From 55fbfbf71b45814bbae9705945b18a3804cbb1a7 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 4 Aug 2023 08:56:59 +0200
Subject: [PATCH 01/22] [Rspamd] Update to 3.6 (Ratelimit fix)

---
 data/Dockerfiles/rspamd/Dockerfile | 8 ++++----
 docker-compose.yml                 | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/data/Dockerfiles/rspamd/Dockerfile b/data/Dockerfiles/rspamd/Dockerfile
index 9d022f82..29661646 100644
--- a/data/Dockerfiles/rspamd/Dockerfile
+++ b/data/Dockerfiles/rspamd/Dockerfile
@@ -1,17 +1,17 @@
-FROM debian:bullseye-slim
+FROM debian:bookworm-slim
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 ARG DEBIAN_FRONTEND=noninteractive
-ARG CODENAME=bullseye
+ARG CODENAME=bookworm
 ENV LC_ALL C
 
-RUN apt-get update && apt-get install -y \
+RUN apt-get update && apt-get install -y --no-install-recommends \
   tzdata \
   ca-certificates \
   gnupg2 \
   apt-transport-https \
   dnsutils \
-  netcat \
+  netcat-traditional \
   && apt-key adv --fetch-keys https://rspamd.com/apt-stable/gpg.key \
   && echo "deb [arch=amd64] https://rspamd.com/apt-stable/ $CODENAME main" > /etc/apt/sources.list.d/rspamd.list \
   && apt-get update \
diff --git a/docker-compose.yml b/docker-compose.yml
index ac45857f..66e9e791 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -76,7 +76,7 @@ services:
             - clamd
 
     rspamd-mailcow:
-      image: mailcow/rspamd:1.92
+      image: mailcow/rspamd:1.93
       stop_grace_period: 30s
       depends_on:
         - dovecot-mailcow

From 70121e6f9e3802fe25253b1cd79cf3133ba0d85c Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Wed, 26 Apr 2023 08:37:20 +0000
Subject: [PATCH 02/22] Updated Clamd Building to be x86 and ARM Compatible

---
 data/Dockerfiles/clamd/Dockerfile | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

diff --git a/data/Dockerfiles/clamd/Dockerfile b/data/Dockerfiles/clamd/Dockerfile
index f381e0ef..e74ae1d4 100644
--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@@ -1,21 +1,9 @@
-FROM clamav/clamav:1.0.1-1_base
+FROM alpine:3.17
 
-LABEL maintainer "André Peters <andre.peters@servercow.de>"
+LABEL maintainer "The Infrastructure Company <info@servercow.de>"
 
-RUN apk upgrade --no-cache \
-  && apk add --update --no-cache \
-  rsync \
-  bind-tools \
-  bash 
+RUN apk update && apk add clamav tini bash
 
-# init
-COPY clamd.sh /clamd.sh
-RUN chmod +x /sbin/tini
+COPY clamd.sh ./
 
-# healthcheck
-COPY healthcheck.sh /healthcheck.sh
-RUN chmod +x /healthcheck.sh
-HEALTHCHECK --start-period=6m CMD "/healthcheck.sh"
-
-ENTRYPOINT []
 CMD ["/sbin/tini", "-g", "--", "/clamd.sh"]
\ No newline at end of file

From 563562c9b6732080262f0e9d6e8bc7f51d2dc789 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Sun, 30 Apr 2023 17:26:29 +0000
Subject: [PATCH 03/22] Added new SOGo ARM64 Compatible Repo

---
 data/Dockerfiles/sogo/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/Dockerfiles/sogo/Dockerfile b/data/Dockerfiles/sogo/Dockerfile
index a1ef95bb..066f5222 100644
--- a/data/Dockerfiles/sogo/Dockerfile
+++ b/data/Dockerfiles/sogo/Dockerfile
@@ -2,7 +2,7 @@ FROM debian:bullseye-slim
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 ARG DEBIAN_FRONTEND=noninteractive
-ARG SOGO_DEBIAN_REPOSITORY=http://packages.sogo.nu/nightly/5/debian/
+ARG SOGO_DEBIAN_REPOSITORY=http://www.axis.cz/linux/debian
 # renovate: datasource=github-releases depName=tianon/gosu versioning=semver-coerced
 ARG GOSU_VERSION=1.16
 ENV LC_ALL C
@@ -32,7 +32,7 @@ RUN echo "Building from repository $SOGO_DEBIAN_REPOSITORY" \
   && mkdir /usr/share/doc/sogo \
   && touch /usr/share/doc/sogo/empty.sh \
   && apt-key adv --keyserver keys.openpgp.org --recv-key 74FFC6D72B925A34B5D356BDF8A27B36A6E2EAE9 \
-  && echo "deb ${SOGO_DEBIAN_REPOSITORY} bullseye bullseye" > /etc/apt/sources.list.d/sogo.list \
+  && echo "deb [trusted=yes] ${SOGO_DEBIAN_REPOSITORY} bullseye sogo-v5" > /etc/apt/sources.list.d/sogo.list \
   && apt-get update && apt-get install -y --no-install-recommends \
     sogo \
     sogo-activesync \

From b06116af70ed86caf35c06ba9e4190d89749c702 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Sun, 30 Apr 2023 17:28:50 +0000
Subject: [PATCH 04/22] Changed Maintainer to tinc within Dockerfiles

---
 data/Dockerfiles/sogo/Dockerfile.custom | 118 ++++++++++++++++++++++++
 data/Dockerfiles/watchdog/Dockerfile    |   2 +-
 2 files changed, 119 insertions(+), 1 deletion(-)
 create mode 100644 data/Dockerfiles/sogo/Dockerfile.custom

diff --git a/data/Dockerfiles/sogo/Dockerfile.custom b/data/Dockerfiles/sogo/Dockerfile.custom
new file mode 100644
index 00000000..a0dffbae
--- /dev/null
+++ b/data/Dockerfiles/sogo/Dockerfile.custom
@@ -0,0 +1,118 @@
+FROM debian:bullseye-slim AS build
+LABEL maintainer "The Infrastructure Company <info@servercow.de>"
+
+ARG DEBIAN_FRONTEND=noninteractive
+ARG SOGO_VERSION=5.8.2
+
+RUN apt update && apt install -y --no-install-recommends \
+libgnustep-base-dev \
+cmake \
+pkg-config \
+make \
+gobjc \
+libz-dev \
+libexpat1-dev \
+zlib1g-dev \
+libpq-dev \
+libcurl4-openssl-dev \
+libsodium-dev \
+libxml2-dev \
+libssl-dev \
+libldap2-dev \
+libzip-dev \
+default-libmysqlclient-dev \
+mariadb-client \
+libmemcached-dev \
+libytnef0 \
+libytnef0-dev \
+libwbxml2-0 \
+libwbxml2-dev \
+curl \
+pkg-config \
+wget \
+git
+
+RUN mkdir /tmp/libwbxml && git clone https://github.com/libwbxml/libwbxml.git /tmp/libwbxml/ \
+&& cd /tmp/libwbxml/ \
+&& cmake . -B/tmp/build/libwbxml -DCMAKE_INSTALL_PREFIX=$prefix \ 
+&& cd /tmp/build/libwbxml \
+&& make \
+&& make install \
+&& ln -s /include/libwbxml-1.0 /usr/include/libwbxml-1.0
+
+RUN cd /tmp && mkdir sope && wget https://packages.sogo.nu/sources/SOPE-${SOGO_VERSION}.tar.gz -O - | tar -xz -C /tmp/sope --strip-components=1 && cd /tmp/sope \
+&& ./configure --with-gnustep --enable-debug --disable-strip \
+&& make \
+&& make install
+
+RUN cd /tmp && mkdir sogo && wget https://packages.sogo.nu/sources/SOGo-${SOGO_VERSION}.tar.gz -O - | tar -xz -C /tmp/sogo --strip-components=1 && cd /tmp/sogo \
+&& ./configure --enable-debug --disable-strip \
+&& make \
+&& make install
+
+RUN cd /tmp/sogo/ActiveSync \
+&& make VERBOSE=1 \
+&& make install
+
+FROM debian:bullseye-slim
+ARG GOSU_VERSION=1.16
+ENV LC_ALL C
+LABEL maintainer "The Infrastructure Company <info@servercow.de>"
+
+RUN apt update && apt install -y --no-install-recommends \
+    apt-transport-https \
+    ca-certificates \
+    gettext \
+    gnupg \
+    mariadb-client \
+    rsync \
+    supervisor \
+    syslog-ng \
+    syslog-ng-core \
+    syslog-ng-mod-redis \
+    dirmngr \
+    netcat \
+    psmisc \
+    wget \
+    patch \
+    && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
+    && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
+    && chmod +x /usr/local/bin/gosu \
+    && gosu nobody true \
+    && mkdir /usr/share/doc/sogo \
+    && touch /usr/share/doc/sogo/empty.sh \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY --from=build /usr/local/sbin /usr/local/sbin
+COPY --from=build /usr/local/lib /usr/local/lib
+COPY --from=build /usr/lib /usr/lib
+COPY --from=build /lib/aarch64-linux-gnu /lib/aarch64-linux-gnu
+COPY ./bootstrap-sogo.sh /bootstrap-sogo.sh
+COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
+COPY syslog-ng-redis_slave.conf /etc/syslog-ng/syslog-ng-redis_slave.conf
+COPY supervisord.conf /etc/supervisor/supervisord.conf
+COPY acl.diff /acl.diff
+COPY stop-supervisor.sh /usr/local/sbin/stop-supervisor.sh
+COPY docker-entrypoint.sh /
+
+RUN chmod +x /bootstrap-sogo.sh \
+  /usr/local/sbin/stop-supervisor.sh
+
+RUN echo "/usr/local/lib/sogo" > /etc/ld.so.conf.d/sogo.conf \
+&& ldconfig
+
+RUN groupadd --system sogo && useradd --system --gid sogo sogo \
+   && echo "create directories and enforce permissions" \
+   && install -o sogo -g sogo -m 755 -d /var/run/sogo  \
+   && install -o sogo -g sogo -m 750 -d /var/spool/sogo  \
+   && install -o sogo -g sogo -m 750 -d /var/log/sogo
+
+RUN rm -rf /usr/lib/GNUstep/SOGo
+RUN mkdir -p /usr/lib/GNUstep && ln -s /usr/local/lib/GNUstep/SOGo /usr/lib/GNUstep/SOGo
+RUN ln -s /usr/local/sbin/sogo-tool /usr/sbin/sogo-tool
+RUN ln -s /usr/local/sbin/sogo-ealarms-notify /usr/sbin/sogo-ealarms-notify
+RUN ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd 
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
+
+CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
\ No newline at end of file
diff --git a/data/Dockerfiles/watchdog/Dockerfile b/data/Dockerfiles/watchdog/Dockerfile
index 654dea08..74fc5ad7 100644
--- a/data/Dockerfiles/watchdog/Dockerfile
+++ b/data/Dockerfiles/watchdog/Dockerfile
@@ -1,5 +1,5 @@
 FROM alpine:3.17
-LABEL maintainer "André Peters <andre.peters@servercow.de>"
+LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 # Installation
 RUN apk add --update \

From da49b7642313cea379885e722c98851cf3480040 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Sun, 30 Apr 2023 17:30:25 +0000
Subject: [PATCH 05/22] Removed Test self compiled SOGo Dockerfile

---
 data/Dockerfiles/sogo/Dockerfile.custom | 118 ------------------------
 1 file changed, 118 deletions(-)
 delete mode 100644 data/Dockerfiles/sogo/Dockerfile.custom

diff --git a/data/Dockerfiles/sogo/Dockerfile.custom b/data/Dockerfiles/sogo/Dockerfile.custom
deleted file mode 100644
index a0dffbae..00000000
--- a/data/Dockerfiles/sogo/Dockerfile.custom
+++ /dev/null
@@ -1,118 +0,0 @@
-FROM debian:bullseye-slim AS build
-LABEL maintainer "The Infrastructure Company <info@servercow.de>"
-
-ARG DEBIAN_FRONTEND=noninteractive
-ARG SOGO_VERSION=5.8.2
-
-RUN apt update && apt install -y --no-install-recommends \
-libgnustep-base-dev \
-cmake \
-pkg-config \
-make \
-gobjc \
-libz-dev \
-libexpat1-dev \
-zlib1g-dev \
-libpq-dev \
-libcurl4-openssl-dev \
-libsodium-dev \
-libxml2-dev \
-libssl-dev \
-libldap2-dev \
-libzip-dev \
-default-libmysqlclient-dev \
-mariadb-client \
-libmemcached-dev \
-libytnef0 \
-libytnef0-dev \
-libwbxml2-0 \
-libwbxml2-dev \
-curl \
-pkg-config \
-wget \
-git
-
-RUN mkdir /tmp/libwbxml && git clone https://github.com/libwbxml/libwbxml.git /tmp/libwbxml/ \
-&& cd /tmp/libwbxml/ \
-&& cmake . -B/tmp/build/libwbxml -DCMAKE_INSTALL_PREFIX=$prefix \ 
-&& cd /tmp/build/libwbxml \
-&& make \
-&& make install \
-&& ln -s /include/libwbxml-1.0 /usr/include/libwbxml-1.0
-
-RUN cd /tmp && mkdir sope && wget https://packages.sogo.nu/sources/SOPE-${SOGO_VERSION}.tar.gz -O - | tar -xz -C /tmp/sope --strip-components=1 && cd /tmp/sope \
-&& ./configure --with-gnustep --enable-debug --disable-strip \
-&& make \
-&& make install
-
-RUN cd /tmp && mkdir sogo && wget https://packages.sogo.nu/sources/SOGo-${SOGO_VERSION}.tar.gz -O - | tar -xz -C /tmp/sogo --strip-components=1 && cd /tmp/sogo \
-&& ./configure --enable-debug --disable-strip \
-&& make \
-&& make install
-
-RUN cd /tmp/sogo/ActiveSync \
-&& make VERBOSE=1 \
-&& make install
-
-FROM debian:bullseye-slim
-ARG GOSU_VERSION=1.16
-ENV LC_ALL C
-LABEL maintainer "The Infrastructure Company <info@servercow.de>"
-
-RUN apt update && apt install -y --no-install-recommends \
-    apt-transport-https \
-    ca-certificates \
-    gettext \
-    gnupg \
-    mariadb-client \
-    rsync \
-    supervisor \
-    syslog-ng \
-    syslog-ng-core \
-    syslog-ng-mod-redis \
-    dirmngr \
-    netcat \
-    psmisc \
-    wget \
-    patch \
-    && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
-    && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
-    && chmod +x /usr/local/bin/gosu \
-    && gosu nobody true \
-    && mkdir /usr/share/doc/sogo \
-    && touch /usr/share/doc/sogo/empty.sh \
-    && rm -rf /var/lib/apt/lists/*
-
-COPY --from=build /usr/local/sbin /usr/local/sbin
-COPY --from=build /usr/local/lib /usr/local/lib
-COPY --from=build /usr/lib /usr/lib
-COPY --from=build /lib/aarch64-linux-gnu /lib/aarch64-linux-gnu
-COPY ./bootstrap-sogo.sh /bootstrap-sogo.sh
-COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
-COPY syslog-ng-redis_slave.conf /etc/syslog-ng/syslog-ng-redis_slave.conf
-COPY supervisord.conf /etc/supervisor/supervisord.conf
-COPY acl.diff /acl.diff
-COPY stop-supervisor.sh /usr/local/sbin/stop-supervisor.sh
-COPY docker-entrypoint.sh /
-
-RUN chmod +x /bootstrap-sogo.sh \
-  /usr/local/sbin/stop-supervisor.sh
-
-RUN echo "/usr/local/lib/sogo" > /etc/ld.so.conf.d/sogo.conf \
-&& ldconfig
-
-RUN groupadd --system sogo && useradd --system --gid sogo sogo \
-   && echo "create directories and enforce permissions" \
-   && install -o sogo -g sogo -m 755 -d /var/run/sogo  \
-   && install -o sogo -g sogo -m 750 -d /var/spool/sogo  \
-   && install -o sogo -g sogo -m 750 -d /var/log/sogo
-
-RUN rm -rf /usr/lib/GNUstep/SOGo
-RUN mkdir -p /usr/lib/GNUstep && ln -s /usr/local/lib/GNUstep/SOGo /usr/lib/GNUstep/SOGo
-RUN ln -s /usr/local/sbin/sogo-tool /usr/sbin/sogo-tool
-RUN ln -s /usr/local/sbin/sogo-ealarms-notify /usr/sbin/sogo-ealarms-notify
-RUN ln -s /usr/local/sbin/sogo-slapd-sockd /usr/sbin/sogo-slapd-sockd 
-
-ENTRYPOINT ["/docker-entrypoint.sh"]
-
-CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
\ No newline at end of file

From a602dd46561a8eed9c3c838f2593fcac08a0a2e3 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Tue, 2 May 2023 14:37:35 +0000
Subject: [PATCH 06/22] Rebased Dovecot on Alpine 3.17 instead Bullseye (ARM64
 Support)

---
 data/Dockerfiles/dovecot/Dockerfile           | 203 +++++++++---------
 .../dovecot/syslog-ng-redis_slave.conf        |   2 +-
 data/Dockerfiles/dovecot/syslog-ng.conf       |   2 +-
 3 files changed, 106 insertions(+), 101 deletions(-)

diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile
index db3a71b5..5df88ea9 100644
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -1,119 +1,124 @@
-FROM debian:bullseye-slim
+FROM alpine:3.17
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
-ARG DEBIAN_FRONTEND=noninteractive
-# renovate: datasource=github-tags depName=dovecot/core versioning=semver-coerced
-ARG DOVECOT=2.3.20
-# renovate: datasource=github-releases depName=tianon/gosu versioning=semver-coerced
 ARG GOSU_VERSION=1.16
-ENV LC_ALL C
 
+ENV LANG C.UTF-8
+ENV LC_ALL C.UTF-8
 
 # Add groups and users before installing Dovecot to not break compatibility
-RUN groupadd -g 5000 vmail \
-  && groupadd -g 401 dovecot \
-  && groupadd -g 402 dovenull \
-  && groupadd -g 999 sogo \
-  && usermod -a -G sogo nobody \
-  && useradd -g vmail -u 5000 vmail -d /var/vmail \
-  && useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \
-  && useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \
-  && touch /etc/default/locale \
-  && apt-get update \
-  && apt-get -y --no-install-recommends install \
-  build-essential \
-  apt-transport-https \
+RUN addgroup -g 5000 vmail \
+  && addgroup -g 401 dovecot \
+  && addgroup -g 402 dovenull \
+  && sed -i "s/999/99/" /etc/group \
+  && addgroup -g 999 sogo \
+  && addgroup nobody sogo \
+  && adduser -D -u 5000 -G vmail -h /var/vmail vmail \
+  && adduser -D -G dovecot -u 401 -h /dev/null -s /sbin/nologin dovecot \
+  && adduser -D -G dovenull -u 402 -h /dev/null -s /sbin/nologin dovenull \
+  && apk add --no-cache --update \
+  build-base \
+  bash \
+  bind-tools \
   ca-certificates \
-  cpanminus \
   curl \
-  dnsutils \
-  dirmngr \
-  gettext \
-  gnupg2 \
+  cyrus-sasl-dev \
+  gcc \
+  gettext-dev \
+  gnupg \
+  gnupg-dirmngr \
   jq \
-  libauthen-ntlm-perl \
-  libcgi-pm-perl \
-  libcrypt-openssl-rsa-perl \
-  libcrypt-ssleay-perl \
-  libdata-uniqid-perl \
-  libdbd-mysql-perl \
-  libdbi-perl \
-  libdigest-hmac-perl \
-  libdist-checkconflicts-perl \
-  libencode-imaputf7-perl \
-  libfile-copy-recursive-perl \
-  libfile-tail-perl \
-  libhtml-parser-perl \
-  libio-compress-perl \
-  libio-socket-inet6-perl \
-  libio-socket-ssl-perl \
-  libio-tee-perl \
-  libipc-run-perl \
-  libjson-webtoken-perl \
-  liblockfile-simple-perl \
-  libmail-imapclient-perl \
-  libmodule-implementation-perl \
-  libmodule-scandeps-perl \
-  libnet-ssleay-perl \
-  libpackage-stash-perl \
-  libpackage-stash-xs-perl \
-  libpar-packer-perl \
-  libparse-recdescent-perl \
-  libproc-processtable-perl \
-  libreadonly-perl \
-  libregexp-common-perl \
-  libssl-dev \
-  libsys-meminfo-perl \
-  libterm-readkey-perl \
-  libtest-deep-perl \
-  libtest-fatal-perl \
-  libtest-mock-guard-perl \
-  libtest-mockobject-perl \
-  libtest-nowarnings-perl \
-  libtest-pod-perl \
-  libtest-requires-perl \
-  libtest-simple-perl \
-  libtest-warn-perl \
-  libtry-tiny-perl \
-  libunicode-string-perl \
-  liburi-perl \
-  libwww-perl \
-  lua-sql-mysql \
+  libintl \
+  libssl1.1 \
+  libstdc++ \
+  libxml2-dev \
+  lua \
+  lua-cjson \
   lua-socket \
+  lua-sql-mysql \
+  lua5.3-sql-mysql \
+  make \
+  mariadb-connector-c \
+  mariadb-dev \
   mariadb-client \
+# libressl-dev \
+  openssl-dev \
+  pcre-dev \
+  perl \
+  perl-ntlm \
+  perl-cgi \
+  perl-crypt-openssl-rsa \
+  perl-utils \
+  perl-crypt-ssleay \
+  perl-data-uniqid \
+  perl-dbd-mysql \
+  perl-dbi \
+  perl-digest-hmac \
+  perl-dist-checkconflicts \
+  perl-encode-imaputf7 \
+  perl-file-copy-recursive \
+  perl-file-tail \
+  perl-io-socket-inet6 \
+  perl-io-gzip \
+  perl-io-socket-ssl \
+  perl-io-tee \
+  perl-ipc-run \
+  perl-json-webtoken \
+  #perl-lockfile-simple \
+  perl-mail-imapclient \
+  perl-module-implementation \
+  perl-module-scandeps \
+  perl-net-ssleay \
+  perl-package-stash \
+  perl-package-stash-xs \
+  perl-par-packer \
+  perl-parse-recdescent \
+  libproc \
+  perl-readonly \
+  perl-regexp-common \
+  perl-sys-meminfo \
+  perl-term-readkey \
+  perl-test-deep \
+  perl-test-fatal \
+  perl-test-mockobject \
+  perl-test-mock-guard \
+  perl-test-pod \
+  perl-test-requires \
+  perl-test-simple \
+  perl-test-warn \
+  perl-try-tiny \
+  perl-unicode-string \
+  perl-app-cpanminus \
   procps \
-  python3-pip \
-  redis-server \
-  supervisor \
+  python3 \
+  python3-dev \
+  py3-pip \
+  redis \
   syslog-ng \
-  syslog-ng-core \
-  syslog-ng-mod-redis \
+  syslog-ng-redis \
+  syslog-ng-json \
+  supervisor \
+  tzdata \
   wget \
-  && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
-  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
-  && chmod +x /usr/local/bin/gosu \
-  && gosu nobody true \
-  && apt-key adv --fetch-keys https://repo.dovecot.org/DOVECOT-REPO-GPG \
-  && echo "deb https://repo.dovecot.org/ce-${DOVECOT}/debian/bullseye bullseye main" > /etc/apt/sources.list.d/dovecot.list \
-  && apt-get update \
-  && apt-get -y --no-install-recommends install \
-  dovecot-lua \
-  dovecot-managesieved \
-  dovecot-sieve \
+  dovecot \
+  dovecot-dev \
   dovecot-lmtpd \
+  dovecot-lua \
   dovecot-ldap \
   dovecot-mysql \
-  dovecot-core \
+  dovecot-sql \
+  dovecot-submissiond \
+  dovecot-pigeonhole-plugin \
   dovecot-pop3d \
-  dovecot-imapd \
-  dovecot-solr \
-  && pip3 install mysql-connector-python html2text jinja2 redis \
-  && apt-get autoremove --purge -y \
-  && apt-get autoclean \
-  && rm -rf /var/lib/apt/lists/* \
-  && rm -rf /tmp/* /var/tmp/* /root/.cache/
-# imapsync dependencies
-RUN cpan Crypt::OpenSSL::PKCS12
+  dovecot-fts-solr \
+  && arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \
+  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \
+  && chmod +x /usr/local/bin/gosu \
+  && gosu nobody true
+
+RUN cpan LockFile::Simple
+
+RUN pip3 install mysql-connector-python html2text jinja2 redis
 
 COPY trim_logs.sh /usr/local/bin/trim_logs.sh
 COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh
@@ -135,4 +140,4 @@ COPY quota_notify.py /usr/local/bin/quota_notify.py
 COPY repl_health.sh /usr/local/bin/repl_health.sh
 
 ENTRYPOINT ["/docker-entrypoint.sh"]
-CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
+CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
\ No newline at end of file
diff --git a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
index ea2bcfbf..ab7f3aa6 100644
--- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
@@ -1,4 +1,4 @@
-@version: 3.28
+@version: 3.38
 @include "scl.conf"
 options {
   chain_hostnames(off);
diff --git a/data/Dockerfiles/dovecot/syslog-ng.conf b/data/Dockerfiles/dovecot/syslog-ng.conf
index 2ee4f624..59d4f513 100644
--- a/data/Dockerfiles/dovecot/syslog-ng.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng.conf
@@ -1,4 +1,4 @@
-@version: 3.28
+@version: 3.38
 @include "scl.conf"
 options {
   chain_hostnames(off);

From c58fcddb03bed940da1871784b13a2ecda822447 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Tue, 2 May 2023 15:29:21 +0000
Subject: [PATCH 07/22] Switched to Alpine Edge (for IMAPSYNC Deps)

---
 data/Dockerfiles/dovecot/Dockerfile | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile
index 5df88ea9..8e36fda0 100644
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.17
+FROM alpine:edge
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 ARG GOSU_VERSION=1.16
@@ -40,11 +40,14 @@ RUN addgroup -g 5000 vmail \
   make \
   mariadb-connector-c \
   mariadb-dev \
+  glib-dev \
+  gcompat \
   mariadb-client \
 # libressl-dev \
   openssl-dev \
   pcre-dev \
   perl \
+  perl-dev \
   perl-ntlm \
   perl-cgi \
   perl-crypt-openssl-rsa \
@@ -64,7 +67,6 @@ RUN addgroup -g 5000 vmail \
   perl-io-tee \
   perl-ipc-run \
   perl-json-webtoken \
-  #perl-lockfile-simple \
   perl-mail-imapclient \
   perl-module-implementation \
   perl-module-scandeps \
@@ -88,6 +90,7 @@ RUN addgroup -g 5000 vmail \
   perl-test-warn \
   perl-try-tiny \
   perl-unicode-string \
+  perl-proc-processtable \
   perl-app-cpanminus \
   procps \
   python3 \

From b5d89d9a858610d4011956fa0b957147dba08d70 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Wed, 3 May 2023 08:37:00 +0000
Subject: [PATCH 08/22] Optimized CLAMAV Builds to match exact version instead
 of Repo

---
 data/Dockerfiles/clamd/Dockerfile | 126 +++++++++++++++++++++++++++++-
 1 file changed, 122 insertions(+), 4 deletions(-)

diff --git a/data/Dockerfiles/clamd/Dockerfile b/data/Dockerfiles/clamd/Dockerfile
index e74ae1d4..a09a0022 100644
--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@@ -1,9 +1,127 @@
-FROM alpine:3.17
+FROM index.docker.io/library/alpine:latest AS builder
+ENV CLAMD_VERSION=1.1.0
 
-LABEL maintainer "The Infrastructure Company <info@servercow.de>"
+WORKDIR /src
 
-RUN apk update && apk add clamav tini bash
+# hadolint ignore=DL3008  We want the latest stable versions
+RUN apk update && apk upgrade \
+    && \
+    apk add --no-cache \
+        bsd-compat-headers \
+        cmake \
+        file \
+        g++ \
+        libtool \
+        linux-headers \
+        make \
+        musl-fts-dev \
+        # Clamav dependencies provided by alpine
+        bzip2-dev \
+        check-dev \
+        curl-dev \
+        json-c-dev \
+        libmilter-dev \
+        libxml2-dev \
+        ncurses-dev \
+        ncurses-dev \
+        openssl-dev \
+        pcre2-dev \
+        zlib-dev \
+        # For the tests
+        python3 \
+        py3-pytest \
+        # For Rust/Cargo
+        cargo \
+        rust \
+    && \
+    wget https://github.com/Cisco-Talos/clamav/releases/download/clamav-${CLAMD_VERSION}/clamav-${CLAMD_VERSION}.tar.gz \
+    && tar -xzf clamav-${CLAMD_VERSION}.tar.gz && cd clamav-${CLAMD_VERSION} && mkdir build && cd build\
+    && cmake .. \
+        -D CMAKE_BUILD_TYPE="Release"                                                       \
+        -D CMAKE_INSTALL_PREFIX="/usr"                                                      \
+        -D CMAKE_INSTALL_LIBDIR="/usr/lib"                                                  \
+        -D APP_CONFIG_DIRECTORY="/etc/clamav"                                               \
+        -D DATABASE_DIRECTORY="/var/lib/clamav"                                             \
+        -D ENABLE_CLAMONACC=OFF                                                             \
+        -D ENABLE_EXAMPLES=OFF                                                              \
+        -D ENABLE_MILTER=ON                                                                 \
+        -D ENABLE_MAN_PAGES=OFF                                                             \
+        -D ENABLE_STATIC_LIB=OFF                                                            \
+        -D ENABLE_JSON_SHARED=ON                                                            \
+    && \
+    make DESTDIR="/clamav" -j$(($(nproc) - 1)) install && \
+    rm -r \
+       "/clamav/usr/lib/pkgconfig/" \
+    && \
+    sed -e "s|^\(Example\)|\# \1|" \
+        -e "s|.*\(PidFile\) .*|\1 /tmp/clamd.pid|" \
+        -e "s|.*\(LocalSocket\) .*|\1 /tmp/clamd.sock|" \
+        -e "s|.*\(TCPSocket\) .*|\1 3310|" \
+        -e "s|.*\(TCPAddr\) .*|#\1 0.0.0.0|" \
+        -e "s|.*\(User\) .*|\1 clamav|" \
+        -e "s|^\#\(LogFile\) .*|\1 /var/log/clamav/clamd.log|" \
+        -e "s|^\#\(LogTime\).*|\1 yes|" \
+        "/clamav/etc/clamav/clamd.conf.sample" > "/clamav/etc/clamav/clamd.conf" && \
+    sed -e "s|^\(Example\)|\# \1|" \
+        -e "s|.*\(PidFile\) .*|\1 /tmp/freshclam.pid|" \
+        -e "s|.*\(DatabaseOwner\) .*|\1 clamav|" \
+        -e "s|^\#\(UpdateLogFile\) .*|\1 /var/log/clamav/freshclam.log|" \
+        -e "s|^\#\(NotifyClamd\).*|\1 /etc/clamav/clamd.conf|" \
+        -e "s|^\#\(ScriptedUpdates\).*|\1 yes|" \
+        "/clamav/etc/clamav/freshclam.conf.sample" > "/clamav/etc/clamav/freshclam.conf" && \
+    sed -e "s|^\(Example\)|\# \1|" \
+        -e "s|.*\(PidFile\) .*|\1 /tmp/clamav-milter.pid|" \
+        -e "s|.*\(MilterSocket\) .*|\1 inet:7357|" \
+        -e "s|.*\(User\) .*|\1 clamav|" \
+        -e "s|^\#\(LogFile\) .*|\1 /var/log/clamav/milter.log|" \
+        -e "s|^\#\(LogTime\).*|\1 yes|" \
+        -e "s|.*\(\ClamdSocket\) .*|\1 unix:/tmp/clamd.sock|" \
+        "/clamav/etc/clamav/clamav-milter.conf.sample" > "/clamav/etc/clamav/clamav-milter.conf" || \
+    exit 1 \
+    && \
+    ctest -V
 
-COPY clamd.sh ./
+FROM index.docker.io/library/alpine:latest
+
+LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
+
+EXPOSE 3310
+EXPOSE 7357
+
+ENV TZ Europe/Berlin
+
+RUN apk add --no-cache \
+        fts \
+        libstdc++ \
+        tini \
+        tzdata \
+        # Clamav dependencies provided by alpine
+        json-c \
+        libbz2 \
+        libcurl \
+        libmilter \
+        libxml2 \
+        ncurses-libs \
+        pcre2 \
+        zlib \
+        rsync \
+        bind-tools \
+        bash \
+    && \
+    addgroup -S "clamav" && \
+    adduser -D -G "clamav" -h "/var/lib/clamav" -s "/bin/false" -u 100 -S "clamav" && \
+    install -d -m 755 -g "clamav" -o "clamav" "/var/log/clamav" && \
+    chown -R clamav:clamav /var/lib/clamav
+
+COPY --from=builder "/clamav" "/"
+
+# init
+COPY clamd.sh /clamd.sh
+RUN chmod +x /sbin/tini
+
+# healthcheck
+COPY healthcheck.sh /healthcheck.sh
+RUN chmod +x /healthcheck.sh
+HEALTHCHECK --start-period=6m CMD "/healthcheck.sh"
 
 CMD ["/sbin/tini", "-g", "--", "/clamd.sh"]
\ No newline at end of file

From c134f0b5bab2178b28a512761e280a4f48c8bb4b Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Wed, 3 May 2023 09:36:43 +0000
Subject: [PATCH 09/22] Changed Dovecot Base to Bullseye again (Self compile)

---
 data/Dockerfiles/dovecot/Dockerfile           | 290 +++++++++++-------
 .../dovecot/syslog-ng-redis_slave.conf        |   2 +-
 data/Dockerfiles/dovecot/syslog-ng.conf       |   2 +-
 data/conf/dovecot/dovecot.conf                |   4 +-
 4 files changed, 186 insertions(+), 112 deletions(-)

diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile
index 8e36fda0..0f1dced2 100644
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -1,128 +1,202 @@
-FROM alpine:edge
-LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
+FROM debian:bullseye-slim as build
+LABEL maintainer "The Infrastructure Company <info@servercow.de>"
 
+ARG DEBIAN_FRONTEND=noninteractive
 ARG GOSU_VERSION=1.16
+ARG DOVECOT_VERSION=2.3.20
+ARG PIGEONHOLE_VERSION=0.5.20
+ENV LC_ALL C
 
-ENV LANG C.UTF-8
-ENV LC_ALL C.UTF-8
 
 # Add groups and users before installing Dovecot to not break compatibility
-RUN addgroup -g 5000 vmail \
-  && addgroup -g 401 dovecot \
-  && addgroup -g 402 dovenull \
-  && sed -i "s/999/99/" /etc/group \
-  && addgroup -g 999 sogo \
-  && addgroup nobody sogo \
-  && adduser -D -u 5000 -G vmail -h /var/vmail vmail \
-  && adduser -D -G dovecot -u 401 -h /dev/null -s /sbin/nologin dovecot \
-  && adduser -D -G dovenull -u 402 -h /dev/null -s /sbin/nologin dovenull \
-  && apk add --no-cache --update \
-  build-base \
-  bash \
-  bind-tools \
+RUN touch /etc/default/locale \
+  && apt-get update \
+  && apt-get -y --no-install-recommends install \
+  apt-transport-https \
   ca-certificates \
   curl \
-  cyrus-sasl-dev \
-  gcc \
-  gettext-dev \
-  gnupg \
-  gnupg-dirmngr \
+  dirmngr \
+  gettext \
+  gnupg2 \
   jq \
-  libintl \
-  libssl1.1 \
-  libstdc++ \
-  libxml2-dev \
-  lua \
-  lua-cjson \
-  lua-socket \
+  libauthen-ntlm-perl \
+  libcgi-pm-perl \
+  libcrypt-openssl-rsa-perl \
+  libcrypt-ssleay-perl \
+  libdata-uniqid-perl \
+  libdbd-mysql-perl \
+  libdbi-perl \
+  libdigest-hmac-perl \
+  libdist-checkconflicts-perl \
+  libencode-imaputf7-perl \
+  libfile-copy-recursive-perl \
+  libfile-tail-perl \
+  libhtml-parser-perl \
+  libio-compress-perl \
+  libio-socket-inet6-perl \
+  libio-socket-ssl-perl \
+  libio-tee-perl \
+  libipc-run-perl \
+  libjson-webtoken-perl \
+  liblockfile-simple-perl \
+  libmail-imapclient-perl \
+  libmodule-implementation-perl \
+  libmodule-scandeps-perl \
+  libnet-ssleay-perl \
+  libpackage-stash-perl \
+  libpackage-stash-xs-perl \
+  libpar-packer-perl \
+  libparse-recdescent-perl \
+  libproc-processtable-perl \
+  libreadonly-perl \
+  libregexp-common-perl \
+  libsys-meminfo-perl \
+  libterm-readkey-perl \
+  libtest-deep-perl \
+  libtest-fatal-perl \
+  libtest-mock-guard-perl \
+  libtest-mockobject-perl \
+  libtest-nowarnings-perl \
+  libtest-pod-perl \
+  libtest-requires-perl \
+  libtest-simple-perl \
+  libtest-warn-perl \
+  libtry-tiny-perl \
+  libunicode-string-perl \
+  liburi-perl \
+  libwww-perl \
+  libstemmer-dev \
+  libexttextcat-dev \
+  libldap-dev \
+  libghc-bzlib-dev \
   lua-sql-mysql \
-  lua5.3-sql-mysql \
-  make \
-  mariadb-connector-c \
-  mariadb-dev \
-  glib-dev \
-  gcompat \
+  liblz4-dev \
+  libzstd-dev \
+  libexpat-dev \
+  lua-socket \
   mariadb-client \
-# libressl-dev \
-  openssl-dev \
-  pcre-dev \
-  perl \
-  perl-dev \
-  perl-ntlm \
-  perl-cgi \
-  perl-crypt-openssl-rsa \
-  perl-utils \
-  perl-crypt-ssleay \
-  perl-data-uniqid \
-  perl-dbd-mysql \
-  perl-dbi \
-  perl-digest-hmac \
-  perl-dist-checkconflicts \
-  perl-encode-imaputf7 \
-  perl-file-copy-recursive \
-  perl-file-tail \
-  perl-io-socket-inet6 \
-  perl-io-gzip \
-  perl-io-socket-ssl \
-  perl-io-tee \
-  perl-ipc-run \
-  perl-json-webtoken \
-  perl-mail-imapclient \
-  perl-module-implementation \
-  perl-module-scandeps \
-  perl-net-ssleay \
-  perl-package-stash \
-  perl-package-stash-xs \
-  perl-par-packer \
-  perl-parse-recdescent \
-  libproc \
-  perl-readonly \
-  perl-regexp-common \
-  perl-sys-meminfo \
-  perl-term-readkey \
-  perl-test-deep \
-  perl-test-fatal \
-  perl-test-mockobject \
-  perl-test-mock-guard \
-  perl-test-pod \
-  perl-test-requires \
-  perl-test-simple \
-  perl-test-warn \
-  perl-try-tiny \
-  perl-unicode-string \
-  perl-proc-processtable \
-  perl-app-cpanminus \
   procps \
-  python3 \
-  python3-dev \
-  py3-pip \
-  redis \
-  syslog-ng \
-  syslog-ng-redis \
-  syslog-ng-json \
-  supervisor \
-  tzdata \
   wget \
-  dovecot \
-  dovecot-dev \
-  dovecot-lmtpd \
-  dovecot-lua \
-  dovecot-ldap \
-  dovecot-mysql \
-  dovecot-sql \
-  dovecot-submissiond \
-  dovecot-pigeonhole-plugin \
-  dovecot-pop3d \
-  dovecot-fts-solr \
-  && arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \
-  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \
+  git \
+  bison \
+  flex \
+  build-essential \
+  autoconf \
+  automake \
+  libtool \
+  make \
+  default-libmysqlclient-dev \
+  libicu-dev \
+  zlib1g-dev \
+  pkg-config \
+  libsqlite3-dev \
+  liblua5.3-dev \
+  && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
+  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
   && chmod +x /usr/local/bin/gosu \
   && gosu nobody true
 
-RUN cpan LockFile::Simple
+RUN cd /tmp && wget https://github.com/dovecot/core/archive/refs/tags/${DOVECOT_VERSION}.tar.gz && tar -xzf ${DOVECOT_VERSION}.tar.gz && cd core-${DOVECOT_VERSION} \
+  && ./autogen.sh \
+  && PANDOC=false ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-ssldir=/etc/ssl --enable-maintainer-mode --with-sql=yes --with-lua=yes --with-mysql --with-ldap --with-solr --with-zstd --with-lz4 --with-ssl=openssl --with-notify=inotify --with-bzlib --with-zlib --enable-hardening --with-stemmer --with-textcat --with-icu \
+  && make -j6 \
+  && make install \
+  && make clean
 
-RUN pip3 install mysql-connector-python html2text jinja2 redis
+RUN cd /tmp && wget https://github.com/dovecot/pigeonhole/archive/refs/tags/${PIGEONHOLE_VERSION}.tar.gz && tar -xzf ${PIGEONHOLE_VERSION}.tar.gz && cd pigeonhole-${PIGEONHOLE_VERSION} \
+  && ./autogen.sh \
+  && ./configure --with-dovecot=/usr/lib/dovecot --with-managesieve\ 
+  && make -j6 \
+  && make install \
+  && make clean
 
+FROM debian:bullseye-slim
+RUN groupadd -g 5000 vmail \
+  && groupadd -g 401 dovecot \
+  && groupadd -g 402 dovenull \
+  && groupadd -g 999 sogo \
+  && usermod -a -G sogo nobody \
+  && useradd -g vmail -u 5000 vmail -d /var/vmail \
+  && useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \
+  && useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \
+  && apt update && apt install lua-socket \
+  mariadb-client \
+  libstemmer-dev \
+  libexttextcat-dev \
+  libicu-dev \
+  libsqlite3-dev \
+  liblua5.3-dev \
+  lua-sql-mysql \
+  libldap-dev \
+  libssl-dev \
+  procps \
+  python3-pip \
+  redis-server \
+  supervisor \
+  syslog-ng \
+  syslog-ng-core \
+  syslog-ng-mod-redis \
+  cpanminus \
+  curl \
+  libauthen-ntlm-perl \
+  libcgi-pm-perl \
+  libcrypt-openssl-rsa-perl \
+  libcrypt-ssleay-perl \
+  libdata-uniqid-perl \
+  libdbd-mysql-perl \
+  libdbi-perl \
+  libdigest-hmac-perl \
+  libdist-checkconflicts-perl \
+  libencode-imaputf7-perl \
+  libfile-copy-recursive-perl \
+  libfile-tail-perl \
+  libhtml-parser-perl \
+  libio-compress-perl \
+  libio-socket-inet6-perl \
+  libio-socket-ssl-perl \
+  libio-tee-perl \
+  libipc-run-perl \
+  libjson-webtoken-perl \
+  liblockfile-simple-perl \
+  libmail-imapclient-perl \
+  libmodule-implementation-perl \
+  libmodule-scandeps-perl \
+  libnet-ssleay-perl \
+  libpackage-stash-perl \
+  libpackage-stash-xs-perl \
+  libpar-packer-perl \
+  libparse-recdescent-perl \
+  libproc-processtable-perl \
+  libreadonly-perl \
+  libregexp-common-perl \
+  libsys-meminfo-perl \
+  libterm-readkey-perl \
+  libtest-deep-perl \
+  libtest-fatal-perl \
+  libtest-mock-guard-perl \
+  libtest-mockobject-perl \
+  libtest-nowarnings-perl \
+  libtest-pod-perl \
+  libtest-requires-perl \
+  libtest-simple-perl \
+  libtest-warn-perl \
+  libtry-tiny-perl \
+  libunicode-string-perl \
+  liburi-perl \
+  libwww-perl \
+  dnsutils \
+  build-essential \
+  gettext-base -y --no-install-recommends \
+  && pip3 install mysql-connector-python html2text jinja2 redis
+# imapsync dependencies
+RUN cpan Crypt::OpenSSL::PKCS12
+COPY --from=build /usr/lib/dovecot /usr/lib/dovecot
+COPY --from=build /usr/bin/doveconf /usr/bin/doveconf
+COPY --from=build /usr/bin/doveadm /usr/bin/doveadm
+COPY --from=build /usr/bin/dovecot-sysreport /usr/bin/dovecot-sysreport
+COPY --from=build /usr/sbin/dovecot /usr/sbin/dovecot
+COPY --from=build /usr/libexec/dovecot/ /usr/libexec/dovecot/
+COPY --from=build /usr/local/bin /usr/local/bin
 COPY trim_logs.sh /usr/local/bin/trim_logs.sh
 COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
diff --git a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
index ab7f3aa6..ea2bcfbf 100644
--- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
@@ -1,4 +1,4 @@
-@version: 3.38
+@version: 3.28
 @include "scl.conf"
 options {
   chain_hostnames(off);
diff --git a/data/Dockerfiles/dovecot/syslog-ng.conf b/data/Dockerfiles/dovecot/syslog-ng.conf
index 59d4f513..2ee4f624 100644
--- a/data/Dockerfiles/dovecot/syslog-ng.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng.conf
@@ -1,4 +1,4 @@
-@version: 3.38
+@version: 3.28
 @include "scl.conf"
 options {
   chain_hostnames(off);
diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf
index 159e39f4..8a8728db 100644
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@@ -241,8 +241,8 @@ plugin {
   mail_crypt_global_public_key = </mail_crypt/ecpubkey.pem
   mail_crypt_save_version = 2
 
-  # Enable compression while saving, lz4 Dovecot v2.2.11+
-  zlib_save = lz4
+  # Enable compression while saving, zstd Dovecot v2.3.17+
+  zlib_save = zstd
 
   mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
   mail_log_fields = uid box msgid size

From d751d4f6fb0e9e762163c94835bea6316a11a3d8 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Wed, 3 May 2023 09:55:55 +0000
Subject: [PATCH 10/22] Optimized Build Process for Dovecot

---
 data/Dockerfiles/dovecot/Dockerfile | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile
index 0f1dced2..adeeeb6d 100644
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -1,8 +1,6 @@
 FROM debian:bullseye-slim as build
-LABEL maintainer "The Infrastructure Company <info@servercow.de>"
 
 ARG DEBIAN_FRONTEND=noninteractive
-ARG GOSU_VERSION=1.16
 ARG DOVECOT_VERSION=2.3.20
 ARG PIGEONHOLE_VERSION=0.5.20
 ENV LC_ALL C
@@ -90,11 +88,7 @@ RUN touch /etc/default/locale \
   zlib1g-dev \
   pkg-config \
   libsqlite3-dev \
-  liblua5.3-dev \
-  && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
-  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
-  && chmod +x /usr/local/bin/gosu \
-  && gosu nobody true
+  liblua5.3-dev
 
 RUN cd /tmp && wget https://github.com/dovecot/core/archive/refs/tags/${DOVECOT_VERSION}.tar.gz && tar -xzf ${DOVECOT_VERSION}.tar.gz && cd core-${DOVECOT_VERSION} \
   && ./autogen.sh \
@@ -111,6 +105,9 @@ RUN cd /tmp && wget https://github.com/dovecot/pigeonhole/archive/refs/tags/${PI
   && make clean
 
 FROM debian:bullseye-slim
+LABEL maintainer "The Infrastructure Company <info@servercow.de>"
+ARG GOSU_VERSION=1.16
+
 RUN groupadd -g 5000 vmail \
   && groupadd -g 401 dovecot \
   && groupadd -g 402 dovenull \
@@ -129,6 +126,7 @@ RUN groupadd -g 5000 vmail \
   lua-sql-mysql \
   libldap-dev \
   libssl-dev \
+  wget \
   procps \
   python3-pip \
   redis-server \
@@ -187,16 +185,27 @@ RUN groupadd -g 5000 vmail \
   dnsutils \
   build-essential \
   gettext-base -y --no-install-recommends \
-  && pip3 install mysql-connector-python html2text jinja2 redis
+  && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
+  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
+  && chmod +x /usr/local/bin/gosu \
+  && gosu nobody true \
+  && pip3 install mysql-connector-python html2text jinja2 redis \
+  && apt-get autoremove --purge -y \
+  && apt-get autoclean
 # imapsync dependencies
 RUN cpan Crypt::OpenSSL::PKCS12
+RUN  rm -rf /var/lib/apt/lists/* \
+  && rm -rf /tmp/* /var/tmp/* /root/.cache/
 COPY --from=build /usr/lib/dovecot /usr/lib/dovecot
 COPY --from=build /usr/bin/doveconf /usr/bin/doveconf
 COPY --from=build /usr/bin/doveadm /usr/bin/doveadm
 COPY --from=build /usr/bin/dovecot-sysreport /usr/bin/dovecot-sysreport
 COPY --from=build /usr/sbin/dovecot /usr/sbin/dovecot
 COPY --from=build /usr/libexec/dovecot/ /usr/libexec/dovecot/
-COPY --from=build /usr/local/bin /usr/local/bin
+COPY --from=build /usr/local/bin/sieve-dump /usr/local/bin/sieve-dump
+COPY --from=build /usr/local/bin/sieve-filter /usr/local/bin/sieve-filter
+COPY --from=build /usr/local/bin/sieve-test /usr/local/bin/sieve-test
+COPY --from=build /usr/local/bin/sievec /usr/local/bin/sievec
 COPY trim_logs.sh /usr/local/bin/trim_logs.sh
 COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf

From 27b274abcbe167d976dfcb3cb4c2bd47bd853911 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 5 May 2023 06:41:43 +0000
Subject: [PATCH 11/22] [Rspamd] Removed Arch Tag for Dockerfile

---
 data/Dockerfiles/rspamd/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/Dockerfiles/rspamd/Dockerfile b/data/Dockerfiles/rspamd/Dockerfile
index 29661646..06a98844 100644
--- a/data/Dockerfiles/rspamd/Dockerfile
+++ b/data/Dockerfiles/rspamd/Dockerfile
@@ -13,7 +13,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
   dnsutils \
   netcat-traditional \
   && apt-key adv --fetch-keys https://rspamd.com/apt-stable/gpg.key \
-  && echo "deb [arch=amd64] https://rspamd.com/apt-stable/ $CODENAME main" > /etc/apt/sources.list.d/rspamd.list \
+  && echo "deb https://rspamd.com/apt-stable/ $CODENAME main" > /etc/apt/sources.list.d/rspamd.list \
   && apt-get update \
   && apt-get --no-install-recommends -y install rspamd redis-tools procps nano \
   && rm -rf /var/lib/apt/lists/* \

From 6e79815cc3e3bb0ccb674e1400f8aa86f7a76452 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 5 May 2023 10:05:40 +0000
Subject: [PATCH 12/22] Added missing Labels to Dockerfiles

---
 data/Dockerfiles/solr/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/Dockerfiles/solr/Dockerfile b/data/Dockerfiles/solr/Dockerfile
index 0c5af1af..370ef0f0 100644
--- a/data/Dockerfiles/solr/Dockerfile
+++ b/data/Dockerfiles/solr/Dockerfile
@@ -1,4 +1,5 @@
 FROM solr:7.7-slim
+LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
 USER root
 

From f7ce3e725730c9857301e7b1ad1b1a04825693d4 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 5 May 2023 11:57:26 +0000
Subject: [PATCH 13/22] Updated docker-compose.yml for Public testing

---
 docker-compose.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 66e9e791..d48d31a4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,7 +2,7 @@ version: '2.1'
 services:
 
     unbound-mailcow:
-      image: mailcow/unbound:1.17
+      image: mailcow/unbound:arm64-dev
       environment:
         - TZ=${TZ}
       volumes:
@@ -58,7 +58,7 @@ services:
             - redis
 
     clamd-mailcow:
-      image: mailcow/clamd:1.61
+      image: mailcow/clamd:arm64-dev
       restart: always
       depends_on:
         - unbound-mailcow
@@ -391,7 +391,7 @@ services:
     acme-mailcow:
       depends_on:
         - nginx-mailcow
-      image: mailcow/acme:1.84
+      image: mailcow/acme:arm64-dev
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       environment:
@@ -427,7 +427,7 @@ services:
             - acme
 
     netfilter-mailcow:
-      image: mailcow/netfilter:1.52
+      image: mailcow/netfilter:arm64-dev
       stop_grace_period: 30s
       depends_on:
         - dovecot-mailcow
@@ -450,7 +450,7 @@ services:
         - /lib/modules:/lib/modules:ro
 
     watchdog-mailcow:
-      image: mailcow/watchdog:1.97
+      image: mailcow/watchdog:arm64-dev
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       tmpfs:
@@ -531,7 +531,7 @@ services:
             - dockerapi
 
     solr-mailcow:
-      image: mailcow/solr:1.8.1
+      image: mailcow/solr:dev
       restart: always
       volumes:
         - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
@@ -547,7 +547,7 @@ services:
             - solr
 
     olefy-mailcow:
-      image: mailcow/olefy:1.11
+      image: mailcow/olefy:arm64-dev
       restart: always
       environment:
         - TZ=${TZ}

From 1be0fad03b77343e2266074794f38695141fb9d5 Mon Sep 17 00:00:00 2001
From: Niklas Meyer <62480600+DerLinkman@users.noreply.github.com>
Date: Fri, 5 May 2023 16:00:05 +0200
Subject: [PATCH 14/22] Added missing solr ARM64 Image

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index d48d31a4..9fa0097f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -531,7 +531,7 @@ services:
             - dockerapi
 
     solr-mailcow:
-      image: mailcow/solr:dev
+      image: mailcow/solr:arm64-dev
       restart: always
       volumes:
         - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data

From 5ba1fb60047d5989a32325a81849f7761db2cd33 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Mon, 8 May 2023 12:55:54 +0000
Subject: [PATCH 15/22] Fixed DockerAPI Exception (due to incompatible urllib3)

---
 data/Dockerfiles/dockerapi/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/Dockerfiles/dockerapi/Dockerfile b/data/Dockerfiles/dockerapi/Dockerfile
index 3431f939..2abe223f 100644
--- a/data/Dockerfiles/dockerapi/Dockerfile
+++ b/data/Dockerfiles/dockerapi/Dockerfile
@@ -13,6 +13,7 @@ RUN apk add --update --no-cache python3 \
   fastapi \
   uvicorn \
   aiodocker \
+  urllib3==1.26.15\
   docker \
   aioredis 
 RUN mkdir /app/modules

From c948a6cdbc7eeade462dc6c73f489d37453557a6 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Mon, 8 May 2023 13:24:20 +0000
Subject: [PATCH 16/22] Removed fixed urllib3 due to fixed docker python module

---
 data/Dockerfiles/dockerapi/Dockerfile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/data/Dockerfiles/dockerapi/Dockerfile b/data/Dockerfiles/dockerapi/Dockerfile
index 2abe223f..3431f939 100644
--- a/data/Dockerfiles/dockerapi/Dockerfile
+++ b/data/Dockerfiles/dockerapi/Dockerfile
@@ -13,7 +13,6 @@ RUN apk add --update --no-cache python3 \
   fastapi \
   uvicorn \
   aiodocker \
-  urllib3==1.26.15\
   docker \
   aioredis 
 RUN mkdir /app/modules

From 384307b35c848e13df0b83a51f846dd67ee00c42 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 12 May 2023 08:30:55 +0000
Subject: [PATCH 17/22] Small fixes for CLAMD Health Check

---
 data/Dockerfiles/clamd/Dockerfile    |  1 +
 data/Dockerfiles/clamd/clamdcheck.sh | 14 ++++++++++++++
 2 files changed, 15 insertions(+)
 create mode 100755 data/Dockerfiles/clamd/clamdcheck.sh

diff --git a/data/Dockerfiles/clamd/Dockerfile b/data/Dockerfiles/clamd/Dockerfile
index a09a0022..42d7af8f 100644
--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@@ -117,6 +117,7 @@ COPY --from=builder "/clamav" "/"
 
 # init
 COPY clamd.sh /clamd.sh
+COPY clamdcheck.sh /usr/local/bin/
 RUN chmod +x /sbin/tini
 
 # healthcheck
diff --git a/data/Dockerfiles/clamd/clamdcheck.sh b/data/Dockerfiles/clamd/clamdcheck.sh
new file mode 100755
index 00000000..e7e53a65
--- /dev/null
+++ b/data/Dockerfiles/clamd/clamdcheck.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -eu
+
+if [ "${CLAMAV_NO_CLAMD:-}" != "false" ]; then
+	if [ "$(echo "PING" | nc localhost 3310)" != "PONG" ]; then
+		echo "ERROR: Unable to contact server"
+		exit 1
+	fi
+
+	echo "Clamd is up"
+fi
+
+exit 0

From ed491fbf10b64686f347d5ed3f540e2d3c982e7e Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Thu, 3 Aug 2023 09:29:23 +0000
Subject: [PATCH 18/22] Rebased Dovecot on Alpine + fixed logging

---
 data/Dockerfiles/dovecot/Dockerfile           | 323 +++++++-----------
 data/Dockerfiles/dovecot/supervisord.conf     |   4 +
 .../dovecot/syslog-ng-redis_slave.conf        |  10 +-
 data/Dockerfiles/dovecot/syslog-ng.conf       |  10 +-
 4 files changed, 134 insertions(+), 213 deletions(-)

diff --git a/data/Dockerfiles/dovecot/Dockerfile b/data/Dockerfiles/dovecot/Dockerfile
index adeeeb6d..a1cbd16f 100644
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -1,211 +1,128 @@
-FROM debian:bullseye-slim as build
+FROM alpine:3.18
+LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
-ARG DEBIAN_FRONTEND=noninteractive
-ARG DOVECOT_VERSION=2.3.20
-ARG PIGEONHOLE_VERSION=0.5.20
-ENV LC_ALL C
-
-
-# Add groups and users before installing Dovecot to not break compatibility
-RUN touch /etc/default/locale \
-  && apt-get update \
-  && apt-get -y --no-install-recommends install \
-  apt-transport-https \
-  ca-certificates \
-  curl \
-  dirmngr \
-  gettext \
-  gnupg2 \
-  jq \
-  libauthen-ntlm-perl \
-  libcgi-pm-perl \
-  libcrypt-openssl-rsa-perl \
-  libcrypt-ssleay-perl \
-  libdata-uniqid-perl \
-  libdbd-mysql-perl \
-  libdbi-perl \
-  libdigest-hmac-perl \
-  libdist-checkconflicts-perl \
-  libencode-imaputf7-perl \
-  libfile-copy-recursive-perl \
-  libfile-tail-perl \
-  libhtml-parser-perl \
-  libio-compress-perl \
-  libio-socket-inet6-perl \
-  libio-socket-ssl-perl \
-  libio-tee-perl \
-  libipc-run-perl \
-  libjson-webtoken-perl \
-  liblockfile-simple-perl \
-  libmail-imapclient-perl \
-  libmodule-implementation-perl \
-  libmodule-scandeps-perl \
-  libnet-ssleay-perl \
-  libpackage-stash-perl \
-  libpackage-stash-xs-perl \
-  libpar-packer-perl \
-  libparse-recdescent-perl \
-  libproc-processtable-perl \
-  libreadonly-perl \
-  libregexp-common-perl \
-  libsys-meminfo-perl \
-  libterm-readkey-perl \
-  libtest-deep-perl \
-  libtest-fatal-perl \
-  libtest-mock-guard-perl \
-  libtest-mockobject-perl \
-  libtest-nowarnings-perl \
-  libtest-pod-perl \
-  libtest-requires-perl \
-  libtest-simple-perl \
-  libtest-warn-perl \
-  libtry-tiny-perl \
-  libunicode-string-perl \
-  liburi-perl \
-  libwww-perl \
-  libstemmer-dev \
-  libexttextcat-dev \
-  libldap-dev \
-  libghc-bzlib-dev \
-  lua-sql-mysql \
-  liblz4-dev \
-  libzstd-dev \
-  libexpat-dev \
-  lua-socket \
-  mariadb-client \
-  procps \
-  wget \
-  git \
-  bison \
-  flex \
-  build-essential \
-  autoconf \
-  automake \
-  libtool \
-  make \
-  default-libmysqlclient-dev \
-  libicu-dev \
-  zlib1g-dev \
-  pkg-config \
-  libsqlite3-dev \
-  liblua5.3-dev
-
-RUN cd /tmp && wget https://github.com/dovecot/core/archive/refs/tags/${DOVECOT_VERSION}.tar.gz && tar -xzf ${DOVECOT_VERSION}.tar.gz && cd core-${DOVECOT_VERSION} \
-  && ./autogen.sh \
-  && PANDOC=false ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-ssldir=/etc/ssl --enable-maintainer-mode --with-sql=yes --with-lua=yes --with-mysql --with-ldap --with-solr --with-zstd --with-lz4 --with-ssl=openssl --with-notify=inotify --with-bzlib --with-zlib --enable-hardening --with-stemmer --with-textcat --with-icu \
-  && make -j6 \
-  && make install \
-  && make clean
-
-RUN cd /tmp && wget https://github.com/dovecot/pigeonhole/archive/refs/tags/${PIGEONHOLE_VERSION}.tar.gz && tar -xzf ${PIGEONHOLE_VERSION}.tar.gz && cd pigeonhole-${PIGEONHOLE_VERSION} \
-  && ./autogen.sh \
-  && ./configure --with-dovecot=/usr/lib/dovecot --with-managesieve\ 
-  && make -j6 \
-  && make install \
-  && make clean
-
-FROM debian:bullseye-slim
-LABEL maintainer "The Infrastructure Company <info@servercow.de>"
 ARG GOSU_VERSION=1.16
 
-RUN groupadd -g 5000 vmail \
-  && groupadd -g 401 dovecot \
-  && groupadd -g 402 dovenull \
-  && groupadd -g 999 sogo \
-  && usermod -a -G sogo nobody \
-  && useradd -g vmail -u 5000 vmail -d /var/vmail \
-  && useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \
-  && useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull \
-  && apt update && apt install lua-socket \
-  mariadb-client \
-  libstemmer-dev \
-  libexttextcat-dev \
-  libicu-dev \
-  libsqlite3-dev \
-  liblua5.3-dev \
-  lua-sql-mysql \
-  libldap-dev \
-  libssl-dev \
-  wget \
-  procps \
-  python3-pip \
-  redis-server \
-  supervisor \
-  syslog-ng \
-  syslog-ng-core \
-  syslog-ng-mod-redis \
-  cpanminus \
+ENV LANG C.UTF-8
+ENV LC_ALL C.UTF-8
+
+# Add groups and users before installing Dovecot to not break compatibility
+RUN addgroup -g 5000 vmail \
+  && addgroup -g 401 dovecot \
+  && addgroup -g 402 dovenull \
+  && sed -i "s/999/99/" /etc/group \
+  && addgroup -g 999 sogo \
+  && addgroup nobody sogo \
+  && adduser -D -u 5000 -G vmail -h /var/vmail vmail \
+  && adduser -D -G dovecot -u 401 -h /dev/null -s /sbin/nologin dovecot \
+  && adduser -D -G dovenull -u 402 -h /dev/null -s /sbin/nologin dovenull \
+  && apk add --no-cache --update \
+  build-base \
+  bash \
+  bind-tools \
+  ca-certificates \
   curl \
-  libauthen-ntlm-perl \
-  libcgi-pm-perl \
-  libcrypt-openssl-rsa-perl \
-  libcrypt-ssleay-perl \
-  libdata-uniqid-perl \
-  libdbd-mysql-perl \
-  libdbi-perl \
-  libdigest-hmac-perl \
-  libdist-checkconflicts-perl \
-  libencode-imaputf7-perl \
-  libfile-copy-recursive-perl \
-  libfile-tail-perl \
-  libhtml-parser-perl \
-  libio-compress-perl \
-  libio-socket-inet6-perl \
-  libio-socket-ssl-perl \
-  libio-tee-perl \
-  libipc-run-perl \
-  libjson-webtoken-perl \
-  liblockfile-simple-perl \
-  libmail-imapclient-perl \
-  libmodule-implementation-perl \
-  libmodule-scandeps-perl \
-  libnet-ssleay-perl \
-  libpackage-stash-perl \
-  libpackage-stash-xs-perl \
-  libpar-packer-perl \
-  libparse-recdescent-perl \
-  libproc-processtable-perl \
-  libreadonly-perl \
-  libregexp-common-perl \
-  libsys-meminfo-perl \
-  libterm-readkey-perl \
-  libtest-deep-perl \
-  libtest-fatal-perl \
-  libtest-mock-guard-perl \
-  libtest-mockobject-perl \
-  libtest-nowarnings-perl \
-  libtest-pod-perl \
-  libtest-requires-perl \
-  libtest-simple-perl \
-  libtest-warn-perl \
-  libtry-tiny-perl \
-  libunicode-string-perl \
-  liburi-perl \
-  libwww-perl \
-  dnsutils \
-  build-essential \
-  gettext-base -y --no-install-recommends \
-  && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
-  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
+  cyrus-sasl-dev \
+  gcc \
+  gettext-dev \
+  gnupg \
+  gnupg-dirmngr \
+  jq \
+  libintl \
+  libssl1.1 \
+  libstdc++ \
+  libxml2-dev \
+  lua \
+  lua-cjson \
+  lua-socket \
+  lua-sql-mysql \
+  lua5.3-sql-mysql \
+  make \
+  mariadb-connector-c \
+  mariadb-dev \
+  glib-dev \
+  gcompat \
+  mariadb-client \
+# libressl-dev \
+  openssl-dev \
+  pcre-dev \
+  perl \
+  perl-dev \
+  perl-ntlm \
+  perl-cgi \
+  perl-crypt-openssl-rsa \
+  perl-utils \
+  perl-crypt-ssleay \
+  perl-data-uniqid \
+  perl-dbd-mysql \
+  perl-dbi \
+  perl-digest-hmac \
+  perl-dist-checkconflicts \
+  perl-encode-imaputf7 \
+  perl-file-copy-recursive \
+  perl-file-tail \
+  perl-io-socket-inet6 \
+  perl-io-gzip \
+  perl-io-socket-ssl \
+  perl-io-tee \
+  perl-ipc-run \
+  perl-json-webtoken \
+  perl-mail-imapclient \
+  perl-module-implementation \
+  perl-module-scandeps \
+  perl-net-ssleay \
+  perl-package-stash \
+  perl-package-stash-xs \
+  perl-par-packer \
+  perl-parse-recdescent \
+  libproc \
+  perl-readonly \
+  perl-regexp-common \
+  perl-sys-meminfo \
+  perl-term-readkey \
+  perl-test-deep \
+  perl-test-fatal \
+  perl-test-mockobject \
+  perl-test-mock-guard \
+  perl-test-pod \
+  perl-test-requires \
+  perl-test-simple \
+  perl-test-warn \
+  perl-try-tiny \
+  perl-unicode-string \
+  perl-proc-processtable \
+  perl-app-cpanminus \
+  procps \
+  python3 \
+  python3-dev \
+  py3-pip \
+  redis \
+  syslog-ng \
+  syslog-ng-redis \
+  syslog-ng-json \
+  supervisor \
+  tzdata \
+  wget \
+  dovecot \
+  dovecot-dev \
+  dovecot-lmtpd \
+  dovecot-lua \
+  dovecot-ldap \
+  dovecot-mysql \
+  dovecot-sql \
+  dovecot-submissiond \
+  dovecot-pigeonhole-plugin \
+  dovecot-pop3d \
+  dovecot-fts-solr \
+  && arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \
+  && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \
   && chmod +x /usr/local/bin/gosu \
-  && gosu nobody true \
-  && pip3 install mysql-connector-python html2text jinja2 redis \
-  && apt-get autoremove --purge -y \
-  && apt-get autoclean
-# imapsync dependencies
-RUN cpan Crypt::OpenSSL::PKCS12
-RUN  rm -rf /var/lib/apt/lists/* \
-  && rm -rf /tmp/* /var/tmp/* /root/.cache/
-COPY --from=build /usr/lib/dovecot /usr/lib/dovecot
-COPY --from=build /usr/bin/doveconf /usr/bin/doveconf
-COPY --from=build /usr/bin/doveadm /usr/bin/doveadm
-COPY --from=build /usr/bin/dovecot-sysreport /usr/bin/dovecot-sysreport
-COPY --from=build /usr/sbin/dovecot /usr/sbin/dovecot
-COPY --from=build /usr/libexec/dovecot/ /usr/libexec/dovecot/
-COPY --from=build /usr/local/bin/sieve-dump /usr/local/bin/sieve-dump
-COPY --from=build /usr/local/bin/sieve-filter /usr/local/bin/sieve-filter
-COPY --from=build /usr/local/bin/sieve-test /usr/local/bin/sieve-test
-COPY --from=build /usr/local/bin/sievec /usr/local/bin/sievec
+  && gosu nobody true
+
+RUN cpan LockFile::Simple
+
+RUN pip3 install mysql-connector-python html2text jinja2 redis
+
 COPY trim_logs.sh /usr/local/bin/trim_logs.sh
 COPY clean_q_aged.sh /usr/local/bin/clean_q_aged.sh
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
diff --git a/data/Dockerfiles/dovecot/supervisord.conf b/data/Dockerfiles/dovecot/supervisord.conf
index a7698640..5b005000 100644
--- a/data/Dockerfiles/dovecot/supervisord.conf
+++ b/data/Dockerfiles/dovecot/supervisord.conf
@@ -13,6 +13,10 @@ autostart=true
 
 [program:dovecot]
 command=/usr/sbin/dovecot -F
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
 autorestart=true
 
 [eventlistener:processes]
diff --git a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
index ea2bcfbf..8ed4d27b 100644
--- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
@@ -1,4 +1,4 @@
-@version: 3.28
+@version: 4.1
 @include "scl.conf"
 options {
   chain_hostnames(off);
@@ -6,11 +6,11 @@ options {
   use_dns(no);
   use_fqdn(no);
   owner("root"); group("adm"); perm(0640);
-  stats_freq(0);
+  stats(freq(0));
   bad_hostname("^gconfd$");
 };
-source s_src {
-  unix-stream("/dev/log");
+source s_dgram {
+  unix-dgram("/dev/log");
   internal();
 };
 destination d_stdout { pipe("/dev/stdout"); };
@@ -36,7 +36,7 @@ filter f_replica {
   not match("Error: sync: Unknown user in remote" value("MESSAGE"));
 };
 log {
-  source(s_src);
+  source(s_dgram);
   filter(f_replica);
   destination(d_stdout);
   filter(f_mail);
diff --git a/data/Dockerfiles/dovecot/syslog-ng.conf b/data/Dockerfiles/dovecot/syslog-ng.conf
index 2ee4f624..6bbfa61d 100644
--- a/data/Dockerfiles/dovecot/syslog-ng.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng.conf
@@ -1,4 +1,4 @@
-@version: 3.28
+@version: 4.1
 @include "scl.conf"
 options {
   chain_hostnames(off);
@@ -6,11 +6,11 @@ options {
   use_dns(no);
   use_fqdn(no);
   owner("root"); group("adm"); perm(0640);
-  stats_freq(0);
+  stats(freq(0));
   bad_hostname("^gconfd$");
 };
-source s_src {
-  unix-stream("/dev/log");
+source s_dgram {
+  unix-dgram("/dev/log");
   internal();
 };
 destination d_stdout { pipe("/dev/stdout"); };
@@ -36,7 +36,7 @@ filter f_replica {
   not match("Error: sync: Unknown user in remote" value("MESSAGE"));
 };
 log {
-  source(s_src);
+  source(s_dgram);
   filter(f_replica);
   destination(d_stdout);
   filter(f_mail);

From 7f167874f76490100b0f3bd143f5cd3ebbb226d2 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 4 Aug 2023 07:14:37 +0000
Subject: [PATCH 19/22] Changed Compose back to Versioning

---
 docker-compose.yml | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 9fa0097f..20278a64 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,7 +2,7 @@ version: '2.1'
 services:
 
     unbound-mailcow:
-      image: mailcow/unbound:arm64-dev
+      image: mailcow/unbound:1.18
       environment:
         - TZ=${TZ}
       volumes:
@@ -58,7 +58,7 @@ services:
             - redis
 
     clamd-mailcow:
-      image: mailcow/clamd:arm64-dev
+      image: mailcow/clamd:1.62
       restart: always
       depends_on:
         - unbound-mailcow
@@ -106,7 +106,7 @@ services:
             - rspamd
 
     php-fpm-mailcow:
-      image: mailcow/phpfpm:1.84
+      image: mailcow/phpfpm:1.85
       command: "php-fpm -d date.timezone=${TZ} -d expose_php=0"
       depends_on:
         - redis-mailcow
@@ -170,7 +170,7 @@ services:
             - phpfpm
 
     sogo-mailcow:
-      image: mailcow/sogo:1.118
+      image: mailcow/sogo:1.119
       environment:
         - DBNAME=${DBNAME}
         - DBUSER=${DBUSER}
@@ -217,7 +217,7 @@ services:
             - sogo
 
     dovecot-mailcow:
-      image: mailcow/dovecot:1.24
+      image: mailcow/dovecot:1.25
       depends_on:
         - mysql-mailcow
       dns:
@@ -297,7 +297,7 @@ services:
             - dovecot
 
     postfix-mailcow:
-      image: mailcow/postfix:1.71
+      image: mailcow/postfix:1.72
       depends_on:
         - mysql-mailcow
       volumes:
@@ -391,7 +391,7 @@ services:
     acme-mailcow:
       depends_on:
         - nginx-mailcow
-      image: mailcow/acme:arm64-dev
+      image: mailcow/acme:1.85
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       environment:
@@ -427,7 +427,7 @@ services:
             - acme
 
     netfilter-mailcow:
-      image: mailcow/netfilter:arm64-dev
+      image: mailcow/netfilter:1.53
       stop_grace_period: 30s
       depends_on:
         - dovecot-mailcow
@@ -450,7 +450,7 @@ services:
         - /lib/modules:/lib/modules:ro
 
     watchdog-mailcow:
-      image: mailcow/watchdog:arm64-dev
+      image: mailcow/watchdog:1.98
       dns:
         - ${IPV4_NETWORK:-172.22.1}.254
       tmpfs:
@@ -512,7 +512,7 @@ services:
             - watchdog
 
     dockerapi-mailcow:
-      image: mailcow/dockerapi:2.05
+      image: mailcow/dockerapi:2.06
       security_opt:
         - label=disable
       restart: always
@@ -531,7 +531,7 @@ services:
             - dockerapi
 
     solr-mailcow:
-      image: mailcow/solr:arm64-dev
+      image: mailcow/solr:1.8.2
       restart: always
       volumes:
         - solr-vol-1:/opt/solr/server/solr/dovecot-fts/data
@@ -547,7 +547,7 @@ services:
             - solr
 
     olefy-mailcow:
-      image: mailcow/olefy:arm64-dev
+      image: mailcow/olefy:1.12
       restart: always
       environment:
         - TZ=${TZ}

From 3e545692ab6ff750163bf45b860e911bc904323d Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 4 Aug 2023 09:28:07 +0000
Subject: [PATCH 20/22] Clamd using Alpine Packages instead self compile

---
 data/Dockerfiles/clamd/Dockerfile | 125 +++---------------------------
 1 file changed, 11 insertions(+), 114 deletions(-)

diff --git a/data/Dockerfiles/clamd/Dockerfile b/data/Dockerfiles/clamd/Dockerfile
index 42d7af8f..3a46e190 100644
--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@@ -1,128 +1,25 @@
-FROM index.docker.io/library/alpine:latest AS builder
-ENV CLAMD_VERSION=1.1.0
-
-WORKDIR /src
-
-# hadolint ignore=DL3008  We want the latest stable versions
-RUN apk update && apk upgrade \
-    && \
-    apk add --no-cache \
-        bsd-compat-headers \
-        cmake \
-        file \
-        g++ \
-        libtool \
-        linux-headers \
-        make \
-        musl-fts-dev \
-        # Clamav dependencies provided by alpine
-        bzip2-dev \
-        check-dev \
-        curl-dev \
-        json-c-dev \
-        libmilter-dev \
-        libxml2-dev \
-        ncurses-dev \
-        ncurses-dev \
-        openssl-dev \
-        pcre2-dev \
-        zlib-dev \
-        # For the tests
-        python3 \
-        py3-pytest \
-        # For Rust/Cargo
-        cargo \
-        rust \
-    && \
-    wget https://github.com/Cisco-Talos/clamav/releases/download/clamav-${CLAMD_VERSION}/clamav-${CLAMD_VERSION}.tar.gz \
-    && tar -xzf clamav-${CLAMD_VERSION}.tar.gz && cd clamav-${CLAMD_VERSION} && mkdir build && cd build\
-    && cmake .. \
-        -D CMAKE_BUILD_TYPE="Release"                                                       \
-        -D CMAKE_INSTALL_PREFIX="/usr"                                                      \
-        -D CMAKE_INSTALL_LIBDIR="/usr/lib"                                                  \
-        -D APP_CONFIG_DIRECTORY="/etc/clamav"                                               \
-        -D DATABASE_DIRECTORY="/var/lib/clamav"                                             \
-        -D ENABLE_CLAMONACC=OFF                                                             \
-        -D ENABLE_EXAMPLES=OFF                                                              \
-        -D ENABLE_MILTER=ON                                                                 \
-        -D ENABLE_MAN_PAGES=OFF                                                             \
-        -D ENABLE_STATIC_LIB=OFF                                                            \
-        -D ENABLE_JSON_SHARED=ON                                                            \
-    && \
-    make DESTDIR="/clamav" -j$(($(nproc) - 1)) install && \
-    rm -r \
-       "/clamav/usr/lib/pkgconfig/" \
-    && \
-    sed -e "s|^\(Example\)|\# \1|" \
-        -e "s|.*\(PidFile\) .*|\1 /tmp/clamd.pid|" \
-        -e "s|.*\(LocalSocket\) .*|\1 /tmp/clamd.sock|" \
-        -e "s|.*\(TCPSocket\) .*|\1 3310|" \
-        -e "s|.*\(TCPAddr\) .*|#\1 0.0.0.0|" \
-        -e "s|.*\(User\) .*|\1 clamav|" \
-        -e "s|^\#\(LogFile\) .*|\1 /var/log/clamav/clamd.log|" \
-        -e "s|^\#\(LogTime\).*|\1 yes|" \
-        "/clamav/etc/clamav/clamd.conf.sample" > "/clamav/etc/clamav/clamd.conf" && \
-    sed -e "s|^\(Example\)|\# \1|" \
-        -e "s|.*\(PidFile\) .*|\1 /tmp/freshclam.pid|" \
-        -e "s|.*\(DatabaseOwner\) .*|\1 clamav|" \
-        -e "s|^\#\(UpdateLogFile\) .*|\1 /var/log/clamav/freshclam.log|" \
-        -e "s|^\#\(NotifyClamd\).*|\1 /etc/clamav/clamd.conf|" \
-        -e "s|^\#\(ScriptedUpdates\).*|\1 yes|" \
-        "/clamav/etc/clamav/freshclam.conf.sample" > "/clamav/etc/clamav/freshclam.conf" && \
-    sed -e "s|^\(Example\)|\# \1|" \
-        -e "s|.*\(PidFile\) .*|\1 /tmp/clamav-milter.pid|" \
-        -e "s|.*\(MilterSocket\) .*|\1 inet:7357|" \
-        -e "s|.*\(User\) .*|\1 clamav|" \
-        -e "s|^\#\(LogFile\) .*|\1 /var/log/clamav/milter.log|" \
-        -e "s|^\#\(LogTime\).*|\1 yes|" \
-        -e "s|.*\(\ClamdSocket\) .*|\1 unix:/tmp/clamd.sock|" \
-        "/clamav/etc/clamav/clamav-milter.conf.sample" > "/clamav/etc/clamav/clamav-milter.conf" || \
-    exit 1 \
-    && \
-    ctest -V
-
-FROM index.docker.io/library/alpine:latest
+FROM alpine:3.18
 
 LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
 
-EXPOSE 3310
-EXPOSE 7357
-
-ENV TZ Europe/Berlin
-
-RUN apk add --no-cache \
-        fts \
-        libstdc++ \
-        tini \
-        tzdata \
-        # Clamav dependencies provided by alpine
-        json-c \
-        libbz2 \
-        libcurl \
-        libmilter \
-        libxml2 \
-        ncurses-libs \
-        pcre2 \
-        zlib \
-        rsync \
-        bind-tools \
-        bash \
-    && \
-    addgroup -S "clamav" && \
-    adduser -D -G "clamav" -h "/var/lib/clamav" -s "/bin/false" -u 100 -S "clamav" && \
-    install -d -m 755 -g "clamav" -o "clamav" "/var/log/clamav" && \
-    chown -R clamav:clamav /var/lib/clamav
-
-COPY --from=builder "/clamav" "/"
+RUN apk upgrade --no-cache \
+  && apk add --update --no-cache \
+  rsync \
+  clamav \
+  bind-tools \
+  bash \
+  tini
 
 # init
 COPY clamd.sh /clamd.sh
-COPY clamdcheck.sh /usr/local/bin/
 RUN chmod +x /sbin/tini
 
 # healthcheck
 COPY healthcheck.sh /healthcheck.sh
+COPY clamdcheck.sh /usr/local/bin
 RUN chmod +x /healthcheck.sh
+RUN chmod +x /usr/local/bin/clamdcheck.sh
 HEALTHCHECK --start-period=6m CMD "/healthcheck.sh"
 
+ENTRYPOINT []
 CMD ["/sbin/tini", "-g", "--", "/clamd.sh"]
\ No newline at end of file

From 9ead71d3112f0d4d877a0edc8e6c118e4affcbd0 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 4 Aug 2023 15:29:30 +0200
Subject: [PATCH 21/22] Updated unbound image to first multi arch ver.

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 20278a64..37fd384f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,7 +2,7 @@ version: '2.1'
 services:
 
     unbound-mailcow:
-      image: mailcow/unbound:1.18
+      image: mailcow/unbound:1.19
       environment:
         - TZ=${TZ}
       volumes:

From 00046770549fbf4c6c6339ab92443087a7dcd3a5 Mon Sep 17 00:00:00 2001
From: DerLinkman <derlinkman@gmail.com>
Date: Fri, 4 Aug 2023 15:36:09 +0200
Subject: [PATCH 22/22] Update clamd for first multi arch ver.

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 37fd384f..34d6c587 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -58,7 +58,7 @@ services:
             - redis
 
     clamd-mailcow:
-      image: mailcow/clamd:1.62
+      image: mailcow/clamd:1.63
       restart: always
       depends_on:
         - unbound-mailcow