Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 1 | <?php |
| 2 | error_reporting(E_ERROR); |
| 3 | //error_reporting(E_ALL); |
| 4 | |
| 5 | /* |
| 6 | PLEASE USE THE FILE "vars.local.inc.php" TO OVERWRITE SETTINGS AND MAKE THEM PERSISTENT! |
| 7 | This file will be reset on upgrades. |
| 8 | */ |
| 9 | |
| 10 | // SQL database connection variables |
| 11 | $database_type = 'mysql'; |
| 12 | $database_sock = '/var/run/mysqld/mysqld.sock'; |
| 13 | $database_host = 'mysql'; |
| 14 | $database_user = getenv('DBUSER'); |
| 15 | $database_pass = getenv('DBPASS'); |
| 16 | $database_name = getenv('DBNAME'); |
| 17 | |
| 18 | // Other variables |
| 19 | $mailcow_hostname = getenv('MAILCOW_HOSTNAME'); |
| 20 | $default_pass_scheme = getenv('MAILCOW_PASS_SCHEME'); |
| 21 | |
| 22 | // Autodiscover settings |
| 23 | // === |
| 24 | // Auto-detect HTTPS port => |
| 25 | $https_port = strpos($_SERVER['HTTP_HOST'], ':'); |
| 26 | if ($https_port === FALSE) { |
| 27 | $https_port = 443; |
| 28 | } else { |
| 29 | $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1); |
| 30 | } |
| 31 | |
| 32 | // Alternatively select port here => |
| 33 | //$https_port = 1234; |
| 34 | // Other settings => |
| 35 | $autodiscover_config = array( |
| 36 | // General autodiscover service type: "activesync" or "imap" |
| 37 | // emClient uses autodiscover, but does not support ActiveSync. mailcow excludes emClient from ActiveSync. |
| 38 | // With SOGo disabled, the type will always fallback to imap. CalDAV and CardDAV will be excluded, too. |
| 39 | 'autodiscoverType' => 'activesync', |
| 40 | // If autodiscoverType => activesync, also use ActiveSync (EAS) for Outlook desktop clients (>= Outlook 2013 on Windows) |
| 41 | // Outlook for Mac does not support ActiveSync |
| 42 | 'useEASforOutlook' => 'no', |
| 43 | // Please don't use STARTTLS-enabled service ports in the "port" variable. |
| 44 | // The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services). |
| 45 | // The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable. |
| 46 | 'imap' => array( |
| 47 | 'server' => $mailcow_hostname, |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 48 | 'port' => (int)filter_var(substr(getenv('IMAPS_PORT'), strrpos(getenv('IMAPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT), |
| 49 | 'tlsport' => (int)filter_var(substr(getenv('IMAP_PORT'), strrpos(getenv('IMAP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT) |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 50 | ), |
| 51 | 'pop3' => array( |
| 52 | 'server' => $mailcow_hostname, |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 53 | 'port' => (int)filter_var(substr(getenv('POPS_PORT'), strrpos(getenv('POPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT), |
| 54 | 'tlsport' => (int)filter_var(substr(getenv('POP_PORT'), strrpos(getenv('POP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT) |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 55 | ), |
| 56 | 'smtp' => array( |
| 57 | 'server' => $mailcow_hostname, |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 58 | 'port' => (int)filter_var(substr(getenv('SMTPS_PORT'), strrpos(getenv('SMTPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT), |
| 59 | 'tlsport' => (int)filter_var(substr(getenv('SUBMISSION_PORT'), strrpos(getenv('SUBMISSION_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT) |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 60 | ), |
| 61 | 'activesync' => array( |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 62 | 'url' => 'https://' . $mailcow_hostname . ($https_port == 443 ? '' : ':' . $https_port) . '/Microsoft-Server-ActiveSync', |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 63 | ), |
| 64 | 'caldav' => array( |
| 65 | 'server' => $mailcow_hostname, |
| 66 | 'port' => $https_port, |
| 67 | ), |
| 68 | 'carddav' => array( |
| 69 | 'server' => $mailcow_hostname, |
| 70 | 'port' => $https_port, |
| 71 | ), |
| 72 | ); |
| 73 | |
| 74 | // If false, we will use DEFAULT_LANG |
| 75 | // Uses HTTP_ACCEPT_LANGUAGE header |
| 76 | $DETECT_LANGUAGE = true; |
| 77 | |
| 78 | // Change default language |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 79 | $DEFAULT_LANG = 'en-gb'; |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 80 | |
| 81 | // Available languages |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 82 | // https://www.iso.org/obp/ui/#search |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 83 | // https://en.wikipedia.org/wiki/IETF_language_tag |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 84 | $AVAILABLE_LANGUAGES = array( |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 85 | // 'ca-es' => 'Català (Catalan)', |
| 86 | 'cs-cz' => 'Čeština (Czech)', |
| 87 | 'da-dk' => 'Danish (Dansk)', |
| 88 | 'de-de' => 'Deutsch (German)', |
| 89 | 'en-gb' => 'English', |
| 90 | 'es-es' => 'Español (Spanish)', |
| 91 | 'fi-fi' => 'Suomi (Finish)', |
| 92 | 'fr-fr' => 'Français (French)', |
| 93 | 'hu-hu' => 'Magyar (Hungarian)', |
| 94 | 'it-it' => 'Italiano (Italian)', |
| 95 | 'ko-kr' => '한국어 (Korean)', |
| 96 | 'lv-lv' => 'latviešu (Latvian)', |
| 97 | 'nl-nl' => 'Nederlands (Dutch)', |
| 98 | 'pl-pl' => 'Język Polski (Polish)', |
| 99 | 'pt-pt' => 'Português (Portuguese)', |
| 100 | 'ro-ro' => 'Română (Romanian)', |
| 101 | 'ru-ru' => 'Pусский (Russian)', |
| 102 | 'sk-sk' => 'Slovenčina (Slovak)', |
| 103 | 'sv-se' => 'Svenska (Swedish)', |
| 104 | 'tr-tr' => 'Türkçe (Turkish)', |
| 105 | 'uk-ua' => 'Українська (Ukrainian)', |
| 106 | 'zh-cn' => '简体中文 (Simplified Chinese)', |
| 107 | 'zh-tw' => '繁體中文 (Traditional Chinese)', |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 108 | ); |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 109 | |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 110 | // default theme is lumen |
| 111 | // additional themes can be found here: https://bootswatch.com/ |
| 112 | // copy them to data/web/css/themes/{THEME-NAME}-bootstrap.css |
| 113 | $UI_THEME = "lumen"; |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 114 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 115 | // Show DKIM private keys - false by default |
| 116 | $SHOW_DKIM_PRIV_KEYS = false; |
| 117 | |
| 118 | // mailcow Apps - buttons on login screen |
| 119 | $MAILCOW_APPS = array( |
| 120 | array( |
| 121 | 'name' => 'Webmail', |
| 122 | 'link' => '/SOGo/', |
| 123 | ) |
| 124 | ); |
| 125 | |
| 126 | // Rows until pagination begins |
| 127 | $PAGINATION_SIZE = 20; |
| 128 | |
| 129 | // Default number of rows/lines to display (log table) |
| 130 | $LOG_LINES = 1000; |
| 131 | |
| 132 | // Rows until pagination begins (log table) |
| 133 | $LOG_PAGINATION_SIZE = 50; |
| 134 | |
| 135 | // Session lifetime in seconds |
| 136 | $SESSION_LIFETIME = 10800; |
| 137 | |
| 138 | // Label for OTP devices |
| 139 | $OTP_LABEL = "mailcow UI"; |
| 140 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 141 | // How long to wait (in s) for cURL Docker requests |
| 142 | $DOCKER_TIMEOUT = 60; |
| 143 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 144 | // Split DKIM key notation (bind format) |
| 145 | $SPLIT_DKIM_255 = false; |
| 146 | |
| 147 | // OAuth2 settings |
| 148 | $REFRESH_TOKEN_LIFETIME = 2678400; |
| 149 | $ACCESS_TOKEN_LIFETIME = 86400; |
| 150 | // Logout from mailcow after first OAuth2 session profile request |
| 151 | $OAUTH2_FORGET_SESSION_AFTER_LOGIN = false; |
| 152 | |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 153 | // Set a limit for mailbox and domain tagging |
| 154 | $TAGGING_LIMIT = 25; |
| 155 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 156 | // MAILBOX_DEFAULT_ATTRIBUTES define default attributes for new mailboxes |
| 157 | // These settings will not change existing mailboxes |
| 158 | |
| 159 | // Force incoming TLS for new mailboxes by default |
| 160 | $MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_in'] = false; |
| 161 | |
| 162 | // Force outgoing TLS for new mailboxes by default |
| 163 | $MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_out'] = false; |
| 164 | |
| 165 | // Force password change on next login (only allows login to mailcow UI) |
| 166 | $MAILBOX_DEFAULT_ATTRIBUTES['force_pw_update'] = false; |
| 167 | |
| 168 | // Enable SOGo access (set to false to disable access by default) |
| 169 | $MAILBOX_DEFAULT_ATTRIBUTES['sogo_access'] = true; |
| 170 | |
| 171 | // Send notification when quarantine is not empty (never, hourly, daily, weekly) |
| 172 | $MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification'] = 'hourly'; |
| 173 | |
| 174 | // Mailbox has IMAP access by default |
| 175 | $MAILBOX_DEFAULT_ATTRIBUTES['imap_access'] = true; |
| 176 | |
| 177 | // Mailbox has POP3 access by default |
| 178 | $MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true; |
| 179 | |
| 180 | // Mailbox has SMTP access by default |
| 181 | $MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true; |
| 182 | |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 183 | // Mailbox has sieve access by default |
| 184 | $MAILBOX_DEFAULT_ATTRIBUTES['sieve_access'] = true; |
| 185 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 186 | // Mailbox receives notifications about... |
| 187 | // "add_header" - mail that was put into the Junk folder |
| 188 | // "reject" - mail that was rejected |
| 189 | // "all" - mail that was rejected and put into the Junk folder |
| 190 | $MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category'] = 'reject'; |
| 191 | |
| 192 | // Default mailbox format, should not be changed unless you know exactly, what you do, keep the trailing ":" |
| 193 | // Check dovecot.conf for further changes (e.g. shared namespace) |
| 194 | $MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format'] = 'maildir:'; |
| 195 | |
| 196 | // Show last IMAP and POP3 logins |
| 197 | $SHOW_LAST_LOGIN = true; |
| 198 | |
| 199 | // UV flag handling in FIDO2/WebAuthn - defaults to false to allow iOS logins |
| 200 | // true = required |
| 201 | // false = preferred |
| 202 | // string 'required' 'preferred' 'discouraged' |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 203 | $WEBAUTHN_UV_FLAG_REGISTER = false; |
| 204 | $WEBAUTHN_UV_FLAG_LOGIN = false; |
| 205 | $WEBAUTHN_USER_PRESENT_FLAG = true; |
| 206 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 207 | $FIDO2_UV_FLAG_REGISTER = 'preferred'; |
| 208 | $FIDO2_UV_FLAG_LOGIN = 'preferred'; // iOS ignores the key via NFC if required - known issue |
| 209 | $FIDO2_USER_PRESENT_FLAG = true; |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 210 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 211 | $FIDO2_FORMATS = array('apple', 'android-key', 'android-safetynet', 'fido-u2f', 'none', 'packed', 'tpm'); |
| 212 | |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 213 | |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 214 | // Set visible Rspamd maps in mailcow UI, do not change unless you know what you are doing |
| 215 | $RSPAMD_MAPS = array( |
| 216 | 'regex' => array( |
| 217 | 'Header-From: Blacklist' => 'global_mime_from_blacklist.map', |
| 218 | 'Header-From: Whitelist' => 'global_mime_from_whitelist.map', |
| 219 | 'Envelope Sender Blacklist' => 'global_smtp_from_blacklist.map', |
| 220 | 'Envelope Sender Whitelist' => 'global_smtp_from_whitelist.map', |
| 221 | 'Recipient Blacklist' => 'global_rcpt_blacklist.map', |
| 222 | 'Recipient Whitelist' => 'global_rcpt_whitelist.map', |
| 223 | 'Fishy TLDS (only fired in combination with bad words)' => 'fishy_tlds.map', |
| 224 | 'Bad Words (only fired in combination with fishy TLDs)' => 'bad_words.map', |
| 225 | 'Bad Words DE (only fired in combination with fishy TLDs)' => 'bad_words_de.map', |
| 226 | 'Bad Languages' => 'bad_languages.map', |
| 227 | 'Bulk Mail Headers' => 'bulk_header.map', |
Matthias Andreas Benkard | 7b2a3a1 | 2021-08-16 10:57:25 +0200 | [diff] [blame] | 228 | 'Bad (Junk) Mail Headers' => 'bad_header.map', |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 229 | 'Monitoring Hosts' => 'monitoring_nolog.map' |
| 230 | ) |
| 231 | ); |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 232 | |
| 233 | |
| 234 | $IMAPSYNC_OPTIONS = array( |
| 235 | 'whitelist' => array( |
| 236 | 'authmech1', |
| 237 | 'authmech2', |
| 238 | 'authuser1', |
| 239 | 'authuser2', |
| 240 | 'debugcontent', |
| 241 | 'disarmreadreceipts', |
| 242 | 'logdir', |
| 243 | 'debugcrossduplicates', |
| 244 | 'maxsize', |
| 245 | 'minsize', |
| 246 | 'minage', |
| 247 | 'search', |
| 248 | 'noabletosearch', |
| 249 | 'pidfile', |
| 250 | 'pidfilelocking', |
| 251 | 'search1', |
| 252 | 'search2', |
| 253 | 'sslargs1', |
| 254 | 'sslargs2', |
| 255 | 'syncduplicates', |
| 256 | 'usecache', |
| 257 | 'synclabels', |
| 258 | 'truncmess', |
| 259 | 'domino2', |
| 260 | 'expunge1', |
| 261 | 'filterbuggyflags', |
| 262 | 'justconnect', |
| 263 | 'justfolders', |
| 264 | 'maxlinelength', |
| 265 | 'useheader', |
| 266 | 'noabletosearch1', |
| 267 | 'nolog', |
| 268 | 'prefix1', |
| 269 | 'prefix2', |
| 270 | 'sep1', |
| 271 | 'sep2', |
| 272 | 'nofoldersizesatend', |
| 273 | 'justfoldersizes', |
| 274 | 'proxyauth1', |
| 275 | 'skipemptyfolders', |
| 276 | 'include', |
| 277 | 'subfolder1', |
| 278 | 'subscribed', |
| 279 | 'subscribe', |
| 280 | 'debug', |
| 281 | 'debugimap2', |
| 282 | 'domino1', |
| 283 | 'exchange1', |
| 284 | 'exchange2', |
| 285 | 'justlogin', |
| 286 | 'keepalive1', |
| 287 | 'keepalive2', |
| 288 | 'noabletosearch2', |
| 289 | 'noexpunge2', |
| 290 | 'noresyncflags', |
| 291 | 'nossl1', |
| 292 | 'nouidexpunge2', |
| 293 | 'syncinternaldates', |
| 294 | 'idatefromheader', |
| 295 | 'useuid', |
| 296 | 'debugflags', |
| 297 | 'debugimap', |
| 298 | 'delete1emptyfolders', |
| 299 | 'delete2folders', |
| 300 | 'gmail2', |
| 301 | 'office1', |
| 302 | 'testslive6', |
| 303 | 'debugimap1', |
| 304 | 'errorsmax', |
| 305 | 'tests', |
| 306 | 'gmail1', |
| 307 | 'maxmessagespersecond', |
| 308 | 'maxbytesafter', |
| 309 | 'maxsleep', |
| 310 | 'abort', |
| 311 | 'resyncflags', |
| 312 | 'resynclabels', |
| 313 | 'syncacls', |
| 314 | 'nosyncacls', |
| 315 | 'nousecache', |
| 316 | 'office2', |
| 317 | 'testslive', |
| 318 | 'debugmemory', |
| 319 | 'exitwhenover', |
| 320 | 'noid', |
| 321 | 'noexpunge1', |
| 322 | 'authmd51', |
| 323 | 'logfile', |
| 324 | 'proxyauth2', |
| 325 | 'domain1', |
| 326 | 'domain2', |
| 327 | 'oauthaccesstoken1', |
| 328 | 'oauthaccesstoken2', |
| 329 | 'oauthdirect1', |
| 330 | 'oauthdirect2', |
| 331 | 'folder', |
| 332 | 'folderrec', |
| 333 | 'folderfirst', |
| 334 | 'folderlast', |
| 335 | 'nomixfolders', |
| 336 | 'authmd52', |
| 337 | 'debugfolders', |
| 338 | 'nossl2', |
| 339 | 'ssl2', |
| 340 | 'tls2', |
| 341 | 'notls2', |
| 342 | 'debugssl', |
| 343 | 'notls1', |
| 344 | 'inet4', |
| 345 | 'inet6', |
| 346 | 'log', |
| 347 | 'showpasswords' |
| 348 | ), |
| 349 | 'blacklist' => array( |
| 350 | 'skipmess', |
| 351 | 'delete2foldersonly', |
| 352 | 'delete2foldersbutnot', |
| 353 | 'regexflag', |
| 354 | 'regexmess', |
| 355 | 'pipemess', |
| 356 | 'regextrans2', |
| 357 | 'maxlinelengthcmd' |
| 358 | ) |
| 359 | ); |