Add SMTP Relay support (#1591)

* Initial Smarthost Commit

* Made recommended changes

* Fixes when to require password

* Added checks for user SMTP Relay settings.

* Added restore capability

* mend

* mend

* mend

* Execute also when password changed

When user needs to change password it needs also modify any other settings
Next check should still exits as it an requirement

* Also update when password has been changed

Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>

bin/v-add-mail-domain-smtp-relay

@@ -0,0 +1,75 @@
+#!/bin/bash
+# info: Add mail domain smtp relay support
+# options: USER DOMAIN HOST USERNAME PASSWORD [PORT]
+# labels: mail
+#
+# example: v-add-mail-domain-smtp-relay user domain.tld srv.smtprelay.tld uname123 pass12345
+#
+# This function adds mail domain smtp relay support.
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+host=$3
+username=$4
+password=$5
+port=${6-587}
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '5' "$#" 'USER DOMAIN HOST USERNAME PASSWORD'
+is_format_valid 'port' 'user' 'domain'
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'mail' 'DOMAIN' "$domain"
+is_object_unsuspended 'mail' 'DOMAIN' "$domain"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+cat >/etc/exim4/domains/${domain}/smtp_relay.conf << EOL
+host:$host
+port:$port
+user:$username
+pass:$password
+EOL
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Adding smtp relay values in config
+if [ -z "$U_SMTP_RELAY" ]; then
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_HOST' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_PORT' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_USERNAME' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_PASSWORD' 'ACCOUNTS'
+fi
+
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY' 'true'
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_HOST' "$host"
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_PORT' "$port"
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_USERNAME' "$username"
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_PASSWORD' "$password"
+
+# Logging
+log_history "Added domain smtp relay support for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-add-sys-smtp-relay

@@ -0,0 +1,61 @@
+#!/bin/bash
+# info: add system wide smtp relay support
+# options: HOST USERNAME PASSWORD [PORT]
+# labels: hestia
+#
+# example: v-add-sys-smtp-relay srv.smtprelay.tld uname123 pass12345
+#
+# this function adds system wide smtp relay support.
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+host=$1
+username=$2
+password=$3
+port=${4-587}
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'HOST USERNAME PASSWORD'
+is_format_valid 'port'
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+$BIN/v-change-sys-config-value SMTP_RELAY 'true'
+$BIN/v-change-sys-config-value SMTP_RELAY_HOST $host
+$BIN/v-change-sys-config-value SMTP_RELAY_PORT $port
+$BIN/v-change-sys-config-value SMTP_RELAY_USER $username
+
+cat >/etc/exim4/smtp_relay.conf << EOL
+host:$host
+port:$port
+user:$username
+pass:$password
+EOL
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+log_history "enabled system wide smtp relay support."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-mail-domain-smtp-relay

@@ -0,0 +1,63 @@
+#!/bin/bash
+# info: Remove mail domain smtp relay support
+# options: USER DOMAIN
+# labels: hestia
+#
+# example: v-delete-mail-domain-smtp-relay user domain.tld
+#
+# This function removes mail domain smtp relay support.
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'mail' 'DOMAIN' "$domain"
+is_object_unsuspended 'mail' 'DOMAIN' "$domain"
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+rm -f /etc/exim4/domains/${domain}/smtp_relay.conf
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Adding smtp relay values in config
+if [ -z "$U_SMTP_RELAY" ]; then
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_HOST' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_PORT' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_USERNAME' 'ACCOUNTS'
+    add_object_key 'mail' 'DOMAIN' "$domain" 'U_SMTP_RELAY_PASSWORD' 'ACCOUNTS'
+fi
+
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY' 'false'
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_HOST' ''
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_PORT' ''
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_USERNAME' ''
+update_object_value 'mail' 'DOMAIN' "$domain" '$U_SMTP_RELAY_PASSWORD' ''
+
+# Logging
+log_history "Removed mail domain smtp relay support for $domain"
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-sys-smtp-relay

@@ -0,0 +1,45 @@
+#!/bin/bash
+# info: disable system wide smtp relay support
+# options: 
+# labels: hestia
+#
+# example: v-delete-sys-smtp-relay
+#
+# this function disables system wide smtp relay support.
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+$BIN/v-change-sys-config-value SMTP_RELAY false
+$BIN/v-change-sys-config-value SMTP_RELAY_HOST ''
+$BIN/v-change-sys-config-value SMTP_RELAY_PORT ''
+$BIN/v-change-sys-config-value SMTP_RELAY_USER ''
+
+rm -f /etc/exim4/smtp_relay.conf
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+log_history "Disable system wide smtp relay support."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-list-mail-domain

@@ -38,41 +38,52 @@ json_list() {
         "TIME": "'$TIME'",
         "DATE": "'$DATE'",
         "WEBMAIL_ALIAS": "'$WEBMAIL_ALIAS.$domain'",
-        "WEBMAIL":"'$WEBMAIL'"
+        "WEBMAIL":"'$WEBMAIL'",
+        "U_SMTP_RELAY":"'$U_SMTP_RELAY'",
+        "U_SMTP_RELAY_HOST":"'$U_SMTP_RELAY_HOST'",
+        "U_SMTP_RELAY_PORT":"'$U_SMTP_RELAY_PORT'",
+        "U_SMTP_RELAY_USERNAME":"'$U_SMTP_RELAY_USERNAME'"
         }'
     echo '}'
 }
 
 # SHELL list function
 shell_list() {
-    echo "DOMAIN:         $DOMAIN"
-    echo "ANTIVIRUS:      $ANTIVIRUS"
-    echo "ANTISPAM:       $ANTISPAM"
-    echo "DKIM:           $DKIM"
-    echo "CATCHALL:       $CATCHALL"
-    echo "ACCOUNTS:       $ACCOUNTS"
-    echo "DISK:           $U_DISK"
-    echo "SSL:            $SSL"
-    echo "LETSENCRYPT:    $LETSENCRYPT"
-    echo "SUSPENDED:      $SUSPENDED"
-    echo "TIME:           $TIME"
-    echo "DATE:           $DATE"
-    echo "WEBMAIL_ALIAS:  $WEBMAIL_ALIAS.$domain"
-    echo "WEBMAIL:        $WEBMAIL"
+    echo "DOMAIN:             $DOMAIN"
+    echo "ANTIVIRUS:          $ANTIVIRUS"
+    echo "ANTISPAM:           $ANTISPAM"
+    echo "DKIM:               $DKIM"
+    echo "CATCHALL:           $CATCHALL"
+    echo "ACCOUNTS:           $ACCOUNTS"
+    echo "DISK:               $U_DISK"
+    echo "SSL:                $SSL"
+    echo "LETSENCRYPT:        $LETSENCRYPT"
+    echo "SUSPENDED:          $SUSPENDED"
+    echo "TIME:               $TIME"
+    echo "DATE:               $DATE"
+    echo "WEBMAIL_ALIAS:      $WEBMAIL_ALIAS.$domain"
+    echo "WEBMAIL:            $WEBMAIL"
+    echo "U_SMTP_RELAY:          $U_SMTP_RELAY"
+    echo "U_SMTP_RELAY_HOST      $U_SMTP_RELAY_HOST"
+    echo "U_SMTP_RELAY_PORT      $U_SMTP_RELAY_PORT"
+    echo "U_SMTP_RELAY_USERNAME  $U_SMTP_RELAY_USERNAME"
 }
 
 # PLAIN list function
 plain_list() {
     echo -ne "$DOMAIN\t$ANTIVIRUS\t$ANTISPAM\t$DKIM\t$CATCHALL\t"
-    echo -e "$ACCOUNTS\t$U_DISK\t$SSL\t$LETSENCRYPT\t$SUSPENDED\t$TIME\t$DATE\t$WEBMAIL_ALIAS.$domain\t$WEBMAIL"
+    echo -e "$ACCOUNTS\t$U_DISK\t$SSL\t$LETSENCRYPT\t$SUSPENDED\t$TIME\t$DATE\t$WEBMAIL_ALIAS.$domain\t$WEBMAIL\t"
+    echo -e "$U_SMTP_RELAY\t$U_SMTP_RELAY_HOST\t$U_SMTP_RELAY_PORT\t$U_SMTP_RELAY_USERNAME"
 }
 
 # CSV list function
 csv_list() {
     echo -n "DOMAIN,ANTIVIRUS,ANTISPAM,DKIM,CATCHALL,ACCOUNTS,U_DISK,"
-    echo "SSL,LETSENCRYPT,SUSPENDED,TIME,DATE,WEBMAIL_ALIAS,WEBMAIL"
-    echo -n "$DOMAIN,$ANTIVIRUS,$ANTISPAM,$DKIM,$CATCHALL,$ACCOUNTS,$U_DISK"
-    echo "$SSL,$LETSENCRYPT,$SUSPENDED,$TIME,$DATE,$WEBMAIL_ALIAS.$domain,$WEBMAIL"
+    echo "SSL,LETSENCRYPT,SUSPENDED,TIME,DATE,WEBMAIL_ALIAS,WEBMAIL,"
+    echo "U_SMTP_RELAY,U_SMTP_RELAY_HOST,U_SMTP_RELAY_PORT,U_SMTP_RELAY_USERNAME"
+    echo -n "$DOMAIN,$ANTIVIRUS,$ANTISPAM,$DKIM,$CATCHALL,$ACCOUNTS,$U_DISK,"
+    echo "$SSL,$LETSENCRYPT,$SUSPENDED,$TIME,$DATE,$WEBMAIL_ALIAS.$domain,$WEBMAIL,"
+    echo "$U_SMTP_RELAY,$U_SMTP_RELAY_HOST,$U_SMTP_RELAY_PORT,$U_SMTP_RELAY_USERNAME"
 }
 
 

bin/v-list-sys-config

@@ -51,6 +51,10 @@ json_list() {
         "RELEASE_BRANCH": "'$RELEASE_BRANCH'",
         "UPGRADE_SEND_EMAIL": "'$UPGRADE_SEND_EMAIL'",
         "UPGRADE_SEND_EMAIL_LOG": "'$UPGRADE_SEND_EMAIL_LOG'",
+        "SMTP_RELAY": "'$SMTP_RELAY'",
+        "SMTP_RELAY_HOST": "'$SMTP_RELAY_HOST'",
+        "SMTP_RELAY_PORT": "'$SMTP_RELAY_PORT'",
+        "SMTP_RELAY_USER": "'$SMTP_RELAY_USER'",
         "DEMO_MODE": "'$DEMO_MODE'",
         "THEME": "'$THEME'",
         "LANGUAGE": "'$LANGUAGE'",
@@ -146,6 +150,13 @@ shell_list() {
     if [ ! -z "$FILE_MANAGER" ]; then
         echo "File Manager enabled:             $FILE_MANAGER"
     fi
+    if [ ! -z "$SMTP_RELAY" ] && [ "$SMTP_RELAY" != 'false' ]; then
+	echo "SMTP Relay enabled:                $SMTP_RELAY"
+	echo "SMTP Relay Server:                 $SMTP_RELAY_HOST"
+	echo "SMTP Relay Port:                   $SMTP_RELAY_PORT"
+	echo "SMTP Relay User:                   $SMTP_RELAY_USER"
+    fi
+
     echo "Release Branch:                   $RELEASE_BRANCH"
     echo "Theme:                            $THEME"
     echo "Updates: Notify by email:         $UPGRADE_SEND_EMAIL"
@@ -161,6 +172,7 @@ plain_list() {
     echo -ne "$DNS_SYSTEM\t$DNS_CLUSTER\t$STATS_SYSTEM\t$BACKUP_SYSTEM\t"
     echo -ne "$CRON_SYSTEM\t$DISK_QUOTA\t$FIREWALL_SYSTEM\t$FIREWALL_EXTENSION\t"
     echo -ne "$FILE_MANAGER\t$REPOSITORY\t$VERSION\t$DEMO_MODE\t$RELEASE_BRANCH\t"
+    echo -ne "$SMTP_RELAY_HOST\t$SMTP_RELAY_PORT\t$SMTP_RELAY_USER\t"
     echo -ne "$UPGRADE_SEND_EMAIL\t$UPGRADE_SEND_EMAIL_LOG\t$THEME\t$LANGUAGE\t$BACKUP_GZIP\t"
     echo -e  "$BACKUP\t$WEBMAIL_ALIAS\t$DB_PMA_URL\t$DB_PGA_URL"
 }
@@ -176,6 +188,7 @@ csv_list() {
     echo -n "'CRON_SYSTEM','DISK_QUOTA','FIREWALL_SYSTEM',"
     echo -n "'FIREWALL_EXTENSION','FILE_MANAGER','REPOSITORY',"
     echo -n "'VERSION','DEMO_MODE','RELEASE_BRANCH',"
+    echo -n "'SMTP_RELAY','SMTP_RELAY_HOST','SMTP_RELAY_PORT','SMTP_RELAY_USER',"
     echo -n "'UPGRADE_SEND_EMAIL','UPGRADE_SEND_EMAIL_LOG',"
     echo -n "'THEME', 'LANGUAGE','BACKUP_GZIP','BACKUP','WEBMAIL_ALIAS',"
     echo -n "'DB_PMA_ALIAS','DB_PGA_ALIAS'"
@@ -187,6 +200,7 @@ csv_list() {
     echo -n "'$DNS_CLUSTER','$STATS_SYSTEM','$BACKUP_SYSTEM','$CRON_SYSTEM',"
     echo -n "'$DISK_QUOTA','$FIREWALL_SYSTEM','$FIREWALL_EXTENSION','$FILE_MANAGER',"
     echo -n "'$REPOSITORY', '$VERSION','$DEMO_MODE','$RELEASE_BRANCH',"
+    echo -n "'$SMTP_RELAY','$SMTP_RELAY_HOST','$SMTP_RELAY_PORT','$SMTP_RELAY_USER',"
     echo -n "'$UPGRADE_SEND_EMAIL','$UPGRADE_SEND_EMAIL_LOG','$THEME','$LANGUAGE',"
     echo -n "'$BACKUP_GZIP','$BACKUP','$WEBMAIL_ALIAS','$DB_PMA_URL','$DB_PGA_URL'"
     echo

func/rebuild.sh

@@ -556,6 +556,11 @@ rebuild_mail_domain_conf() {
             cp $USER_DATA/mail/$domain.pem \
                 $HOMEDIR/$user/conf/mail/$domain/dkim.pem
         fi
+        
+        # Rebuild SMTP Relay configuration
+        if [ "$U_SMTP_RELAY" = 'true' ]; then
+            $BIN/v-add-mail-domain-smtp-relay $user $domain "$U_SMTP_RELAY_HOST" "$U_SMTP_RELAY_USERNAME" "$U_SMTP_RELAY_PASSWORD" "$U_SMTP_RELAY_PORT"
+        fi
 
         # Removing configuration files if domain is suspended
         if [ "$SUSPENDED" = 'yes' ]; then

install/deb/exim/exim4.conf.template

@@ -74,6 +74,11 @@ DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
 
 OUTGOING_IP = /etc/exim4/domains/$sender_address_domain/ip
 
+SMTP_RELAY_FILE = ${if exists{/etc/exim4/domains/${sender_address_domain}/smtp_relay.conf}{/etc/exim4/domains/$sender_address_domain/smtp_relay.conf}{/etc/exim4/smtp_relay.conf}}
+SMTP_RELAY_HOST = ${lookup{host}lsearch{SMTP_RELAY_FILE}}
+SMTP_RELAY_PORT = ${lookup{port}lsearch{SMTP_RELAY_FILE}}
+SMTP_RELAY_USER = ${lookup{user}lsearch{SMTP_RELAY_FILE}}
+SMTP_RELAY_PASS = ${lookup{pass}lsearch{SMTP_RELAY_FILE}}
 
 ######################################################################
 #                       ACL CONFIGURATION                            #
@@ -218,6 +223,11 @@ acl_check_mime:
 ######################################################################
 begin authenticators
 
+smtp_relay_login:
+  driver = plaintext
+  public_name = LOGIN
+  hide client_send = : SMTP_RELAY_USER : SMTP_RELAY_PASS
+
 dovecot_plain:
   driver = dovecot
   public_name = PLAIN
@@ -238,13 +248,15 @@ dovecot_login:
 ######################################################################
 begin routers
 
-#smarthost:
-#  driver = manualroute
-#  domains = ! +local_domains
-#  transport = remote_smtp
-#  route_list = * smartrelay.hestiacp.com
-#  no_more
-#  no_verify
+send_via_smtp_relay:
+  driver = manualroute
+  address_data = SMTP_RELAY_HOST:SMTP_RELAY_PORT
+  domains = !+local_domains
+  require_files = SMTP_RELAY_FILE
+  transport = smtp_relay_smtp
+  route_list = * ${extract{1}{:}{$address_data}}::${extract{2}{:}{$address_data}}
+  no_more
+  no_verify
 
 dnslookup:
   driver = dnslookup
@@ -323,6 +335,11 @@ terminate_alias:
 ######################################################################
 begin transports
 
+smtp_relay_smtp:
+  driver = smtp
+  hosts_require_auth = $host_address
+  hosts_require_tls = $host_address
+
 remote_smtp:
   driver = smtp
   helo_data = ${if exists {/etc/exim4/mailhelo.conf}{${lookup{$sender_address_domain}lsearch*{/etc/exim4/mailhelo.conf}{$value}{$primary_hostname}}}{$primary_hostname}}

install/upgrade/versions/1.3.3.sh

@@ -1,19 +0,0 @@
-#!/bin/sh
-
-# Hestia Control Panel upgrade script for target version 1.3.3
-
-#######################################################################################
-#######                      Place additional commands below.                   #######
-#######################################################################################
-
-# Allow Fast CGI Cache to be enabled for Nginx Standalone
-if [ -e "/etc/nginx/nginx.conf" ]; then
-    check=$(cat /etc/nginx/nginx.conf | grep 'fastcgi_cache_path');
-    if [ -z "$check" ]; then 
-        echo "[ * ] Updating Nginx to support fast cgi cache..."
-        sed  -i 's/# Cache bypass/# FastCGI Cache settings\n    fastcgi_cache_path \/var\/cache\/nginx\/php-fpm levels=2\n    keys_zone=fcgi_cache:10m inactive=60m max_size=1024m;\n    fastcgi_cache_key \"$host$request_uri $cookie_user\";\n    fastcgi_temp_path  \/var\/cache\/nginx\/temp;\n    fastcgi_ignore_headers Expires Cache-Control;\n    fastcgi_cache_use_stale error timeout invalid_header;\n    fastcgi_cache_valid any 1d;\n\n    # Cache bypass/g' /etc/nginx/nginx.conf
-    fi
-fi
-
-echo '[*] Set Role "Admin" to Administrator'
-$HESTIA/bin/v-change-user-role admin admin

install/upgrade/versions/1.4.0.sh

@@ -0,0 +1,79 @@
+#!/bin/sh
+
+# Hestia Control Panel upgrade script for target version 1.4.0
+
+#######################################################################################
+#######                      Place additional commands below.                   #######
+#######################################################################################
+
+# Allow Fast CGI Cache to be enabled for Nginx Standalone
+if [ -e "/etc/nginx/nginx.conf" ]; then
+    check=$(cat /etc/nginx/nginx.conf | grep 'fastcgi_cache_path');
+    if [ -z "$check" ]; then 
+        echo "[ * ] Updating Nginx to support fast cgi cache..."
+        sed  -i 's/# Cache bypass/# FastCGI Cache settings\n    fastcgi_cache_path \/var\/cache\/nginx\/php-fpm levels=2\n    keys_zone=fcgi_cache:10m inactive=60m max_size=1024m;\n    fastcgi_cache_key \"$host$request_uri $cookie_user\";\n    fastcgi_temp_path  \/var\/cache\/nginx\/temp;\n    fastcgi_ignore_headers Expires Cache-Control;\n    fastcgi_cache_use_stale error timeout invalid_header;\n    fastcgi_cache_valid any 1d;\n\n    # Cache bypass/g' /etc/nginx/nginx.conf
+    fi
+fi
+
+echo '[ * ] Set Role "Admin" to Administrator'
+$HESTIA/bin/v-change-user-role admin admin
+
+# Upgrading Mail System
+if [ "$MAIL_SYSTEM" == "exim4" ]; then
+    if ! grep -q "send_via_smtp_relay" /etc/exim4/exim4.conf.template; then
+
+        echo '[ * ] Installing smtp relay feature'
+        if grep -q "driver = plaintext" /etc/exim4/exim4.conf.template; then
+            disable_smtp_relay=true
+            echo '[ ! ] SMTP Relay install requires manual intervention:'
+            echo '      Exim only supports one plaintext authenticator.'
+            echo '      If you want to use the Hestia smtp relay feature,'
+            echo '      please review the /etc/exim4/exim4.conf.template'
+            echo '      file and resolve any conflicts.'
+        else
+            disable_smtp_relay=false
+        fi
+
+        # Add smtp relay macros to exim config
+        insert='SMTP_RELAY_FILE = ${if exists{/etc/exim4/domains/${sender_address_domain}/smtp_relay.conf}{/etc/exim4/domains/$sender_address_domain/smtp_relay.conf}{/etc/exim4/smtp_relay.conf}}\n\SMTP_RELAY_HOST=${lookup{host}lsearch{SMTP_RELAY_FILE}}\n\SMTP_RELAY_PORT=${lookup{port}lsearch{SMTP_RELAY_FILE}}\n\SMTP_RELAY_USER=${lookup{user}lsearch{SMTP_RELAY_FILE}}\n\SMTP_RELAY_PASS=${lookup{pass}lsearch{SMTP_RELAY_FILE}}\n'
+
+        if [ "$disable_smtp_relay" = true ]; then
+            insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert)
+        fi
+
+        line=$(expr $(sed -n '/ACL CONFIGURATION/=' /etc/exim4/exim4.conf.template) - 1)
+        sed -i "${line}i $insert" /etc/exim4/exim4.conf.template
+
+        # Add smtp relay authenticator
+        insert='smtp_relay_login:\n\  driver = plaintext\n\  public_name = LOGIN\n\  hide client_send = : SMTP_RELAY_USER : SMTP_RELAY_PASS\n'
+
+        if [ "$disable_smtp_relay" = true ]; then
+            insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert)
+        fi
+
+        line=$(expr $(sed -n '/begin authenticators/=' /etc/exim4/exim4.conf.template) + 2)
+        sed -i "${line}i $insert" /etc/exim4/exim4.conf.template
+
+        # Add smtp relay router
+        insert='send_via_smtp_relay:\n\  driver = manualroute\n\  address_data = SMTP_RELAY_HOST:SMTP_RELAY_PORT\n\  domains = !+local_domains\n\  require_files = SMTP_RELAY_FILE\n\  transport = smtp_relay_smtp\n\  route_list = * ${extract{1}{:}{$address_data}}::${extract{2}{:}{$address_data}}\n\  no_more\n\  no_verify\n'
+
+        if [ "$disable_smtp_relay" = true ]; then
+            insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert)
+        fi
+
+        line=$(expr $(sed -n '/begin routers/=' /etc/exim4/exim4.conf.template) + 2)
+        sed -i "${line}i $insert" /etc/exim4/exim4.conf.template
+
+        # Add smtp relay transport
+        insert='smtp_relay_smtp:\n\  driver = smtp\n\  hosts_require_auth = $host_address\n\  hosts_require_tls = $host_address\n'
+
+        if [ "$disable_smtp_relay" = true ]; then
+            insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert)
+        fi
+
+        line=$(expr $(sed -n '/begin transports/=' /etc/exim4/exim4.conf.template) + 2)
+        sed -i "${line}i $insert" /etc/exim4/exim4.conf.template
+    fi
+    
+    $HESTIA/bin/v-restart-mail
+fi

web/add/mail/index.php

@@ -103,6 +103,32 @@ if (!empty($_POST['ok'])) {
         }
     }
     
+    // Add SMTP Relay Support
+    if (empty($_SESSION['error_msg'])) {
+        if (isset($_POST['v_smtp_relay']) && (!empty($_POST['v_smtp_relay_host'])) && (!empty($_POST['v_smtp_relay_user']))) {
+            if (($_POST['v_smtp_relay_host'] != $v_smtp_relay_host) ||
+                ($_POST['v_smtp_relay_user'] != $v_smtp_relay_user) ||
+                ($_POST['v_smtp_relay_port'] != $v_smtp_relay_port)) {
+                if (!empty($_POST['v_smtp_relay_pass'])) {
+                    $v_smtp_relay = true;	
+                    $v_smtp_relay_host = escapeshellarg($_POST['v_smtp_relay_host']);
+                    $v_smtp_relay_user = escapeshellarg($_POST['v_smtp_relay_user']);
+                    $v_smtp_relay_pass = escapeshellarg($_POST['v_smtp_relay_pass']);
+                    if (!empty($_POST['v_smtp_relay_port'])) {
+                        $v_smtp_relay_port = escapeshellarg($_POST['v_smtp_relay_port']);
+                    } else {
+                        $v_smtp_relay_port = '587';
+                    }
+                    exec (HESTIA_CMD."v-add-mail-domain-smtp-relay ".$user." ".$v_domain." ".$v_smtp_relay_host." ".$v_smtp_relay_user." ".$v_smtp_relay_pass." ".$v_smtp_relay_port, $output, $return_var);
+                    check_return_code($return_var,$output);
+                    unset($output);
+                } else {
+                    $_SESSION['error_msg'] = _('SMTP Relay Password is required');
+                }
+            }
+        }
+    }
+    
     // Flush field values on success
     if (empty($_SESSION['error_msg'])) {
         $_SESSION['ok_msg'] = sprintf(_('MAIL_DOMAIN_CREATED_OK'),htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain']));

web/edit/mail/index.php

@@ -51,7 +51,11 @@ if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
     $v_suspended = $data[$v_domain]['SUSPENDED'];
     $v_webmail_alias = $data[$v_domain]['WEBMAIL_ALIAS'];
     $v_webmail = $data[$v_domain]['WEBMAIL'];
-    
+    $v_smtp_relay = $data[$v_domain]['U_SMTP_RELAY'];
+    $v_smtp_relay_host = $data[$v_domain]['U_SMTP_RELAY_HOST'];
+    $v_smtp_relay_port = $data[$v_domain]['U_SMTP_RELAY_PORT'];
+    $v_smtp_relay_user = $data[$v_domain]['U_SMTP_RELAY_USERNAME'];
+
     if ( $v_suspended == 'yes' ) {
         $v_status =  'suspended';
     } else {
@@ -396,6 +400,40 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['accou
         }
     }
 
+    // Add SMTP Relay Support
+    if (empty($_SESSION['error_msg'])) {
+        if (isset($_POST['v_smtp_relay']) && (!empty($_POST['v_smtp_relay_host'])) && (!empty($_POST['v_smtp_relay_user']))) {           
+            if (($_POST['v_smtp_relay_host'] != $v_smtp_relay_host) ||
+                ($_POST['v_smtp_relay_user'] != $v_smtp_relay_user) ||
+                ($_POST['v_smtp_relay_port'] != $v_smtp_relay_port) ||
+                (!empty($_POST['v_smtp_relay_pass']))) {
+                if (!empty($_POST['v_smtp_relay_pass'])) {
+                    $v_smtp_relay = true;	
+                    $v_smtp_relay_host = escapeshellarg($_POST['v_smtp_relay_host']);
+                    $v_smtp_relay_user = escapeshellarg($_POST['v_smtp_relay_user']);
+                    $v_smtp_relay_pass = escapeshellarg($_POST['v_smtp_relay_pass']);
+                    if (!empty($_POST['v_smtp_relay_port'])) {
+                        $v_smtp_relay_port = escapeshellarg($_POST['v_smtp_relay_port']);
+                    } else {
+                        $v_smtp_relay_port = '587';
+                    }
+                    exec (HESTIA_CMD."v-add-mail-domain-smtp-relay ".$v_username." ".escapeshellarg($v_domain)." ".$v_smtp_relay_host." ".$v_smtp_relay_user." ".$v_smtp_relay_pass." ".$v_smtp_relay_port, $output, $return_var);
+                    check_return_code($return_var,$output);
+                    unset($output);   
+                } else {
+                    $_SESSION['error_msg'] = _('SMTP Relay Password is required');
+                }
+            }
+        }
+        if ((!isset($_POST['v_smtp_relay'])) && ($v_smtp_relay == true)) {
+            $v_smtp_relay = false;
+            $v_smtp_relay_host = $v_smtp_relay_user = $v_smtp_relay_pass = $v_smtp_relay_port = '';
+            exec (HESTIA_CMD."v-delete-mail-domain-smtp-relay ".$v_username." ".escapeshellarg($v_domain), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+        }
+    }
+
     // Set success message
     if (empty($_SESSION['error_msg'])) {
         $_SESSION['ok_msg'] = _('Changes has been saved.');

web/edit/server/index.php

@@ -115,6 +115,12 @@ if (is_array($dns_cluster)) {
     }
 }
 
+// List smtp relay settings
+if (!empty($_SESSION['SMTP_RELAY'])) $v_smtp_relay = $_SESSION['SMTP_RELAY'];
+if (!empty($_SESSION['SMTP_RELAY_HOST'])) $v_smtp_relay_host = $_SESSION['SMTP_RELAY_HOST'];
+if (!empty($_SESSION['SMTP_RELAY_PORT'])) $v_smtp_relay_port = $_SESSION['SMTP_RELAY_PORT'];
+if (!empty($_SESSION['SMTP_RELAY_USER'])) $v_smtp_relay_user = $_SESSION['SMTP_RELAY_USER'];
+
 // List Database hosts
 exec (HESTIA_CMD."v-list-database-hosts json", $output, $return_var);
 $db_hosts = json_decode(implode('', $output), true);
@@ -360,6 +366,40 @@ if (!empty($_POST['save'])) {
         }
     }
 
+    // Update system wide smtp relay
+    if (empty($_SESSION['error_msg'])) {
+        if (isset($_POST['v_smtp_relay']) && (!empty($_POST['v_smtp_relay_host'])) && (!empty($_POST['v_smtp_relay_user']))) {
+            if (($_POST['v_smtp_relay_host'] != $v_smtp_relay_host) ||
+                ($_POST['v_smtp_relay_user'] != $v_smtp_relay_user) ||
+                ($_POST['v_smtp_relay_port'] != $v_smtp_relay_port) ||
+                (!empty($_POST['v_smtp_relay_pass']))) {
+                if (!empty($_POST['v_smtp_relay_pass'])) {               
+                    $v_smtp_relay = true;	
+                    $v_smtp_relay_host = escapeshellarg($_POST['v_smtp_relay_host']);
+                    $v_smtp_relay_user = escapeshellarg($_POST['v_smtp_relay_user']);
+                    $v_smtp_relay_pass = escapeshellarg($_POST['v_smtp_relay_pass']);
+                    if (!empty($_POST['v_smtp_relay_port'])) {
+                        $v_smtp_relay_port = escapeshellarg($_POST['v_smtp_relay_port']);
+                    } else {
+                        $v_smtp_relay_port = '587';
+                    }
+                    exec (HESTIA_CMD."v-add-sys-smtp-relay ".$v_smtp_relay_host." ".$v_smtp_relay_user." ".$v_smtp_relay_pass." ".$v_smtp_relay_port, $output, $return_var);
+                    check_return_code($return_var,$output);
+                    unset($output);
+                } else {
+                    $_SESSION['error_msg'] = _('SMTP Relay Password is required');
+                }
+            }
+        }
+        if ((!isset($_POST['v_smtp_relay'])) && ($v_smtp_relay == true)) {
+            $v_smtp_relay = false;
+            $v_smtp_relay_host = $v_smtp_relay_user = $v_smtp_relay_pass = $v_smtp_relay_port = '';
+            exec (HESTIA_CMD."v-delete-sys-smtp-relay", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+        }
+    }
+
     // Update phpMyAdmin url
     if (empty($_SESSION['error_msg'])) {
         if ($_POST['v_mysql_url'] != $_SESSION['DB_PMA_ALIAS']) {

web/templates/admin/add_mail.html

@@ -98,6 +98,65 @@
                                     <label><input type="checkbox" size="20" class="vst-checkbox" name="v_dkim" <?php if (isset($v_dkim)&&$v_dkim == 'yes') echo "checked=yes"; ?>> <?php print _('DKIM Support');?></label>
                                 </td>
                             </tr>
+                            <tr>
+                                <td class="vst-text step-top">
+                                    <label>
+                                        <input type="checkbox" size="20" class="vst-checkbox" name="v_smtp_relay" <?php if ($v_smtp_relay == 'true') echo "checked=yes"; ?> onclick="javascript:elementHideShow('smtp_relay_table');">
+                                        <?php print _('SMTP Relay');?>
+                                    </label>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="step-left">
+                                    <table style="display:<?php if ($v_smtp_relay == 'true'){echo 'block';} else {echo 'none';} ?>;" id="smtp_relay_table">
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Host');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_host" value="<?=htmlentities(trim($v_smtp_relay_host, "'"))?>">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Port');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_port" value="<?=htmlentities(trim($v_smtp_relay_port, "'"))?>">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Username');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_user" value="<?=htmlentities(trim($v_smtp_relay_user, "'"))?>">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Password');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_pass">
+                                            </td>
+                                        </tr>
+                                    </table>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td>
+                                    <br>
+                                </td>
+                            </tr>
                         </table>
                         <table class="data-col2"></table>
                     </td>

web/templates/admin/edit_mail.html

@@ -230,9 +230,68 @@
                                                 </td>
                                             </tr>
                                         <? } // if ssl is enabled ?>
+				                    </table>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="vst-text step-top">
+                                    <label>
+                                        <input type="checkbox" size="20" class="vst-checkbox" name="v_smtp_relay" <?php if ($v_smtp_relay == 'true') echo "checked=yes"; ?> onclick="javascript:elementHideShow('smtp_relay_table');">
+                                        <?php print _('SMTP Relay');?>
+                                    </label>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="step-left">
+                                    <table style="display:<?php if ($v_smtp_relay == 'true') {echo 'block';} else {echo 'none';} ?>;" id="smtp_relay_table">
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Host');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_host" value="<?=htmlentities(trim($v_smtp_relay_host, "'"))?>">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Port');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_port" value="<?=htmlentities(trim($v_smtp_relay_port, "'"))?>">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Username');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_user" value="<?=htmlentities(trim($v_smtp_relay_user, "'"))?>">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td class="input-label vst-text">
+                                                <?php print _('Password');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input type="text" size="20" class="vst-input" name="v_smtp_relay_pass">
+                                            </td>
+                                        </tr>
                                     </table>
                                 </td>
                             </tr>
+                            <tr>
+                                <td>
+                                    <br>
+                                </td>
+                            </tr>
                         </table>
                         <table class="data-col2"></table>
                     </td>

web/templates/admin/edit_server.html

@@ -422,6 +422,65 @@
                                                 <br><br>
                                             </td>
                                         </tr>
+					<tr>
+                                            <td class="vst-text step-top">
+						<label>
+						    <input type="checkbox" size="20" class="vst-checkbox" name="v_smtp_relay" <?php if ($v_smtp_relay == 'true') echo "checked=yes"; ?> onclick="javascript:elementHideShow('smtp_relay_table');">
+						    <?php print _('Global SMTP Relay');?>
+						</label>
+					    </td>
+					</tr>
+					<tr>
+					    <td class="step-left">
+					        <table style="display:<?php if ($v_smtp_relay == 'true') {echo 'block';} else {echo 'none';} ?>;" id="smtp_relay_table">
+						    <tr>
+						        <td class="input-label vst-text">
+							    <?php print _('Host');?>
+							</td>
+						    </tr>
+						    <tr>
+							<td>
+							    <input type="text" size="20" class="vst-input" name="v_smtp_relay_host" value="<?=htmlentities(trim($v_smtp_relay_host, "'"))?>">
+							</td>
+						    </tr>
+						    <tr>
+                                                        <td class="input-label vst-text">
+                                                            <?php print _('Port');?>
+                                                        </td>
+                                                    </tr>
+                                                    <tr>
+                                                        <td>
+                                                            <input type="text" size="20" class="vst-input" name="v_smtp_relay_port" value="<?=htmlentities(trim($v_smtp_relay_port, "'"))?>">
+                                                        </td>
+                                                    </tr>
+						    <tr>
+                                                        <td class="input-label vst-text">
+                                                            <?php print _('Username');?>
+                                                        </td>
+                                                    </tr>
+                                                    <tr>
+                                                        <td>
+                                                            <input type="text" size="20" class="vst-input" name="v_smtp_relay_user" value="<?=htmlentities(trim($v_smtp_relay_user, "'"))?>">
+                                                        </td>
+                                                    </tr>
+						    <tr>
+                                                        <td class="input-label vst-text">
+                                                            <?php print _('Password');?>
+                                                        </td>
+                                                    </tr>
+                                                    <tr>
+                                                        <td>
+                                                            <input type="text" size="20" class="vst-input" name="v_smtp_relay_pass">
+                                                        </td>
+                                                    </tr>
+						</table>
+					    </td>
+					</tr>
+					<tr>
+					    <td>
+						<br>
+					    </td>
+					</tr>
 
                                     </table>
                                 </td>