Merge pull request #7243 from mailcow/staging

Update 2025-05b

.github/workflows/pr_to_nightly.yml

@@ -12,7 +12,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run the Action
-        uses: devops-infra/action-pull-request@v1.0.2
+        uses: devops-infra/action-pull-request@v1.1.1
         with:
           github_token: ${{ secrets.PRTONIGHTLY_ACTION_PAT }}
           title: Automatic PR to nightly from ${{ github.event.repository.updated_at}}

data/Dockerfiles/dovecot/Dockerfile

@@ -69,8 +69,6 @@ RUN addgroup -g 5000 vmail \
   perl-par-packer \
   perl-parse-recdescent \
   perl-lockfile-simple \
-  perl-parallel-forkmanager \
-  perl-redis \
   libproc2 \
   perl-readonly \
   perl-regexp-common \

data/Dockerfiles/dovecot/imapsync_runner.pl

@@ -2,15 +2,21 @@
 
 use DBI;
 use LockFile::Simple qw(lock trylock unlock);
+use Proc::ProcessTable;
 use Data::Dumper qw(Dumper);
 use IPC::Run 'run';
 use File::Temp;
 use Try::Tiny;
-use Parallel::ForkManager;
-use Redis;
 use sigtrap 'handler' => \&sig_handler, qw(INT TERM KILL QUIT);
 
 sub trim { my $s = shift; $s =~ s/^\s+|\s+$//g; return $s };
+my $t = Proc::ProcessTable->new;
+my $imapsync_running = grep { $_->{cmndline} =~ /imapsync\s/i } @{$t->table};
+if ($imapsync_running ge 1)
+{
+  print "imapsync is active, exiting...";
+  exit;
+}
 
 sub qqw($) {
   my @params = ();
@@ -29,162 +35,26 @@ sub qqw($) {
   return @params;
 }
 
-our $pm;
-
-sub sig_handler {
-  if (defined $pm) {
-    foreach my $child_pid (keys %{ $pm->{processes} }) {
-      kill 'TERM', $child_pid;
-    }
-  }
-  die "sig_handler received signal, preparing to exit...\n";
-};
-
-sub run_one_job {
-  my ($dbh, $row_ref, $master_user, $master_pass) = @_;
-
-  my $id                  = $row_ref->[0];
-  my $user1               = $row_ref->[1];
-  my $user2               = $row_ref->[2];
-  my $host1               = $row_ref->[3];
-  my $authmech1           = $row_ref->[4];
-  my $password1           = $row_ref->[5];
-  my $exclude             = $row_ref->[6];
-  my $port1               = $row_ref->[7];
-  my $enc1                = $row_ref->[8];
-  my $delete2duplicates   = $row_ref->[9];
-  my $maxage              = $row_ref->[10];
-  my $subfolder2          = $row_ref->[11];
-  my $delete1             = $row_ref->[12];
-  my $delete2             = $row_ref->[13];
-  my $automap             = $row_ref->[14];
-  my $skipcrossduplicates = $row_ref->[15];
-  my $maxbytespersecond   = $row_ref->[16];
-  my $custom_params       = $row_ref->[17];
-  my $subscribeall        = $row_ref->[18];
-  my $timeout1            = $row_ref->[19];
-  my $timeout2            = $row_ref->[20];
-  my $dry                 = $row_ref->[21];
-
-  if ($enc1 eq "TLS") { $enc1 = "--tls1"; } elsif ($enc1 eq "SSL") { $enc1 = "--ssl1"; } else { undef $enc1; }
-
-  my $template = "/tmp/imapsync.XXXXXXX";
-  my $passfile1 = File::Temp->new(TEMPLATE => $template);
-  my $passfile2 = File::Temp->new(TEMPLATE => $template);
-
-  binmode( $passfile1, ":utf8" );
-
-  print $passfile1 "$password1\n";
-  print $passfile2 trim($master_pass) . "\n";
-
-  my $effective_bps = $maxbytespersecond;
-  if ($effective_bps eq "0" && $global_max_bps > 0) {
-    $effective_bps = $global_max_bps;
-  }
-
-  my @custom_params_a = qqw($custom_params);
-  my $custom_params_ref = \@custom_params_a;
-
-  my $generated_cmds = [ "/usr/local/bin/imapsync",
-  "--tmpdir", "/tmp",
-  "--nofoldersizes",
-  "--addheader",
-  ($timeout1 le "0" ? () : ('--timeout1', $timeout1)),
-  ($timeout2 le "0" ? () : ('--timeout2', $timeout2)),
-  ($exclude eq "" ? () : ("--exclude", $exclude)),
-  ($subfolder2 eq "" ? () : ('--subfolder2', $subfolder2)),
-  ($maxage eq "0" ? () : ('--maxage', $maxage)),
-  ($effective_bps eq "0" ? () : ('--maxbytespersecond', $effective_bps)),
-  ($delete2duplicates ne "1" ? () : ('--delete2duplicates')),
-  ($subscribeall  ne "1" ? () : ('--subscribeall')),
-  ($delete1 ne "1" ? () : ('--delete')),
-  ($delete2 ne "1" ? () : ('--delete2')),
-  ($automap ne "1" ? () : ('--automap')),
-  ($skipcrossduplicates ne "1" ? () : ('--skipcrossduplicates')),
-  (!defined($enc1) ? () : ($enc1)),
-  "--host1", $host1,
-  "--user1", $user1,
-  "--passfile1", $passfile1->filename,
-  "--port1", $port1,
-  "--host2", "localhost",
-  "--user2", $user2 . '*' . trim($master_user),
-  "--passfile2", $passfile2->filename,
-  ($dry eq "1" ? ('--dry') : ()),
-  '--no-modulesversion',
-  '--noreleasecheck'];
-
-  try {
-    my $is_running = $dbh->prepare("UPDATE imapsync SET is_running = 1, success = NULL, exit_status = NULL WHERE id = ?");
-    $is_running->bind_param( 1, $id );
-    $is_running->execute();
-
-    run [@$generated_cmds, @$custom_params_ref], '&>', \my $stdout;
-
-    my ($exit_code, $exit_status) = ($stdout =~ m/Exiting\swith\sreturn\svalue\s(\d+)\s\(([^:)]+)/);
-
-    my $success = 0;
-    if (defined $exit_code && $exit_code == 0) {
-      $success = 1;
-    }
-
-    my $update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ? WHERE id = ?");
-    $update->bind_param( 1, $stdout );
-    $update->bind_param( 2, $success );
-    $update->bind_param( 3, $exit_status );
-    $update->bind_param( 4, $id );
-    $update->execute();
-  } catch {
-    my $update = $dbh->prepare("UPDATE imapsync SET returned_text = 'Could not start or finish imapsync', success = 0 WHERE id = ?");
-    $update->bind_param( 1, $id );
-    $update->execute();
-  } finally {
-    my $update = $dbh->prepare("UPDATE imapsync SET last_run = NOW(), is_running = 0 WHERE id = ?");
-    $update->bind_param( 1, $id );
-    $update->execute();
-  };
-}
-
-my $run_dir = "/tmp";
-my $dsn = 'DBI:mysql:database=' . $ENV{'DBNAME'} . ';mysql_socket=/var/run/mysqld/mysqld.sock';
-my $lock_file = $run_dir . "/imapsync_busy";
-my $lockmgr = LockFile::Simple->make(-autoclean => 1, -max => 1);
+$run_dir="/tmp";
+$dsn = 'DBI:mysql:database=' . $ENV{'DBNAME'} . ';mysql_socket=/var/run/mysqld/mysqld.sock';
+$lock_file = $run_dir . "/imapsync_busy";
+$lockmgr = LockFile::Simple->make(-autoclean => 1, -max => 1);
 $lockmgr->lock($lock_file) || die "can't lock ${lock_file}";
-
-my $max_parallel = 1;
-our $global_max_bps = 0;
-try {
-  my $redis = Redis->new(
-    server    => 'redis-mailcow:6379',
-    password  => $ENV{'REDISPASS'},
-    reconnect => 10,
-    every     => 1_000_000,
-  );
-  my $val = $redis->get('SYNCJOBS_MAX_PARALLEL');
-  if (defined $val && $val =~ /^\d+$/) {
-    $max_parallel = int($val);
-  }
-  my $bps = $redis->get('SYNCJOBS_MAX_BPS');
-  if (defined $bps && $bps =~ /^\d+$/) {
-    $global_max_bps = int($bps);
-  }
-  $redis->quit();
-} catch {
-  warn "Could not read settings from Redis, using defaults: $_";
-};
-$max_parallel = 1  if $max_parallel < 1;
-$max_parallel = 50 if $max_parallel > 50;
-
-my $dbh = DBI->connect($dsn, $ENV{'DBUSER'}, $ENV{'DBPASS'}, {
+$dbh = DBI->connect($dsn, $ENV{'DBUSER'}, $ENV{'DBPASS'}, {
   mysql_auto_reconnect => 1,
   mysql_enable_utf8mb4 => 1
 });
 $dbh->do("UPDATE imapsync SET is_running = 0");
 
-open my $file, '<', "/etc/sogo/sieve.creds";
-my $creds = <$file>;
+sub sig_handler {
+  # Send die to force exception in "run"
+  die "sig_handler received signal, preparing to exit...\n";
+};
+
+open my $file, '<', "/etc/sogo/sieve.creds"; 
+my $creds = <$file>; 
 close $file;
 my ($master_user, $master_pass) = split /:/, $creds;
-
 my $sth = $dbh->prepare("SELECT id,
   user1,
   user2,
@@ -217,43 +87,110 @@ my $sth = $dbh->prepare("SELECT id,
   ORDER BY last_run");
 
 $sth->execute();
-my @jobs;
-while (my $row = $sth->fetchrow_arrayref()) {
-  push @jobs, [ @$row ];
+my $row;
+
+while ($row = $sth->fetchrow_arrayref()) {
+
+  $id                  = @$row[0];
+  $user1               = @$row[1];
+  $user2               = @$row[2];
+  $host1               = @$row[3];
+  $authmech1           = @$row[4];
+  $password1           = @$row[5];
+  $exclude             = @$row[6];
+  $port1               = @$row[7];
+  $enc1                = @$row[8];
+  $delete2duplicates   = @$row[9];
+  $maxage              = @$row[10];
+  $subfolder2          = @$row[11];
+  $delete1             = @$row[12];
+  $delete2             = @$row[13];
+  $automap             = @$row[14];
+  $skipcrossduplicates = @$row[15];
+  $maxbytespersecond   = @$row[16];
+  $custom_params       = @$row[17];
+  $subscribeall        = @$row[18];
+  $timeout1            = @$row[19];
+  $timeout2            = @$row[20];
+  $dry                 = @$row[21];
+
+  if ($enc1 eq "TLS") { $enc1 = "--tls1"; } elsif ($enc1 eq "SSL") { $enc1 = "--ssl1"; } else { undef $enc1; }
+
+  my $template = $run_dir . '/imapsync.XXXXXXX';
+  my $passfile1 = File::Temp->new(TEMPLATE => $template);
+  my $passfile2 = File::Temp->new(TEMPLATE => $template);
+  
+  binmode( $passfile1, ":utf8" );
+  
+  print $passfile1 "$password1\n";
+  print $passfile2 trim($master_pass) . "\n";
+
+  my @custom_params_a = qqw($custom_params);
+  my $custom_params_ref = \@custom_params_a;
+
+  my $generated_cmds = [ "/usr/local/bin/imapsync",
+  "--tmpdir", "/tmp",
+  "--nofoldersizes",
+  "--addheader",
+  ($timeout1 le "0" ? () : ('--timeout1', $timeout1)),
+  ($timeout2 le "0" ? () : ('--timeout2', $timeout2)),
+  ($exclude eq "" ? () : ("--exclude", $exclude)),
+  ($subfolder2 eq "" ? () : ('--subfolder2', $subfolder2)),
+  ($maxage eq "0" ? () : ('--maxage', $maxage)),
+  ($maxbytespersecond eq "0" ? () : ('--maxbytespersecond', $maxbytespersecond)),
+  ($delete2duplicates ne "1" ? () : ('--delete2duplicates')),
+  ($subscribeall  ne "1" ? () : ('--subscribeall')),
+  ($delete1 ne "1" ? () : ('--delete')),
+  ($delete2 ne "1" ? () : ('--delete2')),
+  ($automap ne "1" ? () : ('--automap')),
+  ($skipcrossduplicates ne "1" ? () : ('--skipcrossduplicates')),
+  (!defined($enc1) ? () : ($enc1)),
+  "--host1", $host1,
+  "--user1", $user1,
+  "--passfile1", $passfile1->filename,
+  "--port1", $port1,
+  "--host2", "localhost",
+  "--user2", $user2 . '*' . trim($master_user),
+  "--passfile2", $passfile2->filename,
+  ($dry eq "1" ? ('--dry') : ()),
+  '--no-modulesversion',
+  '--noreleasecheck'];
+
+  try {
+    $is_running = $dbh->prepare("UPDATE imapsync SET is_running = 1, success = NULL, exit_status = NULL WHERE id = ?");
+    $is_running->bind_param( 1, ${id} );
+    $is_running->execute();
+
+    run [@$generated_cmds, @$custom_params_ref], '&>', \my $stdout;
+
+    # check exit code and status
+    ($exit_code, $exit_status) = ($stdout =~ m/Exiting\swith\sreturn\svalue\s(\d+)\s\(([^:)]+)/);
+
+    $success = 0;
+    if (defined $exit_code && $exit_code == 0) {
+      $success = 1;
+    }
+
+    $update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ? WHERE id = ?");
+    $update->bind_param( 1, ${stdout} );
+    $update->bind_param( 2, ${success} );
+    $update->bind_param( 3, ${exit_status} );
+    $update->bind_param( 4, ${id} );
+    $update->execute();
+  } catch {
+    $update = $dbh->prepare("UPDATE imapsync SET returned_text = 'Could not start or finish imapsync', success = 0 WHERE id = ?");
+    $update->bind_param( 1, ${id} );
+    $update->execute();
+  } finally {
+    $update = $dbh->prepare("UPDATE imapsync SET last_run = NOW(), is_running = 0 WHERE id = ?");
+    $update->bind_param( 1, ${id} );
+    $update->execute();
+  };
+
+
 }
+
 $sth->finish();
 $dbh->disconnect();
 
-$pm = Parallel::ForkManager->new($max_parallel);
-
-JOB:
-foreach my $job (@jobs) {
-  my $pid = $pm->start;
-  if ($pid) {
-    next JOB;
-  }
-
-  my $child_dbh = DBI->connect($dsn, $ENV{'DBUSER'}, $ENV{'DBPASS'}, {
-    mysql_auto_reconnect => 1,
-    mysql_enable_utf8mb4 => 1
-  });
-  eval {
-    run_one_job($child_dbh, $job, $master_user, $master_pass);
-  };
-  if ($@) {
-    warn "run_one_job died for job $job->[0]: $@";
-    eval {
-      my $err_sth = $child_dbh->prepare("UPDATE imapsync SET last_run = NOW(), is_running = 0, success = 0, returned_text = ? WHERE id = ?");
-      $err_sth->bind_param(1, "Runner error: $@");
-      $err_sth->bind_param(2, $job->[0]);
-      $err_sth->execute();
-    };
-  }
-  $child_dbh->disconnect();
-
-  $pm->finish;
-}
-
-$pm->wait_all_children;
-
 $lockmgr->unlock($lock_file);

data/Dockerfiles/nginx/Dockerfile

@@ -1,4 +1,4 @@
-FROM nginx:alpine
+FROM nginx:1.30.1-alpine
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 ENV PIP_BREAK_SYSTEM_PACKAGES=1

data/Dockerfiles/sogo/Dockerfile

@@ -1,6 +1,6 @@
 # SOGo built from source to enable security patch application
 # Repository: https://github.com/Alinto/sogo
-# Version: SOGo-5.12.4
+# Version: SOGo-5.12.8
 #
 # Applied security patches:
 # -
@@ -12,8 +12,8 @@ FROM debian:bookworm
 LABEL maintainer="The Infrastructure Company GmbH <info@servercow.de>"
 
 ARG DEBIAN_FRONTEND=noninteractive
-ARG SOGO_VERSION=SOGo-5.12.5
-ARG SOPE_VERSION=SOPE-5.12.5
+ARG SOGO_VERSION=SOGo-5.12.8
+ARG SOPE_VERSION=SOPE-5.12.8
 # Security patches to apply (space-separated commit hashes)
 ARG SOGO_SECURITY_PATCHES=""
 # renovate: datasource=github-releases depName=tianon/gosu versioning=semver-coerced extractVersion=^(?<version>.*)$

data/conf/postfix/postscreen_access.cidr

@@ -1,7 +1,8 @@
-# Whitelist generated by Postwhite v3.4 on Wed Apr  1 00:33:31 UTC 2026
+# Whitelist generated by Postwhite v3.4 on Fri May  1 00:43:37 UTC 2026
 # https://github.com/stevejenkins/postwhite/
-# 2246 total rules
+# 2249 total rules
 2a00:1450:4000::/36	permit
+2a00:1450:4864::/56	permit
 2a01:111:f400::/48	permit
 2a01:111:f403:2800::/53	permit
 2a01:111:f403:8000::/51	permit
@@ -31,6 +32,7 @@
 2a02:a60:0:5::/64	permit
 2a0f:f640::/56	permit
 2c0f:fb50:4000::/36	permit
+2c0f:fb50:4864::/56	permit
 2.207.151.32/27	permit
 2.207.151.53	permit
 2.207.217.30	permit
@@ -60,8 +62,8 @@
 8.40.222.0/23	permit
 8.40.222.250/31	permit
 12.130.86.238	permit
-13.107.213.38	permit
-13.107.246.38	permit
+13.107.213.40	permit
+13.107.246.40	permit
 13.108.16.0/20	permit
 13.110.208.0/21	permit
 13.110.209.0/24	permit
@@ -279,6 +281,7 @@
 50.56.130.221	permit
 50.56.130.222	permit
 50.112.246.219	permit
+51.83.17.38	permit
 52.1.14.157	permit
 52.5.230.59	permit
 52.6.74.205	permit
@@ -1678,6 +1681,7 @@
 169.148.144.0/25	permit
 169.148.144.10	permit
 169.148.146.0/23	permit
+169.148.174.10	permit
 169.148.175.3	permit
 169.148.179.3	permit
 169.148.188.0/24	permit
@@ -2227,6 +2231,7 @@
 2001:748:400:3301::4	permit
 2404:6800:4000::/36	permit
 2404:6800:4864::/56	permit
+2603:1061:14:72::1	permit
 2607:13c0:0001:0000:0000:0000:0000:7000/116	permit
 2607:13c0:0002:0000:0000:0000:0000:1000/116	permit
 2607:13c0:0004:0000:0000:0000:0000:0000/116	permit
@@ -2243,8 +2248,6 @@
 2620:10d:c09c:400::8:1	permit
 2620:119:50c0:207::/64	permit
 2620:119:50c0:207::215	permit
-2620:1ec:46::38	permit
-2620:1ec:bdf::38	permit
 2800:3f0:4000::/36	permit
 2800:3f0:4864::/56	permit
 49.12.4.251 permit # checks.mailcow.email

data/web/admin/system.php

@@ -106,7 +106,6 @@ $template_data = [
   'f2b_data' => $f2b_data,
   'f2b_banlist_url' => getBaseUrl() . "/f2b-banlist?id=" . $f2b_data['banlist_id'],
   'q_data' => quarantine('settings'),
-  'sj_data' => mailbox('get', 'syncjob_settings'),
   'qn_data' => quota_notification('get'),
   'pw_reset_data' => reset_password('get_notification'),
   'rsettings_map' => file_get_contents('http://nginx:8081/settings.php'),

data/web/api/openapi.yaml

@@ -3931,64 +3931,6 @@ paths:
                   type: object
               type: object
       summary: Update sync job
-  /api/v1/edit/syncjob_settings:
-    post:
-      responses:
-        "401":
-          $ref: "#/components/responses/Unauthorized"
-        "200":
-          content:
-            application/json:
-              examples:
-                response:
-                  value:
-                    log:
-                      - entity
-                      - action
-                      - object
-                    msg:
-                      - message
-                      - entity name
-                    type: success
-              schema:
-                properties:
-                  log:
-                    description: contains request object
-                    items: {}
-                    type: array
-                  msg:
-                    items: {}
-                    type: array
-                  type:
-                    enum:
-                      - success
-                      - danger
-                      - error
-                    type: string
-                type: object
-          description: OK
-          headers: {}
-      tags:
-        - Sync jobs
-      description: >-
-        Update the global sync job settings. Currently exposes the maximum
-        number of imapsync processes that are allowed to run in parallel.
-        Admin access required.
-      operationId: Update sync job settings
-      requestBody:
-        content:
-          application/json:
-            schema:
-              example:
-                max_parallel: 4
-              properties:
-                max_parallel:
-                  description: >-
-                    Maximum number of imapsync processes allowed to run in
-                    parallel (1 = sequential behavior, max 50)
-                  type: integer
-              type: object
-      summary: Update sync job settings
   /api/v1/edit/user-acl:
     post:
       responses:
@@ -5687,36 +5629,6 @@ paths:
       description: You can list all syn jobs existing in system.
       operationId: Get sync jobs
       summary: Get sync jobs
-  /api/v1/get/syncjob_settings:
-    get:
-      responses:
-        "401":
-          $ref: "#/components/responses/Unauthorized"
-        "200":
-          content:
-            application/json:
-              examples:
-                response:
-                  value:
-                    max_parallel: 4
-              schema:
-                properties:
-                  max_parallel:
-                    description: >-
-                      Maximum number of imapsync processes allowed to run in
-                      parallel (1 = sequential behavior)
-                    type: integer
-                type: object
-          description: OK
-          headers: {}
-      tags:
-        - Sync jobs
-      description: >-
-        Return the global sync job settings. Currently exposes the maximum
-        number of imapsync processes allowed to run in parallel. Admin access
-        required.
-      operationId: Get sync job settings
-      summary: Get sync job settings
   "/api/v1/get/tls-policy-map/{id}":
     get:
       parameters:

data/web/inc/functions.mailbox.inc.php

@@ -2265,38 +2265,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
             );
           }
         break;
-        case 'syncjob_settings':
-          if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'admin') {
-            $_SESSION['return'][] = array(
-              'type' => 'danger',
-              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
-              'msg' => 'access_denied'
-            );
-            return false;
-          }
-          $max_parallel = intval($_data['max_parallel']);
-          if ($max_parallel < 1)  { $max_parallel = 1; }
-          if ($max_parallel > 50) { $max_parallel = 50; }
-          $max_bps = intval($_data['max_bps']);
-          if ($max_bps < 0) { $max_bps = 0; }
-          try {
-            $redis->Set('SYNCJOBS_MAX_PARALLEL', $max_parallel);
-            $redis->Set('SYNCJOBS_MAX_BPS', $max_bps);
-          }
-          catch (RedisException $e) {
-            $_SESSION['return'][] = array(
-              'type' => 'danger',
-              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
-              'msg' => array('redis_error', $e->getMessage())
-            );
-            return false;
-          }
-          $_SESSION['return'][] = array(
-            'type' => 'success',
-            'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
-            'msg' => 'syncjob_settings_saved'
-          );
-        break;
         case 'syncjob':
           if (!is_array($_data['id'])) {
             $ids = array();
@@ -4651,27 +4619,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
           }
           return $syncjobdetails;
         break;
-        case 'syncjob_settings':
-          if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'admin') {
-            return false;
-          }
-          $settings = array();
-          try {
-            $max_parallel = $redis->Get('SYNCJOBS_MAX_PARALLEL');
-          }
-          catch (RedisException $e) {
-            $max_parallel = null;
-          }
-          $settings['max_parallel'] = intval($max_parallel) ?: 1;
-          try {
-            $max_bps = $redis->Get('SYNCJOBS_MAX_BPS');
-          }
-          catch (RedisException $e) {
-            $max_bps = null;
-          }
-          $settings['max_bps'] = intval($max_bps) ?: 0;
-          return $settings;
-        break;
         case 'syncjobs':
           $syncjobdata = array();
           if (isset($_data) && filter_var($_data, FILTER_VALIDATE_EMAIL)) {

data/web/inc/vars.inc.php

@@ -112,6 +112,7 @@ $AVAILABLE_LANGUAGES = array(
   'sv-se' => 'Svenska (Swedish)',
   'tr-tr' => 'Türkçe (Turkish)',
   'uk-ua' => 'Українська (Ukrainian)',
+  'uz-uz' => 'Oʻzbekcha (Uzbek)',
   'vi-vn' => 'Tiếng Việt (Vietnamese)',
   'zh-cn' => '简体中文 (Simplified Chinese)',
   'zh-tw' => '繁體中文 (Traditional Chinese)',

data/web/js/site/mailbox.js

@@ -2150,7 +2150,7 @@ jQuery(function($){
     var table = $('#sync_job_table').DataTable({
       responsive: true,
       processing: true,
-      serverSide: true,
+      serverSide: false,
       stateSave: true,
       pageLength: pagination_size,
       dom: "<'row'<'col-sm-12 col-md-6'f><'col-sm-12 col-md-6'l>>" +
@@ -2162,15 +2162,10 @@ jQuery(function($){
         hideTableExpandCollapseBtn('#tab-syncjobs', '#sync_job_table');
       },
       ajax: {
-        type: "POST",
-        url: "/api/v1/search/syncjob",
-        contentType: "application/json",
-        processData: false,
-        data: function(d) {
-          return JSON.stringify(d);
-        },
+        type: "GET",
+        url: "/api/v1/get/syncjobs/all/no_log",
         dataSrc: function(json){
-          $.each(json.data, function (i, item) {
+          $.each(json, function (i, item) {
             item.log = '<a href="#syncjobLogModal" data-bs-toggle="modal" data-syncjob-id="' + encodeURIComponent(item.id) + '">' + lang.open_logs + '</a>'
             item.user2 = escapeHtml(item.user2);
             if (!item.exclude > 0) {
@@ -2206,7 +2201,7 @@ jQuery(function($){
             item.exit_status = item.success + ' ' + item.exit_status;
           });
 
-          return json.data;
+          return json;
         }
       },
       columns: [
@@ -2230,7 +2225,6 @@ jQuery(function($){
         {
           title: 'ID',
           data: 'id',
-          searchable: false,
           responsivePriority: 3,
           defaultContent: ''
         },
@@ -2248,27 +2242,21 @@ jQuery(function($){
         {
           title: lang.last_run,
           data: 'last_run',
-          searchable: false,
           defaultContent: ''
         },
         {
           title: lang.syncjob_last_run_result,
           data: 'exit_status',
-          searchable: false,
-          orderable: false,
           defaultContent: ''
         },
         {
           title: 'Log',
           data: 'log',
-          searchable: false,
-          orderable: false,
           defaultContent: ''
         },
         {
           title: lang.active,
           data: 'active',
-          searchable: false,
           defaultContent: '',
           render: function (data, type) {
             return 1==data?'<i class="bi bi-check-lg"><span class="sorting-value">1</span></i>':0==data&&'<i class="bi bi-x-lg"><span class="sorting-value">0</span></i>';
@@ -2277,31 +2265,23 @@ jQuery(function($){
         {
           title: lang.status,
           data: 'is_running',
-          searchable: false,
-          orderable: false,
           defaultContent: ''
         },
         {
           title: lang.excludes,
           data: 'exclude',
-          searchable: false,
-          orderable: false,
           defaultContent: '',
           className: 'none'
         },
         {
           title: lang.mins_interval,
           data: 'mins_interval',
-          searchable: false,
-          orderable: false,
           defaultContent: '',
           className: 'none'
         },
         {
           title: lang.action,
           data: 'action',
-          searchable: false,
-          orderable: false,
           className: 'dt-sm-head-hidden dt-data-w100 dtr-col-md dt-text-right',
           responsivePriority: 5,
           defaultContent: ''

data/web/js/site/quarantine.js

@@ -102,18 +102,21 @@ jQuery(function($){
         {
           title: 'ID',
           data: 'id',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: lang.qid,
           data: 'qid',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: lang.sender,
           data: 'sender',
           className: 'senders-mw220',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: lang.subj,
@@ -128,7 +131,8 @@ jQuery(function($){
         {
           title: lang.rcpt,
           data: 'rcpt',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: lang.danger,

data/web/js/site/queue.js

@@ -48,13 +48,13 @@ jQuery(function($){
       url: "/api/v1/get/mailq/all",
       dataSrc: function(data){
         $.each(data, function (i, item) {
-          item.chkbox = '<input type="checkbox" class="form-check-input" data-id="mailqitems" name="multi_select" value="' + item.queue_id + '" />';
+          item.chkbox = '<input type="checkbox" class="form-check-input" data-id="mailqitems" name="multi_select" value="' + escapeHtml(item.queue_id) + '" />';
           rcpts = $.map(item.recipients, function(i) {
             return escapeHtml(i);
           });
           item.recipients = rcpts.join('<hr style="margin:1px!important">');
           item.action = '<div class="btn-group">' +
-            '<a href="#" data-bs-toggle="modal" data-bs-target="#showQueuedMsg" data-queue-id="' + encodeURI(item.queue_id) + '" class="btn btn-xs btn-secondary">' + lang.show_message + '</a>' +
+            '<a href="#" data-bs-toggle="modal" data-bs-target="#showQueuedMsg" data-queue-id="' + escapeHtml(item.queue_id) + '" class="btn btn-xs btn-secondary">' + lang.show_message + '</a>' +
             '</div>';
           });
           return data;
@@ -79,12 +79,14 @@ jQuery(function($){
         {
           title: 'QID',
           data: 'queue_id',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: 'Queue',
           data: 'queue_name',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: lang_admin.arrival_time,
@@ -106,7 +108,8 @@ jQuery(function($){
         {
           title: lang_admin.sender,
           data: 'sender',
-          defaultContent: ''
+          defaultContent: '',
+          render: $.fn.dataTable.render.text()
         },
         {
           title: lang_admin.recipients,

data/web/json_api.php

@@ -1104,10 +1104,6 @@ if (isset($_GET['query'])) {
               break;
             }
           break;
-          case "syncjob_settings":
-            $data = mailbox('get', 'syncjob_settings');
-            process_get_return($data);
-          break;
           case "active-user-sieve":
             if (isset($object)) {
               $sieve_filter = mailbox('get', 'active_user_sieve', $object);
@@ -1676,55 +1672,6 @@ if (isset($_GET['query'])) {
           process_search_return($data);
         break;
 
-        case "syncjob":
-          $table = ['imapsync', 'i'];
-          $primaryKey = 'id';
-          $columns = [
-            ['db' => 'id', 'dt' => 2],
-            ['db' => 'user2', 'dt' => 3],
-            ['db' => 'host1', 'dt' => 4, 'search' => ['where_column' => "CONCAT_WS(' ', `i`.`user1`, `i`.`host1`)"]],
-            ['db' => 'last_run', 'dt' => 5],
-            ['db' => 'active', 'dt' => 8],
-          ];
-
-          if ($_SESSION['mailcow_cc_role'] === 'admin') {
-            $data = SSP::simple($requestDecoded, $pdo, $table, $primaryKey, $columns);
-          } elseif ($_SESSION['mailcow_cc_role'] === 'domainadmin') {
-            $data = SSP::complex($requestDecoded, $pdo, $table, $primaryKey, $columns,
-              'INNER JOIN `mailbox` AS `mb` ON `mb`.`username` = `i`.`user2` ' .
-              'INNER JOIN `domain_admins` AS `da` ON `da`.`domain` = `mb`.`domain`',
-              [
-                'condition' => '`da`.`active` = 1 AND `da`.`username` = :username',
-                'bindings' => ['username' => $_SESSION['mailcow_cc_username']]
-              ]);
-          } elseif ($_SESSION['mailcow_cc_role'] === 'user') {
-            $data = SSP::complex($requestDecoded, $pdo, $table, $primaryKey, $columns, null,
-              [
-                'condition' => '`i`.`user2` = :username',
-                'bindings' => ['username' => $_SESSION['mailcow_cc_username']]
-              ]);
-          } else {
-            http_response_code(403);
-            echo json_encode(array(
-              'type' => 'error',
-              'msg' => 'Insufficient permissions'
-            ));
-            exit();
-          }
-
-          if (!empty($data['data'])) {
-            $syncjobData = [];
-            foreach ($data['data'] as $row) {
-              if ($details = mailbox('get', 'syncjob_details', $row[2], array('no_log'))) {
-                $syncjobData[] = $details;
-              }
-            }
-            $data['data'] = $syncjobData;
-          }
-
-          process_search_return($data);
-        break;
-
         default:
           http_response_code(404);
           echo json_encode(array(
@@ -2023,9 +1970,6 @@ if (isset($_GET['query'])) {
         case "syncjob":
           process_edit_return(mailbox('edit', 'syncjob', array_merge(array('id' => $items), $attr)));
         break;
-        case "syncjob_settings":
-          process_edit_return(mailbox('edit', 'syncjob_settings', $attr));
-        break;
         case "filter":
           process_edit_return(mailbox('edit', 'filter', array_merge(array('id' => $items), $attr)));
         break;

data/web/lang/lang.az-az.json

@@ -1,5 +1,17 @@
 {
     "acl": {
-        "login_as": "E-poçt qutusu istifadəçisi olaraq daxil ol"
+        "login_as": "E-poçt qutusu istifadəçisi olaraq daxil ol",
+        "alias_domains": "Alternativ domenlər əlavə et",
+        "app_passwds": "Tətbiq parollarını idarə et",
+        "bcc_maps": "BCC yönləndirmə xəritələri",
+        "delimiter_action": "Ayırıcı əməliyyatı",
+        "domain_desc": "Domen təsvirini dəyiş",
+        "domain_relayhost": "Domen üçün relay serveri dəyiş",
+        "eas_reset": "EAS cihazlarını sıfırla",
+        "extend_sender_acl": "Göndərən ACL-ni xarici ünvanlarla genişləndirməyə icazə ver",
+        "filters": "Filtrlər",
+        "mailbox_relayhost": "E-poçt qutusu üçün relay serveri dəyiş",
+        "prohibited": "ACL tərəfindən məhdudlaşdırılıb",
+        "protocol_access": "Protokol girişini dəyiş"
     }
 }

data/web/lang/lang.de-de.json

@@ -372,9 +372,6 @@
         "spamfilter": "Spamfilter",
         "subject": "Betreff",
         "success": "Erfolg",
-        "syncjobs": "Sync-Jobs",
-        "syncjobs_max_bps": "Globales Bandbreitenlimit (Bytes/s)<br><small>Maximale Transferrate pro Sync-Job in Bytes pro Sekunde. 0 = kein Limit. Wird durch ein pro Sync-Job gesetztes Limit überschrieben.</small>",
-        "syncjobs_max_parallel": "Maximale Anzahl paralleler Sync-Jobs<br><small>Wie viele imapsync-Prozesse dürfen gleichzeitig laufen. 1 = sequentiell (aktuelles Verhalten).</small>",
         "sys_mails": "System-E-Mails",
         "task": "Aufgabe",
         "text": "Text",
@@ -1203,7 +1200,6 @@
         "template_modified": "Änderungen am Template %s wurden gespeichert",
         "template_removed": "Template ID %s wurde gelöscht",
         "sogo_profile_reset": "ActiveSync-Gerät des Benutzers %s wurde zurückgesetzt",
-        "syncjob_settings_saved": "Sync-Job-Einstellungen wurden gespeichert",
         "tls_policy_map_entry_deleted": "TLS-Richtlinie mit der ID %s wurde gelöscht",
         "tls_policy_map_entry_saved": "TLS-Richtlinieneintrag \"%s\" wurde gespeichert",
         "ui_texts": "Änderungen an UI-Texten",

data/web/lang/lang.en-gb.json

@@ -382,9 +382,6 @@
         "spamfilter": "Spam filter",
         "subject": "Subject",
         "success": "Success",
-        "syncjobs": "Sync jobs",
-        "syncjobs_max_bps": "Global bandwidth limit (bytes/s)<br><small>Maximum transfer rate per sync job in bytes per second. 0 = no limit. Overridden by a per-job limit.</small>",
-        "syncjobs_max_parallel": "Maximum parallel sync jobs<br><small>How many imapsync processes are allowed to run in parallel. 1 = sequential (legacy behavior).</small>",
         "sys_mails": "System mails",
         "task": "Task",
         "text": "Text",
@@ -1207,7 +1204,6 @@
         "settings_map_added": "Added settings map entry",
         "settings_map_removed": "Removed settings map ID %s",
         "sogo_profile_reset": "SOGo profile for user %s was reset",
-        "syncjob_settings_saved": "Sync job settings have been saved",
         "template_added": "Added template %s",
         "template_modified": "Changes to template %s have been saved",
         "template_removed": "Template ID %s has been deleted",

data/web/lang/lang.nl-nl.json

@@ -27,7 +27,8 @@
         "tls_policy": "Versleutelingsbeleid",
         "unlimited_quota": "Onbeperkte quota voor mailboxen",
         "domain_desc": "Wijzig domeinbeschrijving",
-        "pw_reset": "Toegang om mailcow gebruikers wachtwoord te resetten"
+        "pw_reset": "Toegang om mailcow gebruikers wachtwoord te resetten",
+        "domain_relayhost": "Verander relayhost voor een domein"
     },
     "add": {
         "activate_filter_warn": "Alle andere filters worden gedeactiveerd zolang deze geactiveerd is.",

data/web/lang/lang.pl-pl.json

@@ -1226,7 +1226,7 @@
         "decimal": ".",
         "emptyTable": "Brak danych w tabeli",
         "expand_all": "Rozszerz wszystko",
-        "info": "Wyświetlanie od START do END z TOTAL wpisów",
+        "info": "Wyświetlanie od _START_ do _END_ z _TOTAL_ wpisów",
         "infoEmpty": "Wyświetlanie od 0 do 0 z 0 wpisów",
         "infoFiltered": "(filtrowane z _MAX_ suma wpisów)",
         "thousands": ",",

data/web/lang/lang.pt-br.json

@@ -38,7 +38,7 @@
         "add_domain_only": "Adicionar somente domínio",
         "add_domain_restart": "Adicionar domínio e reiniciar o SoGo",
         "alias_address": "Endereço (s) de alias",
-        "alias_address_info": "<small>Endereço/s de e-mail completo ou @example .com, para capturar todas as mensagens de um domínio (separadas por vírgula). <b> somente  domínios mailcow</b>.</small>",
+        "alias_address_info": "<small>Endereço(s) de e-mail completo(s) ou @example.com, para capturar todas as mensagens de um domínio (separadas por vírgula). <b>Apenas domínios do Mailcow</b>.</small>",
         "alias_domain": "Domínio de alias",
         "alias_domain_info": "<small>Somente nomes de domínio válidos (separados por vírgula).</small>",
         "app_name": "Nome do aplicativo",
@@ -158,7 +158,7 @@
         "logo_dark_label": "Invertido para o modo escuro",
         "configuration": "Configuração",
         "convert_html_to_text": "Converter HTML em texto sem formatação",
-        "copy_to_clipboard": "Text copied to clipboard!",
+        "copy_to_clipboard": "Copiado para a área de transferência!",
         "cors_settings": "Configurações do CORS",
         "credentials_transport_warning": "<b>Aviso</b>: Adicionar uma nova entrada no mapa de transporte atualizará as credenciais de todas as entradas com uma coluna correspondente do próximo salto.",
         "customer_id": "ID do cliente",
@@ -223,7 +223,7 @@
         "includes": "Inclua esses destinatários",
         "ip_check": "Verificação de IP",
         "ip_check_disabled": "A verificação de IP está desativada. Você pode ativá-lo em <br><strong>Sistema > Configuração > Opções > Personalizar</strong>",
-        "ip_check_opt_in": "Opte por usar o serviço de terceiros <strong>ipv4.mailcow.email.</strong> e <strong>ipv6.mailcow.email</strong> para resolver endereços IP externos.",
+        "ip_check_opt_in": "Opte por usar o serviço de terceiros <strong>ipv4.mailcow.email</strong> e <strong>ipv6.mailcow.email</strong> para resolver endereços IP externos.",
         "is_mx_based": "Baseado em MX",
         "last_applied": "Aplicado pela última vez",
         "license_info": "Uma licença não é necessária, mas ajuda no desenvolvimento.<br><a href=\"https://www.servercow.de/mailcow? Lang=en#sal\" target=\"_blank\" alt=\"SAL order\">Registre seu GUID aqui</a> ou <a href=\"https://www.servercow.de/mailcow? Lang=en#support\" target=\"_blank\" alt=\"Support order\">comprar suporte para sua instalação de mailcow.</a>",
@@ -245,7 +245,7 @@
         "oauth2_add_client": "Adicionar cliente OAuth2",
         "oauth2_client_id": "ID do cliente",
         "oauth2_client_secret": "Segredo do cliente",
-        "oauth2_info": "A implementação OAuth2 suporta o tipo de concessão \"Código de Autorização\" e emite tokens de atualização.<br>\nO servidor também emite automaticamente novos tokens de atualização, depois que um token de atualização foi usado.<br><br>\n&#8226; O escopo padrão é <i>perfil</i>. Somente usuários com caixa de e-mail podem ser autenticados contra o OAuth2. Se o parâmetro de escopo for omitido, ele voltará para <i>perfil</i>.<br>\nCaminhos para solicitações OAuth2 API: <br>\n<ul>\n<li>Endpoint de autorização: <code>/oauth/authorize</code></li>\n<li>Endpoint token: <code>/oauth/token</code></li>\n<li>Página de recursos: <code>/oauth/profile</code></li>\n</ul>\nRegenerar o segredo do cliente não expirará os códigos de autorização existentes, mas eles não renovarão seu token.<br><br>\nA revogação dos tokens do cliente causará o término imediato de todas as sessões ativas. Todos os clientes precisam se autenticar novamente.",
+        "oauth2_info": "A implementação do OAuth2 suporta o tipo de concessão \"Código de Autorização\" e emite tokens de atualização.<br>\nO servidor também emite automaticamente novos tokens de atualização após um token de atualização ter sido usado.<br>\nO escopo padrão é <i>profile</i>. Somente usuários de caixa de correio podem ser autenticados com o OAuth2. Se o parâmetro de escopo for omitido, o padrão será <i>profile</i>.<br>\nO parâmetro <i>state</i> deve ser enviado pelo cliente como parte da solicitação de autorização.<br><br>\nCaminhos para solicitações à API OAuth2: <br>\n\n<ul>\n  <li>Ponto de extremidade de autorização: <code>/oauth/authorize</code></li>\n  <li>Endpoint do token: <code>/oauth/token</code></li>\n  <li>Página de recursos: <code>/oauth/profile</code></li>\n</ul>\n\nRegenerar o segredo do cliente não expirará os códigos de autorização existentes, mas impedirá a renovação do token.<br><br>\nA revogação dos tokens de cliente causará o encerramento imediato de todas as sessões ativas. Todos os clientes precisarão se autenticar novamente.",
         "oauth2_redirect_uri": "URI de redirecionamento",
         "oauth2_renew_secret": "Gere um novo segredo de cliente",
         "oauth2_revoke_tokens": "Revogar todos os tokens do cliente",
@@ -730,7 +730,7 @@
         "pushover_verify": "Verifique as credenciais",
         "quota_mb": "Cota (MiB)",
         "quota_warning_bcc": "Aviso de cota BCC",
-        "quota_warning_bcc_info": "Os avisos serão enviados em cópias separadas para os seguintes destinatários. O assunto será sufixado pelo nome de usuário correspondente entre colchetes, por exemplo: <code>Aviso de cota (</code>user@example.com).",
+        "quota_warning_bcc_info": "Os avisos serão enviados em cópias separadas para os seguintes destinatários. O assunto será precedido pelo nome de usuário correspondente entre colchetes, por exemplo: <code>Aviso de cota (user@example.com)</code>.",
         "ratelimit": "Limite de taxa",
         "redirect_uri": "URL de redirecionamento/retorno de chamada",
         "relay_all": "Retransmita todos os destinatários",
@@ -759,7 +759,7 @@
         "spam_score": "Defina uma pontuação de spam personalizada",
         "subfolder2": "Sincronizar na subpasta no destino <br><small>(vazio = não usar subpasta</small>)",
         "syncjob": "Editar tarefa de sincronização",
-        "target_address": "<small>Ir para endereço/es (separados por vírgula)</small>",
+        "target_address": "Ir para o(s) endereço(s) <small>(separados por vírgula)</small>",
         "target_domain": "Domínio de destino",
         "timeout1": "Tempo limite para conexão com o host remoto",
         "timeout2": "Tempo limite para conexão com o host local",
@@ -807,7 +807,7 @@
         "cancel": "Cancelar",
         "confirm_delete": "Confirme a exclusão",
         "delete_now": "Excluir agora",
-        "delete_these_items": "Confirme suas alterações no seguinte ID de objeto",
+        "delete_these_items": "Por favor, confirme as alterações feitas no seguinte ID de objeto.",
         "hibp_check": "Verifique em haveibeenpwned.com",
         "hibp_nok": "Combinado! Essa é uma senha potencialmente perigosa!",
         "hibp_ok": "Nenhuma combinação encontrada.",
@@ -1393,7 +1393,7 @@
         "syncjob_EXIT_CONNECTION_FAILURE_HOST1": "Não é possível se conectar ao servidor remoto",
         "syncjob_EXIT_AUTHENTICATION_FAILURE_USER1": "Nome de usuário ou senha incorretos",
         "tag_handling": "Definir o tratamento para e-mails marcados",
-        "tag_help_example": "Exemplo de um endereço de e-mail marcado: me <b>+Facebook</b> @example .org",
+        "tag_help_example": "Exemplo de endereço de e-mail com tag: eu+Facebook</b>@exemplo.org",
         "tag_help_explain": "Na subpasta: uma nova subpasta com o nome da tag será criada abaixo da CAIXA DE ENTRADA (“Caixa de entrada/Facebook”). <br>\r\nNo assunto: o nome das tags será anexado ao assunto do e-mail, por exemplo: “[Facebook] Minhas notícias”.",
         "tag_in_none": "Não faça nada",
         "tag_in_subfolder": "Na subpasta",

data/web/templates/admin.twig

@@ -21,7 +21,6 @@
         <li><button class="dropdown-item" data-bs-target="#tab-config-fwdhosts" aria-selected="false" aria-controls="tab-config-fwdhosts" role="tab" data-bs-toggle="tab">{{ lang.admin.forwarding_hosts }}</button></li>
         <li><button class="dropdown-item" data-bs-target="#tab-config-f2b" aria-selected="false" aria-controls="tab-config-f2b" role="tab" data-bs-toggle="tab">{{ lang.admin.f2b_parameters }}</button></li>
         <li><button class="dropdown-item" data-bs-target="#tab-config-quarantine" aria-selected="false" aria-controls="tab-config-quarantine" role="tab" data-bs-toggle="tab">{{ lang.admin.quarantine }}</button></li>
-        <li><button class="dropdown-item" data-bs-target="#tab-config-syncjobs" aria-selected="false" aria-controls="tab-config-syncjobs" role="tab" data-bs-toggle="tab">{{ lang.admin.syncjobs }}</button></li>
         <li><button class="dropdown-item" data-bs-target="#tab-config-quota" aria-selected="false" aria-controls="tab-config-quota" role="tab" data-bs-toggle="tab">{{ lang.admin.quota_notifications }}</button></li>
         <li><button class="dropdown-item" data-bs-target="#tab-config-rsettings" aria-selected="false" aria-controls="tab-config-rsettings" role="tab" data-bs-toggle="tab">{{ lang.admin.rspamd_settings_map }}</button></li>
         <li><button class="dropdown-item" data-bs-target="#tab-config-password-settings" aria-selected="false" aria-controls="tab-config-password-settings" role="tab" data-bs-toggle="tab">{{ lang.admin.password_settings }}</button></li>
@@ -51,7 +50,6 @@
         {% include 'admin/tab-config-fwdhosts.twig' %}
         {% include 'admin/tab-config-f2b.twig' %}
         {% include 'admin/tab-config-quarantine.twig' %}
-        {% include 'admin/tab-config-syncjobs.twig' %}
         {% include 'admin/tab-config-quota.twig' %}
         {% include 'admin/tab-config-rsettings.twig' %}
         {% include 'admin/tab-config-customize.twig' %}

data/web/templates/admin/tab-config-syncjobs.twig

@@ -1,27 +0,0 @@
-<div class="tab-pane fade" id="tab-config-syncjobs" role="tabpanel" aria-labelledby="tab-config-syncjobs">
-  <div class="card mb-4">
-    <div class="card-header d-flex fs-5">
-      <button class="btn d-md-none flex-grow-1 text-start" data-bs-target="#collapse-tab-config-syncjobs" data-bs-toggle="collapse" aria-controls="collapse-tab-config-syncjobs">
-        {{ lang.admin.syncjobs }}
-      </button>
-      <span class="d-none d-md-block">{{ lang.admin.syncjobs }}</span>
-    </div>
-    <div id="collapse-tab-config-syncjobs" class="card-body collapse" data-bs-parent="#admin-content">
-      <form class="form-horizontal" data-id="syncjob_settings" role="form" method="post">
-        <div class="row mb-4">
-          <label class="col-sm-4 control-label text-sm-end" for="syncjobs_max_parallel">{{ lang.admin.syncjobs_max_parallel|raw }}</label>
-          <div class="col-sm-8">
-            <input type="number" class="form-control" id="syncjobs_max_parallel" name="max_parallel" value="{{ sj_data.max_parallel }}" min="1" max="50" required>
-          </div>
-        </div>
-        <div class="row mb-4">
-          <label class="col-sm-4 control-label text-sm-end" for="syncjobs_max_bps">{{ lang.admin.syncjobs_max_bps|raw }}</label>
-          <div class="col-sm-8">
-            <input type="number" class="form-control" id="syncjobs_max_bps" name="max_bps" value="{{ sj_data.max_bps }}" min="0">
-          </div>
-        </div>
-        <button class="btn btn-sm d-block d-sm-inline btn-success" data-action="edit_selected" data-item="self" data-id="syncjob_settings" data-api-url='edit/syncjob_settings' href="#"><i class="bi bi-check-lg"></i> {{ lang.admin.save }}</button>
-      </form>
-    </div>
-  </div>
-</div>

data/web/templates/edit/filter.twig

@@ -23,7 +23,7 @@
   <div class="row mb-4">
     <label class="control-label col-sm-2" for="script_data">Script:</label>
     <div class="col-sm-10">
-      <textarea spellcheck="false" autocorrect="off" autocapitalize="none" class="form-control textarea-code" rows="20" id="script_data" name="script_data" required>{{ result.script_data|raw }}</textarea>
+      <textarea spellcheck="false" autocorrect="off" autocapitalize="none" class="form-control textarea-code" rows="20" id="script_data" name="script_data" required>{{ result.script_data }}</textarea>
     </div>
   </div>
   <div class="row mb-2">

docker-compose.yml

@@ -200,7 +200,7 @@ services:
             - phpfpm
 
     sogo-mailcow:
-      image: ghcr.io/mailcow/sogo:5.12.5-3
+      image: ghcr.io/mailcow/sogo:5.12.8-1
       environment:
         - DBNAME=${DBNAME}
         - DBUSER=${DBUSER}
@@ -252,7 +252,7 @@ services:
             - sogo
 
     dovecot-mailcow:
-      image: ghcr.io/mailcow/dovecot:2.3.21.1-3
+      image: ghcr.io/mailcow/dovecot:2.3.21.1-2
       depends_on:
         - mysql-mailcow
         - netfilter-mailcow
@@ -419,7 +419,7 @@ services:
         - php-fpm-mailcow
         - sogo-mailcow
         - rspamd-mailcow
-      image: ghcr.io/mailcow/nginx:1.06
+      image: ghcr.io/mailcow/nginx:1.30.1-1
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       environment: