2
0

vars.inc.php 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399
  1. <?php
  2. error_reporting(E_ERROR);
  3. //error_reporting(E_ALL);
  4. /*
  5. PLEASE USE THE FILE "vars.local.inc.php" TO OVERWRITE SETTINGS AND MAKE THEM PERSISTENT!
  6. This file will be reset on upgrades.
  7. */
  8. // SQL database connection variables
  9. $database_type = 'mysql';
  10. $database_sock = '/var/run/mysqld/mysqld.sock';
  11. $database_host = 'mysql';
  12. $database_user = getenv('DBUSER');
  13. $database_pass = getenv('DBPASS');
  14. $database_name = getenv('DBNAME');
  15. // Other variables
  16. $mailcow_hostname = getenv('MAILCOW_HOSTNAME');
  17. $default_pass_scheme = getenv('MAILCOW_PASS_SCHEME');
  18. // Autodiscover settings
  19. // ===
  20. // Auto-detect HTTPS port =>
  21. $https_port = strpos($_SERVER['HTTP_HOST'], ':');
  22. if ($https_port === FALSE) {
  23. $https_port = 443;
  24. } else {
  25. $https_port = substr($_SERVER['HTTP_HOST'], $https_port+1);
  26. }
  27. // Alternatively select port here =>
  28. //$https_port = 1234;
  29. // Other settings =>
  30. $autodiscover_config = array(
  31. // General autodiscover service type: "activesync" or "imap"
  32. // emClient uses autodiscover, but does not support ActiveSync. mailcow excludes emClient from ActiveSync.
  33. // With SOGo disabled, the type will always fallback to imap. CalDAV and CardDAV will be excluded, too.
  34. 'autodiscoverType' => 'activesync',
  35. // If autodiscoverType => activesync, also use ActiveSync (EAS) for Outlook desktop clients (>= Outlook 2013 on Windows)
  36. // Outlook for Mac does not support ActiveSync
  37. 'useEASforOutlook' => 'no',
  38. // Please don't use STARTTLS-enabled service ports in the "port" variable.
  39. // The autodiscover service will always point to SMTPS and IMAPS (TLS-wrapped services).
  40. // The autoconfig service will additionally announce the STARTTLS-enabled ports, specified in the "tlsport" variable.
  41. 'imap' => array(
  42. 'server' => $mailcow_hostname,
  43. 'port' => (int)filter_var(substr(getenv('IMAPS_PORT'), strrpos(getenv('IMAPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
  44. 'tlsport' => (int)filter_var(substr(getenv('IMAP_PORT'), strrpos(getenv('IMAP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
  45. ),
  46. 'pop3' => array(
  47. 'server' => $mailcow_hostname,
  48. 'port' => (int)filter_var(substr(getenv('POPS_PORT'), strrpos(getenv('POPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
  49. 'tlsport' => (int)filter_var(substr(getenv('POP_PORT'), strrpos(getenv('POP_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
  50. ),
  51. 'smtp' => array(
  52. 'server' => $mailcow_hostname,
  53. 'port' => (int)filter_var(substr(getenv('SMTPS_PORT'), strrpos(getenv('SMTPS_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT),
  54. 'tlsport' => (int)filter_var(substr(getenv('SUBMISSION_PORT'), strrpos(getenv('SUBMISSION_PORT'), ':')), FILTER_SANITIZE_NUMBER_INT)
  55. ),
  56. 'activesync' => array(
  57. 'url' => 'https://' . $mailcow_hostname . ($https_port == 443 ? '' : ':' . $https_port) . '/Microsoft-Server-ActiveSync',
  58. ),
  59. 'caldav' => array(
  60. 'server' => $mailcow_hostname,
  61. 'port' => $https_port,
  62. ),
  63. 'carddav' => array(
  64. 'server' => $mailcow_hostname,
  65. 'port' => $https_port,
  66. ),
  67. );
  68. // If false, we will use DEFAULT_LANG
  69. // Uses HTTP_ACCEPT_LANGUAGE header
  70. $DETECT_LANGUAGE = true;
  71. // Change default language
  72. $DEFAULT_LANG = 'en-gb';
  73. // Available languages
  74. // https://www.iso.org/obp/ui/#search
  75. // https://en.wikipedia.org/wiki/IETF_language_tag
  76. $AVAILABLE_LANGUAGES = array(
  77. // 'ca-es' => 'Català (Catalan)',
  78. 'bg-bg' => 'Български (Bulgarian)',
  79. 'cs-cz' => 'Čeština (Czech)',
  80. 'da-dk' => 'Danish (Dansk)',
  81. 'de-de' => 'Deutsch (German)',
  82. 'en-gb' => 'English',
  83. 'es-es' => 'Español (Spanish)',
  84. 'fi-fi' => 'Suomi (Finish)',
  85. 'fr-fr' => 'Français (French)',
  86. 'gr-gr' => 'Ελληνικά (Greek)',
  87. 'hu-hu' => 'Magyar (Hungarian)',
  88. 'it-it' => 'Italiano (Italian)',
  89. 'ja-jp' => '日本語 (Japanese)',
  90. 'ko-kr' => '한국어 (Korean)',
  91. 'lv-lv' => 'latviešu (Latvian)',
  92. 'lt-lt' => 'Lietuvių (Lithuanian)',
  93. 'nb-no' => 'Norsk (Norwegian)',
  94. 'nl-nl' => 'Nederlands (Dutch)',
  95. 'pl-pl' => 'Język Polski (Polish)',
  96. 'pt-br' => 'Português brasileiro (Brazilian Portuguese)',
  97. 'pt-pt' => 'Português (Portuguese)',
  98. 'ro-ro' => 'Română (Romanian)',
  99. 'ru-ru' => 'Pусский (Russian)',
  100. 'si-si' => 'Slovenščina (Slovenian)',
  101. 'sk-sk' => 'Slovenčina (Slovak)',
  102. 'sv-se' => 'Svenska (Swedish)',
  103. 'tr-tr' => 'Türkçe (Turkish)',
  104. 'uk-ua' => 'Українська (Ukrainian)',
  105. 'vi-vn' => 'Tiếng Việt (Vietnamese)',
  106. 'zh-cn' => '简体中文 (Simplified Chinese)',
  107. 'zh-tw' => '繁體中文 (Traditional Chinese)',
  108. );
  109. // default theme is lumen
  110. // additional themes can be found here: https://bootswatch.com/
  111. // copy them to data/web/css/themes/{THEME-NAME}-bootstrap.css
  112. $UI_THEME = "lumen";
  113. // Show DKIM private keys - false by default
  114. $SHOW_DKIM_PRIV_KEYS = false;
  115. // mailcow Apps - buttons on login screen
  116. $MAILCOW_APPS = array(
  117. array(
  118. 'name' => 'Webmail',
  119. 'link' => '/SOGo/so',
  120. 'user_link' => '/SOGo/so',
  121. 'hide' => true
  122. )
  123. );
  124. // Logo max file size in bytes
  125. $LOGO_LIMITS['max_size'] = 15 * 1024 * 1024; // 15MB
  126. // Logo max width in pixels
  127. $LOGO_LIMITS['max_width'] = 1920;
  128. // Logo max height in pixels
  129. $LOGO_LIMITS['max_height'] = 1920;
  130. // Rows until pagination begins
  131. $PAGINATION_SIZE = 25;
  132. // Default number of rows/lines to display (log table)
  133. $LOG_LINES = 1000;
  134. // Rows until pagination begins (log table)
  135. $LOG_PAGINATION_SIZE = 50;
  136. // Session lifetime in seconds
  137. $SESSION_LIFETIME = 10800;
  138. // Session SameSite Policy
  139. // Use "None", "Lax" or "Strict"
  140. $SESSION_SAMESITE_POLICY = "Lax";
  141. // Name of the session cookie
  142. $SESSION_NAME = "MCSESSID";
  143. // Label for OTP devices
  144. $OTP_LABEL = "mailcow UI";
  145. // How long to wait (in s) for cURL Docker requests
  146. $DOCKER_TIMEOUT = 60;
  147. // Split DKIM key notation (bind format)
  148. $SPLIT_DKIM_255 = false;
  149. // OAuth2 settings
  150. $REFRESH_TOKEN_LIFETIME = 2678400;
  151. $ACCESS_TOKEN_LIFETIME = 86400;
  152. // Logout from mailcow after first OAuth2 session profile request
  153. $OAUTH2_FORGET_SESSION_AFTER_LOGIN = false;
  154. // Set a limit for mailbox and domain tagging
  155. $TAGGING_LIMIT = 25;
  156. // MAILBOX_DEFAULT_ATTRIBUTES define default attributes for new mailboxes
  157. // These settings will not change existing mailboxes
  158. // Force incoming TLS for new mailboxes by default
  159. $MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_in'] = false;
  160. // Force outgoing TLS for new mailboxes by default
  161. $MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_out'] = false;
  162. // Force password change on next login (only allows login to mailcow UI)
  163. $MAILBOX_DEFAULT_ATTRIBUTES['force_pw_update'] = false;
  164. // Enable SOGo access - Users will be redirected to SOGo after login (set to false to disable redirect by default)
  165. $MAILBOX_DEFAULT_ATTRIBUTES['sogo_access'] = true;
  166. // How to handle tagged emails
  167. // none - No special handling
  168. // subfolder - Create subfolder under INBOX (e.g. "INBOX/Facebook")
  169. // subject - Add tag to subject (e.g. "[Facebook] Subject")
  170. $MAILBOX_DEFAULT_ATTRIBUTES['tagged_mail_handler'] = "none";
  171. // Send notification when quarantine is not empty (never, hourly, daily, weekly)
  172. $MAILBOX_DEFAULT_ATTRIBUTES['quarantine_notification'] = 'hourly';
  173. // Mailbox has IMAP access by default
  174. $MAILBOX_DEFAULT_ATTRIBUTES['imap_access'] = true;
  175. // Mailbox has POP3 access by default
  176. $MAILBOX_DEFAULT_ATTRIBUTES['pop3_access'] = true;
  177. // Mailbox has SMTP access by default
  178. $MAILBOX_DEFAULT_ATTRIBUTES['smtp_access'] = true;
  179. // Mailbox has sieve access by default
  180. $MAILBOX_DEFAULT_ATTRIBUTES['sieve_access'] = true;
  181. // Mailbox receives notifications about...
  182. // "add_header" - mail that was put into the Junk folder
  183. // "reject" - mail that was rejected
  184. // "all" - mail that was rejected and put into the Junk folder
  185. $MAILBOX_DEFAULT_ATTRIBUTES['quarantine_category'] = 'reject';
  186. // Default mailbox format, should not be changed unless you know exactly, what you do, keep the trailing ":"
  187. // Check dovecot.conf for further changes (e.g. shared namespace)
  188. $MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format'] = 'maildir:';
  189. // Show last IMAP and POP3 logins
  190. $SHOW_LAST_LOGIN = true;
  191. // Maximum number of password reset tokens that can be generated at once per user
  192. $PW_RESET_TOKEN_LIMIT = 3;
  193. // Maximum time in minutes a password reset token is valid
  194. $PW_RESET_TOKEN_LIFETIME = 15;
  195. // UV flag handling in FIDO2/WebAuthn - defaults to false to allow iOS logins
  196. // true = required
  197. // false = preferred
  198. // string 'required' 'preferred' 'discouraged'
  199. $WEBAUTHN_UV_FLAG_REGISTER = false;
  200. $WEBAUTHN_UV_FLAG_LOGIN = false;
  201. $WEBAUTHN_USER_PRESENT_FLAG = true;
  202. $FIDO2_UV_FLAG_REGISTER = 'preferred';
  203. $FIDO2_UV_FLAG_LOGIN = 'preferred'; // iOS ignores the key via NFC if required - known issue
  204. $FIDO2_USER_PRESENT_FLAG = true;
  205. $FIDO2_FORMATS = array('apple', 'android-key', 'android-safetynet', 'fido-u2f', 'none', 'packed', 'tpm');
  206. // Set visible Rspamd maps in mailcow UI, do not change unless you know what you are doing
  207. $RSPAMD_MAPS = array(
  208. 'regex' => array(
  209. 'Header-From: Denylist' => 'global_mime_from_blacklist.map',
  210. 'Header-From: Allowlist' => 'global_mime_from_whitelist.map',
  211. 'Envelope Sender Denylist' => 'global_smtp_from_blacklist.map',
  212. 'Envelope Sender Allowlist' => 'global_smtp_from_whitelist.map',
  213. 'Recipient Denylist' => 'global_rcpt_blacklist.map',
  214. 'Recipient Allowlist' => 'global_rcpt_whitelist.map',
  215. 'Fishy TLDS (only fired in combination with bad words)' => 'fishy_tlds.map',
  216. 'Bad Words (only fired in combination with fishy TLDs)' => 'bad_words.map',
  217. 'Bad Words DE (only fired in combination with fishy TLDs)' => 'bad_words_de.map',
  218. 'Bad Languages' => 'bad_languages.map',
  219. 'Bulk Mail Headers' => 'bulk_header.map',
  220. 'Bad (Junk) Mail Headers' => 'bad_header.map',
  221. 'Monitoring Hosts' => 'monitoring_nolog.map'
  222. )
  223. );
  224. $IMAPSYNC_OPTIONS = array(
  225. 'whitelist' => array(
  226. 'abort',
  227. 'authmd51',
  228. 'authmd52',
  229. 'authmech1',
  230. 'authmech2',
  231. 'authuser1',
  232. 'authuser2',
  233. 'debug',
  234. 'debugcontent',
  235. 'debugcrossduplicates',
  236. 'debugflags',
  237. 'debugfolders',
  238. 'debugimap',
  239. 'debugimap1',
  240. 'debugimap2',
  241. 'debugmemory',
  242. 'debugssl',
  243. 'delete1emptyfolders',
  244. 'delete2folders',
  245. 'disarmreadreceipts',
  246. 'domain1',
  247. 'domain2',
  248. 'domino1',
  249. 'domino2',
  250. 'dry',
  251. 'errorsmax',
  252. 'exchange1',
  253. 'exchange2',
  254. 'exitwhenover',
  255. 'expunge1',
  256. 'f1f2',
  257. 'filterbuggyflags',
  258. 'folder',
  259. 'folderfirst',
  260. 'folderlast',
  261. 'folderrec',
  262. 'gmail1',
  263. 'gmail2',
  264. 'idatefromheader',
  265. 'include',
  266. 'inet4',
  267. 'inet6',
  268. 'justconnect',
  269. 'justfolders',
  270. 'justfoldersizes',
  271. 'justlogin',
  272. 'keepalive1',
  273. 'keepalive2',
  274. 'log',
  275. 'logdir',
  276. 'logfile',
  277. 'maxbytesafter',
  278. 'maxlinelength',
  279. 'maxmessagespersecond',
  280. 'maxsize',
  281. 'maxsleep',
  282. 'minage',
  283. 'minsize',
  284. 'noabletosearch',
  285. 'noabletosearch1',
  286. 'noabletosearch2',
  287. 'noexpunge1',
  288. 'noexpunge2',
  289. 'nofoldersizesatend',
  290. 'noid',
  291. 'nolog',
  292. 'nomixfolders',
  293. 'noresyncflags',
  294. 'nossl1',
  295. 'nossl2',
  296. 'nosyncacls',
  297. 'notls1',
  298. 'notls2',
  299. 'nouidexpunge2',
  300. 'nousecache',
  301. 'oauthaccesstoken1',
  302. 'oauthaccesstoken2',
  303. 'oauthdirect1',
  304. 'oauthdirect2',
  305. 'office1',
  306. 'office2',
  307. 'pidfile',
  308. 'pidfilelocking',
  309. 'prefix1',
  310. 'prefix2',
  311. 'proxyauth1',
  312. 'proxyauth2',
  313. 'resyncflags',
  314. 'resynclabels',
  315. 'search',
  316. 'search1',
  317. 'search2',
  318. 'sep1',
  319. 'sep2',
  320. 'showpasswords',
  321. 'skipemptyfolders',
  322. 'ssl2',
  323. 'sslargs1',
  324. 'sslargs2',
  325. 'subfolder1',
  326. 'subscribe',
  327. 'subscribed',
  328. 'syncacls',
  329. 'syncduplicates',
  330. 'syncinternaldates',
  331. 'synclabels',
  332. 'tests',
  333. 'testslive',
  334. 'testslive6',
  335. 'tls2',
  336. 'truncmess',
  337. 'usecache',
  338. 'useheader',
  339. 'useuid'
  340. ),
  341. 'blacklist' => array(
  342. 'skipmess',
  343. 'delete2foldersonly',
  344. 'delete2foldersbutnot',
  345. 'regexflag',
  346. 'regexmess',
  347. 'pipemess',
  348. 'regextrans2',
  349. 'maxlinelengthcmd'
  350. )
  351. );