├── robots.txt ├── .gitignore ├── Vagrantfile ├── .htaccess ├── test ├── eas.xml ├── outlook.xml └── testconfig.sh ├── include ├── classes │ ├── ConfigOutlook.php │ ├── ConfigMozilla.php │ └── AutoConfig.php └── response │ ├── autodiscover.xml.php │ └── config-v1.1.xml.php ├── config.dist.php ├── index.php └── README.md /robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: / 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Created by .ignore support plugin (hsz.mobi) 2 | config.php 3 | .vagrant 4 | .idea -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | Vagrant.configure(2) do |config| 5 | config.vm.box = "spicyweb/apache-phpfpm" 6 | end 7 | -------------------------------------------------------------------------------- /.htaccess: -------------------------------------------------------------------------------- 1 | RewriteEngine On 2 | 3 | RewriteCond %{HTTP_HOST} !^autoconfig\.SERVER\.TLD [NC] 4 | RewriteCond %{HTTP_HOST} !^$ 5 | RewriteRule ^/(.*) https://autoconfig.SERVER.TLD:%{SERVER_PORT}/$1 [L,R] 6 | # Use SSL for autoconfig. 7 | 8 | RewriteRule !^index\.php$ - [C] 9 | RewriteRule ^(.*)$ /index.php?file=$1 [QSA,L] 10 | -------------------------------------------------------------------------------- /test/eas.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | user@customer.com 5 | http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006 6 | 7 | 8 | -------------------------------------------------------------------------------- /test/outlook.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a 5 | 6 | 7 | user@customer.com 8 | 9 | 10 | -------------------------------------------------------------------------------- /test/testconfig.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | HOST="discover.host.de" 4 | 5 | # outlook 6 | echo "Outlook" 7 | curl -k -X POST -d @outlook.xml https://$HOST/autodiscover/autodiscover.xml 8 | curl -k -X POST -d @eas.xml https://$HOST/autodiscover/autodiscover.xml 9 | 10 | # thunderbird 11 | echo "Thunderbird" 12 | # should get posted address back 13 | curl "https://$HOST/mail/config-v1.1.xml?emailaddress=test%40example.com" 14 | 15 | # evolution 16 | echo "Evolution" 17 | curl "https://$HOST/mail/config-v1.1.xml?emailaddress=EMAILADDR%40example.com" 18 | -------------------------------------------------------------------------------- /include/classes/ConfigOutlook.php: -------------------------------------------------------------------------------- 1 | (.*?)\<\/EMailAddress\>/", $data, $matches); 10 | try { 11 | if ($matchCount > 0) { 12 | $this->email = $matches[1]; 13 | } else { 14 | throw new UnkownUser("No user found in XML"); 15 | } 16 | $this->loadData(); 17 | } catch (UnkownUser $e) { 18 | $this->host = ["hostname" => defined('FALLBACK_SERVER_FQDN') ? FALLBACK_SERVER_FQDN : $_SERVER['SERVER_NAME']]; 19 | $this->user = ["login" => $this->email]; 20 | } 21 | } 22 | 23 | } 24 | ?> -------------------------------------------------------------------------------- /config.dist.php: -------------------------------------------------------------------------------- 1 | 17 | -------------------------------------------------------------------------------- /include/classes/ConfigMozilla.php: -------------------------------------------------------------------------------- 1 | email = urldecode($_GET['emailaddress']); 9 | try { 10 | $this->loadData(); 11 | } catch (UnkownUser $e) { 12 | /* 13 | this actually works for e.g. Gnome Evolution, they are 14 | more privacy concerned and are sending 15 | `emailaddress=EVOLUTIONUSER%40domain.de&emailmd5=XXX` 16 | just returning the static emailaddress is sufficient 17 | */ 18 | $this->host = ["hostname" => defined('FALLBACK_SERVER_FQDN') ? FALLBACK_SERVER_FQDN : $_SERVER['SERVER_NAME']]; 19 | $this->user = ["email" => $this->email, 20 | "login" => $this->email]; 21 | } 22 | } 23 | 24 | } 25 | ?> -------------------------------------------------------------------------------- /index.php: -------------------------------------------------------------------------------- 1 | getMessage()); 6 | die(); 7 | } 8 | 9 | set_exception_handler('global_exception_handler'); 10 | 11 | function autoload($name){ 12 | $name = str_replace('\\', '/', $name); 13 | $class_path = dirname(__FILE__).'/include/classes/'; 14 | static $class_extension = '.php'; 15 | if(file_exists($class_path . $name . $class_extension)) 16 | require_once($class_path . $name . $class_extension); 17 | } 18 | spl_autoload_register('autoload'); 19 | 20 | AutoConfig::addFile('autodiscover.xml', 'ConfigOutlook'); 21 | AutoConfig::addFile('/autodiscover.xml', 'ConfigOutlook'); 22 | AutoConfig::addFile('autodiscover/autodiscover.xml', 'ConfigOutlook'); 23 | AutoConfig::addFile('/autodiscover/autodiscover.xml', 'ConfigOutlook'); 24 | AutoConfig::addFile('mail/config-v1.1.xml', 'ConfigMozilla'); 25 | AutoConfig::addFile('/mail/config-v1.1.xml', 'ConfigMozilla'); 26 | AutoConfig::setDefault('autodiscover.xml'); 27 | 28 | $config = AutoConfig::get(strtolower($_GET['file'])); 29 | $config->response(); 30 | ?> -------------------------------------------------------------------------------- /include/response/autodiscover.xml.php: -------------------------------------------------------------------------------- 1 | '; ?> 2 | 3 | 4 | 5 | 6 | email 7 | settings 8 | 9 | IMAP 10 | host['hostname']) ?> 11 | 993 12 | off 13 | user['login'] ?> 14 | off 15 | on 16 | on 17 | 18 | 19 | POP3 20 | host['hostname']) ?> 21 | 995 22 | off 23 | user['login'] ?> 24 | off 25 | on 26 | on 27 | 28 | 29 | SMTP 30 | host['hostname']) ?> 31 | 25 32 | off 33 | user['login'] ?> 34 | off 35 | TLS 36 | on 37 | off 38 | off 39 | 40 | 41 | 42 | 43 | -------------------------------------------------------------------------------- /include/classes/AutoConfig.php: -------------------------------------------------------------------------------- 1 | SOAP_LOCATION, 29 | 'uri' => SOAP_URI)); 30 | try { 31 | //* Login to the remote server 32 | if($session_id = $client->login(SOAP_USER,SOAP_PASS)) { 33 | $mail_user = $client->mail_user_get($session_id, array('email' => $this->email)); 34 | if(count($mail_user) == 1) 35 | { 36 | $this->host = $client->server_get($session_id, $mail_user[0]['server_id'], 'server'); 37 | $this->user = $mail_user[0]; 38 | } 39 | else 40 | throw new UnkownUser("Unknown Account"); 41 | } 42 | 43 | //* Logout 44 | $client->logout($session_id); 45 | 46 | } catch (SoapFault $e) { 47 | throw new Exception('SOAP Error: '.$e->getMessage()); 48 | } 49 | } 50 | 51 | public function response(){ 52 | if(!$this->email OR !$this->user OR !$this->host) 53 | throw new Exception('You must load data before forming response!'); 54 | ob_start(); 55 | include 'include/response/'.$this->response_template; 56 | $response = ob_get_contents(); 57 | ob_end_clean(); 58 | header("Content-type: ".$this->response_type); 59 | echo $response; 60 | } 61 | } 62 | ?> -------------------------------------------------------------------------------- /include/response/config-v1.1.xml.php: -------------------------------------------------------------------------------- 1 | "; ?> 2 | 3 | 4 | 5 | user['email'], strpos($this->user['email'], '@')+1) ?> 6 | user['login']) : '') ?> 7 | 8 | // Change order to indicate preference to clients 9 | 10 | host['hostname']) ?> 11 | 993 12 | SSL 13 | password-cleartext 14 | user['login'] ?> 15 | 16 | 17 | host['hostname']) ?> 18 | 995 19 | SSL 20 | password-cleartext 21 | user['login'] ?> 22 | 23 | true 24 | true 25 | 10 26 | 27 | 28 | // Prefer SSL over STARTTLS 29 | 30 | host['hostname']) ?> 31 | 465 32 | SSL 33 | password-cleartext 34 | user['login'] ?> 35 | 36 | // Provide STARTTLS as a fallback 37 | 38 | host['hostname']) ?> 39 | 587 40 | STARTTLS 41 | password-cleartext 42 | user['login'] ?> 43 | 44 | 45 | 46 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ISPConfig Server Addons 2 | ## Autodiscover (Outlook) + Autoconfig (Thunderbird) 3 | 4 | **NOTE:** This is no longer a mirror of https://spicyhub.de/spicy-web/isp-mailconfig. 5 | I am finally moving my OSS projects to github. So please use issues and PRs on github to post bug reports or contribute to the sourcecode. 6 | 7 | ### Intro 8 | 9 | Using this tool you can offer mailaccount autodiscover in Thunderbird and Outlook to all your customers in a multiserver environment. 10 | 11 | ### Placeholders 12 | * my-service.com = The domain you run your "autodiscover" service on 13 | * my-mail.com = The domain you want to activate autodiscover and autoconfig for 14 | * PANEL-SERVER-IP = IP Address of the ISPConfig server (of course you can install the tool on any/every server in your environment) 15 | * In case of installing it on another server than the panel, you have to use another user and group instead of `ispapps` in vHost config and console commands. 16 | 17 | ### Requirements 18 | 19 | php-soap is required for API-Requests. 20 | php7.3-soap for example. 21 | 22 | Outlook requires access to a SSL secured page with a trusted certificate. 23 | 24 | The example configuration uses the ISPConfig interface SSL certificate, for this to work it will have to be a valid publicly signed wildcard certificate. For example a StartSSL signed Level 2 (Personal Identity) certificate. 25 | 26 | That should be enough for Outlook to work without error messages and warnings. 27 | 28 | ## Setup 29 | 30 | ### Prepare ISPConfig 31 | 32 | The discover plugin is not realized as Website managed by ISPConfig. This setup guide explains the setup of the vHost from scratch. So you can install it on any of your servers running a webserver. 33 | 34 | #### Example for Apache2 35 | Example configuration for Apache2 (Ubuntu 16.04) 36 | 37 | * Add a new vHost Config file: `vi /etc/apache2/sites-available/discover.my-service.com.conf` 38 | 39 | Content: 40 | ``` 41 | 42 | ServerName discover.my-service.com 43 | ServerAlias autoconfig.my-service.com 44 | ServerAlias autoconfig.* 45 | ServerSignature Off 46 | 47 | # Redirect non HTTPS and wrong domain names 48 | RewriteEngine On 49 | RewriteCond %{HTTPS} !on [OR] 50 | RewriteCond %{HTTP_HOST} !^discover\.my-service\.com$ 51 | RewriteRule ^(.*)$ https://discover.my-service.com$1 [L,R] 52 | 53 | 54 | 55 | ServerName discover.my-service.com 56 | ServerAlias autoconfig.my-service.com 57 | ServerAlias autoconfig.* 58 | ServerAdmin hostmaster@my-service.com 59 | ServerSignature Off 60 | 61 | ErrorLog /var/log/ispconfig/httpd/discover.my-server.com/error.log 62 | 63 | # Redirect client domains to my-service.com when connecting direct via HTTPS 64 | RewriteEngine On 65 | RewriteCond %{HTTP_HOST} !^discover\.my-service\.com$ 66 | RewriteRule ^(.*)$ https://discover.my-service.com$1 [L,R] 67 | 68 | 69 | DocumentRoot /var/www/discover 70 | SuexecUserGroup ispapps ispapps 71 | 72 | Options +Indexes +FollowSymLinks +MultiViews +ExecCGI 73 | AllowOverride AuthConfig Indexes Limit Options FileInfo 74 | 75 | AddHandler fcgid-script .php 76 | 77 | FCGIWrapper /var/www/php-fcgi-scripts/apps/.php-fcgi-starter .php 78 | Require all granted 79 | 80 | 81 | 82 | 83 | DocumentRoot /var/www/discover 84 | AddType application/x-httpd-php .php 85 | 86 | Require all granted 87 | 88 | 89 | 90 | # This config uses the certificate that is used for ISPC Panel 91 | # Change path if needed 92 | SSLEngine On 93 | SSLProtocol All -SSLv2 -SSLv3 94 | # SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS 95 | SSLHonorCipherOrder on 96 | SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt 97 | SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key 98 | # Always wise to include the cert chain, change as needed and uncomment 99 | #SSLCertificateChainFile /usr/local/ispconfig/interface/ssl/startssl.chain.class2.server.crt 100 | 101 | ``` 102 | 103 | #### Example for nginx 104 | 105 | Add the following locations to a server configuration of your choice: 106 | (asumtion: discover.my-service.com) 107 | 108 | ``` 109 | location ~* ^(/mail/config-v1.1.xml|/autodiscover) { 110 | index index.html index.htm index.php; 111 | rewrite ^(.*)$ /index.php?file=$1 last; 112 | } 113 | location /index.php { 114 | root /var/www/discover; 115 | include /etc/nginx/fastcgi_params; 116 | 117 | fastcgi_pass 127.0.0.1:9000; 118 | fastcgi_index index.php; 119 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 120 | access_log /var/log/nginx/automail_access.log; 121 | error_log /var/log/nginx/automail_error.log; 122 | fastcgi_buffer_size 128k; 123 | fastcgi_buffers 256 4k; 124 | fastcgi_busy_buffers_size 256k; 125 | fastcgi_intercept_errors on; 126 | fastcgi_temp_file_write_size 256k; 127 | } 128 | 129 | ``` 130 | 131 | ### Install the tool 132 | 133 | * Enter your ISPConfig panel at **System -> Remote Users** and create a new remote user with these privileges (ISPConfig 3.1 item names): 134 | * Server functions 135 | * Mail user functions 136 | * If your automail host is different to your ISPConfig Multiserver master, allow the remote user access from this remote host address 137 | * Clone the repository into the discover-webfolder 138 | * If using Apache2, edit .htaccess and replace SERVER.TLD with the FQDN of your machine 139 | * Copy the shipped config file 140 | * Open it in your favorite editor 141 | * Enter ISPC-URLs and Remote User credentials as well as the name of your service 142 | * (optional) Enter a fallback server FQDN to use if the user couldn't be found in ISPConfig (defaults to $_SERVER['SERVER_NAME']) 143 | * (optional) Enter domain names of SMTP/IMAP/POP servers to fully override autodiscovery via ISPConfig API 144 | 145 | Shell Commands: 146 | 147 | cd /var/www 148 | git clone https://github.com/SpicyWeb-de/isp-mailConfig.git discover 149 | chown -R ispapps:ispapps discover 150 | cd discover 151 | cp config.dist.php config.php 152 | vi config.php 153 | 154 | ### DNS Config 155 | Add the following DNS records for zone my-service.com: 156 | 157 | * `A` `discover` -> `ISPConfig-SERVER-IP` 158 | * maybe also `AAAA`, if IPv6 available for ISPConfig server 159 | * `CNAME` `autoconfig` -> `discover` 160 | 161 | Add the following DNS records for zone my-mail.com to enable autoconfig: 162 | 163 | * `SRV` `_autodiscover._tcp` -> `1 10 443 discover.my-service.com` 164 | * [SRV-Format on Route53: [priority] [weight] [port] [server host name]] 165 | * `CNAME` `autoconfig` -> `discover.my-service.com.` 166 | 167 | ### Testing 168 | 169 | This tool works only for real existing mail accounts as it queries the ISPC Remote API for them. 170 | 171 | While testing make sure to use addresses, that exist on your server. 172 | 173 | #### Mozilla / Thunderbird 174 | Enter [https://discover.my-service.com/mail/config-v1.1.xml?emailaddress=user%40my-mail.com](https://discover.my-service.com/mail/config-v1.1.xml?emailaddress=user%40my-mail.com) in your browser. 175 | 176 | For an existing mail address in the emailaddress-parameter you should get an answer like this: 177 | 178 | 179 | 180 | 181 | my-mail.com 182 | YOUR SERIVCE NAME 183 | SERVICE 184 | 185 | mailserver.my-service.com 186 | 995 187 | SSL 188 | password-cleartext 189 | user@my-mail.com 190 | 191 | true 192 | true 193 | 10 194 | 195 | 196 | 197 | mailserver.my-service.com 198 | 993 199 | SSL 200 | password-cleartext 201 | user@my-mail.com 202 | 203 | 204 | mailserver.my-service.com 205 | 587 206 | STARTTLS 207 | password-cleartext 208 | user@my-mail.com 209 | 210 | 211 | 212 | 213 | #### Microsoft Outlook 214 | As Outlook posts an XML-File with user data to the server you can't just call it in browser to test it. 215 | 216 | You can use Microsofts Remote Connectivity Analyzer at [https://testconnectivity.microsoft.com/ ](https://testconnectivity.microsoft.com/) to check if the **Outlook-AutoDiscovery** is working. 217 | 218 | It takes some time but should also give a positive result for an existing Mail Account on my-mail.com. 219 | 220 | ### Changes 221 | 222 | 02/11/2016 Djerk Geurts - Changed to make server configurable. Multiserver configurations aren't served well by pointing users at a single server. config.php now allows the use of a detected server hostname or a configured one. Plus general updates for ISPConfig 3.1. 223 | 224 | 06/11/2019 Conrad Sachweh - Handle Gnome Evolution and return static config for invalid inputs. 225 | 226 | 227 | ### Credits 228 | * Based on [the work](https://github.com/foe-services/ispc-resources/tree/master/guides/autodiscover) of [Christian Foellmann (cfoellmann)](https://github.com/cfoellmann) 229 | * Rewritten by [Michael Fürmann](https://spicyhub.de/u/quest) from [Spicy Web](https://spicyweb.de) 230 | * Adapted for ISPConfig 3.1, Apache 2.4 and server name setting added by [Djerk Geurts](https://djerk.nl/) from [Maizymoo](https://maizymoo.com/) 231 | --------------------------------------------------------------------------------