[Web] Remove XMPP options

[Web] Add Rspamd preset #4
[Web] Do not show failed SASL logins (and also remove them from db)

data/conf/ejabberd/ejabberd.yml

@@ -1,239 +0,0 @@
-loglevel: info
-
-auth_method: [external]
-auth_use_cache: false
-extauth_program: /var/www/authentication/authenticator
-
-include_config_file:
-  /ejabberd/ejabberd_api.yml
-
-include_config_file:
-  /ejabberd/ejabberd_acl.yml
-
-include_config_file:
-  /ejabberd/ejabberd_hosts.yml:
-    allow_only:
-      - hosts
-
-include_config_file:
-  /ejabberd/ejabberd_macros.yml:
-    allow_only:
-      - define_macro
-
-define_macro:
-  'TLS_CIPHERS': "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
-  'TLS_OPTIONS':
-    - "no_sslv3"
-    - "no_tlsv1"
-    - "no_tlsv1_1"
-    - "cipher_server_preference"
-    - "no_compression"
-
-c2s_ciphers: 'TLS_CIPHERS'
-s2s_ciphers: 'TLS_CIPHERS'
-c2s_protocol_options: 'TLS_OPTIONS'
-s2s_protocol_options: 'TLS_OPTIONS'
-s2s_use_starttls: required
-
-new_sql_schema: true
-sql_type: sqlite
-sql_database: /sqlite/sqlite.db
-default_db: sql
-
-certfiles:
-  - /ejabberd_ssl/cert.pem
-  - /ejabberd_ssl/key.pem
-
-listen:
-  -
-    port: 5222
-    ip: "::"
-    module: ejabberd_c2s
-    max_stanza_size: 262144
-    shaper: c2s_shaper
-    access: c2s
-    starttls_required: true
-  -
-    port: 5269
-    ip: "::"
-    module: ejabberd_s2s_in
-    max_stanza_size: 524288
-  -
-    port: EJABBERD_HTTPS
-    ip: "::"
-    module: ejabberd_http
-    tls: true
-    request_handlers:
-      /captcha: ejabberd_captcha
-      /upload: mod_http_upload
-      /ws: ejabberd_http_ws
-  -
-    port: 5280
-    ip: "::"
-    module: ejabberd_http
-    request_handlers:
-      /api: mod_http_api
-  -
-    port: 5282
-    ip: "::"
-    module: ejabberd_http
-    request_handlers:
-      /xmpp: ejabberd_web_admin
-  -
-    module: ejabberd_http
-    port: 5281
-    ip: "::"
-    request_handlers:
-      /.well-known/acme-challenge: ejabberd_acme
-  -
-    port: 1883
-    ip: "::"
-    module: mod_mqtt
-    backlog: 1000
-
-acme:
-  auto: true
-
-acl:
-  admin:
-    user:
-      - "admin": "localhost"
-  local:
-    user_regexp: ""
-  loopback:
-    ip:
-      - 127.0.0.0/8
-      - ::1/128
-
-access_rules:
-  local:
-    allow: local
-  c2s:
-    deny: blocked
-    allow: all
-  announce:
-    allow: admin
-  configure:
-    allow: admin
-  muc_create:
-    allow: local
-  pubsub_createnode:
-    allow: local
-  trusted_network:
-    allow: loopback
-
-api_permissions:
-  "console commands":
-    from:
-      - ejabberd_ctl
-    who: all
-    what: "*"
-  "admin access":
-    who:
-      access:
-        allow:
-          - acl: loopback
-          - acl: admin
-    what:
-      - "*"
-      - "!stop"
-      - "!start"
-
-shaper:
-  normal:
-    rate: 3000
-    burst_size: 20000
-  fast: 100000
-
-shaper_rules:
-  max_user_sessions: 10
-  max_user_offline_messages:
-    1000: admin
-    1000: all
-  c2s_shaper:
-    none: admin
-    normal: all
-  s2s_shaper: fast
-
-modules:
-  mod_adhoc: {}
-  mod_admin_extra: {}
-  mod_announce:
-    access: announce
-  mod_avatar: {}
-  mod_blocking: {}
-  mod_caps: {}
-  mod_carboncopy: {}
-  mod_client_state: {}
-  mod_configure: {}
-  mod_disco: {}
-  mod_fail2ban: {}
-  mod_http_api: {}
-  mod_http_upload_quota:
-    max_days: 30
-  mod_http_upload:
-    docroot: /var/www/upload
-    custom_headers:
-      "Access-Control-Allow-Origin": "https://@HOST@"
-      "Access-Control-Allow-Methods": "GET,HEAD,PUT,OPTIONS"
-      "Access-Control-Allow-Headers": "Content-Type"
-    thumbnail: true
-    jid_in_url: node
-    file_mode: "0600"
-    dir_mode: "0700"
-  mod_last: {}
-  mod_mam:
-    clear_archive_on_room_destroy: true
-    default: never
-    compress_xml: true
-    request_activates_archiving: true
-  mod_mqtt: {}
-  mod_muc:
-    access:
-      - allow
-    access_admin:
-      - allow: admin
-    access_create: muc_create
-    access_persistent: muc_create
-    access_mam:
-      - allow
-    default_room_options:
-      mam: false
-      persistent: false
-  mod_muc_admin: {}
-  mod_offline:
-    access_max_user_messages: max_user_offline_messages
-  mod_ping: {}
-  mod_privacy: {}
-  mod_private: {}
-  mod_proxy65:
-    access: local
-    max_connections: 5
-  mod_pubsub:
-    access_createnode: pubsub_createnode
-    plugins:
-      - flat
-      - pep
-    force_node_config:
-      ## Avoid buggy clients to make their bookmarks public
-      storage:bookmarks:
-        access_model: whitelist
-  mod_push: {}
-  mod_push_keepalive: {}
-  mod_register:
-    ## Only accept registration requests from the "trusted"
-    ## network (see access_rules section above).
-    ## Think twice before enabling registration from any
-    ## address. See the Jabber SPAM Manifesto for details:
-    ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
-    ip_access: trusted_network
-  mod_roster:
-    versioning: true
-  mod_s2s_dialback: {}
-  mod_stream_mgmt:
-    resend_on_timeout: if_offline
-  mod_stun_disco: {}
-  mod_vcard: {}
-  mod_vcard_xupdate: {}
-  mod_version:
-    show_os: false

data/conf/nginx/includes/site-defaults.conf

@@ -118,14 +118,6 @@
     proxy_redirect off;
   }
 
-  location /xmpp/ {
-    proxy_pass       http://ejabberd:5282/xmpp/;
-    proxy_set_header Host      $http_host;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_redirect off;
-  }
-
   location ~* ^/Autodiscover/Autodiscover.xml {
     fastcgi_split_path_info ^(.+\.php)(/.+)$;
     fastcgi_pass phpfpm:9002;

data/web/css/site/edit.css

@@ -37,11 +37,7 @@
   -webkit-transform:rotateX(180deg);
   transform:rotateX(180deg);
 }
-.input-group-addon-xmpp {
-  background-color: #fff;
-  border: 0px solid #fff;
-}
 #sender_acl_disabled {
   display:none;
   margin-top:10px;
-}
+}

data/web/css/site/user.css

@@ -123,10 +123,7 @@ border-bottom-width: 3px;
   border-radius: 4px;
   top: 3px;
 }
-.xmpp-logo-user {
-  width:64px;
-}
 .recent-login-success {
   margin-top:2px;
   margin-right:10px;
-}
+}

data/web/edit.php

@@ -272,7 +272,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
               <input type="hidden" value="0" name="active">
               <input type="hidden" value="0" name="backupmx">
               <input type="hidden" value="0" name="gal">
-              <input type="hidden" value="0" name="xmpp">
               <input type="hidden" value="0" name="relay_all_recipients">
               <input type="hidden" value="0" name="relay_unknown_only">
               <div class="form-group" data-acl="<?=$_SESSION['acl']['domain_desc'];?>">
@@ -356,26 +355,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
                 </div>
               </div>
               <hr>
-              <div class="form-group" data-acl="<?=$_SESSION['acl']['xmpp_prefix'];?>">
-                <label class="control-label col-sm-2" for="xmpp_prefix"><?=$lang['edit']['xmpp_prefix'];?></label>
-                <div class="col-md-10">
-                  <div class="input-group">
-                    <input type="text" class="form-control" id="xmpp-prefix" name="xmpp_prefix" value="<?=(!empty($result['xmpp_prefix'])) ? htmlspecialchars($result['xmpp_prefix'], ENT_QUOTES, 'UTF-8') : 'im';?>" required>
-                    <span class="input-group-addon">.<?=htmlspecialchars($domain, ENT_QUOTES, 'UTF-8');?></span>
-                  </div>
-                  <small class="help-block"><?=sprintf($lang['edit']['xmpp_prefix_info'], getenv('MAILCOW_HOSTNAME'));?></small>
-                  <p><?=$lang['edit']['xmpp_example_jid'];?>: <code>username@<span class="xmpp-prefix-preview"></span>.<?=htmlspecialchars($domain, ENT_QUOTES, 'UTF-8');?></code></p>
-                </div>
-              </div>
-              <div class="form-group" data-acl="<?=$_SESSION['acl']['xmpp_mailbox_access'];?>">
-                <div class="col-sm-offset-2 col-sm-10">
-                  <div class="checkbox">
-                    <label><input type="checkbox" value="1" name="xmpp" <?=(isset($result['xmpp']) && $result['xmpp']=="1") ? "checked" : null;?>> <?=$lang['edit']['xmpp'];?></label>
-                    <small class="help-block"><?=$lang['edit']['xmpp_info'];?></small>
-                  </div>
-                </div>
-              </div>
-              <hr>
               <div class="form-group">
                 <div class="col-sm-offset-2 col-sm-10">
                   <div class="checkbox">
@@ -649,8 +628,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
           <input type="hidden" value="0" name="force_pw_update">
           <input type="hidden" value="0" name="sogo_access">
           <input type="hidden" value="0" name="protocol_access">
-          <input type="hidden" value="0" name="xmpp_access">
-          <input type="hidden" value="0" name="xmpp_admin">
           <div class="form-group">
             <label class="control-label col-sm-2" for="name"><?=$lang['edit']['full_name'];?></label>
             <div class="col-sm-10">
@@ -859,23 +836,6 @@ if (isset($_SESSION['mailcow_cc_role'])) {
             </div>
           </div>
           <hr>
-          <div class="form-group">
-            <div class="col-sm-offset-2 col-sm-10">
-              <div class="checkbox">
-                <label><input type="checkbox" data-acl="<?=$_SESSION['acl']['xmpp_mailbox_access'];?>" value="1" name="xmpp_access" <?=(isset($result['attributes']['xmpp_access']) && $result['attributes']['xmpp_access']=="1") ? "checked" : null;?>> <?=$lang['edit']['xmpp_access'];?></label>
-                <small class="help-block"><?=$lang['edit']['xmpp_access_info'];?></small>
-              </div>
-            </div>
-          </div>
-          <div class="form-group">
-            <div class="col-sm-offset-2 col-sm-10">
-              <div class="checkbox">
-                <label><input data-acl="<?=$_SESSION['acl']['xmpp_admin'];?>" type="checkbox" value="1" name="xmpp_admin" <?=(isset($result['attributes']['xmpp_admin']) && $result['attributes']['xmpp_admin']=="1") ? "checked" : null;?>> <?=$lang['edit']['xmpp_admin'];?></label>
-                <small class="help-block"><?=$lang['edit']['xmpp_admin_info'];?></small>
-              </div>
-            </div>
-          </div>
-          <hr>
           <div class="form-group">
             <div class="col-sm-offset-2 col-sm-10">
             <select name="active" class="form-control">

data/web/inc/ajax/dns_diagnostics.php

@@ -126,28 +126,6 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
       'CNAME',
       $mailcow_hostname
     );
-    if ($domain_details['xmpp'] === 1 && isset($domain_details['xmpp_prefix'])) {
-      $records[] = array(
-        $domain_details['xmpp_prefix'] . '.' . $domain,
-        'CNAME',
-        $mailcow_hostname
-      );
-      $records[] = array(
-        '*.' . $domain_details['xmpp_prefix'] . '.' . $domain,
-        'CNAME',
-        $mailcow_hostname
-      );
-      $records[] = array(
-        '_xmpp-client._tcp.' . $domain_details['xmpp_prefix'] . '.' . $domain,
-        'SRV',
-        $mailcow_hostname . ' ' . array_pop(explode(':', getenv('XMPP_C2S_PORT')))
-      );
-      $records[] = array(
-        '_xmpp-server._tcp.' . $domain_details['xmpp_prefix'] . '.' . $domain,
-        'SRV',
-        $mailcow_hostname . ' ' . array_pop(explode(':', getenv('XMPP_S2S_PORT')))
-      );
-    }
   }
 
   $records[] = array(

data/web/inc/functions.inc.php

@@ -262,7 +262,6 @@ function last_login($action, $username, $sasl_limit_days = 7) {
           LEFT OUTER JOIN `app_passwd` on `sasl_logs`.`app_password` = `app_passwd`.`id`
           WHERE `username` = :username
             AND HOUR(TIMEDIFF(NOW(), `datetime`)) < :sasl_limit_days
-            AND `success` = 1
               GROUP BY `real_rip`, `service`, `app_password`
               ORDER BY `datetime` DESC;');
         $stmt->execute(array(':username' => $username, ':sasl_limit_days' => ($sasl_limit_days * 24)));
@@ -333,8 +332,7 @@ function last_login($action, $username, $sasl_limit_days = 7) {
     case 'reset':
       if (filter_var($username, FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
         $stmt = $pdo->prepare('DELETE FROM `sasl_logs`
-          WHERE `username` = :username
-            AND `success` = 1;');
+          WHERE `username` = :username');
         $stmt->execute(array(':username' => $username));
       }
       if ($_SESSION['mailcow_cc_role'] == "admin" || $username == $_SESSION['mailcow_cc_username']) {

data/web/inc/functions.mailbox.inc.php

@@ -450,7 +450,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           }
           $domain				= idn_to_ascii(strtolower(trim($_data['domain'])), 0, INTL_IDNA_VARIANT_UTS46);
           $description  = $_data['description'];
-          $xmpp_prefix = preg_replace('/[^\da-z-]/i', '', $_data['xmpp_prefix']);
           if (empty($description)) {
             $description = $domain;
           }
@@ -497,7 +496,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           $relay_unknown_only = intval($_data['relay_unknown_only']);
           $backupmx = intval($_data['backupmx']);
           $gal = intval($_data['gal']);
-          $xmpp = intval($_data['xmpp']);
           if ($relay_all_recipients == 1) {
             $backupmx = '1';
           }
@@ -551,8 +549,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           $stmt->execute(array(
             ':domain' => '%@' . $domain
           ));
-          $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `xmpp`, `xmpp_prefix`, `active`, `relay_unknown_only`, `relay_all_recipients`)
-            VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :xmpp, :xmpp_prefix, :active, :relay_unknown_only, :relay_all_recipients)");
+          $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `active`, `relay_unknown_only`, `relay_all_recipients`)
+            VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :active, :relay_unknown_only, :relay_all_recipients)");
           $stmt->execute(array(
             ':domain' => $domain,
             ':description' => $description,
@@ -563,8 +561,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
             ':quota' => $quota,
             ':backupmx' => $backupmx,
             ':gal' => $gal,
-            ':xmpp' => $xmpp,
-            ':xmpp_prefix' => $xmpp_prefix,
             ':active' => $active,
             ':relay_unknown_only' => $relay_unknown_only,
             ':relay_all_recipients' => $relay_all_recipients
@@ -960,8 +956,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           $imap_access = (isset($_data['imap_access'])) ? intval($_data['imap_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['imap_access']);
           $pop3_access = (isset($_data['pop3_access'])) ? intval($_data['pop3_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['pop3_access']);
           $smtp_access = (isset($_data['smtp_access'])) ? intval($_data['smtp_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['smtp_access']);
-          $xmpp_access = (isset($_data['xmpp_access'])) ? intval($_data['xmpp_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['xmpp_access']);
-          $xmpp_admin = (isset($_data['xmpp_admin'])) ? intval($_data['xmpp_admin']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['xmpp_admin']);
           $quarantine_notification = (isset($_data['quarantine_notification'])) ? strval($_data['quarantine_notification']) : strval($MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification']);
           $quarantine_category = (isset($_data['quarantine_category'])) ? strval($_data['quarantine_category']) : strval($MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category']);
           $quota_b		= ($quota_m * 1048576);
@@ -974,8 +968,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               'imap_access' => strval($imap_access),
               'pop3_access' => strval($pop3_access),
               'smtp_access' => strval($smtp_access),
-              'xmpp_access' => strval($xmpp_access),
-              'xmpp_admin' => strval($xmpp_admin),
               'passwd_update' => time(),
               'mailbox_format' => strval($MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format']),
               'quarantine_notification' => strval($quarantine_notification),
@@ -2145,8 +2137,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               $is_now = mailbox('get', 'domain_details', $domain);
               if (!empty($is_now)) {
                 $gal                  = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
-                $xmpp                 = (isset($_data['xmpp']) && !empty($_SESSION['acl']['xmpp_domain_access']) && $_SESSION['acl']['xmpp_domain_access'] == "1") ? intval($_data['xmpp']) : $is_now['xmpp'];
-                $xmpp_prefix          = (!empty($_data['xmpp_prefix']) && !empty($_SESSION['acl']['xmpp_prefix']) && $_SESSION['acl']['xmpp_prefix'] == "1") ? $_data['xmpp_prefix'] : $is_now['xmpp_prefix'];
                 $description          = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description'];
                 (int)$relayhost       = (isset($_data['relayhost']) && isset($_SESSION['acl']['domain_relayhost']) && $_SESSION['acl']['domain_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['relayhost']);
               }
@@ -2158,18 +2148,13 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 );
                 continue;
               }
-              $xmpp_prefix = preg_replace('/[^\da-z-]/i', '', $xmpp_prefix);
               $stmt = $pdo->prepare("UPDATE `domain` SET
               `description` = :description,
-              `gal` = :gal,
-              `xmpp` = :xmpp,
-              `xmpp_prefix` = :xmpp_prefix
+              `gal` = :gal
                 WHERE `domain` = :domain");
               $stmt->execute(array(
                 ':description' => $description,
                 ':gal' => $gal,
-                ':xmpp' => $xmpp,
-                ':xmpp_prefix' => $xmpp_prefix,
                 ':domain' => $domain
               ));
               $_SESSION['return'][] = array(
@@ -2184,7 +2169,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 $active               = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
                 $backupmx             = (isset($_data['backupmx'])) ? intval($_data['backupmx']) : $is_now['backupmx'];
                 $gal                  = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
-                $xmpp                 = (isset($_data['xmpp'])) ? intval($_data['xmpp']) : $is_now['xmpp'];
                 $relay_all_recipients = (isset($_data['relay_all_recipients'])) ? intval($_data['relay_all_recipients']) : $is_now['relay_all_recipients'];
                 $relay_unknown_only   = (isset($_data['relay_unknown_only'])) ? intval($_data['relay_unknown_only']) : $is_now['relay_unknown_only'];
                 $relayhost            = (isset($_data['relayhost'])) ? intval($_data['relayhost']) : $is_now['relayhost'];
@@ -2194,7 +2178,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 $maxquota             = (!empty($_data['maxquota'])) ? $_data['maxquota'] : ($is_now['max_quota_for_mbox'] / 1048576);
                 $quota                = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['max_quota_for_domain'] / 1048576);
                 $description          = (!empty($_data['description'])) ? $_data['description'] : $is_now['description'];
-                $xmpp_prefix          = (!empty($_data['xmpp_prefix'])) ? $_data['xmpp_prefix'] : $is_now['xmpp_prefix'];
                 if ($relay_all_recipients == '1') {
                   $backupmx = '1';
                 }
@@ -2211,7 +2194,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 );
                 continue;
               }
-              $xmpp_prefix = preg_replace('/[^\da-z-]/i', '', $xmpp_prefix);
               // todo: should be using api here
               $stmt = $pdo->prepare("SELECT
                   COUNT(*) AS count,
@@ -2299,8 +2281,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               `relay_unknown_only` = :relay_unknown_only,
               `backupmx` = :backupmx,
               `gal` = :gal,
-              `xmpp` = :xmpp,
-              `xmpp_prefix` = :xmpp_prefix,
               `active` = :active,
               `quota` = :quota,
               `defquota` = :defquota,
@@ -2315,8 +2295,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 ':relay_unknown_only' => $relay_unknown_only,
                 ':backupmx' => $backupmx,
                 ':gal' => $gal,
-                ':xmpp' => $xmpp,
-                ':xmpp_prefix' => $xmpp_prefix,
                 ':active' => $active,
                 ':quota' => $quota,
                 ':defquota' => $defquota,
@@ -2365,8 +2343,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               (int)$imap_access = (isset($_data['imap_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['imap_access']) : intval($is_now['attributes']['imap_access']);
               (int)$pop3_access = (isset($_data['pop3_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['pop3_access']) : intval($is_now['attributes']['pop3_access']);
               (int)$smtp_access = (isset($_data['smtp_access']) && isset($_SESSION['acl']['protocol_access']) && $_SESSION['acl']['protocol_access'] == "1") ? intval($_data['smtp_access']) : intval($is_now['attributes']['smtp_access']);
-              (int)$xmpp_admin = (isset($_data['xmpp_admin']) && isset($_SESSION['acl']['xmpp_admin']) && $_SESSION['acl']['xmpp_admin'] == "1") ? intval($_data['xmpp_admin']) : intval($is_now['attributes']['xmpp_admin']);
-              (int)$xmpp_access = (isset($_data['xmpp_access']) && isset($_SESSION['acl']['xmpp_mailbox_access']) && $_SESSION['acl']['xmpp_mailbox_access'] == "1") ? intval($_data['xmpp_access']) : intval($is_now['attributes']['xmpp_access']);
               (int)$relayhost = (isset($_data['relayhost']) && isset($_SESSION['acl']['mailbox_relayhost']) && $_SESSION['acl']['mailbox_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['attributes']['relayhost']);
               (int)$quota_m = (isset_has_content($_data['quota'])) ? intval($_data['quota']) : ($is_now['quota'] / 1048576);
               $name       = (!empty($_data['name'])) ? ltrim(rtrim($_data['name'], '>'), '<') : $is_now['name'];
@@ -2639,8 +2615,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 `attributes` = JSON_SET(`attributes`, '$.sogo_access', :sogo_access),
                 `attributes` = JSON_SET(`attributes`, '$.imap_access', :imap_access),
                 `attributes` = JSON_SET(`attributes`, '$.pop3_access', :pop3_access),
-                `attributes` = JSON_SET(`attributes`, '$.xmpp_admin', :xmpp_admin),
-                `attributes` = JSON_SET(`attributes`, '$.xmpp_access', :xmpp_access),
                 `attributes` = JSON_SET(`attributes`, '$.relayhost', :relayhost),
                 `attributes` = JSON_SET(`attributes`, '$.smtp_access', :smtp_access)
                   WHERE `username` = :username");
@@ -2653,8 +2627,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               ':imap_access' => $imap_access,
               ':pop3_access' => $pop3_access,
               ':smtp_access' => $smtp_access,
-              ':xmpp_admin' => $xmpp_admin,
-              ':xmpp_access' => $xmpp_access,
               ':relayhost' => $relayhost,
               ':username' => $username
             ));
@@ -3413,8 +3385,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               `relay_unknown_only`,
               `backupmx`,
               `gal`,
-              `xmpp`,
-              `xmpp_prefix`,
               `active`
                 FROM `domain` WHERE `domain`= :domain");
           $stmt->execute(array(
@@ -3473,8 +3443,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           $domaindata['backupmx'] = $row['backupmx'];
           $domaindata['backupmx_int'] = $row['backupmx'];
           $domaindata['gal'] = $row['gal'];
-          $domaindata['xmpp'] = $row['xmpp'];
-          $domaindata['xmpp_prefix'] = $row['xmpp_prefix'];
           $domaindata['gal_int'] = $row['gal'];
           $domaindata['rl'] = $rl;
           $domaindata['active'] = $row['active'];
@@ -3520,8 +3488,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               `mailbox`.`domain`,
               `mailbox`.`local_part`,
               `mailbox`.`quota`,
-              `domain`.`xmpp` AS `domain_xmpp`,
-              `domain`.`xmpp_prefix` AS `domain_xmpp_prefix`,
               `quota2`.`bytes`,
               `attributes`,
               `quota2`.`messages`
@@ -3540,8 +3506,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               `mailbox`.`domain`,
               `mailbox`.`local_part`,
               `mailbox`.`quota`,
-              `domain`.`xmpp` AS `domain_xmpp`,
-              `domain`.`xmpp_prefix` AS `domain_xmpp_prefix`,
               `quota2replica`.`bytes`,
               `attributes`,
               `quota2replica`.`messages`
@@ -3560,10 +3524,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           $mailboxdata['active'] = $row['active'];
           $mailboxdata['active_int'] = $row['active'];
           $mailboxdata['domain'] = $row['domain'];
-          $mailboxdata['domain_xmpp'] = $row['domain_xmpp'];
           $mailboxdata['relayhost'] = $row['relayhost'];
           $mailboxdata['name'] = $row['name'];
-          $mailboxdata['domain_xmpp_prefix'] = $row['domain_xmpp_prefix'];
           $mailboxdata['local_part'] = $row['local_part'];
           $mailboxdata['quota'] = $row['quota'];
           $mailboxdata['messages'] = $row['messages'];
@@ -3587,7 +3549,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           // Determine last logins
           $stmt = $pdo->prepare("SELECT MAX(`datetime`) AS `datetime`, `service` FROM `sasl_logs`
             WHERE `username` = :mailbox
-              AND `success` = 1
                 GROUP BY `service` DESC");
           $stmt->execute(array(':mailbox' => $_data));
           $SaslLogsData  = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -4376,6 +4337,5 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
   }
   if ($_action != 'get' && in_array($_type, array('domain', 'alias', 'alias_domain', 'mailbox', 'resource'))) {
     update_sogo_static_view();
-    xmpp_rebuild_configs();
   }
 }

data/web/inc/functions.xmpp.inc.php

@@ -1,299 +0,0 @@
-<?php
-function xmpp_control($_action, $_data = null) {
-	global $lang;
-  $_data_log = $_data;
-  switch ($_action) {
-    case 'reload':
-      $curl = curl_init();
-      curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
-      curl_setopt($curl, CURLOPT_URL, 'http://ejabberd:5280/api/reload_config');
-      curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
-      curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
-      curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
-      curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
-      $response = curl_exec($curl);
-      curl_close($curl);
-
-      if ($response === "0") {
-        $_SESSION['return'][] = array(
-          'type' => 'success',
-          'log' => array(__FUNCTION__, $_action, $_data_log),
-          'msg' => 'xmpp_reloaded'
-        );
-      }
-      else {
-        $_SESSION['return'][] = array(
-          'type' => 'danger',
-          'log' => array(__FUNCTION__, $_action, $_data_log),
-          'msg' => 'xmpp_reload_failed'
-        );
-      }
-    break;
-    case 'restart':
-      $curl = curl_init();
-      curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
-      curl_setopt($curl, CURLOPT_URL, 'http://ejabberd:5280/api/restart');
-      curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
-      curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
-      curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
-      curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
-      $response = curl_exec($curl);
-      curl_close($curl);
-
-      if ($response === "0") {
-        $_SESSION['return'][] = array(
-          'type' => 'success',
-          'log' => array(__FUNCTION__, $_action, $_data_log),
-          'msg' => 'xmpp_restarted'
-        );
-      }
-      else {
-        // If no host is available, the container might be in sleeping state, we need to restart the container
-        $response = json_decode(docker('post', 'ejabberd-mailcow', 'restart'), true);
-        if (isset($response['type']) && $response['type'] == "success") {
-          $_SESSION['return'][] = array(
-            'type' => 'success',
-            'log' => array(__FUNCTION__, $_action, $_data_log),
-            'msg' => 'xmpp_restarted'
-          );
-        }
-        else {
-          $_SESSION['return'][] = array(
-            'type' => 'danger',
-            'log' => array(__FUNCTION__, $_action, $_data_log),
-            'msg' => 'xmpp_restart_failed'
-          );
-        }
-      }
-    break;
-    case 'status':
-      if ($_SESSION['mailcow_cc_role'] != "admin") {
-        $_SESSION['return'][] = array(
-          'type' => 'danger',
-          'log' => array(__FUNCTION__, $_action, $_data_log),
-          'msg' => 'access_denied'
-        );
-        return false;
-      }
-      foreach (array(
-          'onlineusers' => 'stats?name=onlineusers',
-          'uptimeseconds' => 'stats?name=uptimeseconds',
-          'muc_online_rooms' => 'muc_online_rooms?service=global'
-        ) as $stat => $url) {
-        $curl = curl_init();
-        curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
-        curl_setopt($curl, CURLOPT_URL, 'http://ejabberd:5280/api/' . $url);
-        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
-        curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
-        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
-        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
-        $response_json = json_decode(curl_exec($curl), true);
-        if (isset($response_json['stat'])) {
-          $response_data[$stat] = $response_json['stat'];
-        }
-        else {
-          $response_data[$stat] = $response_json;
-        }
-        curl_close($curl);
-        // Something went wrong
-        if ($response_data[$stat] === false) {
-          $response_data[$stat] = '?';
-        }
-      }
-      return $response_data;
-    break;
-  }
-}
-function xmpp_rebuild_configs() {
-	global $pdo;
-	global $lang;
-  $_data_log = $_data;
-
-  try {
-    $xmpp_domains = array();
-    $stmt = $pdo->query('SELECT CONCAT(`xmpp_prefix`, ".", `domain`) AS `xmpp_host`, `domain` FROM `domain` WHERE `xmpp` = 1');
-    $xmpp_domain_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-
-    foreach ($xmpp_domain_rows as $xmpp_domain_row) {
-      $xmpp_domains[$xmpp_domain_row['domain']] = array('xmpp_host' => $xmpp_domain_row['xmpp_host']);
-      $stmt = $pdo->query('SELECT CONCAT(`local_part`, "@", CONCAT(`domain`.`xmpp_prefix`, ".", `domain`.`domain`)) AS `xmpp_username` FROM `mailbox`
-        JOIN `domain`
-          WHERE `domain`.`xmpp` = 1
-            AND JSON_VALUE(`attributes`, "$.xmpp_admin") = 1');
-      $xmpp_admin_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-      foreach ($xmpp_admin_rows as $xmpp_admin_row) {
-        $xmpp_domains[$xmpp_domain_row['domain']]['xmpp_admins'][] = $xmpp_admin_row['xmpp_username'];
-      }
-    }
-
-    touch('/ejabberd/ejabberd_hosts.yml');
-    touch('/ejabberd/ejabberd_acl.yml');
-    touch('/etc/nginx/conf.d/ZZZ-ejabberd.conf');
-    $ejabberd_hosts_md5 = md5_file('/ejabberd/ejabberd_hosts.yml');
-    $ejabberd_acl_md5 = md5_file('/ejabberd/ejabberd_acl.yml');
-    $ejabberd_site_md5 = md5_file('/etc/nginx/conf.d/ZZZ-ejabberd.conf');
-
-    if (!empty($xmpp_domains)) {
-      // Handle hosts file
-      $hosts_handle = fopen('/ejabberd/ejabberd_hosts.yml', 'w');
-      if (!$hosts_handle) {
-        throw new Exception($lang['danger']['file_open_error']);
-      }
-      fwrite($hosts_handle, '# Autogenerated by mailcow' . PHP_EOL);
-      fwrite($hosts_handle, 'hosts:' . PHP_EOL);
-      foreach ($xmpp_domains as $domain => $domain_values) {
-        fwrite($hosts_handle, '  - ' . $xmpp_domains[$domain]['xmpp_host'] . PHP_EOL);
-      }
-      fclose($hosts_handle);
-
-      // Handle ACL file
-      $acl_handle = fopen('/ejabberd/ejabberd_acl.yml', 'w');
-      if (!$acl_handle) {
-        throw new Exception($lang['danger']['file_open_error']);
-      }
-      fwrite($acl_handle, '# Autogenerated by mailcow' . PHP_EOL);
-      fwrite($acl_handle, 'append_host_config:' . PHP_EOL);
-      foreach ($xmpp_domains as $domain => $domain_values) {
-        fwrite($acl_handle, '  ' . $xmpp_domains[$domain]['xmpp_host'] . ':' . PHP_EOL);
-        fwrite($acl_handle, '    acl:' . PHP_EOL);
-        fwrite($acl_handle, '      admin:' . PHP_EOL);
-        fwrite($acl_handle, '        user:' . PHP_EOL);
-        foreach ($xmpp_domains[$domain]['xmpp_admins'] as $xmpp_admin) {
-          fwrite($acl_handle, '          - ' . $xmpp_admin . PHP_EOL);
-        }
-      }
-      fclose($acl_handle);
-
-      // Handle Nginx site
-      $site_handle = @fopen('/etc/nginx/conf.d/ZZZ-ejabberd.conf', 'r+');
-      if ($site_handle !== false) {
-        ftruncate($site_handle, 0);
-        fclose($site_handle);
-      }
-      $site_handle = fopen('/etc/nginx/conf.d/ZZZ-ejabberd.conf', 'w');
-      if (!$site_handle) {
-        throw new Exception($lang['danger']['file_open_error']);
-      }
-      fwrite($site_handle, '# Autogenerated by mailcow' . PHP_EOL);
-      foreach ($xmpp_domains as $domain => $domain_values) {
-        $site_config = <<<EOF
-server {
-  root /web;
-
-  include /etc/nginx/conf.d/listen_ssl.active;
-  include /etc/nginx/conf.d/listen_plain.active;
-
-  ssl_protocols TLSv1.2 TLSv1.3;
-
-  ssl_certificate /etc/ssl/mail/cert.pem;
-  ssl_certificate_key /etc/ssl/mail/key.pem;
-
-  server_name %s conference.%s proxy.%s pubsub.%s upload.%s;
-
-  if (\$request_uri ~* "%%0A|%%0D") {
-    return 403;
-  }
-
-  set_real_ip_from 10.0.0.0/8;
-  set_real_ip_from 172.16.0.0/12;
-  set_real_ip_from 192.168.0.0/16;
-  set_real_ip_from fc00::/7;
-  real_ip_header X-Forwarded-For;
-  real_ip_recursive on;
-
-  location / {
-    proxy_pass http://ejabberd:5281/;
-    proxy_set_header Host \$http_host;
-    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-    proxy_set_header X-Real-IP \$remote_addr;
-    proxy_redirect off;
-  }
-}
-
-EOF;
-        fwrite($site_handle, sprintf($site_config,
-          $xmpp_domains[$domain]['xmpp_host'],
-          $xmpp_domains[$domain]['xmpp_host'],
-          $xmpp_domains[$domain]['xmpp_host'],
-          $xmpp_domains[$domain]['xmpp_host'],
-          $xmpp_domains[$domain]['xmpp_host']
-        ));
-      }
-      fclose($site_handle);
-    }
-    else {
-      // Write empty hosts file
-      $hosts_handle = fopen('/ejabberd/ejabberd_hosts.yml', 'w');
-      if (!$hosts_handle) {
-        throw new Exception($lang['danger']['file_open_error']);
-      }
-      fwrite($hosts_handle, '# Autogenerated by mailcow' . PHP_EOL);
-      fclose($hosts_handle);
-
-      // Write empty ACL file
-      $acl_handle = fopen('/ejabberd/ejabberd_acl.yml', 'w');
-      if (!$acl_handle) {
-        throw new Exception($lang['danger']['file_open_error']);
-      }
-      fwrite($acl_handle, '# Autogenerated by mailcow' . PHP_EOL);
-      fclose($acl_handle);
-
-      // Write empty Nginx site
-      $acl_handle = fopen('/etc/nginx/conf.d/ZZZ-ejabberd.conf', 'w');
-      if (!$acl_handle) {
-        throw new Exception($lang['danger']['file_open_error']);
-      }
-      fwrite($acl_handle, '# Autogenerated by mailcow' . PHP_EOL);
-      fclose($acl_handle);
-    }
-
-    if (md5_file('/ejabberd/ejabberd_acl.yml') != $ejabberd_acl_md5) {
-      xmpp_control('restart');
-      $_SESSION['return'][] = array(
-        'type' => 'success',
-        'log' => array(__FUNCTION__, $_action, $_data_log),
-        'msg' => 'xmpp_maps_updated'
-      );
-    }
-    elseif (md5_file('/ejabberd/ejabberd_hosts.yml') != $ejabberd_hosts_md5) {
-      xmpp_control('reload');
-      $_SESSION['return'][] = array(
-        'type' => 'success',
-        'log' => array(__FUNCTION__, $_action, $_data_log),
-        'msg' => 'xmpp_maps_updated'
-      );
-    }
-
-    if (md5_file('/etc/nginx/conf.d/ZZZ-ejabberd.conf') != $ejabberd_site_md5) {
-      $response = json_decode(docker('post', 'nginx-mailcow', 'exec', array("cmd" => "reload", "task" => "nginx"), 'Content-type: application/json'), true);
-      if (isset($response['type']) && $response['type'] == "success") {
-        $_SESSION['return'][] = array(
-          'type' => 'success',
-          'log' => array(__FUNCTION__, $_action, $_data_log),
-          'msg' => 'nginx_reloaded'
-        );
-      }
-      else {
-        if (!empty($response['msg'])) {
-          $error = $response['msg'];
-        }
-        else {
-          $error = '-';
-        }
-        $_SESSION['return'][] = array(
-          'type' => 'danger',
-          'log' => array(__FUNCTION__, $_action, $_data_log),
-          'msg' => array('nginx_reload_failed', htmlspecialchars($error))
-        );
-      }
-    }
-  }
-  catch (Exception $e) {
-    $_SESSION['return'][] = array(
-      'type' => 'danger',
-      'log' => array(__FUNCTION__, $_action, $_data_log),
-      'msg' => array('xmpp_map_write_error', htmlspecialchars($e->getMessage()))
-    );
-  }
-}
-

data/web/inc/init_db.inc.php

@@ -3,7 +3,7 @@ function init_db_schema() {
   try {
     global $pdo;
 
-    $db_version = "07062021_2320";
+    $db_version = "30062021_0910";
 
     $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
     $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -240,8 +240,6 @@ function init_db_schema() {
           "gal" => "TINYINT(1) NOT NULL DEFAULT '1'",
           "relay_all_recipients" => "TINYINT(1) NOT NULL DEFAULT '0'",
           "relay_unknown_only" => "TINYINT(1) NOT NULL DEFAULT '0'",
-          "xmpp" => "TINYINT(1) NOT NULL DEFAULT '0'",
-          "xmpp_prefix" => "VARCHAR(255) DEFAULT 'im'",
           "created" => "DATETIME(0) NOT NULL DEFAULT NOW(0)",
           "modified" => "DATETIME ON UPDATE CURRENT_TIMESTAMP",
           "active" => "TINYINT(1) NOT NULL DEFAULT '1'"
@@ -513,7 +511,6 @@ function init_db_schema() {
       "sasl_logs" => array(
         "cols" => array(
           "id" => "INT NOT NULL AUTO_INCREMENT",
-          "success" => "TINYINT(1) NOT NULL DEFAULT '0'",
           "service" => "VARCHAR(32) NOT NULL DEFAULT ''",
           "app_password" => "INT",
           "username" => "VARCHAR(255) NOT NULL",
@@ -527,7 +524,6 @@ function init_db_schema() {
           "key" => array(
             "username" => array("username"),
             "service" => array("service"),
-            "success" => array("success"),
             "datetime" => array("datetime"),
             "real_rip" => array("real_rip")
           )
@@ -598,10 +594,6 @@ function init_db_schema() {
           "alias_domains" => "TINYINT(1) NOT NULL DEFAULT '0'",
           "mailbox_relayhost" => "TINYINT(1) NOT NULL DEFAULT '1'",
           "domain_relayhost" => "TINYINT(1) NOT NULL DEFAULT '1'",
-          "xmpp_prefix" => "TINYINT(1) NOT NULL DEFAULT '0'",
-          "xmpp_domain_access" => "TINYINT(1) NOT NULL DEFAULT '0'",
-          "xmpp_mailbox_access" => "TINYINT(1) NOT NULL DEFAULT '0'",
-          "xmpp_admin" => "TINYINT(1) NOT NULL DEFAULT '0'",
           "domain_desc" => "TINYINT(1) NOT NULL DEFAULT '0'"
           ),
         "keys" => array(
@@ -1007,6 +999,7 @@ function init_db_schema() {
           }
         }
       }
+
       // Migrate tls_enforce_* options
       if ($table == 'mailbox') {
         $stmt = $pdo->query("SHOW TABLES LIKE 'mailbox'");
@@ -1023,6 +1016,20 @@ function init_db_schema() {
           }
         }
       }
+
+      // Remove deprecated success = 0 entries before migrating sasl_logs
+      if ($table == 'sasl_logs') {
+        $stmt = $pdo->query("SHOW TABLES LIKE 'sasl_logs'");
+        $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+        if ($num_results != 0) {
+          $stmt = $pdo->query("SHOW COLUMNS FROM `sasl_logs` LIKE '%success%'"); 
+          $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+          if ($num_results != 0) {
+            $stmt = $pdo->query("DELETE FROM `sasl_logs` WHERE `success` = 0");
+          }
+        }
+      }
+
       $stmt = $pdo->query("SHOW TABLES LIKE '" . $table . "'"); 
       $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
       if ($num_results != 0) {
@@ -1216,8 +1223,6 @@ function init_db_schema() {
     $pdo->query("UPDATE `mailbox` SET `attributes` = '{}' WHERE `attributes` = '' OR `attributes` IS NULL;");
     $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.passwd_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.passwd_update') IS NULL;");
     $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.relayhost', \"0\") WHERE JSON_VALUE(`attributes`, '$.relayhost') IS NULL;");
-    $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.xmpp_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.xmpp_access') IS NULL;");
-    $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.xmpp_admin', \"0\") WHERE JSON_VALUE(`attributes`, '$.xmpp_admin') IS NULL;");
     $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.force_pw_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.force_pw_update') IS NULL;");
     $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.sogo_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.sogo_access') IS NULL;");
     $pdo->query("UPDATE `mailbox` SET `attributes` =  JSON_SET(`attributes`, '$.imap_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.imap_access') IS NULL;");
@@ -1266,7 +1271,6 @@ function init_db_schema() {
 if (php_sapi_name() == "cli") {
   include '/web/inc/vars.inc.php';
   include '/web/inc/functions.docker.inc.php';
-  include '/web/inc/functions.xmpp.inc.php';
   // $now = new DateTime();
   // $mins = $now->getOffset() / 60;
   // $sgn = ($mins < 0 ? -1 : 1);
@@ -1305,7 +1309,5 @@ if (php_sapi_name() == "cli") {
   catch ( Exception $e ) {
     // Dunno
   }
-  xmpp_rebuild_configs();
-  echo "Rebuilt XMPP configuration". PHP_EOL;
   init_db_schema();
 }

data/web/inc/prerequisites.inc.php

@@ -240,7 +240,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.ratelimit.inc.php';
 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.rspamd.inc.php';
 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.tls_policy_maps.inc.php';
 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.transports.inc.php';
-require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.xmpp.inc.php';
 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/init_db.inc.php';
 require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/triggers.inc.php';
 init_db_schema();

data/web/inc/presets/rspamd/preset_4.yml

@@ -0,0 +1,11 @@
+headline: lang.rsettings_preset_4
+content: |
+  priority = 10;
+  rcpt = "/.*@develcow.de$/";
+  from = "/.*/";
+  apply "default" {
+    MAILCOW_WHITE = -9999.0;
+  }
+  symbols [
+    "MAILCOW_WHITE"
+  ]

data/web/inc/vars.inc.php

@@ -175,12 +175,6 @@ $MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true;
 // Mailbox has SMTP access by default
 $MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true;
 
-// Mailbox has XMPP access by default (if domain has XMPP enabled)
-$MAILBOX_DEFAULT_ATTRIBUTES['xmpp_access'] = true;
-
-// Mailbox is XMPP admin by default (bad)
-$MAILBOX_DEFAULT_ATTRIBUTES['xmpp_admin'] = false;
-
 // Mailbox receives notifications about...
 // "add_header" - mail that was put into the Junk folder
 // "reject" - mail that was rejected

data/web/index.php

@@ -60,12 +60,13 @@ $_SESSION['index_query_string'] = $_SERVER['QUERY_STRING'];
             </div>
             <div class="form-group">
               <div class="btn-group">
-                <button type="submit" class="btn btn-success" value="Login"><?= $lang['login']['login']; ?></button>
                 <div class="btn-group">
-                  <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
-                  <?= $lang['login']['other_logins']; ?> <span class="caret"></span></button>
-                  <ul class="dropdown-menu" role="menu">
-                    <li><a href="#" id="fido2-login"><?= $lang['login']['fido2_webauthn']; ?></a></li>
+                  <button type="submit" class="btn btn-success" value="Login"><?= $lang['login']['login']; ?></button>
+                  <button type="button" class="btn btn-success dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                    <span class="caret"></span>
+                  </button>
+                  <ul class="dropdown-menu">
+                    <li><a href="#" id="fido2-login" style="line-height:1.4;"><i class="bi bi-shield-fill-check"></i> <?= $lang['login']['fido2_webauthn']; ?></a></li>
                   </ul>
                 </div>
               </div>

data/web/js/site/debug.js

@@ -304,7 +304,6 @@ jQuery(function($){
   function draw_sasl_logs() {
     ft_api_logs = FooTable.init('#sasl_logs', {
       "columns": [
-        {"name":"success","title":lang.success,"filterable": false,"style":{"width":"30px"}},
         {"name":"username","title":lang.username},
         {"name":"service","title":lang.service},
         {"name":"real_rip","title":"IP"},
@@ -710,12 +709,6 @@ jQuery(function($){
         if (item.service == "smtp") { item.service = '<div class="label label-default">' + item.service.toUpperCase() + '<i class="bi bi-chevron-compact-right"></i></div>'; }
         else if (item.service == "imap") { item.service = '<div class="label label-default"><i class="bi bi-chevron-compact-left"></i> ' + item.service.toUpperCase() + '</div>'; }
         else { item.service = '<div class="label label-default">' + item.service.toUpperCase() + '</div>'; }
-        if (item.success == 0) {
-          item.success = '<span class="label label-danger"><i class="bi bi-person-x-fill"></i></span>';
-        }
-        else {
-          item.success = '<span class="label label-success"><i class="bi bi-person-check-fill"></i></span>';
-        }
     });
     } else if (table == 'general_syslog') {
       $.each(data, function (i, item) {

data/web/js/site/edit.js

@@ -28,11 +28,6 @@ $(document).ready(function() {
     $('#mailbox-passwd-hidden-info').addClass('hidden');
     $('#mailbox-passwd-form-groups').removeClass('hidden');
   });
-  // Preview XMPP JID
-  $('.xmpp-prefix-preview').text($("#xmpp-prefix").val());
-  $("#xmpp-prefix").bind("change keypress keyup blur", function() {
-    $('.xmpp-prefix-preview').text($(this).val());
-  });
   // Sender ACL
   if ($("#editSelectSenderACL option[value='\*']:selected").length > 0){
     $("#sender_acl_disabled").show();
@@ -146,4 +141,4 @@ jQuery(function($){
   }
   draw_wl_policy_domain_table();
   draw_bl_policy_domain_table();
-});
+});

data/web/js/site/mailbox.js

@@ -24,7 +24,12 @@ $(document).ready(function() {
         .appendTo($form_grp);
 
       $.each(domains, function(i, domain){
-        self.$domain.append($('<option/>').text(domain));
+        domainname = $($.parseHTML(domain)).data('domainname')
+        if (domainname !== undefined) {
+          self.$domain.append($('<option/>').text(domainname));
+        } else {
+          self.$domain.append($('<option/>').text(domain));
+        }
       });
     },
     _onDomainDropdownChanged: function(e){
@@ -256,7 +261,6 @@ jQuery(function($){
         {"name":"rl","title":"RL","breakpoints":"xs sm md lg","style":{"maxWidth":"100px","width":"100px"}},
         {"name":"backupmx","filterable": false,"style":{"maxWidth":"120px","width":"120px"},"title":lang.backup_mx,"breakpoints":"xs sm md lg","formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
         {"name":"domain_admins","title":lang.domain_admins,"style":{"word-break":"break-all","min-width":"200px"},"breakpoints":"xs sm md lg","filterable":(role == "admin"),"visible":(role == "admin")},
-        {"name":"xmpp","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":"XMPP","formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
         {"name":"active","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":lang.active,"formatter": function(value){return 1==value?'<i class="bi bi-check-lg"></i>':0==value&&'<i class="bi bi-x-lg"></i>';}},
         {"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","maxWidth":"240px","width":"240px"},"type":"html","title":lang.action,"breakpoints":"xs sm md"}
       ],
@@ -829,7 +833,7 @@ jQuery(function($){
               item.goto = '<span class="label label-success">Learn as ham</span>';
             }
             if (item.in_primary_domain !== "") {
-              item.domain = '<i class="bi bi-info-circle-fill alias-domain-info text-info" data-toggle="tooltip" title="' + lang.target_domain + ': ' + item.in_primary_domain + '"></i> ' + item.domain;
+              item.domain = '<i data-domainname="' + item.domain + '" class="bi bi-info-circle-fill alias-domain-info text-info" data-toggle="tooltip" title="' + lang.target_domain + ': ' + item.in_primary_domain + '"></i> ' + item.domain;
             }
           });
         }

data/web/lang/lang.de.json

@@ -304,6 +304,7 @@
         "rsettings_preset_1": "Alles außer DKIM und Ratelimits für authentifizierte Benutzer deaktivieren",
         "rsettings_preset_2": "Spam an Postmaster-Adressen nicht blockieren",
         "rsettings_preset_3": "Nur einem oder vielen Absendern erlauben, eine Mailbox anzuschreiben (etwa interne Mailboxen)",
+        "rsettings_preset_4": "Rspamd für eine Domain deaktivieren",
         "rspamd-com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
         "rspamd_global_filters": "Globale Filter-Maps",
         "rspamd_global_filters_agree": "Ich werde vorsichtig sein!",

data/web/lang/lang.en.json

@@ -302,6 +302,7 @@
         "rsettings_preset_1": "Disable all but DKIM and rate limit for authenticated users",
         "rsettings_preset_2": "Postmasters want spam",
         "rsettings_preset_3": "Only allow specific senders for a mailbox (i.e. usage as internal mailbox only)",
+        "rsettings_preset_4": "Disable Rspamd for a domain",
         "rspamd-com_settings": "A setting name will be auto-generated, please see the example presets below. For more details see <a href=\"https://rspamd.com/doc/configuration/settings.html#settings-structure\" target=\"_blank\">Rspamd docs</a>",
         "rspamd_global_filters": "Global filter maps",
         "rspamd_global_filters_agree": "I will be careful!",