diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 44d85a4..1461196 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -13,7 +13,7 @@ variables:
 
 include:
   - project: nofusscomputing/projects/gitlab-ci
-    ref: ce1cc017e26ff7f6cee586cc7d98e4d292275672
+    ref: 36ce0b0b76e6769c7a2e0d4ea0f3fcd2cc2d6bb1
     file:
       - conventional_commits/.gitlab-ci.yml
       - validation/.gitlab-ci.yml
@@ -27,12 +27,90 @@ Markdown Linting:
   extends:
     - .Lint_Markdown
 
+Docker Container:
+  stage: build
+  image: docker:latest
+  services:
+    - docker:19.03.12-dind
+  before_script:
+    - docker info
+#    - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD 
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - apk update
+    - apk add --update --no-cache python3 git && ln -sf python3 /usr/bin/python
+    - python3 -m ensurepip
+    - pip3 install -r gitlab-ci/gitlab_release/requirements.txt
+    - pip3 install gitlab-ci/gitlab_release/python-module/cz_nfc/.
+  script:  |
+    docker build . \
+      --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
+      --label org.opencontainers.image.documentation="$CI_PROJECT_URL/pages" \
+      --label org.opencontainers.image.source="$CI_PROJECT_URL" \
+      --label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/v$(cz -n cz_nfc version --project)" \
+      --label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
+      --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
+    --no-cache \
+    --tag $CI_REGISTRY_IMAGE/docker-mail:$CI_COMMIT_SHA;
+
+    docker image inspect $CI_REGISTRY_IMAGE/docker-mail:$CI_COMMIT_SHA;
+
+    docker push $CI_REGISTRY_IMAGE/docker-mail:$CI_COMMIT_SHA;
+
+#  after_script:
+#    - docker push $CI_REGISTRY_IMAGE/docker-mail:$CI_COMMIT_SHA
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    - if: $CI_COMMIT_TAG
+      when: on_success
+    - if: '$CI_COMMIT_BRANCH != "master"'
+      when: manual
+    - when: never
+
 
 Gitlab Release:
     extends:
         - .gitlab_release
 
 
+Docker Hub:
+  stage: publish
+  image: docker:latest
+  services:
+    - docker:19.03.12-dind
+  before_script:
+    - export
+    - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
+    - docker pull $CI_REGISTRY_IMAGE/docker-mail:$CI_COMMIT_SHA
+    - docker logout $CI_REGISTRY
+  script:
+#    - Release_TAG=$(cat $CI_PROJECT_DIR/dist/version)
+    - docker login docker.io -u $NFC_DOCKERHUB_USERNAME -p $NFC_DOCKERHUB_TOKEN
+#    - if [ "m$(echo $CI_BUILD_REF_NAME | grep rc)" == "m$CI_BUILD_REF_NAME" ]; then Branch_TAG=dev; else Branch_TAG=stable; fi
+    - echo Branch tag is $Branch_TAG
+    - docker image ls
+    - docker image tag $CI_REGISTRY_IMAGE/docker-mail:$CI_COMMIT_SHA nofusscomputing/docker-mail:$CI_COMMIT_TAG
+    - docker image ls
+    - docker push nofusscomputing/docker-mail:$CI_COMMIT_TAG
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: on_success
+    - if: $CI_MERGE_REQUEST_IID
+      when: never
+    - if: '$CI_COMMIT_BRANCH'
+      when: never
+  needs: [ "Docker Container" ]
+  environment:
+    name: DockerHub
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    - if: $CI_COMMIT_TAG
+      when: on_success
+    - when: never
+
+
+
 Github (Push --mirror):
     variables:
         GIT_SYNC_URL: "https://$GITHUB_USERNAME_ROBOT:$GITHUB_TOKEN_ROBOT@github.com/NoFussComputing/docker-mail.git"
diff --git a/.gitmodules b/.gitmodules
index 2930454..cc4d8a5 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,4 +1,4 @@
 [submodule "gitlab-ci"]
 	path = gitlab-ci
 	url = https://gitlab.com/nofusscomputing/projects/gitlab-ci.git
-	branch = master
+	branch = development
diff --git a/.markdownlint.json b/.markdownlint.json
new file mode 100644
index 0000000..8bf5eb3
--- /dev/null
+++ b/.markdownlint.json
@@ -0,0 +1,19 @@
+{
+  "line-length": false,
+  "MD007": {
+    "indent": 4
+  },
+  "MD033": {
+    "allowed_elements": [ "div", "s", "span", "u", "p", "br" ]
+  },
+  "blanks-around-headings":{
+    "lines_above": 2,
+    "lines_below": 1
+  },
+  "MD012": { 
+    "maximum": 2
+  }, 
+  "comment": {
+    "MD012": "MD012 max=2 added so that headings can have two lines above for clarity."
+  }
+}
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
new file mode 100644
index 0000000..6b2be52
--- /dev/null
+++ b/.vscode/extensions.json
@@ -0,0 +1,7 @@
+{
+    "recommendations": [
+        "davidanson.vscode-markdownlint",
+        "gitlab.gitlab-workflow",
+        "ms-azuretools.vscode-docker"
+    ]
+  }
\ No newline at end of file
diff --git a/README.md b/README.md
index 69922d5..24acb17 100644
--- a/README.md
+++ b/README.md
@@ -1,13 +1,11 @@
-# README.md
-
-
 <div align="center" width="100%">
 
+
 # No Fuss Computing - Docker Mail Server
 
 <br>
 
-![Project Status - Active](https://img.shields.io/badge/Project%20Status-Active-green?logo=gitlab&style=plastic) 
+![Project Status - Active](https://img.shields.io/badge/Project%20Status-Active-green?logo=gitlab&style=plastic)
 
 <br>
 
@@ -22,13 +20,13 @@ This project is hosted on [Gitlab](https://gitlab.com/nofusscomputing/projects/d
 
 ----
 
-**Stable Branch**
+.**Stable Branch**
 
-![Gitlab build status - stable](https://img.shields.io/badge/dynamic/json?color=ff782e&label=Build&query=0.status&url=https%3A%2F%2Fgitlab.com%2Fapi%2Fv4%2Fprojects%2F33611657%2Fpipelines%3Fref%3Dmaster&logo=gitlab&style=plastic) ![branch release version](https://img.shields.io/badge/dynamic/yaml?color=ff782e&logo=gitlab&style=plastic&label=Release&query=%24.commitizen.version&url=https%3A%2F%2Fgitlab.com%2Fnofusscomputing%2Fprojects%2Fdocker-mail%2F-%2Fraw%2Fmaster%2F.cz.yaml) 
+![Gitlab build status - stable](https://img.shields.io/badge/dynamic/json?color=ff782e&label=Build&query=0.status&url=https%3A%2F%2Fgitlab.com%2Fapi%2Fv4%2Fprojects%2F33611657%2Fpipelines%3Fref%3Dmaster&logo=gitlab&style=plastic) ![branch release version](https://img.shields.io/badge/dynamic/yaml?color=ff782e&logo=gitlab&style=plastic&label=Release&query=%24.commitizen.version&url=https%3A%2F%2Fgitlab.com%2Fnofusscomputing%2Fprojects%2Fdocker-mail%2F-%2Fraw%2Fmaster%2F.cz.yaml)
 
 ----
 
-**Development Branch** 
+.**Development Branch**
 
 ![Gitlab build status - development](https://img.shields.io/badge/dynamic/json?color=ff782e&label=Build&query=0.status&url=https%3A%2F%2Fgitlab.com%2Fapi%2Fv4%2Fprojects%2F33611657%2Fpipelines%3Fref%3Ddevelopment&logo=gitlab&style=plastic) ![branch release version](https://img.shields.io/badge/dynamic/yaml?color=ff782e&logo=gitlab&style=plastic&label=Release&query=%24.commitizen.version&url=https%3A%2F%2Fgitlab.com%2Fnofusscomputing%2Fprojects%2Fdocker-mail%2F-%2Fraw%2Fdevelopment%2F.cz.yaml)
 
@@ -45,3 +43,66 @@ links:
 - [Merge Requests (Pull Requests)](https://gitlab.com/nofusscomputing/projects/docker-mail/-/merge_requests)
 
 
+## Features
+
+This docker container is intended to be a fully fledged E-Mail Server. Dovecot acts as the IMAP Server and Local Delivery agent. Postfix is intended to be the MTA utilising Dovecot's LMTP service for local delivery. User management is via LDAP and a working directory server is required to use this image.
+
+
+- Mail Server - _Dovecot_
+
+    - IMAP Server on tcp/993
+
+    - Acts as Local Delivery Agent (LDA) via LMTP
+
+    - Group E-Mail Boxes
+
+    - Mail Aliasing. _(User can have multiple E-Mail Addresses)_
+
+    - Ability to Share Mailboxes
+
+    - redirection of spam to Spam folder
+
+    - manage sieve server
+
+    - New user welcome email
+
+
+- SMTP Server _Postfix_
+
+    - Acts as Mail Transfer Agent (MTA)
+
+    - filters file extensions
+
+    - [Remove/cleans headers](https://gitlab.com/nofusscomputing/projects/docker-mail/-/blob/master/include/etc/postfix/header_checks_privacy) that contain potentially sensitive information
+
+    - Spam filtering
+
+
+- General Features:
+
+    - Automatic Backups of container data
+
+    - rotation of old logs
+
+    - All Data exposed as separate docker volumes so you don't loose data
+
+
+## Using this container
+
+Currently this container is **not ready for production.**
+
+
+### Useful Commands
+
+Share a Mailbox
+
+``` bash
+doveadm acl add -u {user_name_sharing} INBOX user={user to share with} lookup read write write-seen write-deleted insert post expunge create delete admin
+
+```
+
+or you can use the provided helper script `group-mailbox.sh {user_name_sharing} {user to share with}`. This command will share the all of the default folders _Archives, Drafts, Inbox, Sent, Spam and Trash_.
+
+| :alert: NOTE!! |
+|:----|
+| `{user_name_sharing}` must be specified as a full E-Mail address. <br> `{user to share with}` must be specified as the user name only (without the `@domainname.tld`)|
diff --git a/dockerfile b/dockerfile
new file mode 100644
index 0000000..beb59af
--- /dev/null
+++ b/dockerfile
@@ -0,0 +1,197 @@
+FROM debian:bullseye-slim
+
+
+LABEL \
+  #org.opencontainers.image.created="" \ # set during build with $(date --rfc-3339=seconds) \
+  org.opencontainers.image.authors="No Fuss Computing" \ 
+  #org.opencontainers.image.url="" # $CI_PROJECT_URL/-/releases/$CI_COMMIT_TAG set during build from url\
+  #org.opencontainers.image.documentation="" # $CI_PROJECT_URL/pages Set URL during build \
+  #org.opencontainers.image.source="" # $CI_PROJECT_URL Set URL during build \
+  #org.opencontainers.image.version="" \ # $(cz -n cz_nfc version --project) ) Set during build from .cz.yml
+  #org.opencontainers.image.revision="" # $CI_COMMIT_SHA set during build from git commit \
+  org.opencontainers.image.vendor="No Fuss Computing" \
+    #License(s) under which contained software is distributed as an SPDX License Expression.
+  org.opencontainers.image.licenses="" \
+  org.opencontainers.image.title="No Fuss Computings docker mail server" \
+  org.opencontainers.image.description="A Complete mailserver in a container"
+
+
+
+# Install dependencies
+RUN apt update && DEBIAN_FRONTEND=noninteractive apt -y --no-install-recommends install \
+      curl \
+      gpg \ 
+      gpg-agent \ 
+      apt-transport-https \
+      ca-certificates \
+      supervisor
+
+RUN curl https://repo.dovecot.org/DOVECOT-REPO-GPG | gpg --import && \
+    gpg --export ED409DA1 > /etc/apt/trusted.gpg.d/dovecot.gpg
+
+RUN echo "deb https://repo.dovecot.org/ce-2.3-latest/debian/bullseye bullseye main" > /etc/apt/sources.list.d/dovecot.list
+
+RUN apt update && DEBIAN_FRONTEND=noninteractive apt -y --no-install-recommends install \
+        # System Apps
+      cron \
+      rsyslog \
+      logrotate \
+        # Dovecot
+      dovecot-core=2:2.3.18-4+debian11 \
+      dovecot-imapd=2:2.3.18-4+debian11 \
+      dovecot-lmtpd=2:2.3.18-4+debian11 \
+      dovecot-ldap=2:2.3.18-4+debian11 \
+      dovecot-sieve=2:2.3.18-4+debian11 \
+      dovecot-managesieved=2:2.3.18-4+debian11 \
+        # Postfix
+      postfix=3.5.6-1+b1 \
+      postfix-ldap=3.5.6-1+b1 \
+      libsasl2-modules \
+      sasl2-bin \
+        # Amavis
+      amavisd-new=1:2.11.1-5 \
+      spamassassin=3.4.6-1 \
+      spamc=3.4.6-1 \
+        # Amavis decoders
+      arj bzip2 cabextract cpio file gzip nomarch pax unzip zip xzdec lrzip lzop rpm2cpio unrar-free p7zip-full lz4 \
+#      clamav=0.103.5+dfsg-0+deb11u1 \
+#      clamav-daemon=0.103.5+dfsg-0+deb11u1 \
+      libmailtools-perl=2.21-1 \
+      fam=2.7.0-17.3 \
+      libnet-dns-perl=1.29-1 \
+        # Fetchmail
+      fetchmail=6.4.16-4+deb11u1 \
+        # Perl Modules for fetchmail.pl
+        # DBI
+      libdbix-easy-perl \
+        # LockFile::Simple
+      liblockfile-simple-perl \
+        # DBD::mysql
+      libclass-dbi-mysql-perl \
+        # Sys::Syslog
+      liblogger-syslog-perl \
+        # LockFile::Simple
+      libio-lockedfile-perl
+
+
+# Cleanup, remove cron jobs not required
+RUN rm -f /etc/cron.d/e2scrub_all \
+    && rm -f /etc/cron.daily/apt-compat \
+    && rm -f /etc/cron.daily/dpkg
+
+
+COPY include/ /
+
+RUN chmod +x /docker-entrypoint.sh \
+      # Create vmail user for system
+    && groupadd -g 5000 vmail \
+    && useradd -g vmail -u 5000 vmail -d /var/vmail \
+      # Ensure Backup directory is created
+    && mkdir /backup \
+    && chown root:root /backup \
+    && chmod 700 /backup \
+      # create SSL directory for ssl certificates
+    && mkdir -p /ssl \
+      # Ensure scripts are executable
+    && chmod +x /bin/backup.sh \
+      # Dovecot related commands
+    && mkdir -p /srv/mail \ 
+    && chown vmail:vmail /srv/mail \
+    && chmod 765 -R /srv/mail \
+    && mkdir -p /ssl/dovecot \
+    && chown dovecot:dovecot -R /etc/dovecot/ \
+    && chgrp postfix -R /etc/dovecot/sieve/ \
+    && chmod 0755 -R /etc/dovecot/sieve/ \
+      # ensure dovecot related scripts are executable
+    && chmod +x /bin/quota-warning.sh \
+    && chmod +x /bin/welcome-email.sh \
+    && chmod +x /bin/group-mailbox.sh \
+    && chmod 744 /etc/dovecot/dovecot-acl \
+      # Postfix related commands
+    && usermod -a -G vmail postfix \
+    && mkdir -p /ssl/postfix \
+    && ln -s /etc/dovecot/dovecot-ldap.conf.ext /etc/dovecot/dovecot-ldap-userdb.conf.ext \
+      # ensure postfix related scripts are executable
+    && chmod +x /bin/postfix.sh \
+      # check if needed
+    && mkdir -p /var/spool/postfix/private/dovecot \
+    && chown postfix:postfix /var/spool/postfix/private/dovecot \
+    && chown vmail:vmail /var/lib/dovecot \
+      # Spammassassin related Commands
+    && mkdir -p /var/spool/spamassassin \
+    && chmod 777 /var/spool/spamassassin \
+      # Ensure spamassassin related scripts are executable
+    && chmod +x /bin/spam-learn.sh \
+       # fetchmail.pl setup
+    && curl -o /bin/fetchmail.pl https://raw.githubusercontent.com/postfixadmin/postfixadmin/8f20c96278a694a7e0bb570f1d56c208105e5a14/ADDITIONS/fetchmail.pl \
+    && chmod +x /bin/fetchmail.pl \
+    && mkdir -p /var/run/fetchmail \
+    && mkdir -p /var/lock/fetchmail
+        
+
+# Setup data volumes
+VOLUME /srv/mail /ssl /var/spool/spamassassin /backup /var/log
+
+# Configure postfix
+RUN postconf -e "maillog_file=/var/log/postfix.log" \
+  # Postfix to use dovecot LMTP
+  && postconf -e "virtual_transport=lmtp:unix:private/lda" \
+  #       # Only allow a user to send from email address' they own
+  #    && postconf -e "smtpd_sender_login_maps=ldap:/etc/postfix/ldap/smtpd_sender_login_maps" \
+  # Only allow specified domains for usage
+  && postconf -e "virtual_mailbox_domains=ldap:/etc/postfix/ldap/virtual_email_domains" \
+  # postfix user mapping 
+  && postconf -e "virtual_alias_maps=ldap:/etc/postfix/ldap/virtual_alias_maps" \
+  # by default encryption is optional
+  && postconf -e "smtpd_tls_security_level=may" \
+  # log outbound tls connection information
+  && postconf -e "smtpd_tls_loglevel=1" \
+  # try tls connection outbound
+  && postconf -e "smtp_tls_security_level=may" \
+  # log inbound tls connection information
+  && postconf -e "smtp_tls_loglevel=1" \
+  # Only authenticate over tls
+  && postconf -e "smtpd_tls_auth_only=yes" \
+  # all smtpd actions need to be filtered
+  && postconf -e "content_filter=amavis:[127.0.0.1]:10024" \
+  # not give away os, set clean banner
+  && postconf -e "smtpd_banner=$myhostname ESMTP " \
+  # Dont give away that postfix is used
+  && postconf -e "mail_name=server" \
+  # create privacy header check db
+  && postmap /etc/postfix/header_checks_privacy \
+  # create clean header check db
+  && postmap /etc/postfix/header_checks_outbound \
+  # Clean outbound headers
+  && postconf -e "smtp_header_checks=regexp:/etc/postfix/header_checks_outbound" \
+  # Add To, From, Date and Message-id headers if missing
+  && postconf -e "always_add_missing_headers=yes" \
+  # Only add missing headers for authenticated users (mail users) and my networks and mail orginating from localhost
+  && postconf -e "local_header_rewrite_clients=permit_sasl_authenticated,permit_mynetworks,permit_inet_interfaces" \
+  # check quota before delivery
+  && postconf -e "smtpd_recipient_restrictions=check_policy_service=inet:localhost:12340" \
+  # set tls settings
+  && postconf -e "smtpd_tls_cert_file=/ssl/postfix/cert.pem" \
+  && postconf -e "smtpd_tls_key_file=/ssl/postfix/key.pem" \
+  && postconf -e "smtpd_helo_required = yes" \
+  && postconf -e "smtpd_delay_reject = yes" \
+  && postconf -e "disable_vrfy_command = yes" \
+  # use secure protocols and cyphers
+  && postconf -e "smtpd_tls_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1" \
+  && postconf -e "smtp_tls_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1" \
+  && postconf -e "smtpd_tls_mandatory_ciphers=high" \
+  && postconf -e "smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1"
+    
+EXPOSE 25 587 993 4190
+
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
+
+
+# testing software
+RUN apt update && DEBIAN_FRONTEND=noninteractive apt -y --no-install-recommends install \
+      procps \
+      vim \
+      iputils-ping \
+      python3-ldap
+#    && freshclam
diff --git a/gitlab-ci b/gitlab-ci
index ce1cc01..36ce0b0 160000
--- a/gitlab-ci
+++ b/gitlab-ci
@@ -1 +1 @@
-Subproject commit ce1cc017e26ff7f6cee586cc7d98e4d292275672
+Subproject commit 36ce0b0b76e6769c7a2e0d4ea0f3fcd2cc2d6bb1
diff --git a/include/bin/backup.sh b/include/bin/backup.sh
new file mode 100644
index 0000000..fecd9db
--- /dev/null
+++ b/include/bin/backup.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+set -e
+
+backup_version=1.0
+back_file_name="mail_server-$backup_version-$(date +%Y-%m-%d-%H%M-%Z).tar.gz"
+
+start=$(date '+%s')
+
+includes=(/srv/mail)
+includes+=(/ssl)
+includes+=(/var/spool/spamassassin)
+includes+=(/var/log)
+includes+=(/var/lib/amavis)
+
+
+backup_command="tar -czpvf $back_file_name ${includes[@]}"
+
+cd /tmp
+
+echo "$backup_command"
+
+if ! $backup_command; then
+  status="tar failed"
+elif ! mv "/tmp/$back_file_name" /backup/ ; then
+  status="mv failed"
+else
+  status="success: version=$backup_version size=$(stat -c%s /backup/$back_file_name) duration=$((`date '+%s'` - $start)) command='$backup_command'"
+fi
+
+
+logger -t backup "$status"
+
+
+if [ "0$POST_MASTER_EMAIL" != "0" ]; then
+
+cat << EOF | /usr/lib/dovecot/dovecot-lda -d "${POST_MASTER_EMAIL}" -o "plugin/quota=maildir:User quota:noenforcing"
+Auto-Submitted: auto-generated
+Date: $(date +'%a, %-d %b %Y %H:%M:%S %z')
+To: ${POST_MASTER_EMAIL}
+From: Mail Server <NO-REPLY@$(hostname -f)>
+Subject: Backup $(date +%Y-%m-%d-%H:%M-%Z)
+
+Server backups have occured on $(hostname -f)
+
+Summary:
+
+    $status
+
+EOF
+
+fi
+
diff --git a/include/bin/group-mailbox.sh b/include/bin/group-mailbox.sh
new file mode 100644
index 0000000..88eccaa
--- /dev/null
+++ b/include/bin/group-mailbox.sh
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+MAILBOX_USER=$1
+USER_LOGIN_NAME=$2
+
+if [ "0$MAILBOX_USER" = "0" ]; then 
+
+echo " You must specify a mailbox to share";
+
+elif [ "0$USER_LOGIN_NAME" = "0" ]; then
+
+echo " You must specify a user the mailbox is to be shared with";
+
+else
+
+
+doveadm acl add -u $MAILBOX_USER Inbox user=$USER_LOGIN_NAME lookup read write write-seen write-deleted insert post expunge create delete
+doveadm acl add -u $MAILBOX_USER Archive user=$USER_LOGIN_NAME lookup read write write-seen write-deleted insert post expunge create delete
+doveadm acl add -u $MAILBOX_USER Drafts user=$USER_LOGIN_NAME lookup read write write-seen write-deleted insert post expunge create delete
+doveadm acl add -u $MAILBOX_USER Sent user=$USER_LOGIN_NAME lookup read write write-seen write-deleted insert post expunge create delete
+doveadm acl add -u $MAILBOX_USER Spam user=$USER_LOGIN_NAME lookup read write write-seen write-deleted insert post expunge create delete
+
+cat << EOF | /usr/lib/dovecot/dovecot-lda -d ${$USER_LOGIN_NAME} -o "plugin/quota=maildir:User quota:noenforcing"
+Auto-Submitted: auto-generated
+Date: $(date +'%a, %-d %b %Y %H:%M:%S %z')
+From: Postmaster <NO-REPLY@$(hostname -f)>
+Subject: New Shared Mailbox ($MAILBOX_USER)
+
+Hi,
+
+Just letting you known that mailbox $MAILBOX_USER, has been shared with you.
+
+You have visibility of the following folders
+
+- Inbox
+- Archive
+- Drafts
+- Sent
+- Spam
+
+EOF
+
+
+fi
+
diff --git a/include/bin/postfix.sh b/include/bin/postfix.sh
new file mode 100644
index 0000000..a717ed2
--- /dev/null
+++ b/include/bin/postfix.sh
@@ -0,0 +1,14 @@
+#! /bin/bash
+
+trap "service postfix stop" SIGINT
+trap "service postfix stop" SIGTERM
+trap "service postfix reload" SIGHUP
+
+service postfix start
+
+# wait until postfix is dead (triggered by trap)
+while kill -0 "$(< /var/spool/postfix/pid/master.pid)"
+do
+  sleep 5
+done
+
diff --git a/include/bin/quota-warning.sh b/include/bin/quota-warning.sh
new file mode 100644
index 0000000..bb524d8
--- /dev/null
+++ b/include/bin/quota-warning.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+PERCENT=$1
+USER=$2
+
+cat << EOF | /usr/lib/dovecot/dovecot-lda -d $USER -o "plugin/quota=maildir:User quota:noenforcing"
+Auto-Submitted: auto-generated
+Date: $(date +'%a, %-d %b %Y %H:%M:%S %z')
+From: Postmaster <NO-REPLY@$(hostname -f)>
+Subject: Mailbox Quota Warning
+
+Hi,
+
+Just wanted to let you know that Your mailbox is now $PERCENT% full.
+
+Note: This is an automated message. Please do not respond to it.
+
+TIP: 
+
+EOF
diff --git a/include/bin/spam-learn.sh b/include/bin/spam-learn.sh
new file mode 100644
index 0000000..a8f194a
--- /dev/null
+++ b/include/bin/spam-learn.sh
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+set -e
+
+start=$(date '+%s')
+
+POSTMASTER="${1}"
+
+# for testing script
+#POSTMASTER=postmaster@example.org
+
+HAM_REPORT=''
+
+SPAM_REPORT=''
+
+for i in /srv/mail/* ; do
+  if [ -d "$i" ]; then
+
+    HAM_REPORT=$(printf "$HAM_REPORT\n\nMailbox: $i\n    $(sa-learn --ham --showdots --no-sync $i/mail/cur)\n")
+
+    SPAM_REPORT=$(printf "$SPAM_REPORT\n\nMailbox: $i\n    $(sa-learn --spam --showdots --no-sync $i/mail/Spam/cur)\n")
+
+  fi
+done
+
+
+if [ "0$POST_MASTER_EMAIL" != "0" ]; then
+
+cat << EOF | /usr/lib/dovecot/dovecot-lda -d "${POST_MASTER_EMAIL}" -o "plugin/quota=maildir:User quota:noenforcing"
+Auto-Submitted: auto-generated
+Date: $(date +'%a, %-d %b %Y %H:%M:%S %z')
+To: ${POST_MASTER_EMAIL}
+From: Mail Server <NO-REPLY@$(hostname -f)>
+Subject: Spam Learning Report $(date +%Y-%m-%d-%H:%M-%Z)
+
+Command: /bin/spam-learn.sh
+
+Scan duration: $((`date '+%s'` - $start))
+
+
+****************** Ham Scan ******************
+$HAM_REPORT
+
+
+
+****************** Spam Scan ******************
+
+$SPAM_REPORT
+
+EOF
+
+fi
diff --git a/include/bin/welcome-email.sh b/include/bin/welcome-email.sh
new file mode 100644
index 0000000..3e5d402
--- /dev/null
+++ b/include/bin/welcome-email.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+USER=$1
+
+cat << EOF | /usr/lib/dovecot/dovecot-lda -d ${USER} -o "plugin/quota=maildir:User quota:noenforcing"
+Auto-Submitted: auto-generated
+Date: $(date +'%a, %-d %b %Y %H:%M:%S %z')
+From: Postmaster <NO-REPLY@$(hostname -f)>
+Subject: New User Welcome
+
+Hi,
+
+This E-Mail has been sent to inform you of some of the ins and outs of this E-Mail server.
+
+Features available to you:
+- IMAP Sieve
+- Spam automatically sent to your spam folder
+- Ability to share your E-mail folders with other users
+
+
+Quota
+=====
+Your mailbox has a set quota that should be visible in your E-Mail client. A quota is the storage space that your E-Mails use. It is your responsability to keep you storage below your allocated quota, or you won't be able to send or receive E-Mails.
+
+
+Spam
+====
+Spam is defined as unwanted messages, which sometimes contains malicious software. It's advised if you receive a message you think is spam, don't open it. Move it to your spam folder. Any spam that we detect, will automatically delivered to your spam folder. If we miss a spam messages, as stated earlier, please move it to your spam folder.
+
+We have a learning bot that automagically uses your spam folder to learn why it is spam. After our AI learns, it will be better next time at catching the spam messages so you don't have to.
+
+$(if [ "0$POST_MASTER_EMAIL" != "0" ]; then echo "If you have any concerns, please email the postmaster ($POST_MASTER_EMAIL)."; fi )
+
+EOF
diff --git a/include/docker-entrypoint.sh b/include/docker-entrypoint.sh
new file mode 100644
index 0000000..0bb9ea0
--- /dev/null
+++ b/include/docker-entrypoint.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+
+set -e
+
+if [ "0$POST_MASTER_EMAIL" != "0" ]; then export MAILTO="$POST_MASTER_EMAIL"; fi
+
+# Populate this file so cron has access to env vars. thanks to https://stackoverflow.com/a/41938139
+printenv | grep -v "no_proxy" > /etc/environment
+
+
+if [ -f "/var/run/amavis/amavisd.pid" ]; then rm /var/run/amavis/amavisd.pid; fi
+
+
+if [ "$1" == "" ]; then
+
+    echo "Setup server type ($SERVERTYPE)"
+
+    echo "[Information] starting supervisor daemon"
+    /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
+
+    bash
+
+fi
+
+# compile sieve scripts
+for file in /etc/dovecot/sieve/*.sieve ; 
+do 
+
+  sievec $file; 
+
+done
+
+
+mkdir -p /var/lock/fetchmail
+
+if [ "$1" == "setup" ]; then
+
+
+postconf -e "myhostname = $(`echo hostname -f`)"
+
+
+    if [ ! -f /ssl/dovecot/key.pem ]; then
+
+        echo "[WARNING] Creating Self-signed TLS Cert. Consider using letsencrypt or another trusted CA"
+
+        openssl req  -nodes -new -x509 -keyout /ssl/dovecot/key.pem -out /ssl/dovecot/cert.pem -subj '/CN=localhost'
+
+    fi
+
+    if [ ! -f /ssl/dovecot/dh.pem ]; then
+
+        echo "[Information] Creating DHPEM Key"
+
+        openssl dhparam -out /ssl/dovecot/dh.pem 4096
+
+    fi
+
+
+    echo "[Information] Start dovecot"
+
+    supervisorctl start dovecot
+
+
+    sed -i -r -e 's/^manpage_directory/#manpage_directory/' /etc/postfix/main.cf.proto
+
+    sed -i -r -e 's/^\$manpage_directory/#$manpage_directory/' /etc/postfix/postfix-files
+
+    sed -i -r -e 's/^\$manpage_directory/#$manpage_directory/' /etc/postfix/postfix-files.d/*
+
+
+    if [ ! -f /ssl/postfix/key.pem ]; then
+
+        echo "[WARNING] Creating Self-signed TLS Cert. Consider using letsencrypt or another trusted CA"
+
+        openssl req  -nodes -new -x509 -keyout /ssl/postfix/key.pem -out /ssl/postfix/cert.pem -subj '/CN=localhost'
+
+    fi
+
+
+    echo "[Information] set postfix permissions"
+
+    postfix set-permissions create-missing
+
+    postmap /etc/postfix/header_checks_outbound
+
+    postmap /etc/postfix/header_checks_privacy
+
+    echo "[Information] start postfix"
+
+
+#    supervisorctl start amavis
+
+    supervisorctl start postfix
+
+
+else
+
+    exec "$@"
+
+fi
+
diff --git a/include/etc/amavis/conf.d/15-content_filter_mode b/include/etc/amavis/conf.d/15-content_filter_mode
new file mode 100644
index 0000000..1d5ffab
--- /dev/null
+++ b/include/etc/amavis/conf.d/15-content_filter_mode
@@ -0,0 +1,27 @@
+use strict;
+
+# You can modify this file to re-enable SPAM checking through spamassassin
+# and to re-enable antivirus checking.
+
+#
+# Default antivirus checking mode
+# Please note, that anti-virus checking is DISABLED by 
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+#@bypass_virus_checks_maps = (
+#   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
+
+
+#
+# Default SPAM checking mode
+# Please note, that anti-spam checking is DISABLED by 
+# default.
+# If You wish to enable it, please uncomment the following lines:
+
+
+@bypass_spam_checks_maps = (
+   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
+
+1;  # ensure a defined return
diff --git a/include/etc/amavis/conf.d/50-user b/include/etc/amavis/conf.d/50-user
new file mode 100644
index 0000000..3e008c0
--- /dev/null
+++ b/include/etc/amavis/conf.d/50-user
@@ -0,0 +1,39 @@
+use strict;
+
+#
+# Place your configuration directives here.  They will override those in
+# earlier files.
+#
+# See /usr/share/doc/amavisd-new/ for documentation and examples of
+# the directives you can use in this file
+#
+
+# Higher log level to get expected messages at startup
+$log_level = 2;
+
+$X_HEADER_LINE = "Virus Scanning product";
+
+$virus_admin = "postmaster";
+$banned_admin = "postmaster";
+
+$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
+$final_banned_destiny     = D_DISCARD;  
+$final_spam_destiny       = D_PASS;    
+$final_bad_header_destiny = D_PASS;
+
+$sa_spam_subject_tag = '';
+$sa_tag_level_deflt  = -999;  # add spam info headers if at, or above that level
+$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
+$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
+$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
+
+$spam_quarantine_to       = undef;
+
+# disable the "Received" headers to be added to the mail header
+$allowed_added_header_fields{lc('Received')} = 0;
+
+
+#------------ Do not modify anything below this line -------------
+1;  # ensure a defined return
+
+
diff --git a/include/etc/cron.d/container_backup b/include/etc/cron.d/container_backup
new file mode 100644
index 0000000..2134084
--- /dev/null
+++ b/include/etc/cron.d/container_backup
@@ -0,0 +1,6 @@
+#
+#  Backup the docker container 
+#
+# m h dom mon dow user  command
+01 0,3,6,9,12,15,18,21	* * *	root	/bin/backup.sh >/dev/null 2>&1
+
diff --git a/include/etc/cron.d/fetchmail b/include/etc/cron.d/fetchmail
new file mode 100644
index 0000000..a20d98a
--- /dev/null
+++ b/include/etc/cron.d/fetchmail
@@ -0,0 +1,6 @@
+#
+#  SpamAssassin Bayes learning from mailboxes 
+#
+# m h dom mon dow user  command
+#20,50 *	* * *	root	if [ "0$USE_FETCHMAIL_PL" != "0" ]; then /bin/fetchmail.pl 2>&1; fi
+
diff --git a/include/etc/cron.d/sa-learn b/include/etc/cron.d/sa-learn
new file mode 100644
index 0000000..8350dbf
--- /dev/null
+++ b/include/etc/cron.d/sa-learn
@@ -0,0 +1,6 @@
+#
+#  SpamAssassin Bayes learning from mailboxes 
+#
+# m h dom mon dow user  command
+30 0,3,6,9,12,15,18,21	* * *	root	/bin/spam-learn.sh >/dev/null 2>&1
+
diff --git a/include/etc/default/spamassassin b/include/etc/default/spamassassin
new file mode 100644
index 0000000..f648bf4
--- /dev/null
+++ b/include/etc/default/spamassassin
@@ -0,0 +1,2 @@
+OPTIONS="--create-prefs --max-children 5 --username debian-spamd --helper-home-dir /home/spamd/ -s /var/log/spamd.log"
+CRON=1
diff --git a/include/etc/dovecot/conf.d/10-auth.conf b/include/etc/dovecot/conf.d/10-auth.conf
new file mode 100644
index 0000000..0775dd9
--- /dev/null
+++ b/include/etc/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,31 @@
+##
+## Authentication processes
+##
+
+
+#auth_verbose = yes
+#auth_debug=yes
+
+
+#disable_plaintext_auth = yes
+
+#auth_mechanisms = plain login
+auth_mechanisms = plain
+
+mail_access_groups=vmail
+mail_uid=vmail
+mail_gid=vmail
+
+
+auth_username_format = %Lu
+
+userdb {
+    driver = ldap
+    args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
+}
+
+passdb {
+    driver = ldap
+    args = /etc/dovecot/dovecot-ldap.conf.ext
+}
+
diff --git a/include/etc/dovecot/conf.d/10-logging.conf b/include/etc/dovecot/conf.d/10-logging.conf
new file mode 100644
index 0000000..7d4d745
--- /dev/null
+++ b/include/etc/dovecot/conf.d/10-logging.conf
@@ -0,0 +1,95 @@
+##
+## Log destination.
+##
+
+log_path=/var/log/dovecot.log
+
+
+
+##
+## Logging verbosity and debugging.
+##
+
+# Log filter is a space-separated list conditions. If any of the conditions
+# match, the log filter matches (i.e. they're ORed together). Parenthesis
+# are supported if multiple conditions need to be matched together.
+#
+# See https://doc.dovecot.org/configuration_manual/event_filter/ for details.
+#
+# For example: event=http_request_* AND category=error AND category=storage
+#
+# Filter to specify what debug logging to enable. This will eventually replace
+# mail_debug and auth_debug settings.
+#log_debug = 
+
+# Crash after logging a matching event. For example category=error will crash
+# any time an error is logged, which can be useful for debugging.
+#log_core_filter = 
+
+# Log unsuccessful authentication attempts and the reasons why they failed.
+#auth_verbose = no
+
+# In case of password mismatches, log the attempted password. Valid values are
+# no, plain and sha1. sha1 can be useful for detecting brute force password
+# attempts vs. user simply trying the same password over and over again.
+# You can also truncate the value to n chars by appending ":n" (e.g. sha1:6).
+#auth_verbose_passwords = no
+
+# Even more verbose logging for debugging purposes. Shows for example SQL
+# queries.
+#auth_debug = no
+
+# In case of password mismatches, log the passwords and used scheme so the
+# problem can be debugged. Enabling this also enables auth_debug.
+#auth_debug_passwords = no
+
+# Enable mail process debugging. This can help you figure out why Dovecot
+# isn't finding your mails.
+#mail_debug = no
+
+# Show protocol level SSL errors.
+#verbose_ssl = no
+
+# mail_log plugin provides more event logging for mail processes.
+plugin {
+  # Events to log. Also available: flag_change append
+  #mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
+  # Available fields: uid, box, msgid, from, subject, size, vsize, flags
+  # size and vsize are available only for expunge and copy events.
+  #mail_log_fields = uid box msgid size
+}
+
+##
+## Log formatting.
+##
+
+# Prefix for each line written to log file. % codes are in strftime(3)
+# format.
+#log_timestamp = "%b %d %H:%M:%S "
+
+# Space-separated list of elements we want to log. The elements which have
+# a non-empty variable value are joined together to form a comma-separated
+# string.
+#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
+
+# Login log format. %s contains login_log_format_elements string, %$ contains
+# the data we want to log.
+#login_log_format = %$: %s
+ 
+# Log prefix for mail processes. See doc/wiki/Variables.txt for list of
+# possible variables you can use.
+#mail_log_prefix = "%s(%u)<%{pid}><%{session}>: "
+
+# Format to use for logging mail deliveries:
+#  %$ - Delivery status message (e.g. "saved to INBOX")
+#  %m / %{msgid} - Message-ID
+#  %s / %{subject} - Subject
+#  %f / %{from} - From address
+#  %p / %{size} - Physical size
+#  %w / %{vsize} - Virtual size
+#  %e / %{from_envelope} - MAIL FROM envelope
+#  %{to_envelope} - RCPT TO envelope
+#  %{delivery_time} - How many milliseconds it took to deliver the mail
+#  %{session_time} - How long LMTP session took, not including delivery_time
+#  %{storage_id} - Backend-specific ID for mail, e.g. Maildir filename
+#deliver_log_format = msgid=%m: %$
diff --git a/include/etc/dovecot/conf.d/10-mail.conf b/include/etc/dovecot/conf.d/10-mail.conf
new file mode 100644
index 0000000..c46f9f6
--- /dev/null
+++ b/include/etc/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,13 @@
+##
+## Mailbox locations and namespaces
+##
+
+mail_home = /srv/mail/%u
+mail_location = maildir:~/mail:LAYOUT=fs
+
+
+mailbox_list_index = yes
+
+mail_shared_explicit_inbox = yes
+
+
diff --git a/include/etc/dovecot/conf.d/10-master.conf b/include/etc/dovecot/conf.d/10-master.conf
new file mode 100644
index 0000000..154ea7b
--- /dev/null
+++ b/include/etc/dovecot/conf.d/10-master.conf
@@ -0,0 +1,79 @@
+##
+## Services
+##
+
+mail_plugins = $mail_plugins acl quota welcome
+
+service auth {
+
+    unix_listener /var/spool/postfix/private/dovecot/auth {
+        #mode = 0660
+        mode=0777
+        user = postfix
+        group = postfix
+    }
+
+    unix_listener auth-userdb {
+      mode=0777 
+    }
+}
+
+service imap {
+
+}
+
+
+service imap-login {
+    inet_listener imap {
+        port = 0
+    }
+    inet_listener imaps {
+        port = 993
+        ssl = yes
+    }
+    
+    service_count = 1
+    process_min_avail = 1
+}
+
+
+#service imap-postlogin {
+  # all post-login scripts are executed via script-login binary
+#  executable = script-login -d /etc/dovecot/acl_groups.py
+
+  # the script process runs as the user specified here (v2.0.14+):
+#  user = $default_internal_user
+  
+  # this UNIX socket listener must use the same name as given to imap executable
+#  unix_listener imap-postlogin {
+#  }
+#}
+
+
+service lmtp {
+  unix_listener /var/spool/postfix/private/lda {
+    group = postfix
+    mode = 0600
+    user = postfix
+  }
+}
+
+
+service pop3-login {
+  inet_listener pop3 {
+    #port = 110
+  }
+  inet_listener pop3s {
+    #port = 995
+    #ssl = yes
+  }
+}
+
+
+
+service submission-login {
+  inet_listener submission {
+    #port = 587
+  }
+}
+
diff --git a/include/etc/dovecot/conf.d/10-ssl.conf b/include/etc/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 0000000..072c442
--- /dev/null
+++ b/include/etc/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,17 @@
+##
+## SSL settings
+##
+
+
+#verbose_ssl = yes
+
+ssl = required
+
+ssl_prefer_server_ciphers = yes
+
+ssl_client_ca_dir = /etc/ssl/certs
+
+ssl_dh = </ssl/dovecot/dh.pem
+ssl_cert = </ssl/dovecot/cert.pem
+ssl_key = </ssl/dovecot/key.pem
+
diff --git a/include/etc/dovecot/conf.d/15-lda.conf b/include/etc/dovecot/conf.d/15-lda.conf
new file mode 100644
index 0000000..d885ff6
--- /dev/null
+++ b/include/etc/dovecot/conf.d/15-lda.conf
@@ -0,0 +1,49 @@
+##
+## LDA specific settings (also used by LMTP)
+##
+
+# Address to use when sending rejection mails.
+# Default is postmaster@%d. %d expands to recipient domain.
+#postmaster_address =
+
+# Hostname to use in various parts of sent mails (e.g. in Message-Id) and
+# in LMTP replies. Default is the system's real hostname@domain.
+#hostname = 
+
+# If user is over quota, return with temporary failure instead of
+# bouncing the mail.
+#quota_full_tempfail = no
+
+# Binary to use for sending mails.
+#sendmail_path = /usr/sbin/sendmail
+
+# If non-empty, send mails via this SMTP host[:port] instead of sendmail.
+#submission_host =
+
+# Subject: header to use for rejection mails. You can use the same variables
+# as for rejection_reason below.
+#rejection_subject = Rejected: %s
+
+# Human readable error message for rejection mails. You can use variables:
+#  %n = CRLF, %r = reason, %s = original subject, %t = recipient
+#rejection_reason = Your message to <%t> was automatically rejected:%n%r
+
+# Delimiter character between local-part and detail in email address.
+#recipient_delimiter = +
+
+# Header where the original recipient address (SMTP's RCPT TO: address) is taken
+# from if not available elsewhere. With dovecot-lda -a parameter overrides this. 
+# A commonly used header for this is X-Original-To.
+#lda_original_recipient_header =
+
+# Should saving a mail to a nonexistent mailbox automatically create it?
+lda_mailbox_autocreate = yes
+
+# Should automatically created mailboxes be also automatically subscribed?
+lda_mailbox_autosubscribe = yes
+
+protocol lda {
+  # Space separated list of plugins to load (default is global mail_plugins).
+  mail_plugins = $mail_plugins sieve
+}
+
diff --git a/include/etc/dovecot/conf.d/15-mailboxes.conf b/include/etc/dovecot/conf.d/15-mailboxes.conf
new file mode 100644
index 0000000..8dd3cbd
--- /dev/null
+++ b/include/etc/dovecot/conf.d/15-mailboxes.conf
@@ -0,0 +1,75 @@
+##
+## Mailbox definitions
+##
+
+
+namespace inbox {
+  prefix =
+  type = private
+  separator = /
+  inbox = yes
+  list = yes
+
+  mailbox Archive {
+    auto = subscribe
+    special_use = \Archive
+  }
+
+  mailbox Drafts {
+    auto = subscribe
+    special_use = \Drafts
+  }
+
+  mailbox Sent {
+    auto = subscribe # autocreate and autosubscribe the Sent mailbox
+    special_use = \Sent
+  }
+  mailbox "Sent Messages" {
+    special_use = \Sent
+  }
+
+  mailbox Spam {
+    auto = subscribe
+    special_use = \Junk
+    autoexpunge = 60d
+  }
+
+  mailbox Trash {
+    auto = subscribe
+    autoexpunge = 120d
+    special_use = \Trash
+  }
+
+  mailbox virtual/All { # if you have a virtual "All messages" mailbox
+    auto = no
+    special_use = \All
+  }
+
+  # If you have a virtual "Flagged" mailbox:
+  #mailbox virtual/Flagged {
+  #  special_use = \Flagged
+  #  comment = All my flagged messages
+  #}
+
+  # If you have a virtual "Important" mailbox:
+  #mailbox virtual/Important {
+  #  special_use = \Important
+  #  comment = All my important messages
+  #}
+
+}
+
+# Shared mailbox
+namespace {
+  type = shared
+  separator = /
+  prefix = shared/%%n@%%d/
+
+  location = maildir:%%h/mail:LAYOUT=fs:INDEXPVT=%h/mail/shared/%%n@%%d
+
+  subscriptions = no
+  list = children
+
+}
+
+
diff --git a/include/etc/dovecot/conf.d/20-imap.conf b/include/etc/dovecot/conf.d/20-imap.conf
new file mode 100644
index 0000000..c7d5aca
--- /dev/null
+++ b/include/etc/dovecot/conf.d/20-imap.conf
@@ -0,0 +1,22 @@
+##
+## IMAP specific settings
+##
+
+# If nothing happens for this long while client is IDLEing, move the connection
+# to imap-hibernate process and close the old imap process. This saves memory,
+# because connections use very little memory in imap-hibernate process. The
+# downside is that recreating the imap process back uses some resources.
+imap_hibernate_timeout = 5M
+
+# Maximum IMAP command line length. Some clients generate very long command
+# lines with huge mailboxes, so you may need to raise this if you get
+# "Too long argument" or "IMAP command line too large" errors often.
+#imap_max_line_length = 64k
+
+
+
+protocol imap {
+    imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags
+    mail_plugins = $mail_plugins imap_acl imap_quota
+
+}
diff --git a/include/etc/dovecot/conf.d/20-lmtp.conf b/include/etc/dovecot/conf.d/20-lmtp.conf
new file mode 100644
index 0000000..81c2662
--- /dev/null
+++ b/include/etc/dovecot/conf.d/20-lmtp.conf
@@ -0,0 +1,18 @@
+##
+## LMTP specific settings
+##
+
+
+# Verify quota before replying to RCPT TO. This adds a small overhead.
+lmtp_rcpt_check_quota = yes
+
+# Add "Received:" header to mails delivered.
+#lmtp_add_received_header = no
+
+
+protocol lmtp {
+   info_log_path = /var/log/dovecot-lmtp.log
+#   postmaster_address = postmaster@example.org
+
+  mail_plugins = $mail_plugins sieve
+}
diff --git a/include/etc/dovecot/conf.d/20-managesieve.conf b/include/etc/dovecot/conf.d/20-managesieve.conf
new file mode 100644
index 0000000..06c4f86
--- /dev/null
+++ b/include/etc/dovecot/conf.d/20-managesieve.conf
@@ -0,0 +1,85 @@
+##
+## ManageSieve specific settings
+##
+
+# Uncomment to enable managesieve protocol:
+#protocols = $protocols sieve
+
+# Service definitions
+
+service managesieve-login {
+  inet_listener sieve {
+    port = 4190
+  }
+
+  #inet_listener sieve_deprecated {
+  #  port = 2000
+  #}
+
+  # Number of connections to handle before starting a new process. Typically
+  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+  # is faster. <doc/wiki/LoginProcess.txt>
+  service_count = 1
+
+  # Number of processes to always keep waiting for more connections.
+  process_min_avail = 1
+
+  # If you set service_count=0, you probably need to grow this.
+  #vsz_limit = 64M
+}
+
+service managesieve {
+  # Max. number of ManageSieve processes (connections)
+  process_limit = 100
+}
+
+# Service configuration
+
+protocol sieve {
+  # Maximum ManageSieve command line length in bytes. ManageSieve usually does
+  # not involve overly long command lines, so this setting will not normally
+  # need adjustment
+  managesieve_max_line_length = 65536
+
+  # Maximum number of ManageSieve connections allowed for a user from each IP
+  # address.
+  # NOTE: The username is compared case-sensitively.
+  mail_max_userip_connections = 5
+
+  # Space separated list of plugins to load (none known to be useful so far).
+  # Do NOT try to load IMAP plugins here.
+  #mail_plugins =
+
+  # MANAGESIEVE logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %{put_bytes} - Number of bytes saved using PUTSCRIPT command
+  #  %{put_count} - Number of scripts saved using PUTSCRIPT command
+  #  %{get_bytes} - Number of bytes read using GETCRIPT command
+  #  %{get_count} - Number of scripts read using GETSCRIPT command
+  #  %{get_bytes} - Number of bytes processed using CHECKSCRIPT command
+  #  %{get_count} - Number of scripts checked using CHECKSCRIPT command
+  #  %{deleted_count} - Number of scripts deleted using DELETESCRIPT command
+  #  %{renamed_count} - Number of scripts renamed using RENAMESCRIPT command
+  managesieve_logout_format = bytes=%i/%o
+
+  # To fool ManageSieve clients that are focused on CMU's timesieved you can
+  # specify the IMPLEMENTATION capability that Dovecot reports to clients.
+  # For example: 'Cyrus timsieved v2.2.13'
+  #managesieve_implementation_string = Dovecot Pigeonhole
+
+  # Explicitly specify the SIEVE and NOTIFY capability reported by the server
+  # before login. If left unassigned these will be reported dynamically
+  # according to what the Sieve interpreter supports by default (after login
+  # this may differ depending on the user).
+  #managesieve_sieve_capability =
+  #managesieve_notify_capability =
+
+  # The maximum number of compile errors that are returned to the client upon
+  # script upload or script verification.
+  #managesieve_max_compile_errors = 5
+
+  # Refer to 90-sieve.conf for script quota configuration and configuration of
+  # Sieve execution limits.
+}
+
diff --git a/include/etc/dovecot/conf.d/90-acl.conf b/include/etc/dovecot/conf.d/90-acl.conf
new file mode 100644
index 0000000..f402712
--- /dev/null
+++ b/include/etc/dovecot/conf.d/90-acl.conf
@@ -0,0 +1,28 @@
+##
+## Mailbox access control lists.
+##
+
+# vfile backend reads ACLs from "dovecot-acl" file from mail directory.
+# You can also optionally give a global ACL directory path where ACLs are
+# applied to all users' mailboxes. The global ACL directory contains
+# one file for each mailbox, eg. INBOX or sub.mailbox. cache_secs parameter
+# specifies how many seconds to wait between stat()ing dovecot-acl file
+# to see if it changed.
+plugin {
+  # Per-user ACL:
+  acl = vfile
+
+  # (if yes) Creates an issue where shared folders inbox folder is 
+  # shown but clicking on the root folder, also displays the contents
+  # of the inbox.
+  #acl_defaults_from_inbox = yes
+
+  acl = vfile:/etc/dovecot/dovecot-acl:cache_secs=60
+
+}
+
+plugin {
+
+  acl_shared_dict = file:/srv/mail/shared-mailboxes
+
+}
diff --git a/include/etc/dovecot/conf.d/90-plugin.conf b/include/etc/dovecot/conf.d/90-plugin.conf
new file mode 100644
index 0000000..79d97fb
--- /dev/null
+++ b/include/etc/dovecot/conf.d/90-plugin.conf
@@ -0,0 +1,21 @@
+##
+## Plugin settings
+##
+
+
+plugin {
+  welcome_script = welcome %u
+  welcome_wait = no
+}
+
+service welcome {
+  executable = script /bin/welcome-email.sh
+  user = dovecot
+  
+
+  unix_listener welcome {
+    user = dovecot
+    group = postfix
+    mode = 0766
+  }
+}
diff --git a/include/etc/dovecot/conf.d/90-quota.conf b/include/etc/dovecot/conf.d/90-quota.conf
new file mode 100644
index 0000000..4954245
--- /dev/null
+++ b/include/etc/dovecot/conf.d/90-quota.conf
@@ -0,0 +1,85 @@
+##
+## Quota configuration.
+##
+
+# Note that you also have to enable quota plugin in mail_plugins setting.
+# <doc/wiki/Quota.txt>
+
+##
+## Quota limits
+##
+
+plugin {
+  quota = maildir:User quota
+  quota_rule = *:storage=200M
+  quota_rule2 = Trash:storage=+50M
+  quota_grace = 10%%
+
+  quota_max_mail_size = 25M
+
+  quota_status_success = DUNNO
+  quota_status_nouser = DUNNO
+  quota_status_overquota = "552 5.2.2 Mailbox is full"
+}
+
+
+
+plugin {
+
+  quota = maildir:Shared quota:ns=shared/
+  quota_rule = *:storage=200M
+
+
+  quota_max_mail_size = 25M
+
+  quota_status_success = DUNNO
+  quota_status_nouser = DUNNO
+  quota_status_overquota = "552 5.2.2 Mailbox is full"
+
+}
+
+
+
+##
+## Quota warnings
+##
+
+# You can execute a given command when user exceeds a specified quota limit.
+# Each quota root has separate limits. Only the command for the first
+# exceeded limit is executed, so put the highest limit first.
+# The commands are executed via script service by connecting to the named
+# UNIX socket (quota-warning below).
+# Note that % needs to be escaped as %%, otherwise "% " expands to empty.
+
+plugin {
+  quota_warning = storage=50%% quota-warning 50 %u
+  quota_warning2 = storage=80%% quota-warning 80 %u
+  quota_warning2 = storage=90%% quota-warning 90 %u
+  quota_warning3 = storage=95%% quota-warning 95 %u
+}
+
+# Example quota-warning service. The unix listener's permissions should be
+# set in a way that mail processes can connect to it. Below example assumes
+# that mail processes run as vmail user. If you use mode=0666, all system users
+# can generate quota warnings to anyone.
+
+service quota-warning {
+  executable = script /bin/quota-warning.sh
+#  user = vmail
+
+  unix_listener quota-warning {
+    user = dovecot
+    group = vmail
+    mode = 0766
+  }
+}
+
+service quota-status {
+  executable = quota-status -p postfix
+  inet_listener {
+    port = 12340
+    # You can choose any port you want
+  }
+  client_limit = 1
+}
+
diff --git a/include/etc/dovecot/conf.d/90-sieve-extprograms.conf b/include/etc/dovecot/conf.d/90-sieve-extprograms.conf
new file mode 100644
index 0000000..cc51d13
--- /dev/null
+++ b/include/etc/dovecot/conf.d/90-sieve-extprograms.conf
@@ -0,0 +1,45 @@
+# Sieve Extprograms plugin configuration
+
+# Don't forget to add the sieve_extprograms plugin to the sieve_plugins setting.
+# Also enable the extensions you need (one or more of vnd.dovecot.pipe,
+# vnd.dovecot.filter and vnd.dovecot.execute) by adding these	to the
+# sieve_extensions or sieve_global_extensions settings. Restricting these
+# extensions to a global context using sieve_global_extensions is recommended.
+
+plugin {
+
+  # The directory where the program sockets are located for the
+  # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+  # respectively. The name of each unix socket contained in that directory
+  # directly maps to a program-name referenced from the Sieve script.
+  #sieve_pipe_socket_dir = sieve-pipe
+  #sieve_filter_socket_dir = sieve-filter
+  #sieve_execute_socket_dir = sieve-execute
+
+  # The directory where the scripts are located for direct execution by the
+  # vnd.dovecot.pipe, vnd.dovecot.filter and vnd.dovecot.execute extension
+  # respectively. The name of each script contained in that directory
+  # directly maps to a program-name referenced from the Sieve script.
+  #sieve_pipe_bin_dir = /usr/lib/dovecot/sieve-pipe
+  #sieve_filter_bin_dir = /usr/lib/dovecot/sieve-filter
+  #sieve_execute_bin_dir = /usr/lib/dovecot/sieve-execute
+}
+
+# An example program service called 'do-something' to pipe messages to
+#service do-something {
+  # Define the executed script as parameter to the sieve service
+  #executable = script /usr/lib/dovecot/sieve-pipe/do-something.sh
+
+  # Use some unprivileged user for executing the program
+  #user = dovenull
+
+  # The unix socket located in the sieve_pipe_socket_dir (as defined in the 
+  # plugin {} section above)
+  #unix_listener sieve-pipe/do-something {
+    # LDA/LMTP must have access
+  #  user = vmail  
+  #  mode = 0600
+  #}
+#}
+
+
diff --git a/include/etc/dovecot/conf.d/90-sieve.conf b/include/etc/dovecot/conf.d/90-sieve.conf
new file mode 100644
index 0000000..d97709a
--- /dev/null
+++ b/include/etc/dovecot/conf.d/90-sieve.conf
@@ -0,0 +1,210 @@
+##
+## Settings for the Sieve interpreter
+##
+
+# Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf
+# by adding it to the respective mail_plugins= settings.
+
+# The Sieve interpreter can retrieve Sieve scripts from several types of
+# locations. The default `file' location type is a local filesystem path
+# pointing to a Sieve script file or a directory containing multiple Sieve
+# script files. More complex setups can use other location types such as
+# `ldap' or `dict' to fetch Sieve scripts from remote databases.
+#
+# All settings that specify the location of one ore more Sieve scripts accept
+# the following syntax:
+#
+# location = [<type>:]path[;<option>[=<value>][;...]]
+#
+# If the type prefix is omitted, the script location type is 'file' and the 
+# location is interpreted as a local filesystem path pointing to a Sieve script
+# file or directory. Refer to Pigeonhole wiki or INSTALL file for more
+# information.
+
+plugin {
+  # The location of the user's main Sieve script or script storage. The LDA
+  # Sieve plugin uses this to find the active script for Sieve filtering at
+  # delivery. The "include" extension uses this location for retrieving
+  # :personal" scripts. This is also where the  ManageSieve service will store
+  # the user's scripts, if supported.
+  # 
+  # Currently only the 'file:' location type supports ManageSieve operation.
+  # Other location types like 'dict:' and 'ldap:' can currently only
+  # be used as a read-only script source ().
+  #
+  # For the 'file:' type: use the ';active=' parameter to specify where the
+  # active script symlink is located.
+  # For other types: use the ';name=' parameter to specify the name of the
+  # default/active script.
+  sieve = file:~/sieve;active=~/.dovecot.sieve
+
+  # The default Sieve script when the user has none. This is the location of a
+  # global sieve script file, which gets executed ONLY if user's personal Sieve
+  # script doesn't exist. Be sure to pre-compile this script manually using the
+  # sievec command line tool if the binary is not stored in a global location.
+  # --> See sieve_before for executing scripts before the user's personal
+  #     script.
+  #sieve_default = /var/lib/dovecot/sieve/default.sieve
+
+  # The name by which the default Sieve script (as configured by the 
+  # sieve_default setting) is visible to the user through ManageSieve. 
+  #sieve_default_name = 
+
+  # Location for ":global" include scripts as used by the "include" extension.
+  #sieve_global_path = 
+
+  # The location of a Sieve script that is run for any message that is about to
+  # be discarded; i.e., it is not delivered anywhere by the normal Sieve
+  # execution. This only happens when the "implicit keep" is canceled, by e.g.
+  # the "discard" action, and no actions that deliver the message are executed.
+  # This "discard script" can prevent discarding the message, by executing
+  # alternative actions. If the discard script does nothing, the message is
+	# still discarded as it would be when no discard script is configured.
+  #sieve_discard =
+
+  # Location Sieve of scripts that need to be executed before the user's
+  # personal script. If a 'file' location path points to a directory, all the 
+  # Sieve scripts contained therein (with the proper `.sieve' extension) are
+  # executed. The order of execution within that directory is determined by the
+  # file names, using a normal 8bit per-character comparison.
+  #
+  # Multiple script locations can be specified by appending an increasing number
+  # to the setting name. The Sieve scripts found from these locations are added
+  # to the script execution sequence in the specified order. Reading the
+  # numbered sieve_before settings stops at the first missing setting, so no
+  # numbers may be skipped.
+  #sieve_before = /var/lib/dovecot/sieve.d/
+  #sieve_before2 = ldap:/etc/sieve-ldap.conf;name=ldap-domain
+  #sieve_before3 = (etc...)
+  sieve_before = /etc/dovecot/sieve
+
+  # Identical to sieve_before, only the specified scripts are executed after the
+  # user's script (only when keep is still in effect!). Multiple script
+  # locations can be specified by appending an increasing number.
+  #sieve_after =
+  #sieve_after2 =
+  #sieve_after2 = (etc...)
+
+  # Which Sieve language extensions are available to users. By default, all
+  # supported extensions are available, except for deprecated extensions or
+  # those that are still under development. Some system administrators may want
+  # to disable certain Sieve extensions or enable those that are not available
+  # by default. This setting can use '+' and '-' to specify differences relative
+  # to the default. For example `sieve_extensions = +imapflags' will enable the
+  # deprecated imapflags extension in addition to all extensions were already
+  # enabled by default.
+  #sieve_extensions = +notify +imapflags
+
+  sieve_extensions=-vacation, -enotify, -editheader, imap4flags
+
+  # Which Sieve language extensions are ONLY available in global scripts. This
+  # can be used to restrict the use of certain Sieve extensions to administrator
+  # control, for instance when these extensions can cause security concerns.
+  # This setting has higher precedence than the `sieve_extensions' setting
+  # (above), meaning that the extensions enabled with this setting are never
+  # available to the user's personal script no matter what is specified for the
+  # `sieve_extensions' setting. The syntax of this setting is similar to the
+  # `sieve_extensions' setting, with the difference that extensions are
+  # enabled or disabled for exclusive use in global scripts. Currently, no
+  # extensions are marked as such by default.
+  #sieve_global_extensions =
+
+  # The Pigeonhole Sieve interpreter can have plugins of its own. Using this
+  # setting, the used plugins can be specified. Check the Dovecot wiki
+  # (wiki2.dovecot.org) or the pigeonhole website
+  # (http://pigeonhole.dovecot.org) for available plugins.
+  # The sieve_extprograms plugin is included in this release.
+  #sieve_plugins =
+  sieve_plugins = sieve_extprograms
+
+  # The maximum size of a Sieve script. The compiler will refuse to compile any
+  # script larger than this limit. If set to 0, no limit on the script size is
+  # enforced.
+  #sieve_max_script_size = 1M
+
+  # The maximum number of actions that can be performed during a single script
+  # execution. If set to 0, no limit on the total number of actions is enforced.
+  #sieve_max_actions = 32
+
+  # The maximum number of redirect actions that can be performed during a single
+  # script execution. If set to 0, no redirect actions are allowed.
+  #sieve_max_redirects = 4
+
+  # The maximum number of personal Sieve scripts a single user can have. If set
+  # to 0, no limit on the number of scripts is enforced.
+  # (Currently only relevant for ManageSieve)
+  #sieve_quota_max_scripts = 0
+
+  # The maximum amount of disk storage a single user's scripts may occupy. If
+  # set to 0, no limit on the used amount of disk storage is enforced.
+  # (Currently only relevant for ManageSieve)
+  #sieve_quota_max_storage = 0
+
+  # The primary e-mail address for the user. This is used as a default when no
+  # other appropriate address is available for sending messages. If this setting
+  # is not configured, either the postmaster or null "<>" address is used as a
+  # sender, depending on the action involved. This setting is important when
+  # there is no message envelope to extract addresses from, such as when the
+  # script is executed in IMAP.
+  #sieve_user_email =
+
+  # The path to the file where the user log is written. If not configured, a
+  # default location is used. If the main user's personal Sieve (as configured
+  # with sieve=) is a file, the logfile is set to <filename>.log by default. If
+  # it is not a file, the default user log file is ~/.dovecot.sieve.log.
+  #sieve_user_log =
+
+  # Specifies what envelope sender address is used for redirected messages.
+  # The following values are supported for this setting:
+  #
+  #   "sender"         - The sender address is used (default).
+  #   "recipient"      - The final recipient address is used.
+  #   "orig_recipient" - The original recipient is used.
+  #   "user_email"     - The user's primary address is used. This is
+  #                      configured with the "sieve_user_email" setting. If
+  #                      that setting is unconfigured, "user_mail" is equal to
+  #                      "recipient".
+  #   "postmaster"     - The postmaster_address configured for the LDA.
+  #   "<user@domain>"  - Redirected messages are always sent from user@domain.
+  #                      The angle brackets are mandatory. The null "<>" address
+  #                      is also supported.
+  #
+  # This setting is ignored when the envelope sender is "<>". In that case the
+  # sender of the redirected message is also always "<>".
+  #sieve_redirect_envelope_from = sender
+
+  ## TRACE DEBUGGING
+  # Trace debugging provides detailed insight in the operations performed by
+  # the Sieve script. These settings apply to both the LDA Sieve plugin and the
+  # IMAPSIEVE plugin. 
+  #
+  # WARNING: On a busy server, this functionality can quickly fill up the trace
+  # directory with a lot of trace files. Enable this only temporarily and as
+  # selective as possible.
+  
+  # The directory where trace files are written. Trace debugging is disabled if
+  # this setting is not configured or if the directory does not exist. If the 
+  # path is relative or it starts with "~/" it is interpreted relative to the
+  # current user's home directory.
+  #sieve_trace_dir =
+  
+  # The verbosity level of the trace messages. Trace debugging is disabled if
+  # this setting is not configured. Possible values are:
+  #
+  #   "actions"        - Only print executed action commands, like keep,
+  #                      fileinto, reject and redirect.
+  #   "commands"       - Print any executed command, excluding test commands.
+  #   "tests"          - Print all executed commands and performed tests.
+  #   "matching"       - Print all executed commands, performed tests and the
+  #                      values matched in those tests.
+  #sieve_trace_level =
+  
+  # Enables highly verbose debugging messages that are usually only useful for
+  # developers.
+  #sieve_trace_debug = no
+  
+  # Enables showing byte code addresses in the trace output, rather than only
+  # the source line numbers.
+  #sieve_trace_addresses = no 
+}
+
diff --git a/include/etc/dovecot/dovecot-acl b/include/etc/dovecot/dovecot-acl
new file mode 100644
index 0000000..6f78220
--- /dev/null
+++ b/include/etc/dovecot/dovecot-acl
@@ -0,0 +1,7 @@
+INBOX.Archive owner lrwstipek
+INBOX.Drafts owner lrwstipek
+INBOX.Spam owner lrwstipek
+INBOX.Sent owner lrwstipek
+INBOX.Trash owner lrwstipek
+#* owner akxeilprwts
+
diff --git a/include/etc/dovecot/dovecot-ldap.conf.ext b/include/etc/dovecot/dovecot-ldap.conf.ext
new file mode 100644
index 0000000..6c6e2aa
--- /dev/null
+++ b/include/etc/dovecot/dovecot-ldap.conf.ext
@@ -0,0 +1,24 @@
+uris = ldap://openldap
+dn = cn=admin,dc=example,dc=org
+dnpass = admin
+
+debug_level = 0
+auth_bind = no
+
+ldap_version = 3
+base = dc=example,dc=org
+scope = subtree
+
+user_attrs = uid=user=%{ldap:uid}, memberUid=user=%{ldap:mail}, mail=home=/srv/mail/%{ldap:mail}, mail=mailHomeDirectory=maildir:~/mail:LAYOUT=fs, mailQuota=quota_rule=*:bytes=%$
+
+user_filter = (&(objectClass=PostfixBookMailAccount)(|(uid=%u)(mail=%u)(cn=%u)))
+
+
+pass_filter = (&(objectClass=PostfixBookMailAccount)(|(uid=%u)(mail=%u)))
+
+
+iterate_attrs = mail=user
+iterate_filter = (objectClass=PostfixBookMailAccount)
+
+
+
diff --git a/include/etc/dovecot/protocols.d/imap.protocol b/include/etc/dovecot/protocols.d/imap.protocol
new file mode 100644
index 0000000..cbc7ed9
--- /dev/null
+++ b/include/etc/dovecot/protocols.d/imap.protocol
@@ -0,0 +1,2 @@
+
+protocols = $protocols imap
diff --git a/include/etc/dovecot/protocols.d/lmtp.protocol b/include/etc/dovecot/protocols.d/lmtp.protocol
new file mode 100644
index 0000000..e71d974
--- /dev/null
+++ b/include/etc/dovecot/protocols.d/lmtp.protocol
@@ -0,0 +1,2 @@
+
+protocols = $protocols lmtp
diff --git a/include/etc/dovecot/protocols.d/sieve.protocol b/include/etc/dovecot/protocols.d/sieve.protocol
new file mode 100644
index 0000000..91ef409
--- /dev/null
+++ b/include/etc/dovecot/protocols.d/sieve.protocol
@@ -0,0 +1,2 @@
+
+protocols = $protocols sieve
diff --git a/include/etc/dovecot/sieve/00-fileto-spam.sieve b/include/etc/dovecot/sieve/00-fileto-spam.sieve
new file mode 100644
index 0000000..ef121dc
--- /dev/null
+++ b/include/etc/dovecot/sieve/00-fileto-spam.sieve
@@ -0,0 +1,11 @@
+require ["fileinto", "mailbox"];
+
+if exists "X-Spam-Flag" {
+if header :contains "X-Spam-Flag" "NO" {
+
+} else {
+fileinto :create "Spam";
+stop;
+}
+
+}
diff --git a/include/etc/logrotate.d/dovecot b/include/etc/logrotate.d/dovecot
new file mode 100644
index 0000000..67fc8f1
--- /dev/null
+++ b/include/etc/logrotate.d/dovecot
@@ -0,0 +1,14 @@
+/var/log/dovecot.log 
+{
+    rotate 30
+    daily
+    missingok
+    notifempty
+    compress
+    delaycompress
+    extension log
+    create 0644 dovecot dovecot
+         postrotate
+             supervisorctl restart dovecot
+         endscript
+}
diff --git a/include/etc/logrotate.d/postfix b/include/etc/logrotate.d/postfix
new file mode 100644
index 0000000..00d81fe
--- /dev/null
+++ b/include/etc/logrotate.d/postfix
@@ -0,0 +1,14 @@
+/var/log/postfix.log
+{
+    rotate 30
+    daily
+    missingok
+    notifempty
+    compress
+    delaycompress
+    extension log
+    create 0644 postfix postfix
+        postrotate
+            supervisorctl restart postfix
+        endscript
+}
diff --git a/include/etc/logrotate.d/rsyslog b/include/etc/logrotate.d/rsyslog
new file mode 100644
index 0000000..68dcb13
--- /dev/null
+++ b/include/etc/logrotate.d/rsyslog
@@ -0,0 +1,28 @@
+/var/log/syslog
+/var/log/mail.info
+/var/log/mail.warn
+/var/log/mail.err
+/var/log/mail.log
+/var/log/daemon.log
+/var/log/kern.log
+/var/log/auth.log
+/var/log/user.log
+/var/log/lpr.log
+/var/log/cron.log
+/var/log/debug
+/var/log/messages
+/var/log/lastlog
+/var/log/faillog
+{
+    rotate 30
+    daily
+    missingok
+    notifempty
+    compress
+    delaycompress
+    sharedscripts
+        postrotate
+            supervisorctl restart rsyslog
+            supervisorctl restart amavis
+        endscript
+}
diff --git a/include/etc/mail/postfixadmin/fetchmail.conf b/include/etc/mail/postfixadmin/fetchmail.conf
new file mode 100644
index 0000000..19fc794
--- /dev/null
+++ b/include/etc/mail/postfixadmin/fetchmail.conf
@@ -0,0 +1,24 @@
+# database settings
+
+# database backend - uncomment one of these
+our $db_type = 'mysql';
+#my $db_type = 'mysql';
+
+# host name
+our $db_host="mysql";
+# database name
+our $db_name="roundcube";
+# database username
+our $db_username="roundcube";
+# database password
+our $db_password="roundcube";
+
+# Where to create a lockfile; please ensure path exists.
+our $run_dir="/var/lock/fetchmail";
+
+# in case you want to use dovecot deliver to put the mail directly into the users mailbox,
+# set "mda" in the fetchmail table to the keyword "dovecot".
+
+# Where the delivery binary is located
+$dovecot_deliver = "/usr/lib/dovecot/dovecot-lda";
+
diff --git a/include/etc/postfix/header_checks_outbound b/include/etc/postfix/header_checks_outbound
new file mode 100644
index 0000000..d69784e
--- /dev/null
+++ b/include/etc/postfix/header_checks_outbound
@@ -0,0 +1,14 @@
+#
+#  Header Checks for outbound E-Mail
+#
+# Checks for outbound mail
+#
+
+#
+# Remove spam headers as they are applicable for local users only.
+#
+/^X-Spam-Flag:/    IGNORE
+/^X-Spam-Score:/   IGNORE
+/^X-Spam-Level:/   IGNORE
+/^X-Spam-Status:/  IGNORE
+
diff --git a/include/etc/postfix/header_checks_privacy b/include/etc/postfix/header_checks_privacy
new file mode 100644
index 0000000..6c9f700
--- /dev/null
+++ b/include/etc/postfix/header_checks_privacy
@@ -0,0 +1,32 @@
+#
+#  Privacy Header Checks
+#
+
+#
+# Hide the software the sender is using
+#
+/^User-Agent:/  IGNORE
+
+#
+# Remove Date from header.
+# 
+# The date that the client users is often in their own timezone.
+# this is not desirable, so removing and having the server re-add
+# the date header, enables hiding the users timezone.
+#
+# NOTE: postfix requires the following settings:
+#  - always_add_missing_headers=yes
+#  - local_header_rewrite_clients=permit_sasl_authenticated,permit_mynetworks,permit_inet_interfaces
+#
+# These settings will add the date back to the E-Mail header using the servers timezone.
+#
+/^Date:/        IGNORE
+
+#
+# Remove the sender IP Address and Any hostname and replace with localhost
+#
+/^Received:\sfrom [^ ]+ \([^ ]+ \[[IPv0-9a-f:.]+\]\)(\s+.* \(server\) with .+)$/ REPLACE Received: from [127.0.0.1] (localhost [127.0.0.1])$1
+
+
+
+
diff --git a/include/etc/postfix/ldap/smtpd_sender_login_maps b/include/etc/postfix/ldap/smtpd_sender_login_maps
new file mode 100644
index 0000000..4580a84
--- /dev/null
+++ b/include/etc/postfix/ldap/smtpd_sender_login_maps
@@ -0,0 +1,16 @@
+server_host = ldap://openldap
+start_tls = no
+version = 3
+#tls_ca_cert_file = /etc/ldap/tls/CA.pem
+#tls_require_cert = yes
+
+bind = yes
+bind_dn = cn=admin,dc=example,dc=org
+bind_pw = admin
+
+search_base = ou=Users,dc=example,dc=org
+
+
+query_filter = (&(objectClass=PostfixBookMailAccount)(|(mail=%s)(mailAlias=%s)))
+
+result_attribute = uid
diff --git a/include/etc/postfix/ldap/smtpd_sender_login_maps_groups b/include/etc/postfix/ldap/smtpd_sender_login_maps_groups
new file mode 100644
index 0000000..b05c323
--- /dev/null
+++ b/include/etc/postfix/ldap/smtpd_sender_login_maps_groups
@@ -0,0 +1,17 @@
+server_host = ldap://openldap
+start_tls = no
+version = 3
+#tls_ca_cert_file = /etc/ldap/tls/CA.pem
+#tls_require_cert = yes
+
+bind = yes
+bind_dn = cn=admin,dc=example,dc=org
+bind_pw = admin
+
+search_base = ou=Groups,dc=example,dc=org
+
+
+query_filter = (&(objectClass=PostfixBookMailAccount)(objectClass=posixGroup)(|(mail=%s)(mailAlias=%s)))
+
+
+result_attribute = memberUid
diff --git a/include/etc/postfix/ldap/virtual_alias_domains b/include/etc/postfix/ldap/virtual_alias_domains
new file mode 100644
index 0000000..a89517e
--- /dev/null
+++ b/include/etc/postfix/ldap/virtual_alias_domains
@@ -0,0 +1,17 @@
+server_host = ldap://172.20.0.4
+start_tls = no
+version = 3
+#tls_ca_cert_file = /etc/ldap/tls/CA.pem
+#tls_require_cert = yes
+
+bind = yes
+bind_dn = cn=admin,dc=example,dc=org
+bind_pw = admin
+
+
+search_base = ou=mail,dc=example,dc=org
+
+query_filter = (&(ObjectClass=dNSDomain)(dc=%s))
+
+result_attribute = dc
+
diff --git a/include/etc/postfix/ldap/virtual_alias_maps b/include/etc/postfix/ldap/virtual_alias_maps
new file mode 100644
index 0000000..cc1bc4d
--- /dev/null
+++ b/include/etc/postfix/ldap/virtual_alias_maps
@@ -0,0 +1,18 @@
+server_host = ldap://openldap
+start_tls = no
+version = 3
+#tls_ca_cert_file = /etc/ldap/tls/CA.pem
+#tls_require_cert = yes
+
+bind = yes
+bind_dn = cn=admin,dc=example,dc=org
+bind_pw = admin
+
+search_base = dc=example,dc=org
+#scope = sub
+
+
+query_filter = (&(objectClass=PostfixBookMailAccount)(|(mail=%s)(mailAlias=%s)))
+
+result_attribute = mail
+
diff --git a/include/etc/postfix/ldap/virtual_email_domains b/include/etc/postfix/ldap/virtual_email_domains
new file mode 100644
index 0000000..61b3c62
--- /dev/null
+++ b/include/etc/postfix/ldap/virtual_email_domains
@@ -0,0 +1,18 @@
+server_host = ldap://openldap
+start_tls = no
+version = 3
+#tls_ca_cert_file = /etc/ldap/tls/CA.pem
+#tls_require_cert = yes
+
+bind = yes
+bind_dn = cn=admin,dc=example,dc=org
+bind_pw = admin
+
+search_base = ou=mail,dc=example,dc=org
+scope = sub
+
+
+query_filter = (&(ObjectClass=dNSDomain)(dc=%s))
+
+result_attribute = dc
+
diff --git a/include/etc/postfix/master.cf b/include/etc/postfix/master.cf
new file mode 100644
index 0000000..b405703
--- /dev/null
+++ b/include/etc/postfix/master.cf
@@ -0,0 +1,175 @@
+#
+# Postfix master process configuration file.  For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master" or
+# on-line: http://www.postfix.org/master.5.html).
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type  private unpriv  chroot  wakeup  maxproc command + args
+#               (yes)   (yes)   (no)    (never) (100)
+# ==========================================================================
+#smtp      inet  n       -       y       -       -       smtpd
+smtp      inet  n       -       y       -       1       postscreen
+smtpd     pass  -       -       y       -       -       smtpd
+  -o syslog_name=postfix/inbound
+  -o smtpd_tls_security_level=may
+  -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_destination,permit_auth_destination,reject
+
+#dnsblog   unix  -       -       y       -       0       dnsblog
+#tlsproxy  unix  -       -       y       -       0       tlsproxy
+submission inet n       -       y       -       -       smtpd
+  -o syslog_name=postfix/submission
+  -o smtpd_tls_security_level=encrypt
+  -o smtpd_sasl_auth_enable=yes
+  -o smtpd_tls_auth_only=yes
+  -o smtpd_sasl_type=dovecot
+  -o smtpd_sasl_path=private/dovecot/auth
+  -o smtpd_sasl_security_options=noanonymous
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+  -o smtpd_sender_login_maps=ldap:/etc/postfix/ldap/smtpd_sender_login_maps,ldap:/etc/postfix/ldap/smtpd_sender_login_maps_groups
+  -o smtpd_sender_restrictions=reject_sender_login_mismatch
+  -o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
+  -o cleanup_service_name=privacy
+
+amavis unix -      -       n     -       2  smtp
+  -o syslog_name=postfix/$service_name
+  -o smtp_data_done_timeout=1200
+  -o smtp_send_xforward_command=yes
+  -o disable_dns_lookups=yes
+  -o max_use=20
+  -o content_filter=
+
+127.0.0.1:10025 inet n  -       n     -       -  smtpd
+  -o syslog_name=amavis
+  -o content_filter=
+  -o local_recipient_maps=
+  -o relay_recipient_maps=
+  -o smtpd_restriction_classes=
+  -o smtpd_delay_reject=no
+  -o smtpd_client_restrictions=permit_mynetworks,reject
+  -o smtpd_helo_restrictions=
+  -o smtpd_sender_restrictions=
+  -o smtpd_recipient_restrictions=permit_mynetworks,reject
+  -o smtpd_data_restrictions=reject_unauth_pipelining
+  -o smtpd_end_of_data_restrictions=
+  -o mynetworks=127.0.0.0/8
+  -o smtpd_error_sleep_time=0
+  -o smtpd_soft_error_limit=1001
+  -o smtpd_hard_error_limit=1000
+  -o smtpd_client_connection_count_limit=0
+  -o smtpd_client_connection_rate_limit=0
+  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
+  -o content_filter=
+
+
+#spamassassin unix -     n       n       -       -       pipe 
+#  user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
+
+#smtps     inet  n       -       y       -       -       smtpd
+#  -o syslog_name=postfix/smtps
+#  -o smtpd_tls_wrappermode=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_reject_unlisted_recipient=no
+#  -o smtpd_client_restrictions=$mua_client_restrictions
+#  -o smtpd_helo_restrictions=$mua_helo_restrictions
+#  -o smtpd_sender_restrictions=$mua_sender_restrictions
+#  -o smtpd_recipient_restrictions=
+#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+
+
+
+#628       inet  n       -       y       -       -       qmqpd
+pickup    unix  n       -       y       60      1       pickup
+cleanup   unix  n       -       y       -       0       cleanup
+privacy   unix  n       -       n       -       0       cleanup
+  -o syslog_name=postfix/$service_name
+  -o header_checks=regexp:/etc/postfix/header_checks_privacy
+qmgr      unix  n       -       n       300     1       qmgr
+#qmgr     unix  n       -       n       300     1       oqmgr
+tlsmgr    unix  -       -       y       1000?   1       tlsmgr
+rewrite   unix  -       -       y       -       -       trivial-rewrite
+bounce    unix  -       -       y       -       0       bounce
+defer     unix  -       -       y       -       0       bounce
+trace     unix  -       -       y       -       0       bounce
+verify    unix  -       -       y       -       1       verify
+flush     unix  n       -       y       1000?   0       flush
+proxymap  unix  -       -       n       -       -       proxymap
+proxywrite unix -       -       n       -       1       proxymap
+
+smtp      unix  -       -       y       -       -       smtp
+  -o syslog_name=postfix/$service_name
+
+relay     unix  -       -       y       -       -       smtp
+        -o syslog_name=postfix/$service_name
+#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq     unix  n       -       y       -       -       showq
+error     unix  -       -       y       -       -       error
+retry     unix  -       -       y       -       -       error
+discard   unix  -       -       y       -       -       discard
+local     unix  -       n       n       -       -       local
+virtual   unix  -       n       n       -       -       virtual
+lmtp      unix  -       -       y       -       -       lmtp
+anvil     unix  -       -       y       -       1       anvil
+scache    unix  -       -       y       -       1       scache
+postlog   unix-dgram n  -       n       -       1       postlogd
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent.  See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop  unix  -       n       n       -       -       pipe
+  flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+#  mailbox_transport = lmtp:inet:localhost
+#  virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus     unix  -       n       n       -       -       pipe
+#  flags=DRX user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix  -       n       n       -       -       pipe
+#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp      unix  -       n       n       -       -       pipe
+  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail    unix  -       n       n       -       -       pipe
+  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp     unix  -       n       n       -       -       pipe
+  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix -       n       n       -       2       pipe
+  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman   unix  -       n       n       -       -       pipe
+  flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
+
diff --git a/include/etc/spamassassin/local.cf b/include/etc/spamassassin/local.cf
new file mode 100644
index 0000000..c712a48
--- /dev/null
+++ b/include/etc/spamassassin/local.cf
@@ -0,0 +1,119 @@
+# This is the right place to customize your installation of SpamAssassin.
+#
+# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
+# tweaked.
+#
+# Only a small subset of options are listed below
+#
+###########################################################################
+
+#    A 'contact address' users should contact for more info. (replaces
+#    _CONTACTADDRESS_ in the report template)
+# report_contact youremailaddress@domain.tld
+
+
+#   Add *****SPAM***** to the Subject header of spam e-mails
+#
+# rewrite_header Subject *****SPAM*****
+
+
+#   Save spam messages as a message/rfc822 MIME attachment instead of
+#   modifying the original message (0: off, 2: use text/plain instead)
+#
+report_safe 2
+
+
+#   Set which networks or hosts are considered 'trusted' by your mail
+#   server (i.e. not spammers)
+#
+# trusted_networks 212.17.35.
+
+
+#   Set file-locking method (flock is not safe over NFS, but is faster)
+#
+# lock_method flock
+
+
+#   Set the threshold at which a message is considered spam (default: 5.0)
+#
+required_score 5.0
+
+
+#   Use Bayesian classifier (default: 1)
+#
+use_bayes 1
+
+
+#   Bayesian classifier auto-learning (default: 1)
+#
+bayes_auto_learn 1
+
+bayes_path /var/spool/spamassassin/bayes
+
+bayes_file_mode 775
+
+
+
+#   Set headers which may provide inappropriate cues to the Bayesian
+#   classifier
+#
+# bayes_ignore_header X-Bogosity
+# bayes_ignore_header X-Spam-Flag
+# bayes_ignore_header X-Spam-Status
+
+
+#   Whether to decode non- UTF-8 and non-ASCII textual parts and recode
+#   them to UTF-8 before the text is given over to rules processing.
+#
+# normalize_charset 1
+
+#   Textual body scan limit    (default: 50000)
+#
+#   Amount of data per email text/* mimepart, that will be run through body
+#   rules.  This enables safer and faster scanning of large messages,
+#   perhaps having very large textual attachments.  There should be no need
+#   to change this well tested default.
+#
+# body_part_scan_size 50000
+
+#   Textual rawbody data scan limit    (default: 500000)
+#
+#   Amount of data per email text/* mimepart, that will be run through
+#   rawbody rules.
+#
+# rawbody_part_scan_size 500000
+
+#   Some shortcircuiting, if the plugin is enabled
+# 
+ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
+#
+#   default: strongly-whitelisted mails are *really* whitelisted now, if the
+#   shortcircuiting plugin is active, causing early exit to save CPU load.
+#   Uncomment to turn this on
+#
+#   SpamAssassin tries hard not to launch DNS queries before priority -100. 
+#   If you want to shortcircuit without launching unneeded queries, make
+#   sure such rule priority is below -100. These examples are already:
+#
+# shortcircuit USER_IN_WHITELIST       on
+# shortcircuit USER_IN_DEF_WHITELIST   on
+# shortcircuit USER_IN_ALL_SPAM_TO     on
+# shortcircuit SUBJECT_IN_WHITELIST    on
+
+#   the opposite; blacklisted mails can also save CPU
+#
+# shortcircuit USER_IN_BLACKLIST       on
+# shortcircuit USER_IN_BLACKLIST_TO    on
+# shortcircuit SUBJECT_IN_BLACKLIST    on
+
+#   if you have taken the time to correctly specify your "trusted_networks",
+#   this is another good way to save CPU
+#
+# shortcircuit ALL_TRUSTED             on
+
+#   and a well-trained bayes DB can save running rules, too
+#
+# shortcircuit BAYES_99                spam
+# shortcircuit BAYES_00                ham
+
+endif # Mail::SpamAssassin::Plugin::Shortcircuit
diff --git a/include/etc/supervisor/conf.d/supervisord.conf b/include/etc/supervisor/conf.d/supervisord.conf
new file mode 100644
index 0000000..65a3373
--- /dev/null
+++ b/include/etc/supervisor/conf.d/supervisord.conf
@@ -0,0 +1,77 @@
+[supervisord]
+#daemon=false
+nodaemon = true
+pidfile=/var/run/supervisord.pid
+
+[program:init]
+startsecs=0
+stopwaitsecs=55
+command=/docker-entrypoint.sh setup
+autorestart=false
+autostart=true
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+
+[program:rsyslog]
+startsecs=0
+stopwaitsecs=55
+autostart=true
+autorestart=true
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+command=/usr/sbin/rsyslogd -n
+
+[program:cron]
+startsecs=0
+stopwaitsecs=55
+autostart=true
+autorestart=true
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+command=/usr/sbin/cron -f
+
+
+[program:amavis]
+startsecs=0
+stopwaitsecs=55
+autostart=true
+autorestart=true
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+command=/usr/sbin/amavisd-new foreground
+
+
+[program:dovecot]
+startsecs=0
+stopwaitsecs=55
+command=/usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
+autorestart=true
+autostart=false
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+
+
+
+[program:postfix]
+startsecs=0
+stopwaitsecs=55
+#command=/usr/lib/postfix/sbin/master -vv -c /etc/postfix -d
+#command=postfix -vv -c /etc/postfix start-fg
+command=/bin/postfix.sh
+autorestart=true
+autostart=false
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+
+
+
+
+
+[program:spamassassin]
+#directory=/etc/dovecot
+command=spamd --username debian-spamd --nouser-config --syslog stderr --pidfile /var/run/spamd.pid --helper-home-dir /var/lib/spamassassin --ip-address --allowed-ips 0.0.0.0/0
+autorestart=false
+autostart=false
+stdout_logfile=/var/log/supervisor/%(program_name)s.log
+stderr_logfile=/var/log/supervisor/%(program_name)s.log
+
diff --git a/test/.env b/test/.env
new file mode 100755
index 0000000..833e741
--- /dev/null
+++ b/test/.env
@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=mail
diff --git a/test/config.inc.php b/test/config.inc.php
new file mode 100644
index 0000000..9aebb35
--- /dev/null
+++ b/test/config.inc.php
@@ -0,0 +1,36 @@
+<?php
+    $config['plugins'] = array(
+	'fetchmail',
+        'contextmenu'
+);
+    $config['log_driver'] = 'stdout';
+    $config['zipdownload_selection'] = true;
+    $config['des_key'] = '2A9UVzfF6nsNucrunVIQ+AL/';
+    include(__DIR__ . '/config.docker.inc.php');
+    $config['imap_conn_options'] = array(
+           'ssl'         => array(
+           'verify_peer'  => false,
+           'allow_self_signed' => true,
+           'peer_name'         => 'localhost',
+           )
+    );
+
+     $config['smtp_conn_options'] = array(
+            'ssl'         => array(
+            'verify_peer'  => false,
+           'allow_self_signed' => true,
+           'peer_name'         => 'localhost',
+     ),
+   );
+
+    $config['layout'] = 'list';
+
+     $config['managesieve_host'] = 'tls://mail';
+
+     $config['managesieve_conn_options'] = array(
+     'ssl'         => array(
+       'verify_peer'  => true,
+       'allow_self_signed' => true,
+       'peer_name'         => 'localhost',
+     ),
+   );
diff --git a/test/docker-compose.yml b/test/docker-compose.yml
new file mode 100755
index 0000000..b99387b
--- /dev/null
+++ b/test/docker-compose.yml
@@ -0,0 +1,192 @@
+#
+# upgrade: docker-compose run --rm sentry upgrade
+#
+
+version: '2.2'
+services:
+
+  openldap:
+    image: osixia/openldap:1.5.0
+    container_name: openldap
+    domainname: "example.org" # important: same as hostname
+    hostname: "example.org"
+    restart: unless-stopped
+    cpus: 2
+    mem_limit: 100MB
+    environment:
+        LDAP_LOG_LEVEL: "256"
+        LDAP_ORGANISATION: "Example"
+        LDAP_DOMAIN: "example.org"
+        LDAP_BASE_DN: ""
+        LDAP_ADMIN_PASSWORD: "admin"
+        LDAP_CONFIG_PASSWORD: "config"
+        LDAP_READONLY_USER: "false"
+        LDAP_READONLY_USER_USERNAME: "readonly"
+        LDAP_READONLY_USER_PASSWORD: "readonly"
+        LDAP_RFC2307BIS_SCHEMA: "false"
+        LDAP_BACKEND: "mdb"
+        LDAP_TLS: "true"
+        LDAP_TLS_CRT_FILENAME: "ldap.crt"
+        LDAP_TLS_KEY_FILENAME: "ldap.key"
+        LDAP_TLS_CA_CRT_FILENAME: "ca.crt"
+        LDAP_TLS_ENFORCE: "false"
+        LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
+        LDAP_TLS_PROTOCOL_MIN: "3.1"
+        LDAP_TLS_VERIFY_CLIENT: "demand"
+        LDAP_REPLICATION: "false"
+        #LDAP_REPLICATION_CONFIG_SYNCPROV: "binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical"
+        #LDAP_REPLICATION_DB_SYNCPROV: "binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical"
+        #docker-compose.ymlLDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']"
+        KEEP_EXISTING_CONFIG: "false"
+        LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
+        LDAP_SSL_HELPER_PREFIX: "ldap"
+    tty: true
+    stdin_open: true
+    volumes:
+      - ldap_data:/var/lib/ldap
+      - ldap_config:/etc/ldap/slapd.d
+      - ldap_certs:/container/service/slapd/assets/certs/
+      - ./ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/
+    expose:
+      - 389
+      - 636
+    networks:
+      - default
+
+  phpldapadmin:
+    image: osixia/phpldapadmin:latest
+    container_name: phpldapadmin
+    depends_on:
+      - openldap
+    restart: unless-stopped
+    cpus: 2
+    mem_limit: 100MB
+    environment:
+      PHPLDAPADMIN_LDAP_HOSTS: openldap
+      PHPLDAPADMIN_HTTPS: "false"
+    ports:
+      - "127.0.0.1:8080:80"
+    networks:
+      - default
+
+
+  mail: 
+    image: test/mail:latest
+    container_name: mail
+    depends_on:
+      - openldap
+    links:
+      - mysql
+    build:
+      context: .
+      dockerfile: dockerfile
+    restart: unless-stopped
+    cpus: 2
+    mem_limit: 512MB
+    hostname: mail.nofusscomputing.com
+    volumes:
+      - mail_store:/srv/mail:rw
+      - mail_ssl:/ssl
+      - sa_learn:/var/spool/spamassassin
+      - mail_backup:/backup
+      - mail_log:/var/log
+    ports:
+      # SMTP
+      - '25:25'
+      # IMAP
+      - "993:993"
+      # Submission
+      - "587:587"
+      # ManageSieve
+      - "4190:4190"
+    environment:
+      POST_MASTER_EMAIL: postmaster@example.org
+      USE_FETCHMAIL_PL: "true"
+    networks:
+      - default
+
+  mysql:
+    image: mysql:5.7
+    container_name: mysql
+    restart: unless-stopped
+    cpus: 2
+    mem_limit: 350MB
+    volumes:
+      - mysql_data:/var/lib/mysql
+    expose:
+      - 5432
+      - 3306
+    environment:
+      - MYSQL_ROOT_PASSWORD=admin
+      - MYSQL_DATABASE=roundcube
+      - MYSQL_USER=roundcube
+      - MYSQL_PASSWORD=roundcube
+
+  roundcube:
+    image: roundcube/roundcubemail:1.5.x-fpm-alpine
+    container_name: roundcube
+    restart: unless-stopped
+    cpus: 2
+    mem_limit: 100MB
+    depends_on:
+      - mysql
+      - mail
+    links:
+      - mysql
+    expose:
+      - 9000
+    volumes:
+      - roundcube_www:/var/www/html
+      - ./config.inc.php:/var/www/html/config/config.inc.php:ro
+    environment:
+      - ROUNDCUBEMAIL_DB_TYPE=mysql
+      - ROUNDCUBEMAIL_DB_HOST=mysql
+      - ROUNDCUBEMAIL_DB_NAME=roundcube
+      - ROUNDCUBEMAIL_DB_USER=roundcube
+      - ROUNDCUBEMAIL_DB_PASSWORD=roundcube
+      - ROUNDCUBEMAIL_SKIN=larry
+      - ROUNDCUBEMAIL_DEFAULT_HOST=ssl://mail
+      - ROUNDCUBEMAIL_SMTP_SERVER=tls://mail
+      - ROUNDCUBEMAIL_PLUGINS=acl,additional_message_headers,managesieve,show_additional_headers
+
+  nginx:
+    image: nginx:1.21-alpine
+    container_name: nginx
+    restart: unless-stopped
+    cpus: 2
+    mem_limit: 100MB
+    ports:
+      - 80:80
+      # If you need SSL connection
+      # - '443:443'
+    depends_on:
+      - roundcube
+    links:
+      - roundcube
+    volumes:
+      - roundcube_www:/var/www/html
+      - ./nginx/templates:/etc/nginx/templates
+      - ngnix_log:/var/log
+      # Provide a custom nginx conf
+      # - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      # If you need SSL connection, you can provide your own certificates
+      # - ./certs:/etc/letsencrypt
+      # - ./certs-data:/data/letsencrypt
+    environment:
+      - NGINX_HOST=localhost # set your local domain or your live domain
+      - NGINX_PHP_CGI=roundcube:9000 # same as roundcubemail container name
+
+volumes:
+  ldap_data:
+  ldap_config:
+  ldap_certs:
+  mail_store:
+  mail_ssl:
+  clamav_db:
+  sa_learn:
+  mail_backup:
+  mail_log:
+  mysql_data:
+  roundcube_www:
+  nginx_www:
+  ngnix_log:
diff --git a/test/ldif/example.org.ldif b/test/ldif/example.org.ldif
new file mode 100755
index 0000000..285bfeb
--- /dev/null
+++ b/test/ldif/example.org.ldif
@@ -0,0 +1,111 @@
+# LDIF Export for dc=example,dc=org
+# Server: openldap (openldap)
+# Search Scope: sub
+# Search Filter: (objectClass=*)
+# Total Entries: 8
+#
+# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on August 2, 2021 1:20 am
+# Version: 1.2.5
+
+version: 1
+
+
+# Entry 2: ou=Groups,dc=example,dc=org
+dn: ou=Groups,dc=example,dc=org
+objectclass: organizationalUnit
+objectclass: top
+ou: Groups
+
+# Entry 3: cn=posix group 1,ou=Groups,dc=example,dc=org
+dn: cn=posix group 1,ou=Groups,dc=example,dc=org
+cn: posix group 1
+gidnumber: 500
+memberuid: posix.user1
+memberuid: posix.user2
+objectclass: posixGroup
+objectclass: top
+
+# Entry 4: cn=posix group 2,ou=Groups,dc=example,dc=org
+dn: cn=posix group 2,ou=Groups,dc=example,dc=org
+cn: posix group 2
+gidnumber: 501
+memberuid: posix.user1
+objectclass: posixGroup
+objectclass: top
+
+# Entry 5: cn=posix group 3,ou=Groups,dc=example,dc=org
+dn: cn=posix group 3,ou=Groups,dc=example,dc=org
+cn: posix group 3
+gidnumber: 502
+memberuid: posix.user2
+objectclass: posixGroup
+objectclass: top
+
+# Entry 6: ou=Users,dc=example,dc=org
+dn: ou=Users,dc=example,dc=org
+objectclass: organizationalUnit
+objectclass: top
+ou: Users
+
+# Entry 7: cn=posix user1,ou=Users,dc=example,dc=org
+dn: cn=posix user1,ou=Users,dc=example,dc=org
+cn: posix user1
+gidnumber: 500
+givenname: posix
+homedirectory: /home/users/posix.user1
+mail: test@example.org
+mailalias: test1@example.org
+objectclass: inetOrgPerson
+objectclass: posixAccount
+objectclass: top
+objectclass: PostfixBookMailAccount
+sn: user1
+uid: posix.user1
+uidnumber: 1000
+userpassword: {MD5}fGoYCzaJagqMAnh+6vsOTA==
+
+
+
+# Entry 8: cn=posix user2,ou=Users,dc=example,dc=org
+dn: cn=posix user2,ou=Users,dc=example,dc=org
+cn: posix user2
+gidnumber: 500
+givenname: posix
+homedirectory: /home/users/posix.user2
+mail: posix.user2@example.org
+objectclass: inetOrgPerson
+objectclass: posixAccount
+objectclass: top
+sn: user2
+uid: posix.user2
+uidnumber: 1001
+userpassword: {MD5}bLdfZSqbUnmOts8iAQV8cw==
+
+
+
+
+
+# Entry 1: ou=mail,dc=example,dc=org
+dn: ou=mail,dc=example,dc=org
+objectclass: organizationalUnit
+objectclass: top
+ou: mail
+
+# Entry 2: dc=example.org,ou=mail,dc=example,dc=org
+dn: dc=example.org,ou=mail,dc=example,dc=org
+dc: example.org
+objectclass: dNSDomain
+objectclass: top
+
+
+# Entry 1: cn=support,ou=Groups,dc=example,dc=org
+dn: cn=support,ou=Groups,dc=example,dc=org
+cn: support
+gidnumber: 503
+mail: support@example.org
+memberuid: posix.user1
+objectclass: posixGroup
+objectclass: top
+objectclass: PostfixBookMailAccount
+
+
diff --git a/test/nginx/templates/default.conf.template b/test/nginx/templates/default.conf.template
new file mode 100755
index 0000000..254aa20
--- /dev/null
+++ b/test/nginx/templates/default.conf.template
@@ -0,0 +1,18 @@
+server {
+    index index.php index.html;
+    server_name php-docker.local;
+    error_log  /var/log/nginx/error.log;
+    access_log /var/log/nginx/access-roundcube.log;
+    root /var/www/html;
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass ${NGINX_PHP_CGI};
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+    }
+}
+