   tb-extra-mailbox-sep:
+#     Thunderbird gets somehow confused with LAYOUT=fs (mbox and dbox) and
+#     adds extra '/' suffixes to mailbox names. This option causes Dovecot to
+#     ignore the extra '/' instead of treating it as invalid mailbox name.
+#   tb-lsub-flags:
+#     Show \Noselect flags for LSUB replies with LAYOUT=fs (e.g. mbox).
+#     This makes Thunderbird realize they aren't selectable and show them
+#     greyed out, instead of only later giving "not selectable" popup error.
+#
+# This is a boolean list
+#imap_client_workarounds {
+#  delay-newmail = yes
+#}
+
+# Host allowed in URLAUTH URLs sent by client. "*" allows all.
+#imap_urlauth_host =
+
+# Enable IMAP LITERAL- extension (replaces LITERAL+)
+#imap_literal_minus = no
+
+# What happens when FETCH fails due to some internal error:
+#   disconnect-immediately:
+#     The FETCH is aborted immediately and the IMAP client is disconnected.
+#   disconnect-after:
+#     The FETCH runs for all the requested mails returning as much data as
+#     possible. The client is finally disconnected without a tagged reply.
+#   no-after:
+#     Same as disconnect-after, but tagged NO reply is sent instead of
+#     disconnecting the client. If the client attempts to FETCH the same failed
+#     mail more than once, the client is disconnected. This is to avoid clients
+#     from going into infinite loops trying to FETCH a broken mail.
+#imap_fetch_failure = disconnect-immediately
+
+protocol imap {
+  # Space separated list of plugins to load (default is global mail_plugins).
+  mail_plugins {
+    quota = yes
+  }
+
+  # Maximum number of IMAP connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/20-lmtp.conf.tpl

@@ -0,0 +1,53 @@
+##
+#i
+## LMTP specific settings
+##
+
+# Support proxying to other LMTP/SMTP servers by performing passdb lookups.
+#lmtp_proxy = no
+
+# When recipient address includes the detail (e.g. user+detail), try to save
+# the mail to the detail mailbox. See also recipient_delimiter and
+# lda_mailbox_autocreate settings.
+#lmtp_save_to_detail_mailbox = no
+
+# Verify quota before replying to RCPT TO. This adds a small overhead.
+lmtp_rcpt_check_quota = yes
+
+# Add "Received:" header to mails delivered.
+#lmtp_add_received_header = yes
+
+# Which recipient address to use for Delivered-To: header and Received:
+# header. The default is "final", which is the same as the one given to
+# RCPT TO command. "original" uses the address given in RCPT TO's ORCPT
+# parameter, "none" uses nothing. Note that "none" is currently always used
+# when a mail has multiple recipients.
+#lmtp_hdr_delivery_address = final
+
+# Workarounds for various client bugs:
+#   whitespace-before-path:
+#     Allow one or more spaces or tabs between `MAIL FROM:' and path and between
+#     `RCPT TO:' and path.
+#   mailbox-for-path:
+#     Allow using bare Mailbox syntax (i.e., without <...>) instead of full path
+#     syntax.
+#
+#lmtp_client_workarounds {
+#  whitespace-before-path = yes
+#}
+
+protocol lmtp {
+  mail_plugins {
+    quota = yes
+    sieve = yes
+  }
+  postmaster_address = %postmaster_address
+
+  # This strips the domain name before delivery, since the default
+  # userdb in Debian is /etc/passwd, which doesn't include domain
+  # names in the user.  If you're using a different userdb backend
+  # that does include domain names, you may wish to remove this.  See
+  # https://doc.dovecot.org/2.4.0/howto/lmtp/exim.html and
+  # https://doc.dovecot.org/2.4.0/core/summaries/settings.html#auth_username_format
+  # auth_username_format = %%{user | username}
+}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/30-dict-server.conf.tpl

@@ -0,0 +1,47 @@
+##
+## Dictionary server settings
+##
+
+# Dictionary can be used to store key=value lists. This is used by several
+# plugins. The dictionary can be accessed either directly or though a
+# dictionary server. The following dict block maps dictionary names to URIs
+# when the server is used. These can then be referenced using URIs in format
+# "proxy::<name>".
+
+dict_server {
+  pgsql %dbhost {
+    parameters {
+      port = %dbport
+      dbname = %modoboa_dbname
+      user = %modoboa_dbuser
+      password = %modoboa_dbpassword
+    }
+  }
+  dict quota {
+    driver = sql
+    sql_driver = %db_driver
+    hostname = %dbhost
+
+    dict_map priv/quota/storage {
+      sql_table = admin_quota
+      username_field = username
+      value_field bytes {
+        type = uint
+      }
+    }
+
+    dict_map priv/quota/messages {
+      sql_table = admin_quota
+      username_field = username
+      value_field messages {
+        type = uint
+      }
+    }
+  }
+}
+
+quota_clone {
+  dict proxy {
+    name = quota
+  }
+}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/90-quota.conf

@@ -0,0 +1,79 @@
+##
+## Quota configuration.
+##
+
+# Note that you also have to enable quota plugin in mail_plugins setting.
+## <https://doc.dovecot.org/latest/core/plugins/quota.html>
+
+##
+## Quota limits
+##
+
+# Quota limits are set using "quota_rule" parameters. To get per-user quota
+# limits, you can set/override them by returning "quota_rule" extra field
+# from userdb. It's also possible to give mailbox-specific limits, for example
+# to give additional 100 MB when saving to Trash:
+
+#mail_plugins {
+#  quota = yes
+#}
+
+quota "User quota" {
+#   storage_size = 1G
+}
+#
+#namespace inbox {
+#   mailbox Trash {
+#     quota_storage_extra = 100M
+#   }
+#}
+
+##
+## Quota warnings
+##
+
+# You can execute a given command when user exceeds a specified quota limit.
+# Each quota root has separate limits. Only the command for the first
+# exceeded limit is excecuted, so put the highest limit first.
+# The commands are executed via script service by connecting to the named
+# UNIX socket (quota-warning below).
+# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
+
+#quota "User quota" {
+#  warning warn-95 {
+#    quota_storage_percentage = 95
+#    execute quota-warning {
+#      args = 95 %{user}
+#    }
+#  }
+#  warning warn-80 {
+#    quota_storage_percentage = 80
+#    execute quota-warning {
+#      args = 80 %{user}
+#    }
+#  }
+#}
+
+# Example quota-warning service. The unix listener's permissions should be
+# set in a way that mail processes can connect to it. Below example assumes
+# that mail processes run as vmail user. If you use mode=0666, all system users
+# can generate quota warnings to anyone.
+#service quota-warning {
+#  executable = script /usr/local/bin/quota-warning.sh
+#  user = dovecot
+#  unix_listener quota-warning {
+#    user = vmail
+#  }
+#}
+
+##
+## Quota backends
+##
+
+# Multiple backends are supported:
+#   count: Default and recommended, quota driver tracks the quota internally within Dovecot's index files.
+#   maildir: Maildir++ quota
+#   fs: Read-only support for filesystem quota
+#quota "User quota" {
+#  driver = count
+#}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/90-sieve.conf.tpl

@@ -0,0 +1,118 @@
+##
+## Settings for the Sieve interpreter
+##
+
+# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf
+# by adding it to the respective mail_plugins { sieve = yes } settings.
+
+# See https://doc.dovecot.org/latest/core/plugins/sieve.html
+
+# Personal sieve script location
+#sieve_script personal {
+#  driver = file
+#  path = ~/sieve
+#  active_path = ~/.dovecot.sieve
+#}
+
+# Default sieve script location
+#sieve_script default {
+#  type = default
+#  name = default
+#  driver = file
+#  path = /etc/dovecot/sieve/default/
+#}
+
+%{do_move_spam_to_junk}sieve_script after {
+%{do_move_spam_to_junk}  type = after
+%{do_move_spam_to_junk}  path = /etc/dovecot/conf.d/custom_after_sieve
+%{do_move_spam_to_junk}}
+
+
+# Which Sieve language extensions are available to users. By default, all
+# supported extensions are available, except for deprecated extensions or
+# those that are still under development. Some system administrators may want
+# to disable certain Sieve extensions or enable those that are not available
+# by default. This setting can use 'yes' and 'no' to specify differences relative
+# to the default. For example `imapflags = yes' will enable the
+# deprecated imapflags extension in addition to all extensions were already
+# enabled by default.
+#sieve_extensions {
+#  mboxmetadata = yes
+#  vnd.dovecot.debug = yes
+#}
+
+# Which Sieve language extensions are ONLY available in global scripts. This
+# can be used to restrict the use of certain Sieve extensions to administrator
+# control, for instance when these extensions can cause security concerns.
+# This setting has higher precedence than the `sieve_extensions' setting
+# (above), meaning that the extensions enabled with this setting are never
+# available to the user's personal script no matter what is specified for the
+# `sieve_extensions' setting. The syntax of this setting is similar to the
+# `sieve_extensions' setting, with the difference that extensions are
+# enabled or disabled for exclusive use in global scripts. Currently, no
+# extensions are marked as such by default.
+#sieve_global_extensions =
+
+# The Pigeonhole Sieve interpreter can have plugins of its own. Using this
+# setting, the used plugins can be specified. Check the Dovecot documentation
+# https://doc.dovecot.org/latest/core/plugins/sieve.html
+
+#sieve_plugins = sieve_imapsieve sieve_extprograms
+#sieve_pipe_bin_dir    = /usr/share/dovecot-pigeonhole/sieve
+#sieve_execute_bin_dir = /usr/share/dovecot-pigeonhole/sieve
+#sieve_global_extensions {
+#  vnd.dovecot.pipe = yes
+#  vnd.dovecot.execute = yes
+#}
+#imapsieve_url = 
+
+# The separator that is expected between the :user and :detail
+# address parts introduced by the subaddress extension. This may
+# also be a sequence of characters (e.g. '--'). The current
+# implementation looks for the separator from the left of the
+# localpart and uses the first one encountered. The :user part is
+# left of the separator and the :detail part is right. This setting
+# is also used by Dovecot's LMTP service.
+#recipient_delimiter = +-_
+
+# The maximum size of a Sieve script. The compiler will refuse to compile any
+# script larger than this limit. If set to 0, no limit on the script size is
+# enforced.
+#sieve_max_script_size = 1M
+
+# The maximum number of actions that can be performed during a single script
+# execution. If set to 0, no limit on the total number of actions is enforced.
+#sieve_max_actions = 32
+
+# The maximum number of redirect actions that can be performed during a single
+# script execution. If set to 0, no redirect actions are allowed.
+#sieve_max_redirects = 4
+
+# The maximum number of personal Sieve scripts a single user can have. If set
+# to 0, no limit on the number of scripts is enforced.
+# (Currently only relevant for ManageSieve)
+#sieve_quota_script_count = 0
+
+# The maximum amount of disk storage a single user's scripts may occupy. If
+# set to 0, no limit on the used amount of disk storage is enforced.
+# (Currently only relevant for ManageSieve)
+#sieve_quota_storage_size = 0
+
+
+#mailbox Spam {
+## From elsewhere to Spam folder
+#  sieve_script report-spam {
+#    type = before
+#    cause = copy
+#    path = /etc/dovecot/report-spam.sieve
+#  }
+#}
+
+## From Spam folder to elsewhere
+#imapsieve_from Spam {
+#  sieve_script report-ham {
+#    type = before
+#    cause = copy
+#    path = /etc/dovecot/report-ham.sieve
+#  }
+#}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/auth-master-mysql.conf.ext.tpl

@@ -0,0 +1,28 @@
+# Authentication for master users. Included from auth.conf.
+
+# By adding master=yes setting inside a passdb you make the passdb a list
+# of "master users", who can log in as anyone else.
+# <https://doc.dovecot.org/latest/core/config/auth/master_users.html>
+
+# Example master user passdb using passwd-file. You can use any passdb though.
+#passdb master-passwd-file {
+#  driver = passwd-file
+#  master = yes
+#  passwd_file_path = /etc/dovecot/master-users
+#}
+
+sql_driver = %db_driver
+
+mysql %dbhost {
+  port = %dbport
+  dbname = %modoboa_dbname
+  user = %modoboa_dbuser
+  password = %modoboa_dbpassword
+}
+
+passdb db1 {
+  driver = sql
+  sql_query = SELECT email AS user, password FROM core_user WHERE email='%%{user}' and is_active=1 and master_user=1
+  master = yes
+  result_success = continue
+}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/auth-master-postgres.conf.ext.tpl

@@ -0,0 +1,30 @@
+# Authentication for master users. Included from auth.conf.
+
+# By adding master=yes setting inside a passdb you make the passdb a list
+# of "master users", who can log in as anyone else.
+# <https://doc.dovecot.org/latest/core/config/auth/master_users.html>
+
+# Example master user passdb using passwd-file. You can use any passdb though.
+#passdb master-passwd-file {
+#  driver = passwd-file
+#  master = yes
+#  passwd_file_path = /etc/dovecot/master-users
+#}
+
+sql_driver = %db_driver
+
+pgsql %dbhost {
+  parameters {
+    port = %dbport
+    dbname = %modoboa_dbname
+    user = %modoboa_dbuser
+    password = %modoboa_dbpassword
+  }
+}
+
+passdb db1 {
+  driver = sql
+  sql_query = SELECT email AS user, password FROM core_user WHERE email='%%{user}' and is_active and master_user
+  master = yes
+  result_success = continue
+}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/auth-oauth2.conf.ext.tpl

@@ -0,0 +1,24 @@
+auth_mechanisms {
+  xoauth2 = yes
+  oauthbearer = yes
+}
+
+oauth2 {
+  introspection_mode = post
+  introspection_url = %{oauth2_introspection_url}
+  #force_introspection = yes
+  username_attribute = username
+}
+
+# with local validation
+#oauth2 {
+#  introspection_mode = local
+#  username_attribute = email
+#  oauth2_local_validation {
+#    dict fs {
+#      fs posix {
+#        prefix = /etc/dovecot/oauth2-keys/
+#      }
+#    }
+#  }
+#}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/auth-sql-mysql.conf.ext.tpl

@@ -0,0 +1,195 @@
+# Authentication for SQL users. Included from auth.conf.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/databases/sql.html>
+
+# For the sql passdb module, you'll need a database with a table that
+# contains fields for at least the username and password. If you want to
+# use the user@domain syntax, you might want to have a separate domain
+# field as well.
+#
+# If your users all have the same uig/gid, and have predictable home
+# directories, you can use the static userdb module to generate the home
+# dir based on the username and domain. In this case, you won't need fields
+# for home, uid, or gid in the database.
+#
+# If you prefer to use the sql userdb module, you'll want to add fields
+# for home, uid, and gid. Here is an example table:
+#
+# CREATE TABLE users (
+#     username VARCHAR(128) NOT NULL,
+#     domain VARCHAR(128) NOT NULL,
+#     password VARCHAR(64) NOT NULL,
+#     home VARCHAR(255) NOT NULL,
+#     uid INTEGER NOT NULL,
+#     gid INTEGER NOT NULL,
+#     active CHAR(1) DEFAULT 'Y' NOT NULL
+# );
+
+# Database driver: mysql, pgsql, sqlite
+sql_driver = %db_driver
+
+# Database connection string. This is driver-specific setting.
+#
+# HA / round-robin load-balancing is supported by giving multiple host
+# settings, like: host=sql1.host.org host=sql2.host.org
+#
+# pgsql:
+#   For available options, see the PostgreSQL documention for the
+#   PQconnectdb function of libpq.
+#   Use maxconns=n (default 5) to change how many connections Dovecot can
+#   create to pgsql.
+#
+# mysql:
+#   Basic options emulate PostgreSQL option names:
+#     host, port, user, password, dbname
+#
+#   But also adds some new settings:
+#     client_flags        - See MySQL manual
+#     ssl_ca, ssl_ca_path - Set either one or both to enable SSL
+#     ssl_cert, ssl_key   - For sending client-side certificates to server
+#     ssl_cipher          - Set minimum allowed cipher security (default: HIGH)
+#     option_file         - Read options from the given file instead of
+#                           the default my.cnf location
+#     option_group        - Read options from the given group (default: client)
+# 
+#   You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
+#   Note that currently you can't use spaces in parameters.
+#
+# sqlite:
+#   The path to the database file.
+#
+# Examples:
+# mysql 192.168.1.1 {
+#   dbname = users
+# }
+# mysql sql.example.com {
+#   ssl = yes
+#   user = virtual
+#   password = blarg
+#   dbname = virtual
+# }
+# sqlite /etc/dovecot/authdb.sqlite {
+# }
+#
+#mysql /var/run/mysqld/mysqld.sock {
+#  user = dovecot
+#  password = dvmail
+#  dbname = dovecot
+#}
+#mysql localhost {
+# ...
+#}
+mysql %dbhost {
+  port = %dbport
+  dbname = %modoboa_dbname
+  user = %modoboa_dbuser
+  password = %modoboa_dbpassword
+}
+
+#passdb sql {
+#  default_password_scheme = SHA256
+
+# passdb query to retrieve the password. It can return fields:
+#   password - The user's password. This field must be returned.
+#   user - user@domain from the database. Needed with case-insensitive lookups.
+#   username and domain - An alternative way to represent the "user" field.
+#
+# The "user" field is often necessary with case-insensitive lookups to avoid
+# e.g. "name" and "nAme" logins creating two different mail directories. If
+# your user and domain names are in separate fields, you can return "username"
+# and "domain" fields instead of "user".
+#
+# The query can also return other fields which have a special meaning, see
+# https://doc.dovecot.org/latest/core/config/auth/passdb.html#extra-fields
+#
+# Commonly used available substitutions (see https://doc.dovecot.org/latest/core/settings/variables.html
+# for full list):
+#   %{user} = entire user@domain
+#   %{user|username} = user part of user@domain
+#   %{user|domain} = domain part of user@domain
+# 
+# Note that these can be used only as input to SQL query. If the query outputs
+# any of these substitutions, they're not touched. Otherwise it would be
+# difficult to have eg. usernames containing '%' characters.
+#
+# Example:
+#   query = SELECT userid AS user, pw AS password \
+#     FROM users WHERE userid = '%u' AND active = 'Y'
+#
+#  query = \
+#    SELECT userid as username, domain, password \
+#    FROM users WHERE userid = '%{user|username}' AND domain = '%{user|domain}'
+#}
+
+passdb sql {
+  query = SELECT email AS user, password FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE (mb.is_send_only=0 OR '%%{protocol}' NOT IN ('imap', 'pop3')) AND u.email='%%{user}' AND u.is_active=1 AND dom.enabled=1
+}
+
+#userdb sql {
+# userdb query to retrieve the user information. It can return fields:
+#   uid - System UID (overrides mail_uid setting)
+#   gid - System GID (overrides mail_gid setting)
+#   home - Home directory
+#   mail_driver - Mail driver
+#   mail_path - Mail storage path
+#
+# None of these are strictly required. If you use a single UID and GID, and
+# home or mail directory fits to a template string, you could use userdb static
+# instead. For a list of all fields that can be returned, see
+# Examples:
+#   query = SELECT home, uid, gid FROM users WHERE userid = '%%{user}'
+#   query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%%{user}'
+#   query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%%{user}'
+#
+#  query = \
+#    SELECT home, uid, gid \
+#    FROM users WHERE userid = '%%{user|username}' AND domain = '%%{user|domain}'
+
+# Query to get a list of all usernames.
+#  iterate_query = SELECT username AS user,domain FROM users
+
+#  userdb_ldap {
+#    iterate_fields {
+#      home = /var/vmail/%%{home}
+#    }
+#  }
+#}
+
+userdb sql {
+  query = SELECT '%{home_dir}/%%{user|domain}/%%{user|username}' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, CONCAT(mb.quota, 'M') AS quota_storage_size FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE (mb.is_send_only=0 OR '%%{protocol}' NOT IN ('imap', 'pop3', 'lmtp')) AND mb.address='%%{user|username}' AND dom.name='%%{user|domain}'
+  iterate_query = SELECT email AS user FROM core_user
+}
+
+#passdb static {
+#  fields {
+#    user=%%{user|username|lower}
+#    noauthenticate=yes
+#  }
+## you can remove next line if you want to always normalize your usernames
+#  skip = authenticated
+#}
+
+# "prefetch" user database means that the passdb already provided the
+# needed information and there's no need to do a separate userdb lookup.
+# <https://doc.dovecot.org/latest/core/config/auth/databases/prefetch.html>
+#userdb prefetch {
+#}
+
+#userdb static {
+#  fields {
+#    user=%%{user|lower}
+#  }
+# you can remove next line if you want to always normalize your usernames
+#  skip = found
+#}
+
+# If you don't have any user-specific settings, you can avoid the user_query
+# by using userdb static instead of userdb sql, for example:
+# <https://doc.dovecot.org/latest/core/config/auth/databases/static.html>
+#userdb static {
+  #fields {
+  #  uid = vmail
+  #  gid = vmail
+  #  home = /var/vmail/%%{user}
+  #}
+#}

modoboa_installer/scripts/files/dovecot/2.4/conf.d/auth-sql-postgres.conf.ext.tpl

@@ -0,0 +1,195 @@
+# Authentication for SQL users. Included from auth.conf.
+#
+# <https://doc.dovecot.org/latest/core/config/auth/databases/sql.html>
+
+# For the sql passdb module, you'll need a database with a table that
+# contains fields for at least the username and password. If you want to
+# use the user@domain syntax, you might want to have a separate domain
+# field as well.
+#
+# If your users all have the same uig/gid, and have predictable home
+# directories, you can use the static userdb module to generate the home
+# dir based on the username and domain. In this case, you won't need fields
+# for home, uid, or gid in the database.
+#
+# If you prefer to use the sql userdb module, you'll want to add fields
+# for home, uid, and gid. Here is an example table:
+#
+# CREATE TABLE users (
+#     username VARCHAR(128) NOT NULL,
+#     domain VARCHAR(128) NOT NULL,
+#     password VARCHAR(64) NOT NULL,
+#     home VARCHAR(255) NOT NULL,
+#     uid INTEGER NOT NULL,
+#     gid INTEGER NOT NULL,
+#     active CHAR(1) DEFAULT 'Y' NOT NULL
+# );
+
+# Database driver: mysql, pgsql, sqlite
+sql_driver = %db_driver
+
+# Database connection string. This is driver-specific setting.
+#
+# HA / round-robin load-balancing is supported by giving multiple host
+# settings, like: host=sql1.host.org host=sql2.host.org
+#
+# pgsql:
+#   For available options, see the PostgreSQL documention for the
+#   PQconnectdb function of libpq.
+#   Use maxconns=n (default 5) to change how many connections Dovecot can
+#   create to pgsql.
+#
+# mysql:
+#   Basic options emulate PostgreSQL option names:
+#     host, port, user, password, dbname
+#
+#   But also adds some new settings:
+#     client_flags        - See MySQL manual
+#     ssl_ca, ssl_ca_path - Set either one or both to enable SSL
+#     ssl_cert, ssl_key   - For sending client-side certificates to server
+#     ssl_cipher          - Set minimum allowed cipher security (default: HIGH)
+#     option_file         - Read options from the given file instead of
+#                           the default my.cnf location
+#     option_group        - Read options from the given group (default: client)
+# 
+#   You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
+#   Note that currently you can't use spaces in parameters.
+#
+# sqlite:
+#   The path to the database file.
+#
+# Examples:
+# mysql 192.168.1.1 {
+#   dbname = users
+# }
+# mysql sql.example.com {
+#   ssl = yes
+#   user = virtual
+#   password = blarg
+#   dbname = virtual
+# }
+# sqlite /etc/dovecot/authdb.sqlite {
+# }
+#
+#mysql /var/run/mysqld/mysqld.sock {
+#  user = dovecot
+#  password = dvmail
+#  dbname = dovecot
+#}
+#mysql localhost {
+# ...
+#}
+pgsql %dbhost {
+  parameters {
+    port = %dbport
+    dbname = %modoboa_dbname
+    user = %modoboa_dbuser
+    password = %modoboa_dbpassword
+  }
+}
+
+#passdb sql {
+#  default_password_scheme = SHA256
+
+# passdb query to retrieve the password. It can return fields:
+#   password - The user's password. This field must be returned.
+#   user - user@domain from the database. Needed with case-insensitive lookups.
+#   username and domain - An alternative way to represent the "user" field.
+#
+# The "user" field is often necessary with case-insensitive lookups to avoid
+# e.g. "name" and "nAme" logins creating two different mail directories. If
+# your user and domain names are in separate fields, you can return "username"
+# and "domain" fields instead of "user".
+#
+# The query can also return other fields which have a special meaning, see
+# https://doc.dovecot.org/latest/core/config/auth/passdb.html#extra-fields
+#
+# Commonly used available substitutions (see https://doc.dovecot.org/latest/core/settings/variables.html
+# for full list):
+#   %%{user} = entire user@domain
+#   %%{user|username} = user part of user@domain
+#   %%{user|domain} = domain part of user@domain
+# 
+# Note that these can be used only as input to SQL query. If the query outputs
+# any of these substitutions, they're not touched. Otherwise it would be
+# difficult to have eg. usernames containing '%%' characters.
+#
+# Example:
+#   query = SELECT userid AS user, pw AS password \
+#     FROM users WHERE userid = '%%u' AND active = 'Y'
+#
+#  query = \
+#    SELECT userid as username, domain, password \
+#    FROM users WHERE userid = '%%{user|username}' AND domain = '%%{user|domain}'
+#}
+passdb sql {
+  query = SELECT email AS user, password FROM core_user u INNER JOIN admin_mailbox mb ON u.id=mb.user_id INNER JOIN admin_domain dom ON mb.domain_id=dom.id WHERE (mb.is_send_only IS NOT TRUE OR '%%{protocol}' NOT IN ('imap', 'pop3')) AND email='%%{user}' AND is_active AND dom.enabled
+}
+
+#userdb sql {
+# userdb query to retrieve the user information. It can return fields:
+#   uid - System UID (overrides mail_uid setting)
+#   gid - System GID (overrides mail_gid setting)
+#   home - Home directory
+#   mail_driver - Mail driver
+#   mail_path - Mail storage path
+#
+# None of these are strictly required. If you use a single UID and GID, and
+# home or mail directory fits to a template string, you could use userdb static
+# instead. For a list of all fields that can be returned, see
+# Examples:
+#   query = SELECT home, uid, gid FROM users WHERE userid = '%%{user}'
+#   query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%%{user}'
+#   query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%%{user}'
+#
+#  query = \
+#    SELECT home, uid, gid \
+#    FROM users WHERE userid = '%%{user|username}' AND domain = '%%{user|domain}'
+
+# Query to get a list of all usernames.
+#  iterate_query = SELECT username AS user,domain FROM users
+
+#  userdb_ldap {
+#    iterate_fields {
+#      home = /var/vmail/%%{home}
+#    }
+#  }
+#}
+userdb sql {
+  query = SELECT '%{home_dir}/%%{user|domain}/%%{user|username}' AS home, %mailboxes_owner_uid as uid, %mailboxes_owner_gid as gid, mb.quota || 'M' AS quota_storage_size FROM admin_mailbox mb INNER JOIN admin_domain dom ON mb.domain_id=dom.id INNER JOIN core_user u ON u.id=mb.user_id WHERE (mb.is_send_only IS NOT TRUE OR '%%{protocol}' NOT IN ('imap', 'pop3', 'lmtp')) AND mb.address='%%{user|username}' AND dom.name='%%{user|domain}'
+  iterate_query = SELECT email AS user FROM core_user
+}
+
+#passdb static {
+#  fields {
+#    user=%%{user|username|lower}
+#    noauthenticate=yes
+#  }
+## you can remove next line if you want to always normalize your usernames
+#  skip = authenticated
+#}
+
+# "prefetch" user database means that the passdb already provided the
+# needed information and there's no need to do a separate userdb lookup.
+# <https://doc.dovecot.org/latest/core/config/auth/databases/prefetch.html>
+#userdb prefetch {
+#}
+
+#userdb static {
+#  fields {
+#    user=%%{user|lower}
+#  }
+# you can remove next line if you want to always normalize your usernames
+#  skip = found
+#}
+
+# If you don't have any user-specific settings, you can avoid the user_query
+# by using userdb static instead of userdb sql, for example:
+# <https://doc.dovecot.org/latest/core/config/auth/databases/static.html>
+#userdb static {
+  #fields {
+  #  uid = vmail
+  #  gid = vmail
+  #  home = /var/vmail/%%{user}
+  #}
+#}

modoboa_installer/scripts/files/dovecot/2.4/dovecot.conf.tpl

@@ -0,0 +1,87 @@
+## Dovecot configuration file
+
+# If you're in a hurry, see https://doc.dovecot.org/latest/core/config/guides/quick.html
+
+# "doveconf -n" command gives a clean output of the changed settings. Use it
+# instead of copy&pasting files when posting to the Dovecot mailing list.
+
+# '#' character and everything after it is treated as comments. Extra spaces
+# and tabs are ignored. If you want to use either of these explicitly, put the
+# value inside quotes, eg.: key = "# char and trailing whitespace  "
+
+# Default values are shown for each setting, it's not required to uncomment
+# those. These are exceptions to this though: No sections (e.g. namespace {})
+# or plugin settings are added by default, they're listed only as examples.
+# Paths are also just examples with the real defaults being based on configure
+# options. The paths listed here are for configure --prefix=/usr/local
+# --sysconfdir=/usr/local/etc --localstatedir=/var
+
+dovecot_config_version = 2.4.0
+dovecot_storage_version = 2.4.0
+
+# Protocols we want to be serving.
+%protocols
+!include_try /usr/share/dovecot/protocols.d/*.protocol
+
+# A comma separated list of IPs or hosts where to listen in for connections. 
+# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
+# If you want to specify non-default ports or anything more complex,
+# edit conf.d/master.conf.
+#listen = *, ::
+
+# Base directory where to store runtime data.
+#base_dir = /var/run/dovecot/
+
+# Name of this instance. In multi-instance setup doveadm and other commands
+# can use -i <instance_name> to select which instance is used (an alternative
+# to -c <config_path>). The instance name is also added to Dovecot processes
+# in ps output.
+#instance_name = dovecot
+
+# Greeting message for clients.
+#login_greeting = Dovecot ready.
+
+# Space separated list of trusted network ranges. Connections from these
+# IPs are allowed to override their IP addresses and ports (for logging and
+# for authentication checks). disable_plaintext_auth is also ignored for
+# these networks, unless ssl=required.
+# Typically you'd specify your IMAP proxy servers here.
+#login_trusted_networks =
+
+# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
+# proxying. This isn't necessary normally, but may be useful if the destination
+# IP is e.g. a load balancer's IP.
+#auth_proxy_self =
+
+# Show more verbose process titles (in ps). Currently shows user name and
+# IP address. Useful for seeing who are actually using the IMAP processes
+# (eg. shared mailboxes or if same uid is used for multiple accounts).
+#verbose_proctitle = yes
+
+# Should all processes be killed when Dovecot master process shuts down.
+# Setting this to "no" means that Dovecot can be upgraded without
+# forcing existing client connections to close (although that could also be
+# a problem if the upgrade is e.g. because of a security fix).
+#shutdown_clients = yes
+
+# If non-zero, run mail commands via this many connections to doveadm server,
+# instead of running them directly in the same process.
+#doveadm_worker_count = 0
+# UNIX socket or host:port used for connecting to doveadm server
+#doveadm_socket_path = doveadm-server
+
+# Space separated list of environment variables that are preserved on Dovecot
+# startup and passed down to all of its child processes. You can also give
+# key=value pairs to always set specific settings.
+#import_environment {
+#  TZ=%%{env:TZ}
+#}
+
+# Most of the actual configuration gets included below. The filenames are
+# first sorted by their ASCII value and parsed in that order. The 00-prefixes
+# in filenames are intended to make it easier to understand the ordering.
+!include conf.d/*.conf
+
+# A config file can also tried to be included without giving an error if
+# it's not found:
+!include_try local.conf

modoboa_installer/scripts/files/dovecot/custom_after_sieve/spam-to-junk.sieve.tpl

@@ -0,0 +1,4 @@
+require "fileinto";
+if header :contains "X-Spam-Status" "Yes" {
+    fileinto "Junk";
+}

modoboa_installer/scripts/files/fail2ban/filter.d/modoboa-auth.conf.tpl

@@ -0,0 +1,9 @@
+# Fail2Ban filter Modoboa authentication
+
+[INCLUDES]
+
+before = common.conf
+
+[Definition]
+
+failregex = modoboa\.auth: WARNING Failed connection attempt from \'<HOST>\' as user \'.*?\'$

modoboa_installer/scripts/files/fail2ban/jail.d/modoboa.conf.tpl

@@ -0,0 +1,9 @@
+[modoboa]
+enabled = true
+port = http,https
+protocol = tcp
+filter = modoboa-auth
+maxretry = %max_retry
+bantime = %ban_time
+findtime = %find_time
+logpath = /var/log/auth.log

modoboa_installer/scripts/files/modoboa/crontab.tpl

@@ -3,6 +3,7 @@
 #
 PYTHON=%{venv_path}/bin/python
 INSTANCE=%{instance_path}
+MAILTO=%{cron_error_recipient}
 
 # Operations on mailboxes
 %{dovecot_enabled}*       *       *       *       *       %{dovecot_mailboxes_owner}   $PYTHON $INSTANCE/manage.py handle_mailbox_operations
@@ -30,7 +31,7 @@ INSTANCE=%{instance_path}
 */30    *       *       *       *       root    $PYTHON $INSTANCE/manage.py modo check_mx
 
 # Public API communication
-0       *       *       *       *       root    $PYTHON $INSTANCE/manage.py communicate_with_public_api
+%{minutes}       %{hours}       *       *       *       root    $PYTHON $INSTANCE/manage.py communicate_with_public_api
 
 # Generate DKIM keys (they will belong to the user running this job)
-%{opendkim_enabled}*       *       *       *       *       %{opendkim_user}    umask 077 && $PYTHON $INSTANCE/manage.py modo manage_dkim_keys
+%{dkim_cron_enabled}*       *       *       *       *       %{opendkim_user}    umask 077 && $PYTHON $INSTANCE/manage.py modo manage_dkim_keys

modoboa_installer/scripts/files/modoboa/supervisor-rq-base.tpl

@@ -0,0 +1,9 @@
+[program:modoboa-base-worker]
+autostart=true
+autorestart=true
+command=%{venv_path}/bin/python %{home_dir}/instance/manage.py rqworker modoboa
+directory=%{home_dir}
+user=%{user}
+redirect_stderr=true
+numprocs=1
+stopsignal=TERM

modoboa_installer/scripts/files/modoboa/supervisor-rq-dkim.tpl

@@ -0,0 +1,9 @@
+[program:modoboa-dkim-worker]
+autostart=true
+autorestart=true
+command=%{venv_path}/bin/python %{home_dir}/instance/manage.py rqworker dkim
+directory=%{home_dir}
+user=%{dkim_user}
+redirect_stderr=true
+numprocs=1
+stopsignal=TERM

modoboa_installer/scripts/files/modoboa/supervisor.tpl

@@ -6,3 +6,4 @@ directory=%{home_dir}
 redirect_stderr=true
 user=%{user}
 numprocs=1
+

modoboa_installer/scripts/files/nginx/modoboa.conf.tpl

@@ -10,8 +10,8 @@ server {
 }
 
 server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
     server_name %hostname;
     root %app_instance_path;
 
@@ -37,7 +37,20 @@ server {
         try_files $uri $uri/ =404;
     }
 
-    location ^~ /new-admin {
+%{rspamd_enabled}    location /rspamd/ {
+%{rspamd_enabled}        proxy_pass       http://localhost:11334/;
+%{rspamd_enabled}
+%{rspamd_enabled}        proxy_set_header Host      $host;
+%{rspamd_enabled}        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+%{rspamd_enabled}    }
+
+    location ~ ^/(api|accounts) {
+        include uwsgi_params;
+        uwsgi_param UWSGI_SCRIPT instance.wsgi:application;
+        uwsgi_pass modoboa;
+    }
+
+    location / {
         alias  %{app_instance_path}/frontend/;
         index  index.html;
 
@@ -48,10 +61,5 @@ server {
         try_files $uri $uri/ /index.html = 404;
     }
 
-    location / {
-        include uwsgi_params;
-        uwsgi_param UWSGI_SCRIPT instance.wsgi:application;
-        uwsgi_pass modoboa;
-    }
     %{extra_config}
 }

modoboa_installer/scripts/files/postfix/anonymize_headers.pcre.tpl

@@ -0,0 +1,11 @@
+if /^\s*Received:.*Authenticated sender.*\(Postfix\)/
+/^Received: from .*? \([\w\-.]* \[.*?\]\)(.*|\n.*)\(Authenticated sender: (.+)\)\s+by.+\(Postfix\) with (.*)/
+  REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with $3
+endif
+if /^\s*Received: from .*rspamd.localhost .*\(Postfix\)/
+/^Received: from.* (.*|\n.*)\((.+) (.+)\)\s+by (.+) \(Postfix\) with (.*)/
+  REPLACE Received: from rspamd (rspamd $3) by $4 (Postfix) with $5
+endif
+/^\s*X-Enigmail/        IGNORE
+/^\s*X-Originating-IP/  IGNORE
+/^\s*X-Forward/         IGNORE

modoboa_installer/scripts/files/postfix/main.cf.tpl

@@ -41,22 +41,29 @@ smtpd_tls_auth_only = no
 smtpd_tls_CApath = /etc/ssl/certs
 smtpd_tls_key_file = %tls_key_file
 smtpd_tls_cert_file = %tls_cert_file
-smtpd_tls_dh1024_param_file = ${config_directory}/dh2048.pem
+smtpd_tls_dh1024_param_file = ${config_directory}/ffdhe%{dhe_group}.pem
 smtpd_tls_loglevel = 1
 smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_session_cache
 smtpd_tls_security_level = may
 smtpd_tls_received_header = yes
 
 # Disallow SSLv2 and SSLv3, only accept secure ciphers
-smtpd_tls_protocols = !SSLv2, !SSLv3
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
+smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
 smtpd_tls_mandatory_ciphers = high
-smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 , DES, ADH, RC4, PSD, SRP, 3DES, eNULL
-smtpd_tls_exclude_ciphers = aNULL, MD5 , DES, ADH, RC4, PSD, SRP, 3DES, eNULL
+smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA, CAMELLIA, SEED-SHA, AES256-SHA, AES256-SHA256, AES256-GCM-SHA384, AES128-SHA, AES128-SHA256, AES128-GCM-SHA256, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES128-SHA, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA256, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA
+smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA, CAMELLIA, SEED-SHA, AES256-SHA, AES256-SHA256, AES256-GCM-SHA384, AES128-SHA, AES128-SHA256, AES128-GCM-SHA256, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES128-SHA, DHE-RSA-AES128-SHA256, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA256, DHE-RSA-CHACHA20-POLY1305, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA
+tls_preempt_cipherlist = yes
+tls_ssl_options = NO_COMPRESSION
 
 # Enable elliptic curve cryptography
 smtpd_tls_eecdh_grade = strong
 
+# SMTP Smuggling prevention
+# See https://www.postfix.org/smtp-smuggling.html
+smtpd_data_restrictions = reject_unauth_pipelining
+smtpd_forbid_unauth_pipelining = yes
+
 # Use TLS if this is supported by the remote SMTP server, otherwise use plaintext.
 smtp_tls_CApath = /etc/ssl/certs
 smtp_tls_security_level = may
@@ -67,10 +74,10 @@ smtp_tls_exclude_ciphers = EXPORT, LOW
 #
 %{dovecot_enabled}virtual_transport = lmtp:unix:private/dovecot-lmtp
 
-virtual_mailbox_domains = proxy:%{db_driver}:/etc/postfix/sql-domains.cf
-virtual_alias_domains = proxy:%{db_driver}:/etc/postfix/sql-domain-aliases.cf
-virtual_alias_maps =
-        proxy:%{db_driver}:/etc/postfix/sql-aliases.cf
+%{dovecot_enabled}virtual_mailbox_domains = proxy:%{db_driver}:/etc/postfix/sql-domains.cf
+%{dovecot_enabled}virtual_alias_domains = proxy:%{db_driver}:/etc/postfix/sql-domain-aliases.cf
+%{dovecot_enabled}virtual_alias_maps =
+%{dovecot_enabled}        proxy:%{db_driver}:/etc/postfix/sql-aliases.cf
 
 ## Relay domains
 #
@@ -115,10 +122,19 @@ strict_rfc821_envelopes = yes
 %{opendkim_enabled}milter_default_action = accept
 %{opendkim_enabled}milter_content_timeout = 30s
 
+# Rspamd setup
+%{rspamd_enabled}smtpd_milters = inet:localhost:11332
+%{rspamd_enabled}non_smtpd_milters = inet:localhost:11332
+%{rspamd_enabled}milter_default_action = accept
+%{rspamd_enabled}milter_protocol = 6
+
 # List of authorized senders
 smtpd_sender_login_maps =
         proxy:%{db_driver}:/etc/postfix/sql-sender-login-map.cf
 
+# Add authenticated header to hide public client IP
+smtpd_sasl_authenticated_header = yes
+
 # Recipient restriction rules
 smtpd_recipient_restrictions =
       check_policy_service inet:127.0.0.1:9999
@@ -135,28 +151,27 @@ smtpd_recipient_restrictions =
 
 ## Postcreen settings
 #
-postscreen_access_list =
-       permit_mynetworks
-       cidr:/etc/postfix/postscreen_spf_whitelist.cidr
-postscreen_blacklist_action = enforce 
+%{rspamd_disabled}postscreen_access_list =
+%{rspamd_disabled}       permit_mynetworks
+%{rspamd_disabled}      cidr:/etc/postfix/postscreen_spf_whitelist.cidr
+%{rspamd_disabled}postscreen_blacklist_action = enforce
 
 # Use some DNSBL
-postscreen_dnsbl_sites = 
-	zen.spamhaus.org=127.0.0.[2..11]*3
-	bl.spameatingmonkey.net=127.0.0.2*2
-	bl.spamcop.net=127.0.0.2
-	dnsbl.sorbs.net=127.0.0.[2..15]
-postscreen_dnsbl_threshold = 3 
-postscreen_dnsbl_action = enforce 
+%{rspamd_disabled}postscreen_dnsbl_sites =
+%{rspamd_disabled}	zen.spamhaus.org=127.0.0.[2..11]*3
+%{rspamd_disabled}	bl.spameatingmonkey.net=127.0.0.2*2
+%{rspamd_disabled}	bl.spamcop.net=127.0.0.2
+%{rspamd_disabled}postscreen_dnsbl_threshold = 3
+%{rspamd_disabled}postscreen_dnsbl_action = enforce
 
-postscreen_greet_banner = Welcome, please wait... 
-postscreen_greet_action = enforce
+%{rspamd_disabled}postscreen_greet_banner = Welcome, please wait...
+%{rspamd_disabled}postscreen_greet_action = enforce
 
-postscreen_pipelining_enable = yes
-postscreen_pipelining_action = enforce
+%{rspamd_disabled}postscreen_pipelining_enable = yes
+%{rspamd_disabled}postscreen_pipelining_action = enforce
 
-postscreen_non_smtp_command_enable = yes
-postscreen_non_smtp_command_action = enforce
+%{rspamd_disabled}postscreen_non_smtp_command_enable = yes
+%{rspamd_disabled}postscreen_non_smtp_command_action = enforce
 
-postscreen_bare_newline_enable = yes
-postscreen_bare_newline_action = enforce
+%{rspamd_disabled}postscreen_bare_newline_enable = yes
+%{rspamd_disabled}postscreen_bare_newline_action = enforce

modoboa_installer/scripts/files/postfix/master.cf.tpl

@@ -9,7 +9,8 @@
 # service type  private unpriv  chroot  wakeup  maxproc command + args
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
-smtp      inet  n       -       -       -       1       postscreen
+%{rspamd_disabled}smtp      inet  n       -       -       -       1       postscreen
+%{rspamd_enabled}smtp      inet  n       -       -       -       -       smtpd
 smtpd     pass  -       -       -       -       -       smtpd
 %{amavis_enabled}  -o smtpd_proxy_filter=inet:[127.0.0.1]:10024 
 %{amavis_enabled}  -o smtpd_proxy_options=speed_adjust
@@ -26,6 +27,7 @@ submission inet n       -       -       -       -       smtpd
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=reject_sender_login_mismatch
   -o milter_macro_daemon_name=ORIGINATING
+  -o cleanup_service_name=ascleanup
 %{amavis_enabled}  -o smtpd_proxy_filter=inet:[127.0.0.1]:10026
 #smtps     inet  n       -       -       -       -       smtpd
 #  -o syslog_name=postfix/smtps
@@ -41,6 +43,8 @@ submission inet n       -       -       -       -       smtpd
 #628       inet  n       -       -       -       -       qmqpd
 pickup    unix  n       -       -       60      1       pickup
 cleanup   unix  n       -       -       -       0       cleanup
+ascleanup unix  n       -       -       -       0       cleanup
+  -o header_checks=pcre:/etc/postfix/anonymize_headers.pcre
 qmgr      unix  n       -       n       300     1       qmgr
 #qmgr     unix  n       -       n       300     1       oqmgr
 tlsmgr    unix  -       -       -       1000?   1       tlsmgr
@@ -78,7 +82,7 @@ scache    unix  -       -       -       -       1       scache
 # Also specify in main.cf: maildrop_destination_recipient_limit=1
 #
 maildrop  unix  -       n       n       -       -       pipe
-  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+  flags=DRhu user=%{dovecot_mailboxes_owner} argv=/usr/bin/maildrop -d ${recipient}
 #
 # ====================================================================
 #
@@ -124,11 +128,6 @@ mailman   unix  -       n       n       -       -       pipe
   flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
   ${nexthop} ${user}
 
-# Modoboa autoreply service
-#
-autoreply unix        -       n       n       -       -       pipe
-  flags= user=%{dovecot_mailboxes_owner}:%{dovecot_mailboxes_owner} argv=%{modoboa_venv_path}/bin/python %{modoboa_instance_path}/manage.py autoreply $sender $mailbox
-
 # Amavis return path
 #
 %{amavis_enabled}127.0.0.1:10025 inet n    -       n       -       -     smtpd 
@@ -149,4 +148,4 @@ autoreply unix        -       n       n       -       -       pipe
 %{amavis_enabled}        -o smtpd_client_connection_count_limit=0 
 %{amavis_enabled}        -o smtpd_client_connection_rate_limit=0 
 %{amavis_enabled}        -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-%{amavis_enabled}        -o local_header_rewrite_clients=
+%{amavis_enabled}        -o local_header_rewrite_clients=permit_mynetworks,permit_sasl_authenticated

modoboa_installer/scripts/files/radicale/config.tpl

@@ -71,7 +71,7 @@
 
 # Authentication method
 # Value: none | htpasswd | remote_user | http_x_remote_user
-type = radicale_dovecot_auth 
+type = radicale_modoboa_auth_oauth2
 
 # Htpasswd filename
 # htpasswd_filename = users
@@ -85,7 +85,7 @@ type = radicale_dovecot_auth
 # Incorrect authentication delay (seconds)
 #delay = 1
 
-auth_socket = %{auth_socket_path}
+oauth2_introspection_endpoint = %{oauth2_introspection_url}
 
 
 [rights]

modoboa_installer/scripts/files/rspamd/local.d/antivirus.conf.tpl

@@ -0,0 +1,14 @@
+clamav {
+  scan_mime_parts = true;
+  scan_text_mime = true;
+  scan_image_mime = true;
+  retransmits = 2;
+  timeout = 30;
+  symbol = "CLAM_VIRUS";
+  type = "clamav";
+  servers = "127.0.0.1:3310"
+  patterns {
+    # symbol_name = "pattern";
+    JUST_EICAR = "Test.EICAR";
+  }
+}

modoboa_installer/scripts/files/rspamd/local.d/arc.conf.tpl

@@ -0,0 +1,3 @@
+try_fallback = false;
+selector_map = "%selector_map_path";
+path_map = "%key_map_path";

modoboa_installer/scripts/files/rspamd/local.d/dkim_signing.conf.tpl

@@ -0,0 +1,3 @@
+try_fallback = false;
+selector_map = "%selector_map_path";
+path_map = "%key_map_path";

modoboa_installer/scripts/files/rspamd/local.d/dmarc.conf.tpl

@@ -0,0 +1,21 @@
+reporting {
+  # Required attributes
+  enabled = true; # Enable reports in general
+  email = 'postmaster@%hostname'; # Source of DMARC reports
+  domain = '%hostname'; # Domain to serve
+  org_name = '%hostname'; # Organisation
+  # Optional parameters
+  #bcc_addrs = ["postmaster@example.com"]; # additional addresses to copy on reports
+  report_local_controller = false; # Store reports for local/controller scans (for testing only)
+  #helo = 'rspamd.localhost'; # Helo used in SMTP dialog
+  #smtp = '127.0.0.1'; # SMTP server IP
+  #smtp_port = 25; # SMTP server port
+  from_name = '%hostname DMARC REPORT'; # SMTP FROM
+  msgid_from = 'rspamd'; # Msgid format
+  #max_entries = 1k; # Maxiumum amount of entries per domain
+  #keys_expire = 2d; # Expire date for Redis keys
+  #only_domains = '/path/to/map'; # Only store reports from domains or eSLDs listed in this map
+  # Available from 3.3
+  #exclude_domains = '/path/to/map'; # Exclude reports from domains or eSLDs listed in this map
+  #exclude_domains = ["example.com", "another.com"]; # Alternative, use array to exclude reports from domains or eSLDs
+}

modoboa_installer/scripts/files/rspamd/local.d/force_actions.conf.tpl

@@ -0,0 +1,5 @@
+rules {
+  DMARC_POLICY_QUARANTINE {
+    action = "add header";
+  }
+}

modoboa_installer/scripts/files/rspamd/local.d/greylist.conf.tpl

@@ -0,0 +1,2 @@
+%{greylisting_disabled}enabled = false;
+servers = "127.0.0.1:6379";

modoboa_installer/scripts/files/rspamd/local.d/groups.conf.tpl

@@ -0,0 +1,5 @@
+symbols {
+  "WHITELIST_AUTHENTICATED" {
+    weight = %whitelist_auth_weigth;
+  }
+}

modoboa_installer/scripts/files/rspamd/local.d/metrics.conf.tpl

@@ -0,0 +1,20 @@
+actions {
+    reject = 15; # normal value is 15, 150 so it will never be rejected
+    add_header = 6; # set to 0.1 for testing, 6 for normal operation.
+    rewrite_subject = 8; # Default: 8
+    greylist = 4; # Default: 4
+}
+
+group "antivirus" {
+  symbol "JUST_EICAR" {
+    weight = 10;
+    description = "Eicar test signature";
+  }
+  symbol "CLAM_VIRUS_FAIL" {
+    weight = 0;
+  }
+  symbol "CLAM_VIRUS" {
+    weight = 10;
+    description = "ClamAV found a Virus";
+  }
+}

modoboa_installer/scripts/files/rspamd/local.d/milter_headers.conf.tpl

@@ -0,0 +1,16 @@
+use = ["x-spam-status","x-virus","authentication-results" ];
+extended_spam_headers = false;
+skip_local = false;
+skip_authenticated = false;
+
+routines {
+  x-virus {
+    header = "X-Virus";
+    remove = 1;
+    symbols = ["CLAM_VIRUS", "JUST_EICAR"];
+  }
+}
+
+
+
+

modoboa_installer/scripts/files/rspamd/local.d/mx_check.conf.tpl

@@ -0,0 +1 @@
+enabled = true;

modoboa_installer/scripts/files/rspamd/local.d/rbl.conf.tpl

@@ -0,0 +1,6 @@
+# to disable all predefined rules if the user doesn't want dnsbl
+
+url_whitelist = [];
+
+rbls {
+}

modoboa_installer/scripts/files/rspamd/local.d/redis.conf.tpl

@@ -0,0 +1,2 @@
+write_servers = "localhost";
+read_servers = "localhost";

modoboa_installer/scripts/files/rspamd/local.d/settings.conf.tpl

@@ -0,0 +1,8 @@
+authenticated {
+  priority = high;
+  authenticated = yes;
+  apply {
+    groups_disabled = ["rbl", "spf"];
+  }
+%{whitelist_auth_enabled}  symbols ["WHITELIST_AUTHENTICATED"];
+}

modoboa_installer/scripts/files/rspamd/local.d/spf.conf.tpl

@@ -0,0 +1,6 @@
+spf_cache_size = 1k;
+spf_cache_expire = 1d;
+max_dns_nesting = 10;
+max_dns_requests = 30;
+min_cache_ttl = 5m;
+disable_ipv6 = false;

modoboa_installer/scripts/files/rspamd/local.d/worker-controller.inc.tpl

@@ -0,0 +1 @@
+enable_password = %controller_password

modoboa_installer/scripts/files/rspamd/local.d/worker-normal.inc.tpl

@@ -0,0 +1 @@
+enabled = false;

modoboa_installer/scripts/files/rspamd/local.d/worker-proxy.inc.tpl

@@ -0,0 +1,3 @@
+upstream "local" {
+  self_scan = yes;
+}

modoboa_installer/scripts/files/uwsgi/modoboa.ini.tpl

@@ -13,3 +13,5 @@ socket = %uwsgi_socket_path
 chmod-socket = 660
 vacuum = true
 single-interpreter = True
+max-requests = 5000
+buffer-size = 8192

modoboa_installer/scripts/modoboa.py

@@ -3,6 +3,7 @@
 import json
 import os
 import pwd
+import random
 import shutil
 import stat
 import sys
@@ -25,7 +26,8 @@ class Modoboa(base.Installer):
         "deb": [
             "build-essential", "python3-dev", "libxml2-dev", "libxslt-dev",
             "libjpeg-dev", "librrd-dev", "rrdtool", "libffi-dev", "cron",
-            "libssl-dev", "redis-server", "supervisor"
+            "libssl-dev", "redis-server", "supervisor", "pkg-config",
+            "libcairo2-dev", "libmagic-dev"
         ],
         "rpm": [
             "gcc", "gcc-c++", "python3-devel", "libxml2-devel", "libxslt-devel",
@@ -42,80 +44,74 @@ class Modoboa(base.Installer):
 
     def __init__(self, *args, **kwargs):
         """Get configuration."""
-        super(Modoboa, self).__init__(*args, **kwargs)
+        super().__init__(*args, **kwargs)
         self.venv_path = self.config.get("modoboa", "venv_path")
         self.instance_path = self.config.get("modoboa", "instance_path")
         self.extensions = self.config.get("modoboa", "extensions").split()
         self.devmode = self.config.getboolean("modoboa", "devmode")
-        # Sanity check for amavis
-        self.amavis_enabled = False
-        if "modoboa-amavis" in self.extensions:
-            if self.config.getboolean("amavis", "enabled"):
-                self.amavis_enabled = True
-            else:
-                self.extensions.remove("modoboa-amavis")
-        if "modoboa-radicale" in self.extensions:
-            if not self.config.getboolean("radicale", "enabled"):
-                self.extensions.remove("modoboa-radicale")
+        self.amavis_enabled = self.config.getboolean("amavis", "enabled")
+        self.rspamd_enabled = self.config.getboolean("rspamd", "enabled")
         self.dovecot_enabled = self.config.getboolean("dovecot", "enabled")
         self.opendkim_enabled = self.config.getboolean("opendkim", "enabled")
+        self.dkim_cron_enabled = False
 
     def is_extension_ok_for_version(self, extension, version):
         """Check if extension can be installed with this modo version."""
-        if extension not in compatibility_matrix.EXTENSIONS_AVAILABILITY:
-            return True
         version = utils.convert_version_to_int(version)
-        min_version = compatibility_matrix.EXTENSIONS_AVAILABILITY[extension]
-        min_version = utils.convert_version_to_int(min_version)
-        return version >= min_version
+        if extension in compatibility_matrix.EXTENSIONS_AVAILABILITY:
+            min_version = compatibility_matrix.EXTENSIONS_AVAILABILITY[extension]
+            min_version = utils.convert_version_to_int(min_version)
+            return version >= min_version
+        if extension in compatibility_matrix.REMOVED_EXTENSIONS:
+            max_version = compatibility_matrix.REMOVED_EXTENSIONS[extension]
+            max_version = utils.convert_version_to_int(max_version)
+            return version < max_version
+        return True
 
     def _setup_venv(self):
         """Prepare a dedicated virtualenv."""
-        python.setup_virtualenv(
-            self.venv_path, sudo_user=self.user, python_version=3)
-        packages = ["rrdtool"]
+        python.setup_virtualenv(self.venv_path, sudo_user=self.user)
+        packages = []
         version = self.config.get("modoboa", "version")
+        extras = "postgresql"
+        if self.dbengine != "postgres":
+            extras = "mysql"
+        if self.devmode:
+            extras += ",dev"
         if version == "latest":
-            packages += ["modoboa"] + self.extensions
+            packages += [f"modoboa[{extras}]"] + self.extensions
+            for extension in list(self.extensions):
+                if extension in compatibility_matrix.REMOVED_EXTENSIONS.keys():
+                    self.extensions.remove(extension)
+            self.extensions = [
+                extension for extension in self.extensions
+                if extension not in compatibility_matrix.REMOVED_EXTENSIONS
+            ]
         else:
             matrix = compatibility_matrix.COMPATIBILITY_MATRIX[version]
-            packages.append("modoboa=={}".format(version))
+            packages.append(f"modoboa[{extras}]=={version}")
             for extension in list(self.extensions):
                 if not self.is_extension_ok_for_version(extension, version):
                     self.extensions.remove(extension)
                     continue
                 if extension in matrix:
                     req_version = matrix[extension]
-                    req_version = req_version.replace("<", "\<")
-                    req_version = req_version.replace(">", "\>")
+                    if req_version is None:
+                        continue
+                    req_version = req_version.replace("<", "\\<")
+                    req_version = req_version.replace(">", "\\>")
                     packages.append("{}{}".format(extension, req_version))
                 else:
                     packages.append(extension)
-        # Temp fix for django-braces
-        python.install_package(
-            "django-braces", self.venv_path, upgrade=self.upgrade,
-            sudo_user=self.user
-        )
-        if self.dbengine == "postgres":
-            packages.append("psycopg2-binary\<2.9")
-        else:
-            packages.append("mysqlclient")
         if sys.version_info.major == 2 and sys.version_info.micro < 9:
             # Add extra packages to fix the SNI issue
             packages += ["pyOpenSSL"]
-        # Temp fix for https://github.com/modoboa/modoboa/issues/2247
-        packages.append("django-webpack-loader==0.7.0")
         python.install_packages(
             packages, self.venv_path,
             upgrade=self.upgrade,
             sudo_user=self.user,
             beta=self.config.getboolean("modoboa", "install_beta")
         )
-        if self.devmode:
-            # FIXME: use dev-requirements instead
-            python.install_packages(
-                ["django-bower", "django-debug-toolbar"], self.venv_path,
-                upgrade=self.upgrade, sudo_user=self.user)
 
     def _deploy_instance(self):
         """Deploy Modoboa."""
@@ -139,6 +135,10 @@ class Modoboa(base.Installer):
 
         prefix = ". {}; ".format(
             os.path.join(self.venv_path, "bin", "activate"))
+        if self.amavis_enabled:
+            self.extensions += ["modoboa.amavis"]
+        if self.rspamd_enabled:
+            self.extensions += ["modoboa.rspamd"]
         args = [
             "--collectstatic",
             "--timezone", self.config.get("modoboa", "timezone"),
@@ -176,7 +176,7 @@ class Modoboa(base.Installer):
         if self.upgrade and self.opendkim_enabled and self.dbengine == "postgres":
             # Restore view previously deleted
             self.backend.load_sql_file(
-                self.dbname, self.dbuser, self.dbpassword,
+                self.dbname, self.dbuser, self.dbpasswd,
                 self.get_file_path("dkim_view_{}.sql".format(self.dbengine))
             )
             self.backend.grant_right_on_table(
@@ -186,7 +186,7 @@ class Modoboa(base.Installer):
 
     def setup_database(self):
         """Additional config."""
-        super(Modoboa, self).setup_database()
+        super().setup_database()
         if not self.amavis_enabled:
             return
         self.backend.grant_access(
@@ -194,7 +194,7 @@ class Modoboa(base.Installer):
 
     def get_packages(self):
         """Include extra packages if needed."""
-        packages = super(Modoboa, self).get_packages()
+        packages = super().get_packages()
         condition = (
             package.backend.FORMAT == "rpm" and
             sys.version_info.major == 2 and
@@ -204,6 +204,10 @@ class Modoboa(base.Installer):
             packages += ["openssl-devel"]
         return packages
 
+    def setup_user(self):
+        super().setup_user()
+        self._setup_venv()
+
     def get_config_files(self):
         """Return appropriate path."""
         config_files = super().get_config_files()
@@ -212,6 +216,13 @@ class Modoboa(base.Installer):
         else:
             path = "supervisor=/etc/supervisord.d/policyd.ini"
         config_files.append(path)
+
+        # Add worker for dkim if needed
+        if self.modoboa_2_2_or_greater:
+            config_files.append(
+                "supervisor-rq-dkim=/etc/supervisor/conf.d/modoboa-dkim-worker.conf")
+            config_files.append(
+                "supervisor-rq-base=/etc/supervisor/conf.d/modoboa-base-worker.conf")
         return config_files
 
     def get_template_context(self):
@@ -219,15 +230,21 @@ class Modoboa(base.Installer):
         context = super(Modoboa, self).get_template_context()
         extensions = self.config.get("modoboa", "extensions")
         extensions = extensions.split()
+        random_hour = random.randint(0, 6)
+        self.dkim_cron_enabled = (not self.modoboa_2_2_or_greater and
+                                  self.opendkim_enabled)
         context.update({
             "sudo_user": (
                 "uwsgi" if package.backend.FORMAT == "rpm" else context["user"]
             ),
             "dovecot_mailboxes_owner": (
                 self.config.get("dovecot", "mailboxes_owner")),
-            "radicale_enabled": (
-                "" if "modoboa-radicale" in extensions else "#"),
             "opendkim_user": self.config.get("opendkim", "user"),
+            "dkim_user": "_rspamd" if self.rspamd_enabled else self.config.get("opendkim", "user"),
+            "minutes": random.randint(1, 59),
+            "hours": f"{random_hour},{random_hour+12}",
+            "modoboa_2_2_or_greater": "" if self.modoboa_2_2_or_greater else "#",
+            "dkim_cron_enabled": "" if self.dkim_cron_enabled else "#"
         })
         return context
 
@@ -239,22 +256,19 @@ class Modoboa(base.Installer):
             self.instance_path, "media", "webmail")
         pw = pwd.getpwnam(self.user)
         for d in [rrd_root_dir, pdf_storage_dir, webmail_media_dir]:
-            utils.mkdir(d, stat.S_IRWXU | stat.S_IRWXG, pw[2], pw[3])
+            utils.mkdir_safe(d, stat.S_IRWXU | stat.S_IRWXG, pw[2], pw[3])
         settings = {
             "admin": {
                 "handle_mailboxes": True,
                 "account_auto_removal": True
             },
-            "modoboa_amavis": {
-                "am_pdp_mode": "inet",
-            },
             "maillog": {
                 "rrd_rootdir": rrd_root_dir,
             },
-            "modoboa_pdfcredentials": {
+            "pdfcredentials": {
                 "storage_dir": pdf_storage_dir
             },
-            "modoboa_radicale": {
+            "calendars": {
                 "server_location": "https://{}/radicale/".format(
                     self.config.get("general", "hostname")),
                 "rights_file_path": "{}/rights".format(
@@ -267,6 +281,19 @@ class Modoboa(base.Installer):
         if self.config.getboolean("opendkim", "enabled"):
             settings["admin"]["dkim_keys_storage_dir"] = (
                 self.config.get("opendkim", "keys_storage_dir"))
+
+        if self.rspamd_enabled:
+            settings["admin"]["dkim_keys_storage_dir"] = (
+                self.config.get("rspamd", "dkim_keys_storage_dir"))
+            settings["rspamd"] = {
+                "key_map_path": self.config.get("rspamd", "key_map_path"),
+                "selector_map_path": self.config.get("rspamd", "selector_map_path")
+            }
+        if self.config.getboolean("amavis", "enabled"):
+            settings["amavis"] = {
+                "am_pdp_mode": "inet",
+            }
+
         settings = json.dumps(settings)
         query = (
             "UPDATE core_localconfig SET _parameters='{}'"
@@ -277,17 +304,18 @@ class Modoboa(base.Installer):
 
     def post_run(self):
         """Additional tasks."""
-        self._setup_venv()
+        if 'centos' in utils.dist_name():
+            system.enable_and_start_service("redis")
+        else:
+            system.enable_and_start_service("redis-server")
         self._deploy_instance()
         if not self.upgrade:
             self.apply_settings()
 
         if 'centos' in utils.dist_name():
             supervisor = "supervisord"
-            system.enable_and_start_service("redis")
         else:
             supervisor = "supervisor"
-            system.enable_and_start_service("redis-server")
         # Restart supervisor
         system.enable_service(supervisor)
         utils.exec_cmd("service {} stop".format(supervisor))

modoboa_installer/scripts/nginx.py

@@ -21,12 +21,12 @@ class Nginx(base.Installer):
 
     def get_template_context(self, app):
         """Additionnal variables."""
-        context = super(Nginx, self).get_template_context()
+        context = super().get_template_context()
         context.update({
             "app_instance_path": (
                 self.config.get(app, "instance_path")),
             "uwsgi_socket_path": (
-                Uwsgi(self.config, self.upgrade).get_socket_path(app))
+                Uwsgi(self.config, self.upgrade, self.restore).get_socket_path(app))
         })
         return context
 

modoboa_installer/scripts/opendkim.py

@@ -2,6 +2,7 @@
 
 import os
 import pwd
+import shutil
 import stat
 
 from .. import database
@@ -46,7 +47,7 @@ class Opendkim(base.Installer):
                     stat.S_IROTH | stat.S_IXOTH,
                     target[1], target[2]
                 )
-        super(Opendkim, self).install_config_files()
+        super().install_config_files()
 
     def get_template_context(self):
         """Additional variables."""
@@ -109,3 +110,25 @@ class Opendkim(base.Installer):
             "s/^After=(.*)$/After=$1 {}/".format(dbservice))
         utils.exec_cmd(
             "perl -pi -e '{}' /lib/systemd/system/opendkim.service".format(pattern))
+
+    def restore(self):
+        """Restore keys."""
+        dkim_keys_backup = os.path.join(
+            self.archive_path, "custom/dkim")
+        keys_storage_dir = self.app_config["keys_storage_dir"]
+        if os.path.isdir(dkim_keys_backup):
+            for file in os.listdir(dkim_keys_backup):
+                file_path = os.path.join(dkim_keys_backup, file)
+                if os.path.isfile(file_path):
+                    utils.copy_file(file_path, keys_storage_dir)
+            utils.success("DKIM keys restored from backup")
+        # Setup permissions
+        user = self.config.get("opendkim", "user")
+        utils.exec_cmd(f"chown -R {user}:{user} {keys_storage_dir}")
+
+    def custom_backup(self, path):
+        """Backup DKIM keys."""
+        if os.path.isdir(self.app_config["keys_storage_dir"]):
+            shutil.copytree(self.app_config["keys_storage_dir"], os.path.join(path, "dkim"))
+            utils.printcolor(
+                "DKIM keys saved!", utils.GREEN)

modoboa_installer/scripts/postfix.py

@@ -10,19 +10,17 @@ from .. import package
 from .. import utils
 
 from . import base
-from . import install
+from . import backup, install
 
 
 class Postfix(base.Installer):
-
     """Postfix installer."""
 
     appname = "postfix"
     packages = {
-        "deb": ["postfix"],
-        "rpm": ["postfix"],
+        "deb": ["postfix", "postfix-pcre"],
     }
-    config_files = ["main.cf", "master.cf"]
+    config_files = ["main.cf", "master.cf", "anonymize_headers.pcre"]
 
     def get_packages(self):
         """Additional packages."""
@@ -30,7 +28,7 @@ class Postfix(base.Installer):
             packages = ["postfix-{}".format(self.db_driver)]
         else:
             packages = []
-        return super(Postfix, self).get_packages() + packages
+        return super().get_packages() + packages
 
     def install_packages(self):
         """Preconfigure postfix package installation."""
@@ -47,11 +45,11 @@ class Postfix(base.Installer):
 
         package.backend.preconfigure(
             "postfix", "main_mailer_type", "select", "No configuration")
-        super(Postfix, self).install_packages()
+        super().install_packages()
 
     def get_template_context(self):
         """Additional variables."""
-        context = super(Postfix, self).get_template_context()
+        context = super().get_template_context()
         context.update({
             "db_driver": self.db_driver,
             "dovecot_mailboxes_owner": self.config.get(
@@ -61,10 +59,19 @@ class Postfix(base.Installer):
             "modoboa_instance_path": self.config.get(
                 "modoboa", "instance_path"),
             "opendkim_port": self.config.get(
-                "opendkim", "port")
+                "opendkim", "port"),
+            "rspamd_disabled": "" if not self.config.getboolean(
+                "rspamd", "enabled") else "#"
         })
         return context
 
+    def check_dhe_group_file(self):
+        group = self.config.get(self.appname, "dhe_group")
+        file_name = f"ffdhe{group}.pem"
+        if not os.path.exists(f"{self.config_dir}/{file_name}"):
+            url = f"https://raw.githubusercontent.com/internetstandards/dhe_groups/main/{file_name}"
+            utils.exec_cmd(f"wget {url}", cwd=self.config_dir)
+
     def post_run(self):
         """Additional tasks."""
         venv_path = self.config.get("modoboa", "venv_path")
@@ -86,10 +93,8 @@ class Postfix(base.Installer):
             if not os.path.exists(path):
                 utils.copy_file(os.path.join("/etc", f), path)
 
-        # Generate EDH parameters
-        if not os.path.exists("{}/dh2048.pem".format(self.config_dir)):
-            cmd = "openssl dhparam -dsaparam -out dh2048.pem 2048"
-            utils.exec_cmd(cmd, cwd=self.config_dir)
+        # Generate DHE group
+        self.check_dhe_group_file()
 
         # Generate /etc/aliases.db file to avoid warnings
         aliases_file = "/etc/aliases"
@@ -97,4 +102,18 @@ class Postfix(base.Installer):
             utils.exec_cmd("postalias {}".format(aliases_file))
 
         # Postwhite
-        install("postwhite", self.config, self.upgrade)
+        condition = (
+            not self.config.getboolean("rspamd", "enabled") and
+            self.config.getboolean("postwhite", "enabled")
+            )
+        if condition:
+            install("postwhite", self.config, self.upgrade, self.archive_path)
+
+    def backup(self, path):
+        """Launch postwhite backup."""
+        condition = (
+            not self.config.getboolean("rspamd", "enabled") and
+            self.config.getboolean("postwhite", "enabled")
+            )
+        if condition:
+            backup("postwhite", self.config, path)

modoboa_installer/scripts/postwhite.py

@@ -45,8 +45,25 @@ class Postwhite(base.Installer):
         """Additionnal tasks."""
         install_dir = "/usr/local/bin"
         self.install_from_archive(SPF_TOOLS_REPOSITORY, install_dir)
-        postw_dir = self.install_from_archive(
+        self.postw_dir = self.install_from_archive(
             POSTWHITE_REPOSITORY, install_dir)
-        utils.copy_file(os.path.join(postw_dir, "postwhite.conf"), "/etc")
-        postw_bin = os.path.join(postw_dir, "postwhite")
-        utils.exec_cmd("{} /etc/postwhite.conf".format(postw_bin))
+        utils.copy_file(
+            os.path.join(self.postw_dir, "postwhite.conf"), self.config_dir)
+        self.postw_bin = os.path.join(self.postw_dir, "postwhite")
+        utils.exec_cmd("{} /etc/postwhite.conf".format(self.postw_bin))
+
+    def custom_backup(self, path):
+        """Backup custom configuration if any."""
+        postswhite_custom = "/etc/postwhite.conf"
+        if os.path.isfile(postswhite_custom):
+            utils.copy_file(postswhite_custom, path)
+            utils.printcolor(
+                "Postwhite configuration saved!", utils.GREEN)
+
+    def restore(self):
+        """Restore config files."""
+        postwhite_backup_configuration = os.path.join(
+            self.archive_path, "custom/postwhite.conf")
+        if os.path.isfile(postwhite_backup_configuration):
+            utils.copy_file(postwhite_backup_configuration, self.config_dir)
+            utils.success("postwhite.conf restored from backup")

modoboa_installer/scripts/radicale.py

@@ -1,6 +1,7 @@
 """Radicale related tasks."""
 
 import os
+import shutil
 import stat
 
 from .. import package
@@ -25,15 +26,14 @@ class Radicale(base.Installer):
 
     def __init__(self, *args, **kwargs):
         """Get configuration."""
-        super(Radicale, self).__init__(*args, **kwargs)
+        super().__init__(*args, **kwargs)
         self.venv_path = self.config.get("radicale", "venv_path")
 
     def _setup_venv(self):
         """Prepare a dedicated virtualenv."""
-        python.setup_virtualenv(
-            self.venv_path, sudo_user=self.user, python_version=3)
+        python.setup_virtualenv(self.venv_path, sudo_user=self.user)
         packages = [
-            "Radicale", "radicale-dovecot-auth", "pytz"
+            "Radicale", "pytz", "radicale-modoboa-auth-oauth2"
         ]
         python.install_packages(packages, self.venv_path, sudo_user=self.user)
         python.install_package_from_repository(
@@ -43,17 +43,22 @@ class Radicale(base.Installer):
 
     def get_template_context(self):
         """Additional variables."""
-        context = super(Radicale, self).get_template_context()
-        radicale_auth_socket_path = self.config.get(
-            "dovecot", "radicale_auth_socket_path")
+        context = super().get_template_context()
+        oauth2_client_id, oauth2_client_secret = utils.create_oauth2_app(
+            "Radicale", "radicale", self.config)
+        hostname = self.config.get("general", "hostname")
+        oauth2_introspection_url = (
+            f"https://{oauth2_client_id}:{oauth2_client_secret}"
+            f"@{hostname}/api/o/introspect/"
+        )
         context.update({
-            "auth_socket_path": radicale_auth_socket_path
+            "oauth2_introspection_url": oauth2_introspection_url,
         })
         return context
 
     def get_config_files(self):
         """Return appropriate path."""
-        config_files = super(Radicale, self).get_config_files()
+        config_files = super().get_config_files()
         if package.backend.FORMAT == "deb":
             path = "supervisor=/etc/supervisor/conf.d/radicale.conf"
         else:
@@ -70,7 +75,18 @@ class Radicale(base.Installer):
                 stat.S_IROTH | stat.S_IXOTH,
                 0, 0
             )
-        super(Radicale, self).install_config_files()
+        super().install_config_files()
+
+    def restore(self):
+        """Restore collections."""
+        radicale_backup = os.path.join(
+            self.archive_path, "custom/radicale")
+        if os.path.isdir(radicale_backup):
+            restore_target = os.path.join(self.home_dir, "collections")
+            if os.path.isdir(restore_target):
+                shutil.rmtree(restore_target)
+            shutil.copytree(radicale_backup, restore_target)
+            utils.success("Radicale collections restored from backup")
 
     def post_run(self):
         """Additional tasks."""
@@ -81,3 +97,12 @@ class Radicale(base.Installer):
         system.enable_service(daemon_name)
         utils.exec_cmd("service {} stop".format(daemon_name))
         utils.exec_cmd("service {} start".format(daemon_name))
+
+    def custom_backup(self, path):
+        """Backup collections."""
+        radicale_backup = os.path.join(self.config.get(
+            "radicale", "home_dir", fallback="/srv/radicale"), "collections")
+        if os.path.isdir(radicale_backup):
+            shutil.copytree(radicale_backup, os.path.join(
+                path, "radicale"))
+            utils.printcolor("Radicale files saved", utils.GREEN)

modoboa_installer/scripts/restore.py

@@ -0,0 +1,26 @@
+import os
+import sys
+from .. import utils
+
+
+class Restore:
+    def __init__(self, restore):
+        """
+        Restoring pre-check (backup integriety)
+        REQUIRED : modoboa.sql
+        OPTIONAL : mails/, custom/, amavis.sql, spamassassin.sql
+        Only checking required
+        """
+
+        if not os.path.isdir(restore):
+            utils.error(
+                "Provided path is not a directory !")
+            sys.exit(1)
+
+        modoba_sql_file = os.path.join(restore, "databases/modoboa.sql")
+        if not os.path.isfile(modoba_sql_file):
+            utils.error(
+                modoba_sql_file + " not found, please check your backup")
+            sys.exit(1)
+
+        # Everything seems alright here, proceeding...

modoboa_installer/scripts/rspamd.py

@@ -0,0 +1,154 @@
+"""Rspamd related functions."""
+
+import os
+import pwd
+import stat
+
+from .. import package
+from .. import utils
+from .. import system
+
+from . import base
+from . import install
+
+
+class Rspamd(base.Installer):
+    """Rspamd installer."""
+
+    appname = "rspamd"
+    packages = {
+        "deb": [
+            "rspamd", "redis"
+        ]
+    }
+    config_files = [
+        "local.d/arc.conf",
+        "local.d/dkim_signing.conf",
+        "local.d/dmarc.conf",
+        "local.d/force_actions.conf",
+        "local.d/greylist.conf",
+        "local.d/metrics.conf",
+        "local.d/milter_headers.conf",
+        "local.d/mx_check.conf",
+        "local.d/redis.conf",
+        "local.d/settings.conf",
+        "local.d/spf.conf",
+        "local.d/worker-normal.inc",
+        "local.d/worker-proxy.inc",
+    ]
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.generate_password_condition = (
+            not self.upgrade or utils.user_input(
+                "Do you want to (re)generate rspamd password ? (y/N)").lower().startswith("y")
+        )
+
+    @property
+    def config_dir(self):
+        """Return appropriate config dir."""
+        return "/etc/rspamd"
+
+    def install_packages(self):
+        debian_based_dist, codename = utils.is_dist_debian_based()
+        if debian_based_dist:
+            utils.mkdir_safe(
+                "/etc/apt/keyrings",
+                stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP |
+                stat.S_IROTH | stat.S_IXOTH,
+                0, 0
+            )
+
+            package.backend.add_custom_repository(
+                "rspamd",
+                "http://rspamd.com/apt-stable/",
+                "https://rspamd.com/apt-stable/gpg.key",
+                codename
+            )
+            package.backend.update()
+
+        return super().install_packages()
+
+    def install_config_files(self):
+        """Make sure config directory exists."""
+        user = self.config.get(self.appname, "user")
+        pw = pwd.getpwnam(user)
+        targets = [
+            [self.app_config["dkim_keys_storage_dir"], pw[2], pw[3]]
+        ]
+        for target in targets:
+            if not os.path.exists(target[0]):
+                utils.mkdir(
+                    target[0],
+                    stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP |
+                    stat.S_IROTH | stat.S_IXOTH,
+                    target[1], target[2]
+                )
+        super().install_config_files()
+
+    def get_config_files(self):
+        """Return appropriate config files."""
+        _config_files = self.config_files
+        if self.config.getboolean("clamav", "enabled"):
+            _config_files.append("local.d/antivirus.conf")
+        if self.app_config["dnsbl"].lower() == "true":
+            _config_files.append("local.d/rbl.conf")
+        if self.app_config["whitelist_auth"].lower() == "true":
+            _config_files.append("local.d/groups.conf")
+        if self.generate_password_condition:
+            _config_files.append("local.d/worker-controller.inc")
+        return _config_files
+
+    def get_template_context(self):
+        _context = super().get_template_context()
+        _context["greylisting_disabled"] = "" if not self.app_config["greylisting"].lower() == "true" else "#"
+        _context["whitelist_auth_enabled"] = "" if self.app_config["whitelist_auth"].lower() == "true" else "#"
+        if self.generate_password_condition:
+            code, controller_password = utils.exec_cmd(
+                r"rspamadm pw -p {}".format(self.app_config["password"]))
+            if code != 0:
+                utils.error("Error setting rspamd password. "
+                            "Please make sure it is not 'q1' or 'q2'."
+                            "Storing the password in plain. See"
+                            "https://rspamd.com/doc/quickstart.html#setting-the-controller-password")
+                _context["controller_password"] = self.app_config["password"]
+            else:
+                controller_password = controller_password.decode().replace("\n", "")
+                _context["controller_password"] = controller_password
+        return _context
+
+    def post_run(self):
+        """Additional tasks."""
+        user = self.config.get(self.appname, "user")
+        system.add_user_to_group(
+            self.config.get("modoboa", "user"),
+            user
+        )
+        if self.config.getboolean("clamav", "enabled"):
+            install("clamav", self.config, self.upgrade, self.archive_path)
+
+    def custom_backup(self, path):
+        """Backup custom configuration if any."""
+        custom_config_dir = os.path.join(self.config_dir,
+                                         "/local.d/")
+        custom_backup_dir = os.path.join(path, "/rspamd/")
+        local_files = [f for f in os.listdir(custom_config_dir)
+                       if os.path.isfile(custom_config_dir, f)
+                       ]
+        for file in local_files:
+            utils.copy_file(file, custom_backup_dir)
+        if len(local_files) != 0:
+            utils.success("Rspamd custom configuration saved!")
+
+    def restore(self):
+        """Restore custom config files."""
+        custom_config_dir = os.path.join(self.config_dir,
+                                         "/local.d/")
+        custom_backup_dir = os.path.join(self.archive_path, "/rspamd/")
+        backed_up_files = [
+            f for f in os.listdir(custom_backup_dir)
+            if os.path.isfile(custom_backup_dir, f)
+        ]
+        for f in backed_up_files:
+            utils.copy_file(f, custom_config_dir)
+        utils.success("Custom Rspamd configuration restored.")

modoboa_installer/scripts/spamassassin.py

@@ -57,13 +57,7 @@ class Spamassassin(base.Installer):
 
     def post_run(self):
         """Additional tasks."""
-        amavis_user = self.config.get("amavis", "user")
-        pw = pwd.getpwnam(amavis_user)
-        utils.exec_cmd(
-            "pyzor --homedir {} discover".format(pw[5]),
-            sudo_user=amavis_user, login=False
-        )
-        install("razor", self.config, self.upgrade)
+        install("razor", self.config, self.upgrade, self.restore)
         if utils.dist_name() in ["debian", "ubuntu"]:
             utils.exec_cmd(
                 "perl -pi -e 's/^CRON=0/CRON=1/' /etc/cron.daily/spamassassin")