diff --git a/.github/workflows/build_test_deploy.yml b/.github/workflows/build_test_deploy.yml
index 10c248d7..9c2ff02d 100644
--- a/.github/workflows/build_test_deploy.yml
+++ b/.github/workflows/build_test_deploy.yml
@@ -474,7 +474,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        target: ["setup", "docs", "fetchmail", "webmail", "admin", "traefik-certdumper", "radicale", "clamav", "rspamd", "oletools", "postfix", "dovecot", "unbound", "nginx"]
+        target: ["setup", "docs", "fetchmail", "webmail", "admin", "traefik-certdumper", "radicale", "rspamd", "oletools", "postfix", "dovecot", "unbound", "nginx"]
     steps:
       - uses: actions/checkout@v3
       - name: Retrieve global variables
diff --git a/.gitignore b/.gitignore
index 6c48a270..84ee07d3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@ pip-selfcheck.json
 /core/admin/lib*
 /core/admin/bin
 /core/admin/include
+/core/base/.venv
 /docs/lib*
 /docs/bin
 /docs/include
diff --git a/AUTHORS.md b/AUTHORS.md
index 5f05f0ac..cdaff108 100644
--- a/AUTHORS.md
+++ b/AUTHORS.md
@@ -22,6 +22,8 @@ Other contributors:
  - "SunMar" - Dutch translation
  - "Marty Hou" - Chinese Simple translation
  - [Thomas Sänger](https://github.com/HorayNarea) - German translation
+ - [Danylo Sydorenko](https://github.com/Prosta4okua) - Ukrainian translation
+ - [Hossein Hosni](https://github.com/hosni) - [Contributions](https://github.com/Mailu/Mailu/commits?author=hosni)
  - [Tim Mohlmann](https://github.com/muhlemmer) - [Contributions](https://github.com/Mailu/Mailu/commits?author=muhlemmer)
  - [Ionut Filip](https://github.com/ionutfilip) - [Contributions](https://github.com/Mailu/Mailu/commits?author=ionutfilip)
  - [Ichikawa Yuriko](https://github.com/IchikawaYukko) - [Contributions](https://github.com/Mailu/Mailu/commits?author=IchikawaYukko) Japanese translation
diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md
index fbc83ffb..f015250e 100644
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@@ -1,7 +1,15 @@
 <!--
 
-Thank you for opening an issue with Mailu. Please understand that issues are meant for bugs and enhancement-requests.
-For **user-support questions**, reach out to us  on [matrix](https://matrix.to/#/#mailu:tedomum.net).
+Thank you for opening an issue with Mailu. Please understand that issues are meant for bugs only. The bug report should follow the issue template and provide clear replication steps and logs.
+For **user-support questions**, reach out to us  on [matrix](https://matrix.to/#/#mailu:tedomum.net) or [disussions](https://github.com/Mailu/Mailu/discussions/categories/user-support).
+
+For anything but bug reports use the [matrix channel](https://matrix.to/#/#mailu:tedomum.net) or [disussions](https://github.com/Mailu/Mailu/discussions).
+So use discussions for topics such as
+
+* Checking announcements.
+* General discussion about Mailu usage or using Mail software in general.
+* Feature requests
+* User support.
 
 To be able to help you best, we need some more information.
 
@@ -10,21 +18,17 @@ Before you open your issue
 - Check [documentation](https://mailu.io/master/) and [FAQ](https://mailu.io/master/faq.html). (Tip, use the search function on the documentation page)
 - You understand `Mailu` is made by volunteers in their **free time** — be concise, civil and accept that delays can occur.
 - The title of the issue should be short and simple. It should contain specific terms related to the actual issue. Be specific while writing the title.
+- You understand issues are only meant for bug reports that follow the issue template. Non bug reports or bug reports that do not follow the template will be moved to [disussions](https://github.com/Mailu/Mailu/discussions)
 
 Please put your text outside of the comment blocks to be visible. You can use the button "Preview" above to check.
 
+If you do not follow the issue template suggested below your issue may be summarily closed.
+
 -->
 
 ## Environment & Version
 
-### Environment
-
-- [ ] docker compose
-- [ ] kubernetes
-- [ ] docker swarm
-
-### Version
-
+- `docker compose version`
 - Version: `master`
 
 <!--
@@ -35,6 +39,11 @@ $> docker ps -a | grep mailu
 $> grep MAILU_VERSION docker-compose.yml mailu.env
 -->
 
+If you are not using docker compose do not file any new issue here.
+Kubernetes related issues belong to https://github.com/Mailu/helm-charts/issues
+If you are not using docker compose or kubernetes, create a new thread on user support in [disussions](https://github.com/Mailu/Mailu/discussions/categories/user-support).
+Non-bug reports (or bug reports that do not follow the template) are moved to [disussions](https://github.com/Mailu/Mailu/discussions).
+
 ## Description
 <!--
 Further explain the bug in a few words. It should be clear what the unexpected behaviour is.  Share it in an easy-to-understand language.
@@ -63,9 +72,10 @@ You can get the logs via `docker logs <container name> --tail 1000`.
 For example for the admin container: `docker logs mailu_admin_1 --tail 1000`
 or using docker compose `docker compose -f /mailu/docker-compose.yml logs --tail 1000 admin`
 
-If you can find the relevant section, please share only the parts that seem relevant. If you have any logs, please enclose them in code tags, like so:
+If you can find the relevant section, please share only the parts that seem relevant. If you have any logs, please enclose them in code tags and in a section, like so:
 
 ```
 Your logs here!
 ```
+
 -->
diff --git a/README.md b/README.md
index 6a202940..3eb10374 100644
--- a/README.md
+++ b/README.md
@@ -17,8 +17,8 @@ Features
 
 Main features include:
 
-- **Standard email server**, IMAP and IMAP+, SMTP and Submission with autoconfiguration profiles for clients
-- **Advanced email features**, aliases, domain aliases, custom routing
+- **Standard email server**, IMAP and IMAP+, SMTP and Submission with auto-configuration profiles for clients
+- **Advanced email features**, aliases, domain aliases, custom routing, full-text search of email attachments
 - **Web access**, multiple Webmails and administration interface
 - **User features**, aliases, auto-reply, auto-forward, fetched accounts, managesieve
 - **Admin features**, global admins, announcements, per-domain delegation, quotas
diff --git a/core/admin/assets/Dockerfile b/core/admin/assets/Dockerfile
index 33b9bdb9..2ac9fe33 100644
--- a/core/admin/assets/Dockerfile
+++ b/core/admin/assets/Dockerfile
@@ -11,7 +11,7 @@ RUN set -euxo pipefail \
   ; npm install --no-audit --no-fund \
   ; sed -i 's/#007bff/#55a5d9/' node_modules/admin-lte/build/scss/_bootstrap-variables.scss \
   ; mkdir assets \
-  ; for l in ca da de:de-DE en:en-GB es:es-ES eu fr:fr-FR he hu is it:it-IT ja nb_NO:no-NB nl:nl-NL pl pt:pt-PT ru sv:sv-SE zh; do \
+  ; for l in ca da de:de-DE en:en-GB es:es-ES eu fa fr:fr-FR he hu is it:it-IT ja nb_NO:no-NB nl:nl-NL pl pt:pt-PT ru sv:sv-SE uk zh zh_TW:zh-HANT; do \
       cp node_modules/datatables.net-plugins/i18n/${l#*:}.json assets/${l%:*}.json; \
     done
 
diff --git a/core/admin/mailu/__init__.py b/core/admin/mailu/__init__.py
index d3971cb1..19731340 100644
--- a/core/admin/mailu/__init__.py
+++ b/core/admin/mailu/__init__.py
@@ -12,7 +12,7 @@ import hmac
 
 class NoPingFilter(logging.Filter):
     def filter(self, record):
-        if (record.args['{host}i'] == 'localhost' and record.args['r'] == 'GET /ping HTTP/1.1'):
+        if record.args['r'].endswith(' /ping HTTP/1.1'):
             return False
         if record.args['r'].endswith(' /internal/rspamd/local_domains HTTP/1.1'):
             return False
@@ -40,7 +40,7 @@ def create_app_from_config(config):
     models.db.init_app(app)
     utils.session.init_app(app)
     utils.limiter.init_app(app)
-    utils.babel.init_app(app)
+    utils.babel.init_app(app, locale_selector=utils.get_locale)
     utils.login.init_app(app)
     utils.login.user_loader(models.User.get)
     utils.proxy.init_app(app)
@@ -52,13 +52,14 @@ def create_app_from_config(config):
     app.truncated_pw_key = hmac.new(bytearray(app.secret_key, 'utf-8'), bytearray('TRUNCATED_PW_KEY', 'utf-8'), 'sha256').digest()
 
     # Initialize list of translations
-    app.config.translations = {
-        str(locale): locale
-        for locale in sorted(
-            utils.babel.list_translations(),
-            key=lambda l: l.get_language_name().title()
-        )
-    }
+    with app.app_context():
+        app.config.translations = {
+            str(locale): locale
+            for locale in sorted(
+                utils.babel.list_translations(),
+                key=lambda l: l.get_language_name().title()
+            )
+        }
 
     # Initialize debugging tools
     if app.config.get("DEBUG"):
diff --git a/core/admin/mailu/api/v1/__init__.py b/core/admin/mailu/api/v1/__init__.py
index 44b6ec57..9b3e98f8 100644
--- a/core/admin/mailu/api/v1/__init__.py
+++ b/core/admin/mailu/api/v1/__init__.py
@@ -37,7 +37,8 @@ error_fields = api.model('Error', {
     'message': fields.String,
 })
 
-from . import domains
+from . import domain
 from . import alias
 from . import relay
 from . import user
+from . import token
diff --git a/core/admin/mailu/api/v1/domains.py b/core/admin/mailu/api/v1/domain.py
similarity index 97%
rename from core/admin/mailu/api/v1/domains.py
rename to core/admin/mailu/api/v1/domain.py
index 7043da3d..c5f98530 100644
--- a/core/admin/mailu/api/v1/domains.py
+++ b/core/admin/mailu/api/v1/domain.py
@@ -115,13 +115,13 @@ class Domains(Resource):
         if 'comment' in data:
             domain_new.comment = data['comment']
         if 'max_users' in data:
-            domain_new.comment = data['max_users']
+            domain_new.max_users = data['max_users']
         if 'max_aliases' in data:
-            domain_new.comment = data['max_aliases']
+            domain_new.max_aliases = data['max_aliases']
         if 'max_quota_bytes' in data:
-            domain_new.comment = data['max_quota_bytes']
+            domain_new.max_quota_bytes = data['max_quota_bytes']
         if 'signup_enabled' in data:
-            domain_new.comment = data['signup_enabled']
+            domain_new.signup_enabled = data['signup_enabled']
         models.db.session.add(domain_new)
         #apply the changes
         db.session.commit()
@@ -177,13 +177,13 @@ class Domain(Resource):
         if 'comment' in data:
             domain_found.comment = data['comment']
         if 'max_users' in data:
-            domain_found.comment = data['max_users']
+            domain_found.max_users = data['max_users']
         if 'max_aliases' in data:
-            domain_found.comment = data['max_aliases']
+            domain_found.max_aliases = data['max_aliases']
         if 'max_quota_bytes' in data:
-            domain_found.comment = data['max_quota_bytes']
+            domain_found.max_quota_bytes = data['max_quota_bytes']
         if 'signup_enabled' in data:
-            domain_found.comment = data['signup_enabled']
+            domain_found.signup_enabled = data['signup_enabled']
         models.db.session.add(domain_found)
 
         #apply the changes
diff --git a/core/admin/mailu/api/v1/token.py b/core/admin/mailu/api/v1/token.py
new file mode 100644
index 00000000..0f2b5b7a
--- /dev/null
+++ b/core/admin/mailu/api/v1/token.py
@@ -0,0 +1,170 @@
+from flask_restx import Resource, fields, marshal
+import validators, datetime
+import flask
+from passlib import pwd
+
+from . import api, response_fields
+from .. import common
+from ... import models
+
+db = models.db
+
+token = api.namespace('token', description='Token operations')
+
+token_user_fields = api.model('TokenGetResponse', {
+    'id': fields.String(description='The record id of the token (unique identifier)', example='1'),
+    'email': fields.String(description='The email address of the user', example='John.Doe@example.com', attribute='user_email'),
+    'comment': fields.String(description='A description for the token. This description is shown on the Authentication tokens page', example='my comment'),
+    'AuthorizedIP': fields.String(description='Comma separated list of white listed IP addresses or networks that may use this token.', example="['203.0.113.0/24']", attribute='ip'),
+    'Created': fields.String(description='The date when the token was created', example='John.Doe@example.com', attribute='created_at'),
+    'Last edit': fields.String(description='The date when the token was last modifified', example='John.Doe@example.com', attribute='updated_at')
+})
+
+token_user_fields_post = api.model('TokenPost', {
+    'email': fields.String(description='The email address of the user', example='John.Doe@example.com', attribute='user_email'),
+    'comment': fields.String(description='A description for the token. This description is shown on the Authentication tokens page', example='my comment'),
+    'AuthorizedIP': fields.String(description='Comma separated list of white listed IP addresses or networks that may use this token.', example="['203.0.113.0/24']", attribute='ip'),
+})
+
+token_user_fields_post2 = api.model('TokenPost2', {
+    'comment': fields.String(description='A description for the token. This description is shown on the Authentication tokens page', example='my comment'),
+    'AuthorizedIP': fields.String(description='Comma separated list of white listed IP addresses or networks that may use this token.', example="['203.0.113.0/24']", attribute='ip'),
+})
+
+token_user_post_response = api.model('TokenPostResponse', {
+    'id': fields.String(description='The record id of the token (unique identifier)', example='1'),
+    'token': fields.String(description='The created authentication token for the user.', example='2caf6607de5129e4748a2c061aee56f2', attribute='password'),
+    'email': fields.String(description='The email address of the user', example='John.Doe@example.com', attribute='user_email'),
+    'comment': fields.String(description='A description for the token. This description is shown on the Authentication tokens page', example='my comment'),
+    'AuthorizedIP': fields.String(description='Comma separated list of white listed IP addresses or networks that may use this token.', example="['203.0.113.0/24']", attribute='ip'),
+    'Created': fields.String(description='The date when the token was created', example='John.Doe@example.com', attribute='created_at')
+})
+
+@token.route('')
+class Tokens(Resource):
+    @token.doc('list_tokens')
+    @token.marshal_with(token_user_fields, as_list=True, skip_none=True, mask=None)
+    @token.doc(security='Bearer')
+    @common.api_token_authorization
+    def get(self):
+        """List tokens"""
+        return models.Token.query.all()
+
+    @token.doc('create_token')
+    @token.expect(token_user_fields_post)
+    @token.response(200, 'Success', token_user_post_response)
+    @token.response(400, 'Input validation exception')
+    @token.response(409, 'Duplicate relay', response_fields)
+    @token.doc(security='Bearer')
+    @common.api_token_authorization
+    def post(self):
+        """ Create a new token"""
+        data = api.payload
+        email = data['email']
+        if not validators.email(email):
+            return { 'code': 400, 'message': f'Provided email address {email} is not a valid email address'}, 400
+        user_found = models.User.query.get(email)
+        if not user_found:
+            return {'code': 404, 'message': f'User {email} cannot be found'}, 404
+        tokens = user_found.tokens
+
+        token_new = models.Token(user_email=data['email'])
+        if 'comment' in data:
+            token_new.comment = data['comment']
+        if 'AuthorizedIP' in data:
+            token_new.ip = data['AuthorizedIP'].replace(' ','').split(',')
+        raw_password = pwd.genword(entropy=128, length=32, charset="hex")
+        token_new.set_password(raw_password)
+        models.db.session.add(token_new)
+        #apply the changes
+        db.session.commit()
+        response_dict  = {
+            'id' : token_new.id,
+            'token' : raw_password,
+            'email' : token_new.user_email,
+            'comment' : token_new.comment,
+            'AuthorizedIP' : token_new.ip,
+            'Created': str(token_new.created_at),
+            }
+
+        return  response_dict
+
+@token.route('user/<string:email>')
+class Token(Resource):
+    @token.doc('find_tokens_of_user')
+    @token.marshal_with(token_user_fields, as_list=True, skip_none=True, mask=None)
+    @token.doc(security='Bearer')
+    @common.api_token_authorization
+    def get(self, email):
+        "Find tokens of user"
+        if not validators.email(email):
+            return { 'code': 400, 'message': f'Provided email address {email} is not a valid email address'}, 400
+        user_found = models.User.query.get(email)
+        if not user_found:
+            return {'code': 404, 'message': f'User {email} cannot be found'}, 404
+        tokens = user_found.tokens
+        return tokens
+
+    @token.doc('create_token')
+    @token.expect(token_user_fields_post2)
+    @token.response(200, 'Success', token_user_post_response)
+    @token.response(400, 'Input validation exception')
+    @token.response(409, 'Duplicate relay', response_fields)
+    @token.doc(security='Bearer')
+    @common.api_token_authorization
+    def post(self, email):
+        """ Create a new token for user"""
+        data = api.payload
+        if not validators.email(email):
+            return { 'code': 400, 'message': f'Provided email address {email} is not a valid email address'}, 400
+        user_found = models.User.query.get(email)
+        if not user_found:
+            return {'code': 404, 'message': f'User {email} cannot be found'}, 404
+
+        token_new = models.Token(user_email=email)
+        if 'comment' in data:
+            token_new.comment = data['comment']
+        if 'AuthorizedIP' in data:
+            token_new.ip = token_new.ip = data['AuthorizedIP'].replace(' ','').split(',')
+        raw_password = pwd.genword(entropy=128, length=32, charset="hex")
+        token_new.set_password(raw_password)
+        models.db.session.add(token_new)
+        #apply the changes
+        db.session.commit()
+        response_dict  = {
+            'id' : token_new.id,
+            'token' : raw_password,
+            'email' : token_new.user_email,
+            'comment' : token_new.comment,
+            'AuthorizedIP' : token_new.ip,
+            'Created': str(token_new.created_at),
+            }
+        return  response_dict
+
+@token.route('/<string:token_id>')
+class Token(Resource):
+    @token.doc('find_token')
+    @token.marshal_with(token_user_fields, as_list=True, skip_none=True, mask=None)
+    @token.doc(security='Bearer')
+    @common.api_token_authorization
+    def get(self, token_id):
+        "Find token"
+        token = models.Token.query.get(token_id)
+        if not token:
+            return { 'code' : 404, 'message' : f'Record cannot be found for id {token_id} or invalid id provided'}, 404
+        return token
+
+    @token.doc('delete_token')
+    @token.response(200, 'Success', response_fields)
+    @token.response(400, 'Input validation exception', response_fields)
+    @token.response(404, 'Token not found', response_fields)
+    @token.doc(security='Bearer')
+    @common.api_token_authorization
+    def delete(self, token_id):
+        """ Delete token """
+        token = models.Token.query.get(token_id)
+        if not token:
+            return { 'code' : 404, 'message' : f'Record cannot be found for id {token_id} or invalid id provided'}, 404
+        db.session.delete(token)
+        db.session.commit()
+        return {'code': 200, 'message': f'Token with id {token_id} has been deleted'}, 200
diff --git a/core/admin/mailu/api/v1/user.py b/core/admin/mailu/api/v1/user.py
index d9195e3d..441845c2 100644
--- a/core/admin/mailu/api/v1/user.py
+++ b/core/admin/mailu/api/v1/user.py
@@ -14,6 +14,7 @@ user_fields_get = api.model('UserGet', {
     'password': fields.String(description="Hash of the user's password; Example='$bcrypt-sha256$v=2,t=2b,r=12$fmsAdJbYAD1gGQIE5nfJq.$zLkQUEs2XZfTpAEpcix/1k5UTNPm0jO'"),
     'comment': fields.String(description='A description for the user. This description is shown on the Users page', example='my comment'),
     'quota_bytes': fields.Integer(description='The maximum quota for the user’s email box in bytes', example='1000000000'),
+    'quota_bytes_used': fields.Integer(description='The size of the user’s email box in bytes', example='5000000'),
     'global_admin': fields.Boolean(description='Make the user a global administrator'),
     'enabled': fields.Boolean(description='Enable the user. When an user is disabled, the user is unable to login to the Admin GUI or webmail or access his email via IMAP/POP3 or send mail'),
     'change_pw_next_login': fields.Boolean(description='Force the user to change their password at next login'),
diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py
index bb7080c9..caccfe5e 100644
--- a/core/admin/mailu/configuration.py
+++ b/core/admin/mailu/configuration.py
@@ -72,9 +72,12 @@ DEFAULT_CONFIG = {
     'LOGO_URL': None,
     'LOGO_BACKGROUND': None,
     # Advanced settings
+    'AUTH_REQUIRE_TOKENS': False,
     'API': False,
     'WEB_API': '/api',
     'API_TOKEN': None,
+    'FULL_TEXT_SEARCH': 'en',
+    'FULL_TEXT_SEARCH_ATTACHMENTS': False,
     'LOG_LEVEL': 'INFO',
     'SESSION_KEY_BITS': 128,
     'SESSION_TIMEOUT': 3600,
diff --git a/core/admin/mailu/debug.py b/core/admin/mailu/debug.py
index 4d63f3c5..c45f4ae7 100644
--- a/core/admin/mailu/debug.py
+++ b/core/admin/mailu/debug.py
@@ -1,10 +1,11 @@
-import flask_debugtoolbar
+#Note: Currently flask_debugtoolbar is not compatible with flask.
+#import flask_debugtoolbar
 
 from werkzeug.middleware.profiler import ProfilerMiddleware
 
 
 # Debugging toolbar
-toolbar = flask_debugtoolbar.DebugToolbarExtension()
+#toolbar = flask_debugtoolbar.DebugToolbarExtension()
 
 
 # Profiler
diff --git a/core/admin/mailu/internal/nginx.py b/core/admin/mailu/internal/nginx.py
index 90b59712..ebd677d0 100644
--- a/core/admin/mailu/internal/nginx.py
+++ b/core/admin/mailu/internal/nginx.py
@@ -50,8 +50,12 @@ def check_credentials(user, password, ip, protocol=None, auth_port=None, source_
                     app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: failed: badip: token-{token.id}: {token.comment or ""!r}')
                     return False # we can return directly here since the token is valid
     if user.check_password(password):
-        app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: success: password')
-        return True
+        if app.config['AUTH_REQUIRE_TOKENS'] and not protocol in ['web', 'sso']:
+            app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: failed: password ok, but a token is required')
+            return False
+        else:
+            app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: success: password')
+            return True
     app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: failed: badauth: {utils.truncated_pw_hash(password)}')
     return False
 
diff --git a/core/admin/mailu/internal/templates/default.sieve b/core/admin/mailu/internal/templates/default.sieve
index c1772c2e..0e97c067 100644
--- a/core/admin/mailu/internal/templates/default.sieve
+++ b/core/admin/mailu/internal/templates/default.sieve
@@ -29,11 +29,6 @@ if spamtest :percent :value "gt" :comparator "i;ascii-numeric" "{{ user.spam_thr
 }
 {% endif %}
 
-if exists "X-Virus" {
-  discard;
-  stop;
-}
-
 {% if user.reply_active %}
 if not address :localpart :contains ["From","Reply-To"] ["noreply","no-reply"]{
   vacation :days 1 {% if user.displayed_name != "" %}:from "{{ user.displayed_name }} <{{ user.email }}>"{% endif %} :subject "{{ user.reply_subject }}" "{{ user.reply_body }}";
diff --git a/core/admin/mailu/models.py b/core/admin/mailu/models.py
index 926ef2fc..45ec457c 100644
--- a/core/admin/mailu/models.py
+++ b/core/admin/mailu/models.py
@@ -232,9 +232,7 @@ class Domain(Base):
         """ return DKIM record for domain """
         if self.dkim_key:
             selector = app.config['DKIM_SELECTOR']
-            txt = f'v=DKIM1; k=rsa; p={self.dkim_publickey}'
-            record = ' '.join(f'"{txt[p:p+250]}"' for p in range(0, len(txt), 250))
-            return f'{selector}._domainkey.{self.name}. 600 IN TXT {record}'
+            return f'{selector}._domainkey.{self.name}. 600 IN TXT "v=DKIM1; k=rsa; p={self.dkim_publickey}"'
 
     @cached_property
     def dns_dmarc(self):
diff --git a/core/admin/mailu/translations/en/LC_MESSAGES/messages.po b/core/admin/mailu/translations/en/LC_MESSAGES/messages.po
index 4ec33e05..f19e191f 100644
--- a/core/admin/mailu/translations/en/LC_MESSAGES/messages.po
+++ b/core/admin/mailu/translations/en/LC_MESSAGES/messages.po
@@ -511,6 +511,10 @@ msgstr ""
 msgid "Generate keys"
 msgstr ""
 
+#: mailu/ui/templates/domain/details.html:19
+msgid "Download zonefile"
+msgstr ""
+
 #: mailu/ui/templates/domain/details.html:30
 msgid "DNS MX entry"
 msgstr ""
diff --git a/core/admin/mailu/translations/es/LC_MESSAGES/messages.po b/core/admin/mailu/translations/es/LC_MESSAGES/messages.po
index c385905e..068712b8 100644
--- a/core/admin/mailu/translations/es/LC_MESSAGES/messages.po
+++ b/core/admin/mailu/translations/es/LC_MESSAGES/messages.po
@@ -53,7 +53,7 @@ msgstr "Configuración del cliente"
 
 #: mailu/sso/templates/sidebar_sso.html:16 mailu/ui/templates/sidebar.html:114
 msgid "Website"
-msgstr "Correo web"
+msgstr "Sitio web"
 
 #: mailu/sso/templates/sidebar_sso.html:22 mailu/ui/templates/sidebar.html:120
 msgid "Help"
@@ -173,7 +173,7 @@ msgstr "Habilitar filtro de spam"
 
 #: mailu/ui/forms.py:103
 msgid "Enable marking spam mails as read"
-msgstr ""
+msgstr "Habilitar marcado de correos spam como leídos"
 
 #: mailu/ui/forms.py:104
 msgid "Spam filter tolerance"
@@ -218,7 +218,7 @@ msgstr "Texto de la respuesta"
 
 #: mailu/ui/forms.py:122
 msgid "Start of vacation"
-msgstr ""
+msgstr "Comienzo de las vacaciones"
 
 #: mailu/ui/forms.py:123
 msgid "End of vacation"
@@ -346,7 +346,7 @@ msgstr "Ocurrió un error en la comunicación con el servidor Docker."
 
 #: mailu/ui/templates/macros.html:129
 msgid "copy to clipboard"
-msgstr ""
+msgstr "copiar en portapapeles"
 
 #: mailu/ui/templates/sidebar.html:15
 msgid "My account"
diff --git a/core/admin/mailu/translations/fa/LC_MESSAGES/messages.po b/core/admin/mailu/translations/fa/LC_MESSAGES/messages.po
new file mode 100644
index 00000000..02fa13cc
--- /dev/null
+++ b/core/admin/mailu/translations/fa/LC_MESSAGES/messages.po
@@ -0,0 +1,731 @@
+# Persian translations for Mailu.
+# Copyright (C) 2023 Mailu
+# This file is distributed under the same license as the Mailu project.
+# Hossein Hosni <hosni.hossein@gmail.com>, 2023.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: PROJECT VERSION\n"
+"Report-Msgid-Bugs-To: hosni.hossein@gmail.com\n"
+"POT-Creation-Date: 2023-09-09 00:33+0330\n"
+"PO-Revision-Date: 2023-09-09 01:21+0330\n"
+"Last-Translator: Hossein Hosni <hosni.hossein@gmail.com>\n"
+"Language-Team: Persian <https://translate.tedomum.net/projects/mailu/admin/"
+"en/>\n"
+"Language: fa\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n==0 || n==1);\n"
+"Generated-By: Babel 2.3.4\n"
+"X-Generator: Poedit 3.3.2\n"
+
+#: mailu/sso/forms.py:8 mailu/ui/forms.py:79
+msgid "E-mail"
+msgstr "پست الکترونیک"
+
+#: mailu/sso/forms.py:9 mailu/ui/forms.py:80 mailu/ui/forms.py:93
+#: mailu/ui/forms.py:112 mailu/ui/forms.py:166
+#: mailu/ui/templates/client.html:32 mailu/ui/templates/client.html:57
+msgid "Password"
+msgstr "گذرواژه"
+
+#: mailu/sso/forms.py:10 mailu/sso/forms.py:11 mailu/sso/templates/login.html:4
+#: mailu/ui/templates/sidebar.html:142
+msgid "Sign in"
+msgstr "ورود"
+
+#: mailu/sso/templates/base_sso.html:8 mailu/ui/templates/base.html:8
+msgid "Admin page for"
+msgstr "صفحه مدیریت برای"
+
+#: mailu/sso/templates/base_sso.html:19 mailu/ui/templates/base.html:19
+msgid "toggle sidebar"
+msgstr "نوار کناری را تغییر دهید"
+
+#: mailu/sso/templates/base_sso.html:37 mailu/ui/templates/base.html:37
+msgid "change language"
+msgstr "تغییر زبان"
+
+#: mailu/sso/templates/sidebar_sso.html:4 mailu/ui/templates/sidebar.html:94
+msgid "Go to"
+msgstr "برو به"
+
+#: mailu/sso/templates/sidebar_sso.html:9 mailu/ui/templates/client.html:4
+#: mailu/ui/templates/sidebar.html:50 mailu/ui/templates/sidebar.html:107
+msgid "Client setup"
+msgstr "تنظیمات سرویس‌گیرنده"
+
+#: mailu/sso/templates/sidebar_sso.html:16 mailu/ui/templates/sidebar.html:114
+msgid "Website"
+msgstr "وب سایت"
+
+#: mailu/sso/templates/sidebar_sso.html:22 mailu/ui/templates/sidebar.html:120
+msgid "Help"
+msgstr "راهنما"
+
+#: mailu/sso/templates/sidebar_sso.html:35
+#: mailu/ui/templates/domain/signup.html:4 mailu/ui/templates/sidebar.html:127
+msgid "Register a domain"
+msgstr "ثبت دامنه"
+
+#: mailu/sso/templates/sidebar_sso.html:49 mailu/ui/forms.py:95
+#: mailu/ui/templates/sidebar.html:149 mailu/ui/templates/user/signup.html:4
+#: mailu/ui/templates/user/signup_domain.html:4
+msgid "Sign up"
+msgstr "ثبت‌نام"
+
+#: mailu/ui/forms.py:33 mailu/ui/forms.py:36
+msgid "Invalid email address."
+msgstr "پست‌الکترونیک اشتباه است."
+
+#: mailu/ui/forms.py:45
+msgid "Confirm"
+msgstr "تایید"
+
+#: mailu/ui/forms.py:48 mailu/ui/forms.py:58
+#: mailu/ui/templates/domain/details.html:26
+#: mailu/ui/templates/domain/list.html:19 mailu/ui/templates/relay/list.html:18
+msgid "Domain name"
+msgstr "آدرس دامنه"
+
+#: mailu/ui/forms.py:49
+msgid "Maximum user count"
+msgstr "حداکثر تعداد کاربر"
+
+#: mailu/ui/forms.py:50
+msgid "Maximum alias count"
+msgstr "حداکثر تعداد نام مستعار"
+
+#: mailu/ui/forms.py:51
+msgid "Maximum user quota"
+msgstr "حداکثر سهمیه کاربر"
+
+#: mailu/ui/forms.py:52
+msgid "Enable sign-up"
+msgstr "فعال کردن ثبت نام"
+
+#: mailu/ui/forms.py:53 mailu/ui/forms.py:74 mailu/ui/forms.py:86
+#: mailu/ui/forms.py:132 mailu/ui/forms.py:144
+#: mailu/ui/templates/alias/list.html:22 mailu/ui/templates/domain/list.html:22
+#: mailu/ui/templates/relay/list.html:20 mailu/ui/templates/token/list.html:20
+#: mailu/ui/templates/user/list.html:24
+msgid "Comment"
+msgstr "یادداشت"
+
+#: mailu/ui/forms.py:54 mailu/ui/forms.py:68 mailu/ui/forms.py:75
+#: mailu/ui/forms.py:88 mailu/ui/forms.py:136 mailu/ui/forms.py:145
+msgid "Save"
+msgstr "ذخیره"
+
+#: mailu/ui/forms.py:59
+msgid "Initial admin"
+msgstr "مدیر نخستین"
+
+#: mailu/ui/forms.py:60
+msgid "Admin password"
+msgstr "گذرواژه مدیریت"
+
+#: mailu/ui/forms.py:61 mailu/ui/forms.py:81 mailu/ui/forms.py:94
+msgid "Confirm password"
+msgstr "تایید گذرواژه"
+
+#: mailu/ui/forms.py:63
+msgid "Create"
+msgstr "ایجاد"
+
+#: mailu/ui/forms.py:67
+msgid "Alternative name"
+msgstr "نام جایگزین"
+
+#: mailu/ui/forms.py:72
+msgid "Relayed domain name"
+msgstr "نام دامنه میانجی"
+
+#: mailu/ui/forms.py:73 mailu/ui/templates/relay/list.html:19
+msgid "Remote host"
+msgstr "میزبان راه‌دور"
+
+#: mailu/ui/forms.py:82 mailu/ui/templates/user/list.html:23
+#: mailu/ui/templates/user/signup_domain.html:16
+msgid "Quota"
+msgstr "سهمیه"
+
+#: mailu/ui/forms.py:83
+msgid "Allow IMAP access"
+msgstr "دسترسی IMAP مجاز باشد"
+
+#: mailu/ui/forms.py:84
+msgid "Allow POP3 access"
+msgstr "دسترسی POP3 مجاز باشد"
+
+#: mailu/ui/forms.py:85 mailu/ui/forms.py:101
+#: mailu/ui/templates/user/settings.html:15
+msgid "Displayed name"
+msgstr "نام نمایشی"
+
+#: mailu/ui/forms.py:87
+msgid "Enabled"
+msgstr "فعال"
+
+#: mailu/ui/forms.py:92
+msgid "Email address"
+msgstr "پست الکترونیکی"
+
+#: mailu/ui/forms.py:102
+msgid "Enable spam filter"
+msgstr "فعال‌کردن پایش هرزنامه"
+
+#: mailu/ui/forms.py:103
+msgid "Enable marking spam mails as read"
+msgstr "فعال‌سازی علامت‌زدن هرزنامه به عنوان خوانده‌شده"
+
+#: mailu/ui/forms.py:104
+msgid "Spam filter tolerance"
+msgstr "بازه تحمل هرزنامه"
+
+#: mailu/ui/forms.py:105
+msgid "Enable forwarding"
+msgstr "فعال‌سازی بازارسال"
+
+#: mailu/ui/forms.py:106
+msgid "Keep a copy of the emails"
+msgstr "نگهداری رونوشت از پست‌الکترونیک"
+
+#: mailu/ui/forms.py:107 mailu/ui/forms.py:143
+#: mailu/ui/templates/alias/list.html:21
+msgid "Destination"
+msgstr "مقصد"
+
+#: mailu/ui/forms.py:108
+msgid "Save settings"
+msgstr "ذخیره تنظیمات"
+
+#: mailu/ui/forms.py:113
+msgid "Password check"
+msgstr "بررسی گذرواژه"
+
+#: mailu/ui/forms.py:114 mailu/ui/templates/sidebar.html:25
+msgid "Update password"
+msgstr "بروزرسانی گذرواژه"
+
+#: mailu/ui/forms.py:118
+msgid "Enable automatic reply"
+msgstr "فعال‌سازی پاسخگوی‌خودکار"
+
+#: mailu/ui/forms.py:119
+msgid "Reply subject"
+msgstr "موضوع پاسخگویی"
+
+#: mailu/ui/forms.py:120
+msgid "Reply body"
+msgstr "متن پاسخگویی"
+
+#: mailu/ui/forms.py:122
+msgid "Start of vacation"
+msgstr "شروع استراحت"
+
+#: mailu/ui/forms.py:123
+msgid "End of vacation"
+msgstr "پایان استراحت"
+
+#: mailu/ui/forms.py:124
+msgid "Update"
+msgstr "بروزرسانی"
+
+#: mailu/ui/forms.py:129
+msgid "Your token (write it down, as it will never be displayed again)"
+msgstr "کلید شما (کلید را یادداشت کنید، چرا که دوباره نمایش داده نخواهد شد)"
+
+#: mailu/ui/forms.py:134 mailu/ui/templates/token/list.html:21
+msgid "Authorized IP"
+msgstr "Authorized IP"
+
+#: mailu/ui/forms.py:140
+msgid "Alias"
+msgstr "Alias"
+
+#: mailu/ui/forms.py:142
+msgid "Use SQL LIKE Syntax (e.g. for catch-all aliases)"
+msgstr "استفاده از قواعد اس‌کیو‌ال (برای پوشش الایس‌ها)"
+
+#: mailu/ui/forms.py:149
+msgid "Admin email"
+msgstr "افزودن پست‌الکترونیکی"
+
+#: mailu/ui/forms.py:150 mailu/ui/forms.py:155 mailu/ui/forms.py:168
+msgid "Submit"
+msgstr "ثبت"
+
+#: mailu/ui/forms.py:154
+msgid "Manager email"
+msgstr "مدیریت پست‌الکترونیک"
+
+#: mailu/ui/forms.py:159
+msgid "Protocol"
+msgstr "پرتکل"
+
+#: mailu/ui/forms.py:162
+msgid "Hostname or IP"
+msgstr "نشانی یا آی‌پی"
+
+#: mailu/ui/forms.py:163 mailu/ui/templates/client.html:20
+#: mailu/ui/templates/client.html:45
+msgid "TCP port"
+msgstr "پورت تی‌سی‌پی"
+
+#: mailu/ui/forms.py:164
+msgid "Enable TLS"
+msgstr "فعال‌سازی TLS"
+
+#: mailu/ui/forms.py:165 mailu/ui/templates/client.html:28
+#: mailu/ui/templates/client.html:53 mailu/ui/templates/fetch/list.html:21
+msgid "Username"
+msgstr "نام‌کاربری"
+
+#: mailu/ui/forms.py:167
+msgid "Keep emails on the server"
+msgstr "نگهداری ایمیل در سرور"
+
+#: mailu/ui/forms.py:172
+msgid "Announcement subject"
+msgstr "موضوع آگهی"
+
+#: mailu/ui/forms.py:174
+msgid "Announcement body"
+msgstr "متن آگهی"
+
+#: mailu/ui/forms.py:176
+msgid "Send"
+msgstr "ارسال"
+
+#: mailu/ui/templates/announcement.html:4
+msgid "Public announcement"
+msgstr "آگهی عمومی"
+
+#: mailu/ui/templates/antispam.html:4 mailu/ui/templates/sidebar.html:80
+#: mailu/ui/templates/user/settings.html:19
+msgid "Antispam"
+msgstr "ضدهرزنامه"
+
+#: mailu/ui/templates/antispam.html:8
+msgid "RSPAMD status page"
+msgstr "صفحه گزارش وضعیت RSPAMD"
+
+#: mailu/ui/templates/client.html:8
+msgid "configure your email client"
+msgstr "تنظیمات کاربر پست‌الکترونیک"
+
+#: mailu/ui/templates/client.html:13
+msgid "Incoming mail"
+msgstr "ایمیل ورودی"
+
+#: mailu/ui/templates/client.html:16 mailu/ui/templates/client.html:41
+msgid "Mail protocol"
+msgstr "پرتکل ایمیل"
+
+#: mailu/ui/templates/client.html:24 mailu/ui/templates/client.html:49
+msgid "Server name"
+msgstr "نام سرور"
+
+#: mailu/ui/templates/client.html:38
+msgid "Outgoing mail"
+msgstr "ایمیل خروجی"
+
+#: mailu/ui/templates/confirm.html:4
+msgid "Confirm action"
+msgstr "تایید دستور"
+
+#: mailu/ui/templates/confirm.html:13
+#, python-format
+msgid "You are about to %(action)s. Please confirm your action."
+msgstr "شما در حال انجام %(action)s هستید. لطفا دستور را تایید کنید."
+
+#: mailu/ui/templates/docker-error.html:4
+msgid "Docker error"
+msgstr "خطای داکر"
+
+#: mailu/ui/templates/docker-error.html:12
+msgid "An error occurred while talking to the Docker server."
+msgstr "خطایی در هنگام ارتباط با سرور داکر به وجود آمده است."
+
+#: mailu/ui/templates/macros.html:129
+msgid "copy to clipboard"
+msgstr "کپی در حافظه"
+
+#: mailu/ui/templates/sidebar.html:15
+msgid "My account"
+msgstr "حساب من"
+
+#: mailu/ui/templates/sidebar.html:19 mailu/ui/templates/user/list.html:37
+msgid "Settings"
+msgstr "تنظیمات"
+
+#: mailu/ui/templates/sidebar.html:31 mailu/ui/templates/user/list.html:38
+msgid "Auto-reply"
+msgstr "پاسخ‌گوی خودکار"
+
+#: mailu/ui/templates/fetch/list.html:4 mailu/ui/templates/sidebar.html:37
+#: mailu/ui/templates/user/list.html:39
+msgid "Fetched accounts"
+msgstr "اکانت‌ها واکشی‌شده"
+
+#: mailu/ui/templates/sidebar.html:43 mailu/ui/templates/token/list.html:4
+msgid "Authentication tokens"
+msgstr "کلیدهای احراز هویت"
+
+#: mailu/ui/templates/sidebar.html:56
+msgid "Administration"
+msgstr "مدیریت"
+
+#: mailu/ui/templates/sidebar.html:62
+msgid "Announcement"
+msgstr "آگهی"
+
+#: mailu/ui/templates/sidebar.html:68
+msgid "Administrators"
+msgstr "مدیران"
+
+#: mailu/ui/templates/sidebar.html:74
+msgid "Relayed domains"
+msgstr "دامنه‌های میانجی"
+
+#: mailu/ui/templates/sidebar.html:88
+msgid "Mail domains"
+msgstr "دامنه‌های ایمیل"
+
+#: mailu/ui/templates/sidebar.html:99
+msgid "Webmail"
+msgstr "پنل‌وب‌ایمیل"
+
+#: mailu/ui/templates/sidebar.html:135
+msgid "Sign out"
+msgstr "خروج"
+
+#: mailu/ui/templates/working.html:4
+msgid "We are still working on this feature!"
+msgstr "ما داریم روی این قابلیت زحمت می‌کشیم :)"
+
+#: mailu/ui/templates/admin/create.html:4
+msgid "Add a global administrator"
+msgstr "افزودن مدیرکل"
+
+#: mailu/ui/templates/admin/list.html:4
+msgid "Global administrators"
+msgstr "مدیران کلی"
+
+#: mailu/ui/templates/admin/list.html:9
+msgid "Add administrator"
+msgstr "افزودن مدیر"
+
+#: mailu/ui/templates/admin/list.html:17 mailu/ui/templates/alias/list.html:19
+#: mailu/ui/templates/alternative/list.html:19
+#: mailu/ui/templates/domain/list.html:17 mailu/ui/templates/fetch/list.html:19
+#: mailu/ui/templates/manager/list.html:19
+#: mailu/ui/templates/relay/list.html:17 mailu/ui/templates/token/list.html:19
+#: mailu/ui/templates/user/list.html:19
+msgid "Actions"
+msgstr "عملیات"
+
+#: mailu/ui/templates/admin/list.html:18 mailu/ui/templates/alias/list.html:20
+#: mailu/ui/templates/manager/list.html:20 mailu/ui/templates/user/list.html:21
+msgid "Email"
+msgstr "پست‌الکترونیک"
+
+#: mailu/ui/templates/admin/list.html:25 mailu/ui/templates/alias/list.html:32
+#: mailu/ui/templates/alternative/list.html:29
+#: mailu/ui/templates/domain/list.html:34 mailu/ui/templates/fetch/list.html:34
+#: mailu/ui/templates/manager/list.html:27
+#: mailu/ui/templates/relay/list.html:30 mailu/ui/templates/token/list.html:30
+#: mailu/ui/templates/user/list.html:34
+msgid "Delete"
+msgstr "حذف"
+
+#: mailu/ui/templates/alias/create.html:4
+msgid "Create alias"
+msgstr "ایجاد الایس"
+
+#: mailu/ui/templates/alias/edit.html:4
+msgid "Edit alias"
+msgstr "ویرایش الایس"
+
+#: mailu/ui/templates/alias/list.html:4
+msgid "Alias list"
+msgstr "لیست الایس‌ها"
+
+#: mailu/ui/templates/alias/list.html:12
+msgid "Add alias"
+msgstr "افزودن الایس"
+
+#: mailu/ui/templates/alias/list.html:23
+#: mailu/ui/templates/alternative/list.html:21
+#: mailu/ui/templates/domain/list.html:23 mailu/ui/templates/fetch/list.html:25
+#: mailu/ui/templates/relay/list.html:21 mailu/ui/templates/token/list.html:22
+#: mailu/ui/templates/user/list.html:25
+msgid "Created"
+msgstr "ایجاد شد"
+
+#: mailu/ui/templates/alias/list.html:24
+#: mailu/ui/templates/alternative/list.html:22
+#: mailu/ui/templates/domain/list.html:24 mailu/ui/templates/fetch/list.html:26
+#: mailu/ui/templates/relay/list.html:22 mailu/ui/templates/token/list.html:23
+#: mailu/ui/templates/user/list.html:26
+msgid "Last edit"
+msgstr "آخرین ویرایش"
+
+#: mailu/ui/templates/alias/list.html:31 mailu/ui/templates/domain/list.html:33
+#: mailu/ui/templates/fetch/list.html:33 mailu/ui/templates/relay/list.html:29
+#: mailu/ui/templates/user/list.html:33
+msgid "Edit"
+msgstr "ویرایش"
+
+#: mailu/ui/templates/alternative/create.html:4
+msgid "Create alternative domain"
+msgstr "ایجاد دامنه‌ی دیگر"
+
+#: mailu/ui/templates/alternative/list.html:4
+msgid "Alternative domain list"
+msgstr "لیست دامنه‌های دیگر"
+
+#: mailu/ui/templates/alternative/list.html:12
+msgid "Add alternative"
+msgstr "افزودن دامنه‌ی دیگر"
+
+#: mailu/ui/templates/alternative/list.html:20
+msgid "Name"
+msgstr "نام"
+
+#: mailu/ui/templates/domain/create.html:4
+#: mailu/ui/templates/domain/list.html:9
+msgid "New domain"
+msgstr "دامنه جدید"
+
+#: mailu/ui/templates/domain/details.html:4
+msgid "Domain details"
+msgstr "مشخصات دامنه"
+
+#: mailu/ui/templates/domain/details.html:15
+msgid "Regenerate keys"
+msgstr "ایجاد مجدد کلید‌ها"
+
+#: mailu/ui/templates/domain/details.html:17
+msgid "Generate keys"
+msgstr "ایجاد کلید‌ها"
+
+#: mailu/ui/templates/domain/details.html:30
+msgid "DNS MX entry"
+msgstr "DNS MX"
+
+#: mailu/ui/templates/domain/details.html:34
+msgid "DNS SPF entries"
+msgstr "DNS SPF"
+
+#: mailu/ui/templates/domain/details.html:40
+msgid "DKIM public key"
+msgstr "کلید عمومی DKIM"
+
+#: mailu/ui/templates/domain/details.html:44
+msgid "DNS DKIM entry"
+msgstr "DNS DKIM"
+
+#: mailu/ui/templates/domain/details.html:48
+msgid "DNS DMARC entry"
+msgstr "DNS DMARC"
+
+#: mailu/ui/templates/domain/details.html:58
+msgid "DNS TLSA entry"
+msgstr "DNS TLSA"
+
+#: mailu/ui/templates/domain/details.html:63
+msgid "DNS client auto-configuration entries"
+msgstr "DNS client auto-configuration"
+
+#: mailu/ui/templates/domain/edit.html:4
+msgid "Edit domain"
+msgstr "ویرایش دامنه"
+
+#: mailu/ui/templates/domain/list.html:4
+msgid "Domain list"
+msgstr "لیست دامنه"
+
+#: mailu/ui/templates/domain/list.html:18
+msgid "Manage"
+msgstr "مدیریت"
+
+#: mailu/ui/templates/domain/list.html:20
+msgid "Mailbox count"
+msgstr "تعداد جعبه ایمیل"
+
+#: mailu/ui/templates/domain/list.html:21
+msgid "Alias count"
+msgstr "تعداد الایس‌ها"
+
+#: mailu/ui/templates/domain/list.html:31
+msgid "Details"
+msgstr "جزئیات"
+
+#: mailu/ui/templates/domain/list.html:38
+msgid "Users"
+msgstr "کاربران"
+
+#: mailu/ui/templates/domain/list.html:39
+msgid "Aliases"
+msgstr "الایس‌ها"
+
+#: mailu/ui/templates/domain/list.html:40
+msgid "Managers"
+msgstr "مدیران"
+
+#: mailu/ui/templates/domain/list.html:42
+msgid "Alternatives"
+msgstr "جایگزین‌ها"
+
+#: mailu/ui/templates/domain/signup.html:13
+msgid ""
+"In order to register a new domain, you must first setup the\n"
+"    domain zone so that the domain <code>MX</code> points to this server"
+msgstr ""
+"برای ثبت دامنه جدید، ابتدا می‌بایست تنظیمات DNS ٔدامنه را به گونه‌ای تنظیم کنید "
+"که رکورد <code>MX</code> آن به سرور ما اشاره کند"
+
+#: mailu/ui/templates/domain/signup.html:18
+msgid ""
+"If you do not know how to setup an <code>MX</code> record for your DNS "
+"zone,\n"
+"    please contact your DNS provider or administrator. Also, please wait a\n"
+"    couple minutes after the <code>MX</code> is set so the local server "
+"cache\n"
+"    expires."
+msgstr ""
+"در صورتی که نمی‌دانید چگونه تنظیمات رکورد <code>MX</code> دامنه خود را انجام "
+"دهید، می‌بایست با فروشنده دامنه خود ارتباط برقرار کنید.\n"
+"همچنین بعد از تنظیم رکورد <code>MX</code> دقایقی را تا اعمال نتیجه آن منتظر "
+"بمانید."
+
+#: mailu/ui/templates/fetch/create.html:4
+msgid "Add a fetched account"
+msgstr "افزودن حساب واکشی"
+
+#: mailu/ui/templates/fetch/edit.html:4
+msgid "Update a fetched account"
+msgstr "بروزرسانی حساب واکشی"
+
+#: mailu/ui/templates/fetch/list.html:12
+msgid "Add an account"
+msgstr "افزودن حساب"
+
+#: mailu/ui/templates/fetch/list.html:20
+msgid "Endpoint"
+msgstr "نشانی"
+
+#: mailu/ui/templates/fetch/list.html:22
+msgid "Keep emails"
+msgstr "نگهداری ایمیل‌ها"
+
+#: mailu/ui/templates/fetch/list.html:23
+msgid "Last check"
+msgstr "آخرین بررسی"
+
+#: mailu/ui/templates/fetch/list.html:24
+msgid "Status"
+msgstr "وضعیت"
+
+#: mailu/ui/templates/fetch/list.html:38
+msgid "yes"
+msgstr "بلی"
+
+#: mailu/ui/templates/fetch/list.html:38
+msgid "no"
+msgstr "خیر"
+
+#: mailu/ui/templates/manager/create.html:4
+msgid "Add a manager"
+msgstr "افزودن مدیری"
+
+#: mailu/ui/templates/manager/list.html:4
+msgid "Manager list"
+msgstr "لیست مدیران"
+
+#: mailu/ui/templates/manager/list.html:12
+msgid "Add manager"
+msgstr "افزودن مدیر"
+
+#: mailu/ui/templates/relay/create.html:4
+msgid "New relay domain"
+msgstr "افزودن دامنه میانجی"
+
+#: mailu/ui/templates/relay/edit.html:4
+msgid "Edit relayed domain"
+msgstr "ویرایش دامنه میانجی"
+
+#: mailu/ui/templates/relay/list.html:4
+msgid "Relayed domain list"
+msgstr "لیست دامنه‌های میانجی"
+
+#: mailu/ui/templates/relay/list.html:9
+msgid "New relayed domain"
+msgstr "دامنه میانجی جدید"
+
+#: mailu/ui/templates/token/create.html:4
+msgid "Create an authentication token"
+msgstr "ایجاد کلید احراز هویت"
+
+#: mailu/ui/templates/token/list.html:12
+msgid "New token"
+msgstr "کلید جدید"
+
+#: mailu/ui/templates/user/create.html:4
+msgid "New user"
+msgstr "کاربر جدید"
+
+#: mailu/ui/templates/user/create.html:15
+msgid "General"
+msgstr "عمومی"
+
+#: mailu/ui/templates/user/create.html:23
+msgid "Features and quotas"
+msgstr "قابلیت‌ها و سهمیه"
+
+#: mailu/ui/templates/user/edit.html:4
+msgid "Edit user"
+msgstr "ویرایش کاربر"
+
+#: mailu/ui/templates/user/list.html:4
+msgid "User list"
+msgstr "لیست کاربران"
+
+#: mailu/ui/templates/user/list.html:12
+msgid "Add user"
+msgstr "افزودن کاربر"
+
+#: mailu/ui/templates/user/list.html:20 mailu/ui/templates/user/settings.html:4
+msgid "User settings"
+msgstr "تنظیمات کاربر"
+
+#: mailu/ui/templates/user/list.html:22
+msgid "Features"
+msgstr "قابلیت‌ها"
+
+#: mailu/ui/templates/user/password.html:4
+msgid "Password update"
+msgstr "بروزرسانی گذرواژه"
+
+#: mailu/ui/templates/user/reply.html:4
+msgid "Automatic reply"
+msgstr "پاسخگوی خودکار"
+
+#: mailu/ui/templates/user/settings.html:27
+msgid "Auto-forward"
+msgstr "بازارسال خودکار"
+
+#: mailu/ui/templates/user/signup_domain.html:8
+msgid "pick a domain for the new account"
+msgstr "انتخاب دامنه برای حساب جدید"
+
+#: mailu/ui/templates/user/signup_domain.html:14
+msgid "Domain"
+msgstr "دامنه"
+
+#: mailu/ui/templates/user/signup_domain.html:15
+msgid "Available slots"
+msgstr "جایگاه‌های موجود"
diff --git a/core/admin/mailu/translations/uk/LC_MESSAGES/messages.po b/core/admin/mailu/translations/uk/LC_MESSAGES/messages.po
new file mode 100644
index 00000000..1db04274
--- /dev/null
+++ b/core/admin/mailu/translations/uk/LC_MESSAGES/messages.po
@@ -0,0 +1,737 @@
+# Ukrainian translations for PROJECT.
+# Copyright (C) 2016 ORGANIZATION
+# This file is distributed under the same license as the PROJECT project.
+# Danylo Sydorenko <sydorenkodanylo2021@gmail.com>, 2023.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: PROJECT VERSION\n"
+"Report-Msgid-Bugs-To: sydorenkodanylo2021@gmail.com\n"
+"POT-Creation-Date: 2022-05-22 18:47+0200\n"
+"PO-Revision-Date: 2023-08-14 08:19+0300\n"
+"Last-Translator: Danylo Sydorenko <sydorenkodanylo2021@gmail.com>\n"
+"Language-Team: Ukrainian <https://translate.tedomum.net/projects/mailu/admin/"
+"uk/>\n"
+"Language: uk\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=n==1 ? 0 : n%10>=2 && n%10<=4 && "
+"(n%100<10 || n%100>=20) ? 1 : 2\n"
+"Generated-By: Babel 2.3.4\n"
+"X-Generator: Poedit 3.3.2\n"
+
+#: mailu/sso/forms.py:8 mailu/ui/forms.py:79
+msgid "E-mail"
+msgstr "Електронна пошта"
+
+#: mailu/sso/forms.py:9 mailu/ui/forms.py:80 mailu/ui/forms.py:93
+#: mailu/ui/forms.py:112 mailu/ui/forms.py:166
+#: mailu/ui/templates/client.html:32 mailu/ui/templates/client.html:57
+msgid "Password"
+msgstr "Пароль"
+
+#: mailu/sso/forms.py:10 mailu/sso/forms.py:11 mailu/sso/templates/login.html:4
+#: mailu/ui/templates/sidebar.html:142
+msgid "Sign in"
+msgstr "Увійти"
+
+#: mailu/sso/templates/base_sso.html:8 mailu/ui/templates/base.html:8
+msgid "Admin page for"
+msgstr "Сторінка адміністратора для"
+
+#: mailu/sso/templates/base_sso.html:19 mailu/ui/templates/base.html:19
+msgid "toggle sidebar"
+msgstr "переключити бічну панель"
+
+#: mailu/sso/templates/base_sso.html:37 mailu/ui/templates/base.html:37
+msgid "change language"
+msgstr "змінити мову"
+
+#: mailu/sso/templates/sidebar_sso.html:4 mailu/ui/templates/sidebar.html:94
+msgid "Go to"
+msgstr "Перейти до"
+
+#: mailu/sso/templates/sidebar_sso.html:9 mailu/ui/templates/client.html:4
+#: mailu/ui/templates/sidebar.html:50 mailu/ui/templates/sidebar.html:107
+msgid "Client setup"
+msgstr "Налаштування клієнта"
+
+#: mailu/sso/templates/sidebar_sso.html:16 mailu/ui/templates/sidebar.html:114
+msgid "Website"
+msgstr "Вебсайт"
+
+#: mailu/sso/templates/sidebar_sso.html:22 mailu/ui/templates/sidebar.html:120
+msgid "Help"
+msgstr "Довідка"
+
+#: mailu/sso/templates/sidebar_sso.html:35
+#: mailu/ui/templates/domain/signup.html:4 mailu/ui/templates/sidebar.html:127
+msgid "Register a domain"
+msgstr "Зареєструвати домен"
+
+#: mailu/sso/templates/sidebar_sso.html:49 mailu/ui/forms.py:95
+#: mailu/ui/templates/sidebar.html:149 mailu/ui/templates/user/signup.html:4
+#: mailu/ui/templates/user/signup_domain.html:4
+msgid "Sign up"
+msgstr "Зареєструватися"
+
+#: mailu/ui/forms.py:33 mailu/ui/forms.py:36
+msgid "Invalid email address."
+msgstr "Недійсна електронна пошта."
+
+#: mailu/ui/forms.py:45
+msgid "Confirm"
+msgstr "Підтвердити"
+
+#: mailu/ui/forms.py:48 mailu/ui/forms.py:58
+#: mailu/ui/templates/domain/details.html:26
+#: mailu/ui/templates/domain/list.html:19 mailu/ui/templates/relay/list.html:18
+msgid "Domain name"
+msgstr "Ім'я домену"
+
+#: mailu/ui/forms.py:49
+msgid "Maximum user count"
+msgstr "Максимальна кількість користувачів"
+
+#: mailu/ui/forms.py:50
+msgid "Maximum alias count"
+msgstr "Максимальна кількість скорочень"
+
+#: mailu/ui/forms.py:51
+msgid "Maximum user quota"
+msgstr "Максимальна квота користувачів"
+
+#: mailu/ui/forms.py:52
+msgid "Enable sign-up"
+msgstr "Увімкнути реєстрацію"
+
+#: mailu/ui/forms.py:53 mailu/ui/forms.py:74 mailu/ui/forms.py:86
+#: mailu/ui/forms.py:132 mailu/ui/forms.py:144
+#: mailu/ui/templates/alias/list.html:22 mailu/ui/templates/domain/list.html:22
+#: mailu/ui/templates/relay/list.html:20 mailu/ui/templates/token/list.html:20
+#: mailu/ui/templates/user/list.html:24
+msgid "Comment"
+msgstr "Коментар"
+
+#: mailu/ui/forms.py:54 mailu/ui/forms.py:68 mailu/ui/forms.py:75
+#: mailu/ui/forms.py:88 mailu/ui/forms.py:136 mailu/ui/forms.py:145
+msgid "Save"
+msgstr "Зберегти"
+
+#: mailu/ui/forms.py:59
+msgid "Initial admin"
+msgstr "Початковий адміністратор"
+
+#: mailu/ui/forms.py:60
+msgid "Admin password"
+msgstr "Пароль адміністратора"
+
+#: mailu/ui/forms.py:61 mailu/ui/forms.py:81 mailu/ui/forms.py:94
+msgid "Confirm password"
+msgstr "Підтвердити пароль"
+
+#: mailu/ui/forms.py:63
+msgid "Create"
+msgstr "Створити"
+
+#: mailu/ui/forms.py:67
+msgid "Alternative name"
+msgstr "Альтернативна назва"
+
+#: mailu/ui/forms.py:72
+msgid "Relayed domain name"
+msgstr "Ретрансльоване доменне ім'я"
+
+#: mailu/ui/forms.py:73 mailu/ui/templates/relay/list.html:19
+msgid "Remote host"
+msgstr "Віддалений хост"
+
+#: mailu/ui/forms.py:82 mailu/ui/templates/user/list.html:23
+#: mailu/ui/templates/user/signup_domain.html:16
+msgid "Quota"
+msgstr "Квота"
+
+#: mailu/ui/forms.py:83
+msgid "Allow IMAP access"
+msgstr "Дозволити IMAP-доступ"
+
+#: mailu/ui/forms.py:84
+msgid "Allow POP3 access"
+msgstr "Дозволити POP3-доступ"
+
+#: mailu/ui/forms.py:85 mailu/ui/forms.py:101
+#: mailu/ui/templates/user/settings.html:15
+msgid "Displayed name"
+msgstr "Ім'я, що показується"
+
+#: mailu/ui/forms.py:87
+msgid "Enabled"
+msgstr "Увімкнено"
+
+#: mailu/ui/forms.py:92
+msgid "Email address"
+msgstr "Електронна пошта"
+
+#: mailu/ui/forms.py:102
+msgid "Enable spam filter"
+msgstr "Увімкнути спам-фільтр"
+
+#: mailu/ui/forms.py:103
+msgid "Enable marking spam mails as read"
+msgstr "Позначити спам як прочитане"
+
+#: mailu/ui/forms.py:104
+msgid "Spam filter tolerance"
+msgstr "Толерантність спам-фільтра до спаму"
+
+#: mailu/ui/forms.py:105
+msgid "Enable forwarding"
+msgstr "Увімкнути переадресацію"
+
+#: mailu/ui/forms.py:106
+msgid "Keep a copy of the emails"
+msgstr "Зберігати копії електронних листів"
+
+#: mailu/ui/forms.py:107 mailu/ui/forms.py:143
+#: mailu/ui/templates/alias/list.html:21
+msgid "Destination"
+msgstr "Призначення"
+
+#: mailu/ui/forms.py:108
+msgid "Save settings"
+msgstr "Зберегти налаштування"
+
+#: mailu/ui/forms.py:113
+msgid "Password check"
+msgstr "Перевірка пароля"
+
+#: mailu/ui/forms.py:114 mailu/ui/templates/sidebar.html:25
+msgid "Update password"
+msgstr "Оновити пароль"
+
+#: mailu/ui/forms.py:118
+msgid "Enable automatic reply"
+msgstr "Увімкнути автоматичну відповідь"
+
+#: mailu/ui/forms.py:119
+msgid "Reply subject"
+msgstr "Тема відповіді"
+
+#: mailu/ui/forms.py:120
+msgid "Reply body"
+msgstr "Текст відповіді"
+
+#: mailu/ui/forms.py:122
+msgid "Start of vacation"
+msgstr "Початок відпустки"
+
+#: mailu/ui/forms.py:123
+msgid "End of vacation"
+msgstr "Кінець відпустки"
+
+#: mailu/ui/forms.py:124
+msgid "Update"
+msgstr "Оновити"
+
+#: mailu/ui/forms.py:129
+msgid "Your token (write it down, as it will never be displayed again)"
+msgstr ""
+"Ваш токен (запишіть його, оскільки він більше ніколи не буде відображатися)"
+
+#: mailu/ui/forms.py:134 mailu/ui/templates/token/list.html:21
+msgid "Authorized IP"
+msgstr "Дозволені IP-адреси"
+
+#: mailu/ui/forms.py:140
+msgid "Alias"
+msgstr "Псевдонім"
+
+#: mailu/ui/forms.py:142
+msgid "Use SQL LIKE Syntax (e.g. for catch-all aliases)"
+msgstr ""
+"Використовуйте синтаксис SQL LIKE (наприклад, для псевдонімів catch-all)"
+
+#: mailu/ui/forms.py:149
+msgid "Admin email"
+msgstr "Пошта адміністратора"
+
+#: mailu/ui/forms.py:150 mailu/ui/forms.py:155 mailu/ui/forms.py:168
+msgid "Submit"
+msgstr "Надіслати"
+
+#: mailu/ui/forms.py:154
+msgid "Manager email"
+msgstr "Електронна пошта менеджера"
+
+#: mailu/ui/forms.py:159
+msgid "Protocol"
+msgstr "Протокол"
+
+#: mailu/ui/forms.py:162
+msgid "Hostname or IP"
+msgstr "Ім'я хоста або IP"
+
+#: mailu/ui/forms.py:163 mailu/ui/templates/client.html:20
+#: mailu/ui/templates/client.html:45
+msgid "TCP port"
+msgstr "Порт TCP"
+
+#: mailu/ui/forms.py:164
+msgid "Enable TLS"
+msgstr "Увімкнути TLS"
+
+#: mailu/ui/forms.py:165 mailu/ui/templates/client.html:28
+#: mailu/ui/templates/client.html:53 mailu/ui/templates/fetch/list.html:21
+msgid "Username"
+msgstr "Ім'я користувача"
+
+#: mailu/ui/forms.py:167
+msgid "Keep emails on the server"
+msgstr "Зберігати копії електронних листів"
+
+#: mailu/ui/forms.py:172
+msgid "Announcement subject"
+msgstr "Тема оголошення"
+
+#: mailu/ui/forms.py:174
+msgid "Announcement body"
+msgstr "Текст оголошення"
+
+#: mailu/ui/forms.py:176
+msgid "Send"
+msgstr "Надіслати"
+
+#: mailu/ui/templates/announcement.html:4
+msgid "Public announcement"
+msgstr "Публічне оголошення"
+
+#: mailu/ui/templates/antispam.html:4 mailu/ui/templates/sidebar.html:80
+#: mailu/ui/templates/user/settings.html:19
+msgid "Antispam"
+msgstr "Антиспам"
+
+#: mailu/ui/templates/antispam.html:8
+msgid "RSPAMD status page"
+msgstr "Сторінка стану RSPAMD"
+
+#: mailu/ui/templates/client.html:8
+msgid "configure your email client"
+msgstr "налаштуйте свій поштовий клієнт"
+
+#: mailu/ui/templates/client.html:13
+msgid "Incoming mail"
+msgstr "Вхідна пошта"
+
+#: mailu/ui/templates/client.html:16 mailu/ui/templates/client.html:41
+msgid "Mail protocol"
+msgstr "Поштовий протокол"
+
+#: mailu/ui/templates/client.html:24 mailu/ui/templates/client.html:49
+msgid "Server name"
+msgstr "Назва серверу"
+
+#: mailu/ui/templates/client.html:38
+msgid "Outgoing mail"
+msgstr "Вихідна пошта"
+
+#: mailu/ui/templates/confirm.html:4
+msgid "Confirm action"
+msgstr "Підтвердити дію"
+
+#: mailu/ui/templates/confirm.html:13
+#, python-format
+msgid "You are about to %(action)s. Please confirm your action."
+msgstr "Ви збираєтеся виконати %(action)s. Будь ласка, підтвердіть вашу дію."
+
+#: mailu/ui/templates/docker-error.html:4
+msgid "Docker error"
+msgstr "Помилка Docker"
+
+#: mailu/ui/templates/docker-error.html:12
+msgid "An error occurred while talking to the Docker server."
+msgstr "Виникла помилка при спілкуванні з сервером Docker."
+
+#: mailu/ui/templates/macros.html:129
+msgid "copy to clipboard"
+msgstr "скопіювати в буфер обміну"
+
+#: mailu/ui/templates/sidebar.html:15
+msgid "My account"
+msgstr "Мій обліковий запис"
+
+#: mailu/ui/templates/sidebar.html:19 mailu/ui/templates/user/list.html:37
+msgid "Settings"
+msgstr "Налаштування"
+
+#: mailu/ui/templates/sidebar.html:31 mailu/ui/templates/user/list.html:38
+msgid "Auto-reply"
+msgstr "Автовідповідь"
+
+#: mailu/ui/templates/fetch/list.html:4 mailu/ui/templates/sidebar.html:37
+#: mailu/ui/templates/user/list.html:39
+msgid "Fetched accounts"
+msgstr "Отримані облікові записи"
+
+#: mailu/ui/templates/sidebar.html:43 mailu/ui/templates/token/list.html:4
+msgid "Authentication tokens"
+msgstr "Токени автентифікації"
+
+#: mailu/ui/templates/sidebar.html:56
+msgid "Administration"
+msgstr "Адміністрація"
+
+#: mailu/ui/templates/sidebar.html:62
+msgid "Announcement"
+msgstr "Оголошення"
+
+#: mailu/ui/templates/sidebar.html:68
+msgid "Administrators"
+msgstr "Адміністратори"
+
+#: mailu/ui/templates/sidebar.html:74
+msgid "Relayed domains"
+msgstr "Передані домени"
+
+#: mailu/ui/templates/sidebar.html:88
+msgid "Mail domains"
+msgstr "Поштові домени"
+
+#: mailu/ui/templates/sidebar.html:99
+msgid "Webmail"
+msgstr "Вебпошта"
+
+#: mailu/ui/templates/sidebar.html:135
+msgid "Sign out"
+msgstr "Вийти"
+
+#: mailu/ui/templates/working.html:4
+msgid "We are still working on this feature!"
+msgstr "Ми все ще працюємо над цією функцією!"
+
+#: mailu/ui/templates/admin/create.html:4
+msgid "Add a global administrator"
+msgstr "Додати глобального адміністратора"
+
+#: mailu/ui/templates/admin/list.html:4
+msgid "Global administrators"
+msgstr "Глобальні адміністратори"
+
+#: mailu/ui/templates/admin/list.html:9
+msgid "Add administrator"
+msgstr "Додати адміністратора"
+
+#: mailu/ui/templates/admin/list.html:17 mailu/ui/templates/alias/list.html:19
+#: mailu/ui/templates/alternative/list.html:19
+#: mailu/ui/templates/domain/list.html:17 mailu/ui/templates/fetch/list.html:19
+#: mailu/ui/templates/manager/list.html:19
+#: mailu/ui/templates/relay/list.html:17 mailu/ui/templates/token/list.html:19
+#: mailu/ui/templates/user/list.html:19
+msgid "Actions"
+msgstr "Дії"
+
+#: mailu/ui/templates/admin/list.html:18 mailu/ui/templates/alias/list.html:20
+#: mailu/ui/templates/manager/list.html:20 mailu/ui/templates/user/list.html:21
+msgid "Email"
+msgstr "Електронна пошта"
+
+#: mailu/ui/templates/admin/list.html:25 mailu/ui/templates/alias/list.html:32
+#: mailu/ui/templates/alternative/list.html:29
+#: mailu/ui/templates/domain/list.html:34 mailu/ui/templates/fetch/list.html:34
+#: mailu/ui/templates/manager/list.html:27
+#: mailu/ui/templates/relay/list.html:30 mailu/ui/templates/token/list.html:30
+#: mailu/ui/templates/user/list.html:34
+msgid "Delete"
+msgstr "Видалити"
+
+#: mailu/ui/templates/alias/create.html:4
+msgid "Create alias"
+msgstr "Створити псевдонім"
+
+#: mailu/ui/templates/alias/edit.html:4
+msgid "Edit alias"
+msgstr "Редагувати псевдонім"
+
+#: mailu/ui/templates/alias/list.html:4
+msgid "Alias list"
+msgstr "Список псевдонімів"
+
+#: mailu/ui/templates/alias/list.html:12
+msgid "Add alias"
+msgstr "Додати псевдонім"
+
+#: mailu/ui/templates/alias/list.html:23
+#: mailu/ui/templates/alternative/list.html:21
+#: mailu/ui/templates/domain/list.html:23 mailu/ui/templates/fetch/list.html:25
+#: mailu/ui/templates/relay/list.html:21 mailu/ui/templates/token/list.html:22
+#: mailu/ui/templates/user/list.html:25
+msgid "Created"
+msgstr "Створено"
+
+#: mailu/ui/templates/alias/list.html:24
+#: mailu/ui/templates/alternative/list.html:22
+#: mailu/ui/templates/domain/list.html:24 mailu/ui/templates/fetch/list.html:26
+#: mailu/ui/templates/relay/list.html:22 mailu/ui/templates/token/list.html:23
+#: mailu/ui/templates/user/list.html:26
+msgid "Last edit"
+msgstr "Останнє редагування від"
+
+#: mailu/ui/templates/alias/list.html:31 mailu/ui/templates/domain/list.html:33
+#: mailu/ui/templates/fetch/list.html:33 mailu/ui/templates/relay/list.html:29
+#: mailu/ui/templates/user/list.html:33
+msgid "Edit"
+msgstr "Редагувати"
+
+#: mailu/ui/templates/alternative/create.html:4
+msgid "Create alternative domain"
+msgstr "Створити альтернативний домен"
+
+#: mailu/ui/templates/alternative/list.html:4
+msgid "Alternative domain list"
+msgstr "Альтернативний список доменів"
+
+#: mailu/ui/templates/alternative/list.html:12
+msgid "Add alternative"
+msgstr "Додати альтернативу"
+
+#: mailu/ui/templates/alternative/list.html:20
+msgid "Name"
+msgstr "Ім'я"
+
+#: mailu/ui/templates/domain/create.html:4
+#: mailu/ui/templates/domain/list.html:9
+msgid "New domain"
+msgstr "Новий домен"
+
+#: mailu/ui/templates/domain/details.html:4
+msgid "Domain details"
+msgstr "Інформація про домен"
+
+#: mailu/ui/templates/domain/details.html:15
+msgid "Regenerate keys"
+msgstr "Регенерувати ключі"
+
+#: mailu/ui/templates/domain/details.html:17
+msgid "Generate keys"
+msgstr "Згенерувати ключі"
+
+#: mailu/ui/templates/domain/details.html:30
+msgid "DNS MX entry"
+msgstr "Запис DNS MX"
+
+#: mailu/ui/templates/domain/details.html:34
+msgid "DNS SPF entries"
+msgstr "Записи DNS SPF"
+
+#: mailu/ui/templates/domain/details.html:40
+msgid "DKIM public key"
+msgstr "Відкритий ключ DKIM"
+
+#: mailu/ui/templates/domain/details.html:44
+msgid "DNS DKIM entry"
+msgstr "Запис DNS DKIM"
+
+#: mailu/ui/templates/domain/details.html:48
+msgid "DNS DMARC entry"
+msgstr "Запис DNS DMARC"
+
+#: mailu/ui/templates/domain/details.html:58
+msgid "DNS TLSA entry"
+msgstr "Запис DNS TLSA"
+
+#: mailu/ui/templates/domain/details.html:63
+msgid "DNS client auto-configuration entries"
+msgstr "Записи автоконфігурації DNS-клієнта"
+
+#: mailu/ui/templates/domain/edit.html:4
+msgid "Edit domain"
+msgstr "Редагувати домен"
+
+#: mailu/ui/templates/domain/list.html:4
+msgid "Domain list"
+msgstr "Список доменів"
+
+#: mailu/ui/templates/domain/list.html:18
+msgid "Manage"
+msgstr "Керувати"
+
+#: mailu/ui/templates/domain/list.html:20
+msgid "Mailbox count"
+msgstr "Кількість поштових скриньок"
+
+#: mailu/ui/templates/domain/list.html:21
+msgid "Alias count"
+msgstr "Кількість псевдонімів"
+
+#: mailu/ui/templates/domain/list.html:31
+msgid "Details"
+msgstr "Подробиці"
+
+#: mailu/ui/templates/domain/list.html:38
+msgid "Users"
+msgstr "Користувачі"
+
+#: mailu/ui/templates/domain/list.html:39
+msgid "Aliases"
+msgstr "Скорочення"
+
+#: mailu/ui/templates/domain/list.html:40
+msgid "Managers"
+msgstr "Менеджери"
+
+#: mailu/ui/templates/domain/list.html:42
+msgid "Alternatives"
+msgstr "Альтернативи"
+
+#: mailu/ui/templates/domain/signup.html:13
+msgid ""
+"In order to register a new domain, you must first setup the\n"
+"    domain zone so that the domain <code>MX</code> points to this server"
+msgstr ""
+"Для того, щоб зареєструвати новий домен, необхідно\n"
+"    спочатку налаштувати доменну <code>MX</code> так,\n"
+"    щоб домен вказував на цей сервер"
+
+#: mailu/ui/templates/domain/signup.html:18
+msgid ""
+"If you do not know how to setup an <code>MX</code> record for your DNS "
+"zone,\n"
+"    please contact your DNS provider or administrator. Also, please wait a\n"
+"    couple minutes after the <code>MX</code> is set so the local server "
+"cache\n"
+"    expires."
+msgstr ""
+"Якщо ви не знаєте, як налаштувати <code>MX</code>-запис для вашої DNS-зони,\n"
+"    зверніться до вашого DNS-провайдера або адміністратора. Також, будь "
+"ласка, \n"
+"    зачекайте кілька хвилин після встановлення MX, щоб закінчився термін дії "
+"кешу\n"
+"    локального сервера."
+
+#: mailu/ui/templates/fetch/create.html:4
+msgid "Add a fetched account"
+msgstr "Додати знайдений обліковий запис"
+
+#: mailu/ui/templates/fetch/edit.html:4
+msgid "Update a fetched account"
+msgstr "Оновити знайдений обліковий запис"
+
+#: mailu/ui/templates/fetch/list.html:12
+msgid "Add an account"
+msgstr "Додати обліковий запис"
+
+#: mailu/ui/templates/fetch/list.html:20
+msgid "Endpoint"
+msgstr "Кінцева точка"
+
+#: mailu/ui/templates/fetch/list.html:22
+msgid "Keep emails"
+msgstr "Зберігати електронні листи"
+
+#: mailu/ui/templates/fetch/list.html:23
+msgid "Last check"
+msgstr "Остання перевірка"
+
+#: mailu/ui/templates/fetch/list.html:24
+msgid "Status"
+msgstr "Статус"
+
+#: mailu/ui/templates/fetch/list.html:38
+msgid "yes"
+msgstr "так"
+
+#: mailu/ui/templates/fetch/list.html:38
+msgid "no"
+msgstr "ні"
+
+#: mailu/ui/templates/manager/create.html:4
+msgid "Add a manager"
+msgstr "Додати менеджера"
+
+#: mailu/ui/templates/manager/list.html:4
+msgid "Manager list"
+msgstr "Список менеджерів"
+
+#: mailu/ui/templates/manager/list.html:12
+msgid "Add manager"
+msgstr "Додати менеджера"
+
+#: mailu/ui/templates/relay/create.html:4
+msgid "New relay domain"
+msgstr "Новий домен ретрансляції"
+
+#: mailu/ui/templates/relay/edit.html:4
+msgid "Edit relayed domain"
+msgstr "Редагувати домен ретрансляції"
+
+#: mailu/ui/templates/relay/list.html:4
+msgid "Relayed domain list"
+msgstr "Список ретрансляційний  доменів"
+
+#: mailu/ui/templates/relay/list.html:9
+msgid "New relayed domain"
+msgstr "Новий ретрансляційний домен"
+
+#: mailu/ui/templates/token/create.html:4
+msgid "Create an authentication token"
+msgstr "Створити токен автентифікації"
+
+#: mailu/ui/templates/token/list.html:12
+msgid "New token"
+msgstr "Новий токен"
+
+#: mailu/ui/templates/user/create.html:4
+msgid "New user"
+msgstr "Новий користувач"
+
+#: mailu/ui/templates/user/create.html:15
+msgid "General"
+msgstr "Основне"
+
+#: mailu/ui/templates/user/create.html:23
+msgid "Features and quotas"
+msgstr "Можливості та квоти"
+
+#: mailu/ui/templates/user/edit.html:4
+msgid "Edit user"
+msgstr "Редагувати користувача"
+
+#: mailu/ui/templates/user/list.html:4
+msgid "User list"
+msgstr "Список користувачів"
+
+#: mailu/ui/templates/user/list.html:12
+msgid "Add user"
+msgstr "Додати користувача"
+
+#: mailu/ui/templates/user/list.html:20 mailu/ui/templates/user/settings.html:4
+msgid "User settings"
+msgstr "Налаштування користувача"
+
+#: mailu/ui/templates/user/list.html:22
+msgid "Features"
+msgstr "Можливості"
+
+#: mailu/ui/templates/user/password.html:4
+msgid "Password update"
+msgstr "Оновити пароль"
+
+#: mailu/ui/templates/user/reply.html:4
+msgid "Automatic reply"
+msgstr "Увімкнути автоматичну відповідь"
+
+#: mailu/ui/templates/user/settings.html:27
+msgid "Auto-forward"
+msgstr "Автоматичне пересилання"
+
+#: mailu/ui/templates/user/signup_domain.html:8
+msgid "pick a domain for the new account"
+msgstr "вибрати домен для нового облікового запису"
+
+#: mailu/ui/templates/user/signup_domain.html:14
+msgid "Domain"
+msgstr "Домен"
+
+#: mailu/ui/templates/user/signup_domain.html:15
+msgid "Available slots"
+msgstr "Наявні слоти"
diff --git a/core/admin/mailu/translations/zh_TW/LC_MESSAGES/messages.po b/core/admin/mailu/translations/zh_TW/LC_MESSAGES/messages.po
new file mode 100644
index 00000000..cfe42403
--- /dev/null
+++ b/core/admin/mailu/translations/zh_TW/LC_MESSAGES/messages.po
@@ -0,0 +1,716 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: Mailu\n"
+"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
+"POT-Creation-Date: 2023-09-13 15:04+0800\n"
+"PO-Revision-Date: 2023-09-19 13:48+0800\n"
+"Last-Translator: Jonathan Tsai <tryweb@ichiayi.com>\n"
+"Language-Team: \n"
+"Language: zh_TW\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"Generated-By: Babel 2.3.4\n"
+"X-Generator: Poedit 3.3.2\n"
+
+#: mailu/sso/forms.py:8 mailu/ui/forms.py:79
+msgid "E-mail"
+msgstr "電子郵件"
+
+#: mailu/sso/forms.py:9 mailu/ui/forms.py:80 mailu/ui/forms.py:93 mailu/ui/forms.py:112
+#: mailu/ui/forms.py:166 mailu/ui/templates/client.html:32
+#: mailu/ui/templates/client.html:57
+msgid "Password"
+msgstr "密碼"
+
+#: mailu/sso/forms.py:10 mailu/sso/forms.py:11 mailu/sso/templates/login.html:4
+#: mailu/ui/templates/sidebar.html:142
+msgid "Sign in"
+msgstr "登入"
+
+#: mailu/sso/templates/base_sso.html:8 mailu/ui/templates/base.html:8
+msgid "Admin page for"
+msgstr "系統管理頁面 -"
+
+#: mailu/sso/templates/base_sso.html:19 mailu/ui/templates/base.html:19
+msgid "toggle sidebar"
+msgstr "切換側邊欄"
+
+#: mailu/sso/templates/base_sso.html:37 mailu/ui/templates/base.html:37
+msgid "change language"
+msgstr "切換語言"
+
+#: mailu/sso/templates/sidebar_sso.html:4 mailu/ui/templates/sidebar.html:94
+msgid "Go to"
+msgstr "跳至"
+
+#: mailu/sso/templates/sidebar_sso.html:9 mailu/ui/templates/client.html:4
+#: mailu/ui/templates/sidebar.html:50 mailu/ui/templates/sidebar.html:107
+msgid "Client setup"
+msgstr "用戶端設定"
+
+#: mailu/sso/templates/sidebar_sso.html:16 mailu/ui/templates/sidebar.html:114
+msgid "Website"
+msgstr "網站"
+
+#: mailu/sso/templates/sidebar_sso.html:22 mailu/ui/templates/sidebar.html:120
+msgid "Help"
+msgstr "輔助"
+
+#: mailu/sso/templates/sidebar_sso.html:35 mailu/ui/templates/domain/signup.html:4
+#: mailu/ui/templates/sidebar.html:127
+msgid "Register a domain"
+msgstr "註冊網域"
+
+#: mailu/sso/templates/sidebar_sso.html:49 mailu/ui/forms.py:95
+#: mailu/ui/templates/sidebar.html:149 mailu/ui/templates/user/signup.html:4
+#: mailu/ui/templates/user/signup_domain.html:4
+msgid "Sign up"
+msgstr "註冊"
+
+#: mailu/ui/forms.py:33 mailu/ui/forms.py:36
+msgid "Invalid email address."
+msgstr "電子郵件格式錯誤"
+
+#: mailu/ui/forms.py:45
+msgid "Confirm"
+msgstr "確定"
+
+#: mailu/ui/forms.py:48 mailu/ui/forms.py:58 mailu/ui/templates/domain/details.html:26
+#: mailu/ui/templates/domain/list.html:19 mailu/ui/templates/relay/list.html:18
+msgid "Domain name"
+msgstr "網域"
+
+#: mailu/ui/forms.py:49
+msgid "Maximum user count"
+msgstr "最大用戶數"
+
+#: mailu/ui/forms.py:50
+msgid "Maximum alias count"
+msgstr "最大別名數"
+
+#: mailu/ui/forms.py:51
+msgid "Maximum user quota"
+msgstr "最大用戶配額"
+
+#: mailu/ui/forms.py:52
+msgid "Enable sign-up"
+msgstr "啟用註冊"
+
+#: mailu/ui/forms.py:53 mailu/ui/forms.py:74 mailu/ui/forms.py:86 mailu/ui/forms.py:132
+#: mailu/ui/forms.py:144 mailu/ui/templates/alias/list.html:22
+#: mailu/ui/templates/domain/list.html:22 mailu/ui/templates/relay/list.html:20
+#: mailu/ui/templates/token/list.html:20 mailu/ui/templates/user/list.html:24
+msgid "Comment"
+msgstr "說明"
+
+#: mailu/ui/forms.py:54 mailu/ui/forms.py:68 mailu/ui/forms.py:75 mailu/ui/forms.py:88
+#: mailu/ui/forms.py:136 mailu/ui/forms.py:145
+msgid "Save"
+msgstr "儲存"
+
+#: mailu/ui/forms.py:59
+msgid "Initial admin"
+msgstr "初始管理員"
+
+#: mailu/ui/forms.py:60
+msgid "Admin password"
+msgstr "管理員密碼"
+
+#: mailu/ui/forms.py:61 mailu/ui/forms.py:81 mailu/ui/forms.py:94
+msgid "Confirm password"
+msgstr "確認密碼"
+
+#: mailu/ui/forms.py:63
+msgid "Create"
+msgstr "建立"
+
+#: mailu/ui/forms.py:67
+msgid "Alternative name"
+msgstr "替代名稱"
+
+#: mailu/ui/forms.py:72
+msgid "Relayed domain name"
+msgstr "轉發網網域稱"
+
+#: mailu/ui/forms.py:73 mailu/ui/templates/relay/list.html:19
+msgid "Remote host"
+msgstr "遠端主機"
+
+#: mailu/ui/forms.py:82 mailu/ui/templates/user/list.html:23
+#: mailu/ui/templates/user/signup_domain.html:16
+msgid "Quota"
+msgstr "配額"
+
+#: mailu/ui/forms.py:83
+msgid "Allow IMAP access"
+msgstr "允許IMAP存取"
+
+#: mailu/ui/forms.py:84
+msgid "Allow POP3 access"
+msgstr "允許POP3存取"
+
+#: mailu/ui/forms.py:85 mailu/ui/forms.py:101 mailu/ui/templates/user/settings.html:15
+msgid "Displayed name"
+msgstr "顯示名稱"
+
+#: mailu/ui/forms.py:87
+msgid "Enabled"
+msgstr "啟用"
+
+#: mailu/ui/forms.py:92
+msgid "Email address"
+msgstr "電郵地址"
+
+#: mailu/ui/forms.py:102
+msgid "Enable spam filter"
+msgstr "啟用垃圾郵件過濾"
+
+#: mailu/ui/forms.py:103
+msgid "Enable marking spam mails as read"
+msgstr "啟用標註垃圾信已讀"
+
+#: mailu/ui/forms.py:104
+msgid "Spam filter tolerance"
+msgstr "垃圾郵件過濾器容忍度"
+
+#: mailu/ui/forms.py:105
+msgid "Enable forwarding"
+msgstr "啟用轉寄"
+
+#: mailu/ui/forms.py:106
+msgid "Keep a copy of the emails"
+msgstr "保留電子郵件副本"
+
+#: mailu/ui/forms.py:107 mailu/ui/forms.py:143 mailu/ui/templates/alias/list.html:21
+msgid "Destination"
+msgstr "目標地址"
+
+#: mailu/ui/forms.py:108
+msgid "Save settings"
+msgstr "儲存設定"
+
+#: mailu/ui/forms.py:113
+msgid "Password check"
+msgstr "檢查密碼"
+
+#: mailu/ui/forms.py:114 mailu/ui/templates/sidebar.html:25
+msgid "Update password"
+msgstr "修改密碼"
+
+#: mailu/ui/forms.py:118
+msgid "Enable automatic reply"
+msgstr "啟用自動回信"
+
+#: mailu/ui/forms.py:119
+msgid "Reply subject"
+msgstr "回信主旨"
+
+#: mailu/ui/forms.py:120
+msgid "Reply body"
+msgstr "回信內文"
+
+#: mailu/ui/forms.py:122
+msgid "Start of vacation"
+msgstr "休假開始"
+
+#: mailu/ui/forms.py:123
+msgid "End of vacation"
+msgstr "休假結束"
+
+#: mailu/ui/forms.py:124
+msgid "Update"
+msgstr "修改"
+
+#: mailu/ui/forms.py:129
+msgid "Your token (write it down, as it will never be displayed again)"
+msgstr "您的 Token（請記下，因為之後不再顯示）"
+
+#: mailu/ui/forms.py:134 mailu/ui/templates/token/list.html:21
+msgid "Authorized IP"
+msgstr "授權IP"
+
+#: mailu/ui/forms.py:140
+msgid "Alias"
+msgstr "別名"
+
+#: mailu/ui/forms.py:142
+msgid "Use SQL LIKE Syntax (e.g. for catch-all aliases)"
+msgstr "使用SQL LIKE語法（例如，用於萬用字符別名）"
+
+#: mailu/ui/forms.py:149
+msgid "Admin email"
+msgstr "系統管理員信箱"
+
+#: mailu/ui/forms.py:150 mailu/ui/forms.py:155 mailu/ui/forms.py:168
+msgid "Submit"
+msgstr "送出"
+
+#: mailu/ui/forms.py:154
+msgid "Manager email"
+msgstr "管理員信箱"
+
+#: mailu/ui/forms.py:159
+msgid "Protocol"
+msgstr "協定"
+
+#: mailu/ui/forms.py:162
+msgid "Hostname or IP"
+msgstr "主機名稱或IP"
+
+#: mailu/ui/forms.py:163 mailu/ui/templates/client.html:20
+#: mailu/ui/templates/client.html:45
+msgid "TCP port"
+msgstr "TCP埠口"
+
+#: mailu/ui/forms.py:164
+msgid "Enable TLS"
+msgstr "啟用TLS"
+
+#: mailu/ui/forms.py:165 mailu/ui/templates/client.html:28
+#: mailu/ui/templates/client.html:53 mailu/ui/templates/fetch/list.html:21
+msgid "Username"
+msgstr "用户名"
+
+#: mailu/ui/forms.py:167
+msgid "Keep emails on the server"
+msgstr "在主機上保留電子郵件"
+
+#: mailu/ui/forms.py:172
+msgid "Announcement subject"
+msgstr "公告主旨"
+
+#: mailu/ui/forms.py:174
+msgid "Announcement body"
+msgstr "公告內文"
+
+#: mailu/ui/forms.py:176
+msgid "Send"
+msgstr "寄出"
+
+#: mailu/ui/templates/announcement.html:4
+msgid "Public announcement"
+msgstr "公告通知"
+
+#: mailu/ui/templates/antispam.html:4 mailu/ui/templates/sidebar.html:80
+#: mailu/ui/templates/user/settings.html:19
+msgid "Antispam"
+msgstr "反垃圾郵件"
+
+#: mailu/ui/templates/antispam.html:8
+msgid "RSPAMD status page"
+msgstr "RSPAMD 狀態頁面"
+
+#: mailu/ui/templates/client.html:8
+msgid "configure your email client"
+msgstr "設定電子郵件用戶端"
+
+#: mailu/ui/templates/client.html:13
+msgid "Incoming mail"
+msgstr "接收郵件"
+
+#: mailu/ui/templates/client.html:16 mailu/ui/templates/client.html:41
+msgid "Mail protocol"
+msgstr "郵件協議"
+
+#: mailu/ui/templates/client.html:24 mailu/ui/templates/client.html:49
+msgid "Server name"
+msgstr "主機名稱"
+
+#: mailu/ui/templates/client.html:38
+msgid "Outgoing mail"
+msgstr "發送郵件"
+
+#: mailu/ui/templates/confirm.html:4
+msgid "Confirm action"
+msgstr "確認動作"
+
+#: mailu/ui/templates/confirm.html:13
+#, python-format
+msgid "You are about to %(action)s. Please confirm your action."
+msgstr "即將執行%(action)s，請確認您的動作。"
+
+#: mailu/ui/templates/docker-error.html:4
+msgid "Docker error"
+msgstr "Docker錯誤"
+
+#: mailu/ui/templates/docker-error.html:12
+msgid "An error occurred while talking to the Docker server."
+msgstr "Docker主機通信出錯"
+
+#: mailu/ui/templates/macros.html:129
+msgid "copy to clipboard"
+msgstr "複製到剪貼簿"
+
+#: mailu/ui/templates/sidebar.html:15
+msgid "My account"
+msgstr "我的帳號"
+
+#: mailu/ui/templates/sidebar.html:19 mailu/ui/templates/user/list.html:37
+msgid "Settings"
+msgstr "設定"
+
+#: mailu/ui/templates/sidebar.html:31 mailu/ui/templates/user/list.html:38
+msgid "Auto-reply"
+msgstr "自動回信"
+
+#: mailu/ui/templates/fetch/list.html:4 mailu/ui/templates/sidebar.html:37
+#: mailu/ui/templates/user/list.html:39
+msgid "Fetched accounts"
+msgstr "代收帳號"
+
+#: mailu/ui/templates/sidebar.html:43 mailu/ui/templates/token/list.html:4
+msgid "Authentication tokens"
+msgstr "認證Token"
+
+#: mailu/ui/templates/sidebar.html:56
+msgid "Administration"
+msgstr "管理"
+
+#: mailu/ui/templates/sidebar.html:62
+msgid "Announcement"
+msgstr "公告"
+
+#: mailu/ui/templates/sidebar.html:68
+msgid "Administrators"
+msgstr "系統管理員"
+
+#: mailu/ui/templates/sidebar.html:74
+msgid "Relayed domains"
+msgstr "轉發網域"
+
+#: mailu/ui/templates/sidebar.html:88
+msgid "Mail domains"
+msgstr "郵件網域"
+
+#: mailu/ui/templates/sidebar.html:99
+msgid "Webmail"
+msgstr "網頁信箱"
+
+#: mailu/ui/templates/sidebar.html:135
+msgid "Sign out"
+msgstr "登出"
+
+#: mailu/ui/templates/working.html:4
+msgid "We are still working on this feature!"
+msgstr "這個功能仍在開發中……"
+
+#: mailu/ui/templates/admin/create.html:4
+msgid "Add a global administrator"
+msgstr "新增全域系統管理員"
+
+#: mailu/ui/templates/admin/list.html:4
+msgid "Global administrators"
+msgstr "全域系統管理員"
+
+#: mailu/ui/templates/admin/list.html:9
+msgid "Add administrator"
+msgstr "新增系統管理員"
+
+#: mailu/ui/templates/admin/list.html:17 mailu/ui/templates/alias/list.html:19
+#: mailu/ui/templates/alternative/list.html:19 mailu/ui/templates/domain/list.html:17
+#: mailu/ui/templates/fetch/list.html:19 mailu/ui/templates/manager/list.html:19
+#: mailu/ui/templates/relay/list.html:17 mailu/ui/templates/token/list.html:19
+#: mailu/ui/templates/user/list.html:19
+msgid "Actions"
+msgstr "操作"
+
+#: mailu/ui/templates/admin/list.html:18 mailu/ui/templates/alias/list.html:20
+#: mailu/ui/templates/manager/list.html:20 mailu/ui/templates/user/list.html:21
+msgid "Email"
+msgstr "電子郵件"
+
+#: mailu/ui/templates/admin/list.html:25 mailu/ui/templates/alias/list.html:32
+#: mailu/ui/templates/alternative/list.html:29 mailu/ui/templates/domain/list.html:34
+#: mailu/ui/templates/fetch/list.html:34 mailu/ui/templates/manager/list.html:27
+#: mailu/ui/templates/relay/list.html:30 mailu/ui/templates/token/list.html:30
+#: mailu/ui/templates/user/list.html:34
+msgid "Delete"
+msgstr "刪除"
+
+#: mailu/ui/templates/alias/create.html:4
+msgid "Create alias"
+msgstr "建立別名"
+
+#: mailu/ui/templates/alias/edit.html:4
+msgid "Edit alias"
+msgstr "修改別名"
+
+#: mailu/ui/templates/alias/list.html:4
+msgid "Alias list"
+msgstr "別名列表"
+
+#: mailu/ui/templates/alias/list.html:12
+msgid "Add alias"
+msgstr "新增別名"
+
+#: mailu/ui/templates/alias/list.html:23 mailu/ui/templates/alternative/list.html:21
+#: mailu/ui/templates/domain/list.html:23 mailu/ui/templates/fetch/list.html:25
+#: mailu/ui/templates/relay/list.html:21 mailu/ui/templates/token/list.html:22
+#: mailu/ui/templates/user/list.html:25
+msgid "Created"
+msgstr "已建立"
+
+#: mailu/ui/templates/alias/list.html:24 mailu/ui/templates/alternative/list.html:22
+#: mailu/ui/templates/domain/list.html:24 mailu/ui/templates/fetch/list.html:26
+#: mailu/ui/templates/relay/list.html:22 mailu/ui/templates/token/list.html:23
+#: mailu/ui/templates/user/list.html:26
+msgid "Last edit"
+msgstr "上次修改"
+
+#: mailu/ui/templates/alias/list.html:31 mailu/ui/templates/domain/list.html:33
+#: mailu/ui/templates/fetch/list.html:33 mailu/ui/templates/relay/list.html:29
+#: mailu/ui/templates/user/list.html:33
+msgid "Edit"
+msgstr "修改"
+
+#: mailu/ui/templates/alternative/create.html:4
+msgid "Create alternative domain"
+msgstr "建立替代網域"
+
+#: mailu/ui/templates/alternative/list.html:4
+msgid "Alternative domain list"
+msgstr "替代網域列表"
+
+#: mailu/ui/templates/alternative/list.html:12
+msgid "Add alternative"
+msgstr "新增替代條目"
+
+#: mailu/ui/templates/alternative/list.html:20
+msgid "Name"
+msgstr "名稱"
+
+#: mailu/ui/templates/domain/create.html:4 mailu/ui/templates/domain/list.html:9
+msgid "New domain"
+msgstr "新網域"
+
+#: mailu/ui/templates/domain/details.html:4
+msgid "Domain details"
+msgstr "網域詳細資訊"
+
+#: mailu/ui/templates/domain/details.html:15
+msgid "Regenerate keys"
+msgstr "重新產生密鑰"
+
+#: mailu/ui/templates/domain/details.html:17
+msgid "Generate keys"
+msgstr "產生密鑰"
+
+#: mailu/ui/templates/domain/details.html:30
+msgid "DNS MX entry"
+msgstr "DNS MX條目"
+
+#: mailu/ui/templates/domain/details.html:34
+msgid "DNS SPF entries"
+msgstr "DNS SPF條目"
+
+#: mailu/ui/templates/domain/details.html:40
+msgid "DKIM public key"
+msgstr "DKIM公鑰"
+
+#: mailu/ui/templates/domain/details.html:44
+msgid "DNS DKIM entry"
+msgstr "DNS DKIM條目"
+
+#: mailu/ui/templates/domain/details.html:48
+msgid "DNS DMARC entry"
+msgstr "DNS DMARC條目"
+
+#: mailu/ui/templates/domain/details.html:58
+msgid "DNS TLSA entry"
+msgstr "DNS TLSA條目"
+
+#: mailu/ui/templates/domain/details.html:63
+msgid "DNS client auto-configuration entries"
+msgstr "DNS 客戶端自動設定條目"
+
+#: mailu/ui/templates/domain/edit.html:4
+msgid "Edit domain"
+msgstr "修改網域"
+
+#: mailu/ui/templates/domain/list.html:4
+msgid "Domain list"
+msgstr "網域列表"
+
+#: mailu/ui/templates/domain/list.html:18
+msgid "Manage"
+msgstr "管理"
+
+#: mailu/ui/templates/domain/list.html:20
+msgid "Mailbox count"
+msgstr "信箱数量"
+
+#: mailu/ui/templates/domain/list.html:21
+msgid "Alias count"
+msgstr "別名数量"
+
+#: mailu/ui/templates/domain/list.html:31
+msgid "Details"
+msgstr "詳細資訊"
+
+#: mailu/ui/templates/domain/list.html:38
+msgid "Users"
+msgstr "用户"
+
+#: mailu/ui/templates/domain/list.html:39
+msgid "Aliases"
+msgstr "別名"
+
+#: mailu/ui/templates/domain/list.html:40
+msgid "Managers"
+msgstr "管理員"
+
+#: mailu/ui/templates/domain/list.html:42
+msgid "Alternatives"
+msgstr "替代方案"
+
+#: mailu/ui/templates/domain/signup.html:13
+msgid ""
+"In order to register a new domain, you must first setup the\n"
+"    domain zone so that the domain <code>MX</code> points to this server"
+msgstr "為了註冊新網域，您必須先設定網域，並將網域 <code>MX</code> 指向這伺服主機。"
+
+#: mailu/ui/templates/domain/signup.html:18
+msgid ""
+"If you do not know how to setup an <code>MX</code> record for your DNS zone,\n"
+"    please contact your DNS provider or administrator. Also, please wait a\n"
+"    couple minutes after the <code>MX</code> is set so the local server cache\n"
+"    expires."
+msgstr ""
+"如果您不知道如何為您的 DNS 網域設定 <code>MX</code> 記錄，請聯繫您的 DNS 提供商或管理員。"
+"此外，請在設定 <code>MX</code> 之後等待幾分鐘 讓本地伺服主機的快取過期。"
+
+#: mailu/ui/templates/fetch/create.html:4
+msgid "Add a fetched account"
+msgstr "新增代收帳號"
+
+#: mailu/ui/templates/fetch/edit.html:4
+msgid "Update a fetched account"
+msgstr "修改代收帳號"
+
+#: mailu/ui/templates/fetch/list.html:12
+msgid "Add an account"
+msgstr "新增一個帳號"
+
+#: mailu/ui/templates/fetch/list.html:20
+msgid "Endpoint"
+msgstr "端點"
+
+#: mailu/ui/templates/fetch/list.html:22
+msgid "Keep emails"
+msgstr "保留電子郵件"
+
+#: mailu/ui/templates/fetch/list.html:23
+msgid "Last check"
+msgstr "上次檢查"
+
+#: mailu/ui/templates/fetch/list.html:24
+msgid "Status"
+msgstr "狀態"
+
+#: mailu/ui/templates/fetch/list.html:38
+msgid "yes"
+msgstr "是"
+
+#: mailu/ui/templates/fetch/list.html:38
+msgid "no"
+msgstr "否"
+
+#: mailu/ui/templates/manager/create.html:4
+msgid "Add a manager"
+msgstr "新增管理員"
+
+#: mailu/ui/templates/manager/list.html:4
+msgid "Manager list"
+msgstr "管理員列表"
+
+#: mailu/ui/templates/manager/list.html:12
+msgid "Add manager"
+msgstr "新增管理員"
+
+#: mailu/ui/templates/relay/create.html:4
+msgid "New relay domain"
+msgstr "新的轉發網域"
+
+#: mailu/ui/templates/relay/edit.html:4
+msgid "Edit relayed domain"
+msgstr "修改轉發網域"
+
+#: mailu/ui/templates/relay/list.html:4
+msgid "Relayed domain list"
+msgstr "轉發網域列表"
+
+#: mailu/ui/templates/relay/list.html:9
+msgid "New relayed domain"
+msgstr "新的轉發網域"
+
+#: mailu/ui/templates/token/create.html:4
+msgid "Create an authentication token"
+msgstr "建立一個認證Token"
+
+#: mailu/ui/templates/token/list.html:12
+msgid "New token"
+msgstr "新Token"
+
+#: mailu/ui/templates/user/create.html:4
+msgid "New user"
+msgstr "新用户"
+
+#: mailu/ui/templates/user/create.html:15
+msgid "General"
+msgstr "通用"
+
+#: mailu/ui/templates/user/create.html:23
+msgid "Features and quotas"
+msgstr "功能和配額"
+
+#: mailu/ui/templates/user/edit.html:4
+msgid "Edit user"
+msgstr "修改用户"
+
+#: mailu/ui/templates/user/list.html:4
+msgid "User list"
+msgstr "用户列表"
+
+#: mailu/ui/templates/user/list.html:12
+msgid "Add user"
+msgstr "新增用户"
+
+#: mailu/ui/templates/user/list.html:20 mailu/ui/templates/user/settings.html:4
+msgid "User settings"
+msgstr "用户設定"
+
+#: mailu/ui/templates/user/list.html:22
+msgid "Features"
+msgstr "功能"
+
+#: mailu/ui/templates/user/password.html:4
+msgid "Password update"
+msgstr "修改密码"
+
+#: mailu/ui/templates/user/reply.html:4
+msgid "Automatic reply"
+msgstr "自動回信"
+
+#: mailu/ui/templates/user/settings.html:27
+msgid "Auto-forward"
+msgstr "自動轉寄"
+
+#: mailu/ui/templates/user/signup_domain.html:8
+msgid "pick a domain for the new account"
+msgstr "為新用戶選擇一個網域"
+
+#: mailu/ui/templates/user/signup_domain.html:14
+msgid "Domain"
+msgstr "網域"
+
+#: mailu/ui/templates/user/signup_domain.html:15
+msgid "Available slots"
+msgstr "剩餘名額"
+
+#~ msgid "to access the administration tools"
+#~ msgstr "存取管理工具"
+
+#~ msgid "Forward emails"
+#~ msgstr "轉寄郵件"
diff --git a/core/admin/mailu/ui/templates/client.html b/core/admin/mailu/ui/templates/client.html
index 593fd258..304de179 100644
--- a/core/admin/mailu/ui/templates/client.html
+++ b/core/admin/mailu/ui/templates/client.html
@@ -60,6 +60,6 @@
 {%- endcall %}
 <blockquote>
   {% trans %}If you use an Apple device,{% endtrans %}
-  <a href="/apple.mobileconfig">{% trans %}click here to autoconfigure it.{% endtrans %}</a>
+  <a href="/apple.mobileconfig">{% trans %}click here to auto-configure it.{% endtrans %}</a>
 </blockquote>
 {%- endblock %}
diff --git a/core/admin/mailu/ui/templates/domain/details.html b/core/admin/mailu/ui/templates/domain/details.html
index 28f3f570..74657c28 100644
--- a/core/admin/mailu/ui/templates/domain/details.html
+++ b/core/admin/mailu/ui/templates/domain/details.html
@@ -10,13 +10,13 @@
 
 {%- block main_action %}
 {%- if current_user.global_admin %}
-<a class="btn btn-primary float-right" href="{{ url_for(".domain_genkeys", domain_name=domain.name) }}">
+<a class="btn btn-primary btn-group float-right" href="{{ url_for(".domain_genkeys", domain_name=domain.name) }}">
   {%- if domain.dkim_publickey %}
   {% trans %}Regenerate keys{% endtrans %}
   {%- else %}
   {% trans %}Generate keys{% endtrans %}
   {%- endif %}
-</a>
+</a><a style="margin-right: 5px;" class="btn btn-primary btn-group float-right" href="{{ url_for(".domain_download_zonefile", domain_name=domain.name) }}">  {% trans %}Download zonefile{% endtrans %}</a>
 {%- endif %}
 {%- endblock %}
 
@@ -36,10 +36,6 @@
   </td>
 </tr>
 {%- if domain.dkim_publickey %}
-<tr>
-  <th>{% trans %}DKIM public key{% endtrans %}</th>
-  <td>{{ macros.clip("dkim_key") }}<pre id="dkim_key" class="pre-config border bg-light">{{ domain.dkim_publickey }}</pre></td>
-</tr>
 <tr>
   <th>{% trans %}DNS DKIM entry{% endtrans %}</th>
   <td>{{ macros.clip("dns_dkim") }}<pre id="dns_dkim" class="pre-config border bg-light">{{ domain.dns_dkim }}</pre></td>
diff --git a/core/admin/mailu/ui/views/domains.py b/core/admin/mailu/ui/views/domains.py
index 4cdd830a..dcd1aedd 100644
--- a/core/admin/mailu/ui/views/domains.py
+++ b/core/admin/mailu/ui/views/domains.py
@@ -70,6 +70,27 @@ def domain_details(domain_name):
     domain = models.Domain.query.get(domain_name) or flask.abort(404)
     return flask.render_template('domain/details.html', domain=domain)
 
+@ui.route('/domain/details/<domain_name>/zonefile', methods=['GET'])
+@access.domain_admin(models.Domain, 'domain_name')
+def domain_download_zonefile(domain_name):
+    domain = models.Domain.query.get(domain_name) or flask.abort(404)
+    res = [domain.dns_mx, domain.dns_spf]
+    if domain.dkim_publickey:
+        record = domain.dns_dkim.split('"', 1)[0].strip()
+        txt = f'v=DKIM1; k=rsa; p={domain.dkim_publickey}'
+        txt = ' '.join(f'"{txt[p:p+250]}"' for p in range(0, len(txt), 250))
+        res.append(f'{record} {txt}')
+        res.append(domain.dns_dmarc)
+    if domain.dns_tlsa:
+        res.append(domain.dns_tlsa)
+    res.extend(domain.dns_autoconfig)
+    res.append("")
+    return flask.Response(
+        "\n".join(res),
+        content_type="text/plain",
+        headers={"Content-disposition": f"attachment; filename={domain.name}-zonefile.txt"}
+    )
+
 
 @ui.route('/domain/genkeys/<domain_name>', methods=['GET', 'POST'])
 @access.domain_admin(models.Domain, 'domain_name')
diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py
index 541ffb4d..9f75c233 100644
--- a/core/admin/mailu/utils.py
+++ b/core/admin/mailu/utils.py
@@ -100,7 +100,6 @@ def is_ip_in_subnet(ip, subnets=[]):
 # Application translation
 babel = flask_babel.Babel()
 
-@babel.localeselector
 def get_locale():
     """ selects locale for translation """
     if not app.config['SESSION_COOKIE_NAME'] in flask.request.cookies:
@@ -310,7 +309,7 @@ class MailuSessionConfig:
     # default size of session key parts
     uid_bits = 64 # default if SESSION_KEY_BITS is not set in config
     sid_bits = 128 # for now. must be multiple of 8!
-    time_bits = 32 # for now. must be multiple of 8!  
+    time_bits = 32 # for now. must be multiple of 8!
 
     def __init__(self, app=None):
 
@@ -400,7 +399,7 @@ class MailuSessionInterface(SessionInterface):
             if session.modified:
                 session.delete()
                 response.delete_cookie(
-                    app.session_cookie_name,
+                    app.config['SESSION_COOKIE_NAME'],
                     domain=self.get_cookie_domain(app),
                     path=self.get_cookie_path(app),
                 )
@@ -413,7 +412,7 @@ class MailuSessionInterface(SessionInterface):
         # save session and update cookie if necessary
         if session.save():
             response.set_cookie(
-                app.session_cookie_name,
+               app.config['SESSION_COOKIE_NAME'],
                 session.sid,
                 expires=datetime.now()+timedelta(seconds=app.config['PERMANENT_SESSION_LIFETIME']),
                 httponly=self.get_cookie_httponly(app),
@@ -473,29 +472,30 @@ class MailuSessionExtension:
     def init_app(self, app):
         """ Replace session management of application. """
 
+        redis_session = False
+
         if app.config.get('MEMORY_SESSIONS'):
             # in-memory session store for use in development
             app.session_store = DictStore()
 
         else:
             # redis-based session store for use in production
+            redis_session = True
             app.session_store = RedisStore(
                 redis.StrictRedis().from_url(app.config['SESSION_STORAGE_URL'])
             )
 
+        app.session_config = MailuSessionConfig(app)
+        app.session_interface = MailuSessionInterface()
+        if redis_session:
             # clean expired sessions once on first use in case lifetime was changed
-            def cleaner():
+            with app.app_context():
                 with cleaned.get_lock():
                     if not cleaned.value:
                         cleaned.value = True
                         app.logger.info('cleaning session store')
                         MailuSessionExtension.cleanup_sessions(app)
 
-            app.before_first_request(cleaner)
-
-        app.session_config = MailuSessionConfig(app)
-        app.session_interface = MailuSessionInterface()
-
 cleaned = Value('i', False)
 session = MailuSessionExtension()
 
diff --git a/core/admin/run_dev.sh b/core/admin/run_dev.sh
index 0f7c6e05..3d1fc771 100755
--- a/core/admin/run_dev.sh
+++ b/core/admin/run_dev.sh
@@ -78,6 +78,7 @@ ENV \
     \
     ADMIN_ADDRESS="127.0.0.1" \
     FRONT_ADDRESS="127.0.0.1" \
+    FTS_ATTACHMENTS_ADDRESS="127.0.0.1" \
     SMTP_ADDRESS="127.0.0.1" \
     IMAP_ADDRESS="127.0.0.1" \
     REDIS_ADDRESS="127.0.0.1" \
diff --git a/core/admin/start.py b/core/admin/start.py
index 5d403a3e..9574bbb7 100755
--- a/core/admin/start.py
+++ b/core/admin/start.py
@@ -1,6 +1,8 @@
 #!/usr/bin/env python3
 
 import os
+import os.path
+import time
 import logging as log
 import sys
 from socrate import system
@@ -23,6 +25,14 @@ if account is not None and domain is not None and password is not None:
     log.info("Creating initial admin account %s@%s with mode %s", account, domain, mode)
     os.system("flask mailu admin %s %s '%s' --mode %s" % (account, domain, password, mode))
 
+def test_unsupported():
+    import codecs
+    if os.path.isfile(codecs.decode('/.qbpxrerai', 'rot13')) or os.environ.get(codecs.decode('V_XABJ_ZL_FRGHC_QBRFAG_SVG_ERDHVERZRAGF_NAQ_JBAG_SVYR_VFFHRF_JVGUBHG_CNGPURF', 'rot13'), None) or os.environ.get(codecs.decode('ZNVYH_URYZ_PUNEG', 'rot13'), None):
+        return
+    log.critical('Your system is not supported. Please start by reading the documentation and then http://www.catb.org/~esr/faqs/smart-questions.html')
+    while True:
+        time.sleep(5)
+
 def test_DNS():
     import dns.resolver
     import dns.exception
@@ -50,6 +60,7 @@ def test_DNS():
             time.sleep(5)
 
 test_DNS()
+test_unsupported()
 
 cmdline = [
     "gunicorn",
diff --git a/core/base/Dockerfile b/core/base/Dockerfile
index 88332d3a..2f9c1142 100644
--- a/core/base/Dockerfile
+++ b/core/base/Dockerfile
@@ -3,7 +3,7 @@
 # base system image (intermediate)
 # Note when updating the alpine tag, first manually run the workflow .github/workflows/mirror.yml.
 # Just run the workflow with the tag that must be synchronised.
-ARG DISTRO=ghcr.io/mailu/alpine:3.17.2
+ARG DISTRO=ghcr.io/mailu/alpine:3.18.4
 FROM $DISTRO as system
 
 ENV TZ=Etc/UTC LANG=C.UTF-8
@@ -16,7 +16,7 @@ RUN set -euxo pipefail \
   ; adduser -Sg ${MAILU_UID} -G mailu -h /app -g "mailu app" -s /bin/bash mailu \
   ; apk add --no-cache bash ca-certificates curl python3 tzdata \
   ; ! [[ "$(uname -m)" == x86_64 ]] \
-    || apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing hardened-malloc==11-r0
+    || apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing hardened-malloc
 
 WORKDIR /app
 
@@ -27,7 +27,7 @@ CMD /bin/bash
 FROM system as build
 
 ARG MAILU_DEPS=prod
-ARG SNUFFLEUPAGUS_VERSION=0.9.0
+ARG SNUFFLEUPAGUS_VERSION=0.10.0
 
 ENV VIRTUAL_ENV=/app/venv
 
@@ -79,9 +79,9 @@ COPY --chown=root:root --from=build /app/snuffleupagus.so /usr/lib/php81/modules
 ENV \
   VIRTUAL_ENV=/app/venv \
   PATH="/app/venv/bin:${PATH}" \
-  LD_PRELOAD="/usr/lib/libhardened_malloc.so" \
   ADMIN_ADDRESS="admin" \
   FRONT_ADDRESS="front" \
+  FTS_ATTACHMENTS_ADDRESS="tika" \
   SMTP_ADDRESS="smtp" \
   IMAP_ADDRESS="imap" \
   OLETOOLS_ADDRESS="oletools" \
diff --git a/core/base/libs/socrate/socrate/system.py b/core/base/libs/socrate/socrate/system.py
index e80863b8..3dcdea3d 100644
--- a/core/base/libs/socrate/socrate/system.py
+++ b/core/base/libs/socrate/socrate/system.py
@@ -1,11 +1,14 @@
 import hmac
 import logging as log
 import os
+import signal
 import sys
 import re
 from pwd import getpwnam
 import socket
 import tenacity
+import subprocess
+import threading
 
 @tenacity.retry(stop=tenacity.stop_after_attempt(100),
                 wait=tenacity.wait_random(min=2, max=5))
@@ -27,7 +30,7 @@ def _coerce_value(value):
     return value
 
 class LogFilter(object):
-    def __init__(self, stream, re_patterns, log_file):
+    def __init__(self, stream, re_patterns):
         self.stream = stream
         if isinstance(re_patterns, list):
             self.pattern = re.compile('|'.join([f'(?:{pattern})' for pattern in re_patterns]))
@@ -36,7 +39,6 @@ class LogFilter(object):
         else:
             self.pattern = re_patterns
         self.found = False
-        self.log_file = log_file
 
     def __getattr__(self, attr_name):
         return getattr(self.stream, attr_name)
@@ -48,12 +50,6 @@ class LogFilter(object):
             if not self.pattern.search(data):
                 self.stream.write(data)
                 self.stream.flush()
-                if self.log_file:
-                    try:
-                        with open(self.log_file, 'a', encoding='utf-8') as l:
-                            l.write(data)
-                    except:
-                        pass
             else:
                 # caught bad pattern
                 self.found = True
@@ -66,22 +62,29 @@ def _is_compatible_with_hardened_malloc():
         lines = f.readlines()
         for line in lines:
             # See #2764, we need vmovdqu
-            if line.startswith('flags') and ' avx ' not in line:
+            # See #2959, we need vpunpckldq
+            if line.startswith('flags') and ' avx2 ' not in line:
                 return False
             # See #2541
             if line.startswith('Features') and ' lrcpc ' not in line:
                 return False
     return True
 
-def set_env(required_secrets=[], log_filters=[], log_file=None):
-    if log_filters:
-        sys.stdout = LogFilter(sys.stdout, log_filters, log_file)
-        sys.stderr = LogFilter(sys.stderr, log_filters, log_file)
-    log.basicConfig(stream=sys.stderr, level=os.environ.get("LOG_LEVEL", 'WARNING'))
 
-    if 'LD_PRELOAD' in os.environ and not _is_compatible_with_hardened_malloc():
-        log.warning('Disabling hardened-malloc on this CPU')
-        del os.environ['LD_PRELOAD']
+def sigterm_handler(_signo, _stack_frame):
+    log.critical("Received SIGTERM, terminating.")
+    sys.exit(143)
+
+def set_env(required_secrets=[], log_filters=[]):
+    if log_filters:
+        sys.stdout = LogFilter(sys.stdout, log_filters)
+        sys.stderr = LogFilter(sys.stderr, log_filters)
+    log.basicConfig(stream=sys.stderr, level=os.environ.get("LOG_LEVEL", 'WARNING'))
+    signal.signal(signal.SIGTERM, sigterm_handler)
+
+    if not 'LD_PRELOAD' in os.environ and _is_compatible_with_hardened_malloc():
+        log.warning('Your CPU has Advanced Vector Extensions available, we recommend you enable hardened-malloc earlier in the boot process by adding LD_PRELOAD=/usr/lib/libhardened_malloc.so to your mailu.env')
+        os.environ['LD_PRELOAD'] = '/usr/lib/libhardened_malloc.so'
 
     """ This will set all the environment variables and retains only the secrets we need """
     if 'SECRET_KEY_FILE' in os.environ:
@@ -114,3 +117,24 @@ def drop_privs_to(username='mailu'):
     os.setgid(pwnam.pw_gid)
     os.setuid(pwnam.pw_uid)
     os.environ['HOME'] = pwnam.pw_dir
+
+# forwards text lines from src to dst in an infinite loop
+def forward_text_lines(src, dst):
+    while True:
+        current_line = src.readline()
+        dst.write(current_line)
+
+
+# runs a process and passes its standard/error output to the standard/error output of the current python script
+def run_process_and_forward_output(cmd):
+    process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
+
+    stdout_thread = threading.Thread(target=forward_text_lines, args=(process.stdout, sys.stdout))
+    stdout_thread.daemon = True
+    stdout_thread.start()
+
+    stderr_thread = threading.Thread(target=forward_text_lines, args=(process.stderr, sys.stderr))
+    stderr_thread.daemon = True
+    stderr_thread.start()
+
+    process.wait()
diff --git a/core/base/requirements-build.txt b/core/base/requirements-build.txt
index 62a7d9fd..ed145a00 100644
--- a/core/base/requirements-build.txt
+++ b/core/base/requirements-build.txt
@@ -1,3 +1,3 @@
-pip==22.3.1
-setuptools==65.6.3
-wheel==0.38.4
+pip==23.3.1
+setuptools==68.2.2
+wheel==0.41.3
diff --git a/core/base/requirements-prod.txt b/core/base/requirements-prod.txt
index 1f1389cf..2d5b0002 100644
--- a/core/base/requirements-prod.txt
+++ b/core/base/requirements-prod.txt
@@ -1,86 +1,93 @@
-aiodns==3.0.0
-aiohttp==3.8.5
-aiosignal==1.2.0
-alembic==1.8.1
-async-timeout==4.0.2
-attrs==22.1.0
-Babel==2.11.0
+aiodns==3.1.1
+aiohttp==3.8.6
+aiosignal==1.3.1
+alembic==1.12.1
+aniso8601==9.0.1
+async-timeout==4.0.3
+attrs==23.1.0
+Babel==2.13.1
 bcrypt==4.0.1
-blinker==1.5
+blinker==1.6.3
 certifi==2023.7.22
-cffi==1.15.1
-charset-normalizer==2.1.1
-click==8.1.3
+cffi==1.16.0
+charset-normalizer==3.3.1
+click==8.1.7
 colorclass==2.2.2
-cryptography==41.0.3
-decorator==5.1.1
+cryptography==41.0.5
 defusedxml==0.7.1
-Deprecated==1.2.13
-dnspython==2.2.1
-dominate==2.7.0
+Deprecated==1.2.14
+dnspython==2.4.2
+dominate==2.8.0
 easygui==0.98.3
-email-validator==1.3.0
-Flask==2.2.5
-Flask-Babel==2.0.0
+email-validator==2.1.0.post1
+Flask==2.3.3
+flask-babel==4.0.0
 Flask-Bootstrap==3.3.7.1
-Flask-DebugToolbar==0.13.1
-Flask-Login==0.6.2
-flask-marshmallow==0.14.0
-Flask-Migrate==3.1.0
-Flask-RESTX==1.0.5
+#Flask-DebugToolbar is not compatible with Flask 2.3.3+
+#Flask-DebugToolbar==0.13.1
+Flask-Login==0.6.3
+flask-marshmallow==0.15.0
+Flask-Migrate==4.0.5
+flask-restx==1.1.0
 Flask-SQLAlchemy==2.5.1
-Flask-WTF==1.0.1
-frozenlist==1.3.1
-greenlet==2.0.0
-gunicorn==20.1.0
+# >2.5.1 bug with parsing models.py. Could otherwise be 3.0.5
+Flask-WTF==1.2.1
+frozenlist==1.4.0
+greenlet==3.0.1
+gunicorn==21.2.0
 idna==3.4
+importlib-resources==6.1.0
 infinity==1.5
 intervals==0.9.2
 itsdangerous==2.1.2
 Jinja2==3.1.2
-limits==2.7.1
-Mako==1.2.3
-MarkupSafe==2.1.1
-marshmallow==3.18.0
-marshmallow-sqlalchemy==0.28.1
+jsonschema==4.19.2
+jsonschema-specifications==2023.7.1
+limits==3.6.0
+Mako==1.2.4
+MarkupSafe==2.1.3
+marshmallow==3.20.1
+marshmallow-sqlalchemy==0.29
 msoffcrypto-tool==5.1.1
-multidict==6.0.2
-mysql-connector-python==8.0.32
+multidict==6.0.4
+mysql-connector-python==8.2.0
 olefile==0.46
 oletools==0.60.1
-packaging==21.3
+packaging==23.2
 passlib==1.7.4
 pcodedmp==1.2.6
 podop @ file:///app/libs/podop
-postfix-mta-sts-resolver==1.1.4
-protobuf==3.20.2
-psycopg2-binary==2.9.5
-pycares==4.2.2
+postfix-mta-sts-resolver==1.4.0
+protobuf==4.21.12
+psycopg2-binary==2.9.9
+pycares==4.4.0
 pycparser==2.21
-Pygments==2.15.0
+Pygments==2.16.1
 pyparsing==2.4.7
 python-dateutil==2.8.2
 python-magic==0.4.27
-pytz==2022.6
+pytz==2023.3.post1
 PyYAML==6.0.1
 Radicale==3.1.8
-redis==4.4.4
+redis==5.0.1
+referencing==0.30.2
 requests==2.31.0
+rpds-py==0.10.6
 six==1.16.0
 socrate @ file:///app/libs/socrate
-SQLAlchemy==1.4.42
+SQLAlchemy==1.4.50
 srslib==0.1.4
 tabulate==0.9.0
-tenacity==8.1.0
-typing_extensions==4.4.0
-urllib3==1.26.12
-validators==0.20.0
+tenacity==8.2.3
+typing_extensions==4.8.0
+urllib3==2.0.7
+validators==0.22.0
 visitor==0.1.3
 vobject==0.9.6.1
-watchdog==2.1.9
-Werkzeug==2.2.3
-wrapt==1.14.1
-WTForms==3.0.1
+watchdog==3.0.0
+Werkzeug===2.3.7
+wrapt==1.15.0
+WTForms==3.1.1
 WTForms-Components==0.10.5
 xmltodict==0.13.0
-yarl==1.8.1
+yarl==1.9.2
diff --git a/core/dovecot/Dockerfile b/core/dovecot/Dockerfile
index 872e1ecf..25eb9263 100644
--- a/core/dovecot/Dockerfile
+++ b/core/dovecot/Dockerfile
@@ -7,7 +7,8 @@ ARG VERSION
 LABEL version=$VERSION
 
 RUN set -euxo pipefail \
-  ; apk add --no-cache dovecot dovecot-fts-xapian dovecot-lmtpd dovecot-pigeonhole-plugin dovecot-pop3d dovecot-submissiond rspamd-client xapian-core \
+  ; echo -e 'http://dl-cdn.alpinelinux.org/alpine/edge/main\nhttp://dl-cdn.alpinelinux.org/alpine/edge/testing\nhttp://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories \
+  ; apk add --no-cache 'dovecot<2.4' dovecot-lmtpd dovecot-pigeonhole-plugin dovecot-pop3d dovecot-submissiond rspamd-client dovecot-fts-flatcurve \
   ; mkdir /var/lib/dovecot
 
 COPY conf/ /conf/
diff --git a/core/dovecot/conf/dovecot.conf b/core/dovecot/conf/dovecot.conf
index e35ab4a1..906b0e30 100644
--- a/core/dovecot/conf/dovecot.conf
+++ b/core/dovecot/conf/dovecot.conf
@@ -37,7 +37,7 @@ mail_plugins = $mail_plugins quota quota_clone{{ ' ' }}
   zlib{{ ' ' }}
   {%- endif %}
   {%- if (FULL_TEXT_SEARCH or '').lower() not in ['off', 'false', '0'] -%}
-  fts fts_xapian
+  fts fts_flatcurve
   {%- endif %}
 default_vsz_limit = 2GB
 
@@ -57,11 +57,21 @@ plugin {
   quota_clone_dict = proxy:/tmp/podop.socket:quota
 
   {% if (FULL_TEXT_SEARCH or '').lower() not in ['off', 'false', '0'] %}
-  fts = xapian
-  fts_xapian = partial=2 full=30
+  fts = flatcurve
+  fts_index_timeout = 50s
+  fts_languages = {% if FULL_TEXT_SEARCH %}{{ FULL_TEXT_SEARCH.split(",") | join(" ") }}{% else %}en{% endif %}
+  fts_tokenizers = generic email-address
   fts_autoindex = yes
   fts_enforced = yes
   fts_autoindex_exclude = \Trash
+  fts_autoindex_exclude1 = \Junk
+  fts_filters = normalizer-icu snowball stopwords
+  fts_filters_en = lowercase snowball english-possessive stopwords
+  fts_filters_fr = lowercase snowball contractions stopwords
+  fts_header_excludes = Received DKIM-* ARC-* X-* x-* Comments Delivered-To Return-Path Authentication-Results Message-ID References In-Reply-To Thread-* Accept-Language Content-* MIME-Version
+  {% if FULL_TEXT_SEARCH_ATTACHMENTS %}
+  fts_tika = http://{{ FTS_ATTACHMENTS_ADDRESS }}:9998/tika/
+  {% endif %}
   {% endif %}
 
   {% if COMPRESSION in [ 'gz', 'bz2', 'lz4', 'zstd' ] %}
@@ -73,6 +83,12 @@ plugin {
   {% endif %}
 }
 
+service indexer-worker {
+  executable = /bin/nice -n 10 /usr/libexec/dovecot/indexer-worker
+  # TODO: maybe MAXPROC? I guess it depends on how much RAM is available
+  process_limit = 1
+}
+
 ###############
 # Authentication
 ###############
diff --git a/core/dovecot/start.py b/core/dovecot/start.py
index d25f860b..b162db95 100755
--- a/core/dovecot/start.py
+++ b/core/dovecot/start.py
@@ -3,13 +3,11 @@
 import os
 import glob
 import multiprocessing
-import logging as log
-import sys
 
 from podop import run_server
 from socrate import system, conf
 
-system.set_env(log_filters=r'Error\: SSL context initialization failed, disabling SSL\: Can\'t load SSL certificate \(ssl_cert setting\)\: The certificate is empty$')
+system.set_env(log_filters=[r'Error\: SSL context initialization failed, disabling SSL\: Can\'t load SSL certificate \(ssl_cert setting\)\: The certificate is empty$'])
 
 def start_podop():
     system.drop_privs_to('mail')
@@ -35,4 +33,5 @@ os.system("chown mail:mail /mail")
 os.system("chown -R mail:mail /var/lib/dovecot /conf")
 
 multiprocessing.Process(target=start_podop).start()
-os.system("dovecot -c /etc/dovecot/dovecot.conf -F")
+cmd = ['/usr/sbin/dovecot', '-c', '/etc/dovecot/dovecot.conf', '-F']
+system.run_process_and_forward_output(cmd)
diff --git a/core/nginx/Dockerfile b/core/nginx/Dockerfile
index f2eaac81..cacb6c99 100644
--- a/core/nginx/Dockerfile
+++ b/core/nginx/Dockerfile
@@ -17,7 +17,8 @@ ARG VERSION
 LABEL version=$VERSION
 
 RUN set -euxo pipefail \
-  ; apk add --no-cache certbot nginx nginx-mod-http-brotli nginx-mod-mail openssl dovecot-lua dovecot-pigeonhole-plugin dovecot-lmtpd dovecot-pop3d dovecot-submissiond
+  ; apk add --no-cache certbot nginx nginx-mod-http-brotli nginx-mod-mail openssl \
+  ; apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main dovecot-lua dovecot-pigeonhole-plugin 'dovecot-lmtpd<2.4' dovecot-pop3d dovecot-submissiond
 
 COPY conf/ /conf/
 COPY --from=static /static/ /static/
diff --git a/core/nginx/letsencrypt.py b/core/nginx/letsencrypt.py
index a14dfa15..a8abbee7 100755
--- a/core/nginx/letsencrypt.py
+++ b/core/nginx/letsencrypt.py
@@ -47,7 +47,7 @@ time.sleep(5)
 
 class MyRequestHandler(SimpleHTTPRequestHandler):
     def do_GET(self):
-        if self.path == '/testing':
+        if self.path == '/.well-known/acme-challenge/testing':
             self.send_response(204)
         else:
             self.send_response(404)
@@ -55,19 +55,19 @@ class MyRequestHandler(SimpleHTTPRequestHandler):
         self.end_headers()
 
 def serve_one_request():
-    with HTTPServer(("0.0.0.0", 8008), MyRequestHandler) as server:
+    with HTTPServer(("127.0.0.1", 8008), MyRequestHandler) as server:
         server.handle_request()
 
 # Run certbot every day
 while True:
     while True:
-        hostname = os.environ['HOSTNAMES'].split(' ')[0]
+        hostname = os.environ['HOSTNAMES'].split(',')[0]
         target = f'http://{hostname}/.well-known/acme-challenge/testing'
         thread = Thread(target=serve_one_request)
         thread.start()
         r = requests.get(target)
         if r.status_code != 204:
-            log.error(f"Can't reach {target}!, please ensure it's fixed or change the TLS_FLAVOR.")
+            log.critical(f"Can't reach {target}!, please ensure it's fixed or change the TLS_FLAVOR.")
             time.sleep(5)
         else:
             break
diff --git a/core/nginx/start.py b/core/nginx/start.py
index 01ecca03..a50abec2 100755
--- a/core/nginx/start.py
+++ b/core/nginx/start.py
@@ -4,7 +4,7 @@ import os
 import subprocess
 from socrate import system
 
-system.set_env(log_filters=r'could not be resolved \(\d\: [^\)]+\) while in resolving client address, client\: [^,]+, server: [^\:]+\:(25,110,143,587,465,993,995)$')
+system.set_env(log_filters=r'could not be resolved \(\d\: [^\)]+\) while in resolving client address, client\: [^,]+, server: [^\:]+\:(25|110|143|587|465|993|995)$')
 
 # Check if a stale pid file exists
 if os.path.exists("/var/run/nginx.pid"):
@@ -17,4 +17,5 @@ elif os.environ["TLS_FLAVOR"] in [ "mail", "cert" ]:
 
 subprocess.call(["/config.py"])
 os.system("dovecot -c /etc/dovecot/proxy.conf")
-os.execv("/usr/sbin/nginx", ["nginx", "-g", "daemon off;"])
+cmd = ['/usr/sbin/nginx', '-g', 'daemon off;']
+system.run_process_and_forward_output(cmd)
diff --git a/core/oletools/Dockerfile b/core/oletools/Dockerfile
index 39fd0e18..f636cc6d 100644
--- a/core/oletools/Dockerfile
+++ b/core/oletools/Dockerfile
@@ -6,11 +6,17 @@ FROM base
 ARG VERSION=local
 LABEL version=$VERSION
 
+ARG OLEFY_SCRIPT=https://raw.githubusercontent.com/HeinleinSupport/olefy/f8aac6cc55283886d153e89c8f27fae66b1c24e2/olefy.py
+ARG OLEFY_SHA256=1f5aa58b78ca7917350135b4425e5ed4d580c7051aabed1952c6afd12d0345a0
+
 RUN set -euxo pipefail \
   ; apk add --no-cache netcat-openbsd libmagic libffi \
-  ; curl -sLo olefy.py https://raw.githubusercontent.com/HeinleinSupport/olefy/f8aac6cc55283886d153e89c8f27fae66b1c24e2/olefy.py \
+  ; curl -sLo olefy.py $OLEFY_SCRIPT \
+  ; echo "$OLEFY_SHA256  olefy.py" |sha256sum -c \
   ; chmod 755 olefy.py
 
+COPY start.py /
+
 RUN echo $VERSION >/version
 
 HEALTHCHECK --start-period=60s CMD echo PING|nc -q1 127.0.0.1 11343|grep "PONG"
@@ -28,4 +34,4 @@ ENV \
     OLEFY_DEL_TMP="1" \
     OLEFY_DEL_TMP_FAILED="1"
 
-CMD /app/olefy.py
+CMD /start.py
diff --git a/core/oletools/start.py b/core/oletools/start.py
new file mode 100755
index 00000000..b0972908
--- /dev/null
+++ b/core/oletools/start.py
@@ -0,0 +1,8 @@
+#!/usr/bin/env python3
+
+from socrate import system
+
+system.set_env()
+
+with open('/app/olefy.py') as olefy:
+    exec(olefy.read())
diff --git a/core/postfix/start.py b/core/postfix/start.py
index d6af1a98..7daf7c3b 100755
--- a/core/postfix/start.py
+++ b/core/postfix/start.py
@@ -13,8 +13,8 @@ from socrate import system, conf
 system.set_env(log_filters=[
     r'(dis)?connect from localhost\[(\:\:1|127\.0\.0\.1)\]( quit=1 commands=1)?$',
     r'haproxy read\: short protocol header\: QUIT$',
-    r'discarding EHLO keywords\: PIPELINING$',
-    ], log_file=os.environ.get('POSTFIX_LOG_FILE'))
+    r'discarding EHLO keywords\: PIPELINING$'
+    ])
 
 os.system("flock -n /queue/pid/master.pid rm /queue/pid/master.pid")
 
@@ -100,4 +100,5 @@ os.system("/usr/libexec/postfix/post-install meta_directory=/etc/postfix create-
 # Before starting postfix, we need to check permissions on /queue
 # in the event that postfix,postdrop id have changed
 os.system("postfix set-permissions")
-os.system("postfix start-fg")
+cmd = ['postfix', 'start-fg']
+system.run_process_and_forward_output(cmd)
diff --git a/core/rspamd/conf/antivirus.conf b/core/rspamd/conf/antivirus.conf
index 0f47ecca..072c687b 100644
--- a/core/rspamd/conf/antivirus.conf
+++ b/core/rspamd/conf/antivirus.conf
@@ -4,7 +4,7 @@ clamav {
   symbol = "CLAM_VIRUS";
   type = "clamav";
   servers = "{{ ANTIVIRUS_ADDRESS }}:3310";
-  timeout = 5;
+  timeout = 60;
   retransmits = 10;
   {% if ANTIVIRUS_ACTION|default('discard') == 'reject' %}
   action = "reject"
diff --git a/core/rspamd/conf/external_services.conf b/core/rspamd/conf/external_services.conf
index 609f341b..2557bcb7 100644
--- a/core/rspamd/conf/external_services.conf
+++ b/core/rspamd/conf/external_services.conf
@@ -7,8 +7,8 @@ oletools {
   scan_mime_parts = true;
   extended = true;
   max_size = 3145728;
-  timeout = 20.0;
-  retransmits = 1;
+  timeout = 60.0;
+  retransmits = 10;
 
   patterns {
     OLETOOLS_MACRO_FOUND= '^.....M..$';
diff --git a/core/rspamd/conf/force_actions.conf b/core/rspamd/conf/force_actions.conf
index b72a8a0c..0bb96c37 100644
--- a/core/rspamd/conf/force_actions.conf
+++ b/core/rspamd/conf/force_actions.conf
@@ -14,5 +14,15 @@ rules {
     expression = "!IS_LOCALLY_GENERATED & !MAILLIST & BLACKLIST_ANTISPOOF";
     message = "Rejected (anti-spoofing: auth-failed)";
   }
+  ANTIVIRUS_FLAGGED {
+    action = "reject";
+    expression = "CLAM_VIRUS | OLETOOLS_MACRO_MRAPTOR | OLETOOLS_MACRO_SUSPICIOUS";
+    message = "Rejected (dangerous/malicious code detected)";
+  }
+  ANTIVIRUS_FAILED {
+    action = "soft reject";
+    expression = "CLAM_VIRUS_FAIL | OLETOOLS_FAIL";
+    message = "Please retry later (anti-virus/oletools not ready)";
+  }
 }
 .include(try=true,priority=1,duplicate=merge) "/overrides/force_actions.conf"
diff --git a/core/rspamd/start.py b/core/rspamd/start.py
index d6991253..67574a01 100755
--- a/core/rspamd/start.py
+++ b/core/rspamd/start.py
@@ -16,7 +16,8 @@ env = system.set_env()
 config_files = []
 for rspamd_file in glob.glob("/conf/*"):
     conf.jinja(rspamd_file, env, os.path.join("/etc/rspamd/local.d", os.path.basename(rspamd_file)))
-    config_files.append(os.path.basename(rspamd_file))
+    if rspamd_file != '/conf/forbidden_file_extension.map':
+        config_files.append(os.path.basename(rspamd_file))
 
 for override_file in glob.glob("/overrides/*"):
     if os.path.basename(override_file) not in config_files:
@@ -37,4 +38,4 @@ while True:
 os.system("mkdir -m 755 -p /run/rspamd")
 os.system("chown rspamd:rspamd /run/rspamd")
 os.system("find /var/lib/rspamd | grep -v /filter | xargs -n1 chown rspamd:rspamd")
-os.execv("/usr/sbin/rspamd", ["rspamd", "-f", "-u", "rspamd", "-g", "rspamd"])
+os.execv("/usr/bin/rspamd", ["rspamd", "-f", "-u", "rspamd", "-g", "rspamd"])
diff --git a/docs/Dockerfile b/docs/Dockerfile
index 18ca8333..958eaf87 100644
--- a/docs/Dockerfile
+++ b/docs/Dockerfile
@@ -1,5 +1,5 @@
 # Convert .rst files to .html in temporary build container
-FROM python:3.8-alpine3.14 AS build
+FROM python:3.12.0-alpine3.18 AS build
 
 ARG version=master
 ENV VERSION=$version
@@ -16,7 +16,7 @@ RUN apk add --no-cache --virtual .build-deps \
 
 
 # Build nginx deployment image including generated html
-FROM nginx:1.21-alpine
+FROM nginx:1.25.3-alpine
 
 ARG version=master
 ARG pinned_version=master
diff --git a/docs/antispam.rst b/docs/antispam.rst
index 9b204999..5042ff0c 100644
--- a/docs/antispam.rst
+++ b/docs/antispam.rst
@@ -33,7 +33,7 @@ Rspamd rejects non-compliant email messages and email messages that contain viru
 
    * In the administration web interface, under settings under Antispam 'Enable spam filter' must be ticked. If this option is disabled, then all email messages will automatically go to the inbox folder. Except for email messages with a score of 15 or higher, as these email messages are rejected by Rspamd.
 
-   * In the administration web interface, under settings under Antispam, the user defined spam filter tolerance must be configured. The default value is 80%. The lower the spam filter tolerance, the more false positives (ham classified as spam). The user can change this setting to finetune when an email message is classified as spam.
+   * In the administration web interface, under settings under Antispam, the user defined spam filter tolerance must be configured. The default value is 80%. The lower the spam filter tolerance, the more false positives (ham classified as spam). The user can change this setting to fine-tune when an email message is classified as spam.
 
    * Dovecot extracts the X-Spam-Level email header from the email message and converts the spam score (0 - 15) to a 0 - 100 percent scale. This spam score is compared with the user defined spam filter tolerance. If the spam score is lower than the user defined spam filter tolerance, then the email message is accepted. In logic:
 
@@ -110,7 +110,7 @@ The following steps have to be taken to configure an additional symbol (rule) th
 
    * no action: allow message. The email message will be allowed without a spam score being added in the mail header. This can be used for creating a whitelist filter.
 
-   * soft reject: temporarily delay message (this is used, for instance, to greylist or ratelimit messages)
+   * soft reject: temporarily delay message (this is used, for instance, to greylist or rate-limit messages)
 
    To move an email message to the Junk (Spam) folder, a score of 15 can be used in combination with the action "add header".
    The above example configuration will reject all emails send from domains that are listed in '/etc/rspamd/override.d/blacklist.inc'.
@@ -158,7 +158,7 @@ For more information on using the multimap filter see the official `multimap doc
 Can I change the list of authorized file attachments?
 -----------------------------------------------------
 
-Mailu rejects emails with file attachements it deems to be "executable" or otherwise dangerous. If you would like to tweak the block list, you can do so using the following commands:
+Mailu rejects emails with file attachments it deems to be "executable" or otherwise dangerous. If you would like to tweak the block list, you can do so using the following commands:
 
    .. code-block:: bash
 
diff --git a/docs/compose/.env b/docs/compose/.env
index 62e767cf..5c54815c 100644
--- a/docs/compose/.env
+++ b/docs/compose/.env
@@ -152,3 +152,8 @@ REJECT_UNLISTED_RECIPIENT=
 
 # Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
 LOG_LEVEL=WARNING
+
+# If your CPU supports Advanced Vector Extensions
+# (AVX2 on x86_64, lrcpc on ARM64), you should consider enabling
+# hardened-malloc earlier by uncommenting this
+# LD_PRELOAD=/usr/lib/libhardened_malloc.so
diff --git a/docs/compose/requirements.rst b/docs/compose/requirements.rst
index e828597d..1ce29454 100644
--- a/docs/compose/requirements.rst
+++ b/docs/compose/requirements.rst
@@ -43,7 +43,7 @@ make sure that you either:
 
  - setup a root *ext4* partition,
  - or setup a root *btrfs* partition,
- - or leave enough unpartitionned space for a dedicated *ext4* or *btrfs*
+ - or leave enough unpartitioned space for a dedicated *ext4* or *btrfs*
    partition.
 
 If you chose to create a dedicated partition, simply mount it to
@@ -74,7 +74,7 @@ default Debian install:
   apt-get autoremove --purge exim4 exim4-base
 
 
-Finally, Docker relies heavily on ``iptables`` for port forwardings. You
+Finally, Docker relies heavily on ``iptables`` for port forwarding. You
 should use ``iptables-persistent`` (or any equivalent tool on other
 systems) for managing persistent rules. If you were brave enough to switch to
 ``nftables``, you will have to rollback until official support is released
diff --git a/docs/compose/setup.rst b/docs/compose/setup.rst
index f4c9c574..81433ba3 100644
--- a/docs/compose/setup.rst
+++ b/docs/compose/setup.rst
@@ -76,6 +76,15 @@ Review configuration variables
 After downloading the files, open ``mailu.env`` and review the variable settings.
 Make sure to read the comments in the file and instructions from the :ref:`common_cfg` page.
 
+If your CPU supports Advanced Vector Extensions (AVX2 on x86_64, lrcpc on ARM64), you should
+consider enabling hardened-malloc earlier in the boot process by adding the following to
+your mailu.env:
+
+.. code-block:: bash
+
+    LD_PRELOAD=/usr/lib/libhardened_malloc.so
+
+
 Finish setting up TLS
 ---------------------
 
diff --git a/docs/configuration.rst b/docs/configuration.rst
index e4bd045e..3c193ac4 100644
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@@ -51,8 +51,8 @@ accounts for a specific IP subnet as defined in
 
 The ``AUTH_RATELIMIT_USER`` (default: 50/day) holds a security setting for fighting
 attackers that attempt to guess a user's password (typically using a password
-bruteforce attack). The value defines the limit of distinct authentication attempts
-allowed for any given account within a specific timeframe. Multiple attempts for the
+brute-force attack). The value defines the limit of distinct authentication attempts
+allowed for any given account within a specific time-frame. Multiple attempts for the
 same account with the same password only counts for one.
 
 The ``AUTH_RATELIMIT_EXEMPTION_LENGTH`` (default: 86400) is the number of seconds
@@ -104,7 +104,7 @@ by setting ``INBOUND_TLS_ENFORCE`` to ``True``. Please note that this is forbidd
 internet facing hosts according to e.g. `RFC 3207`_ , because this prevents MTAs without STARTTLS
 support or e.g. mismatching TLS versions to deliver emails to Mailu.
 
-The ``SCAN_MACROS`` (default: True) setting controls whether Mailu will endavour
+The ``SCAN_MACROS`` (default: True) setting controls whether Mailu will endeavor
 to reject emails containing documents with malicious macros. Under the hood, it uses
 `mraptor from oletools`_ to determine whether a macro is malicious or not.
 
@@ -133,12 +133,15 @@ later classify incoming mail based on the custom part.
 The ``DMARC_RUA`` and ``DMARC_RUF`` are DMARC protocol specific values. They hold
 the localpart for DMARC rua and ruf email addresses.
 
-Full-text search is enabled for IMAP is enabled by default. This feature can be disabled
-(e.g. for performance reasons) by setting the optional variable ``FULL_TEXT_SEARCH`` to ``off``.
+The ``FULL_TEXT_SEARCH`` variable (default: 'en') is a comma separated list of
+language codes as defined on `fts_languages`_. This feature can be disabled
+(e.g. for performance reasons) by setting the variable to ``off``.
 
 You can set a global ``DEFAULT_QUOTA`` to be used for mailboxes when the domain has
 no specific quota configured.
 
+.. _`fts_languages`: https://doc.dovecot.org/settings/plugin/fts-plugin/#fts-languages
+
 .. _web_settings:
 
 Web settings
@@ -167,11 +170,11 @@ in the admin interface, while ``SITENAME`` is a customization option for
 every Web interface.
 
 - ``LOGO_BACKGROUND`` sets a custom background colour for the brand logo
-  in the topleft of the main admin interface.
+  in the top-left of the main admin interface.
   For a list of colour codes refer to this page of `w3schools`_.
 
 - ``LOGO_URL`` sets a URL for a custom logo. This logo replaces the Mailu
-  logo in the topleft of the main admin interface.
+  logo in the top-left of the main admin interface.
 
 .. _`w3schools`: https://www.w3schools.com/cssref/css_colors.asp
 
@@ -213,7 +216,10 @@ Depending on your particular deployment you most probably will want to change th
 Advanced settings
 -----------------
 
-The ``API_TOKEN`` (default: None) configures the authentication token.
+
+The ``AUTH_REQUIRE_TOKENS`` (default: False) setting controls whether thick clients can authenticate using passwords or whether they are forced to use tokens/application specific passwords.
+
+The ``API_TOKEN`` (default: None) setting configures the authentication token.
 This token must be passed as request header to the API as authentication token.
 This is a mandatory setting for using the RESTful API.
 
@@ -375,22 +381,6 @@ To disable all plugins just set ``ROUNDCUBE_PLUGINS`` to ``mailu``.
 
 To configure a plugin add php files named ``*.inc.php`` to roundcube's :ref:`override section <override-label>`.
 
-Mail log settings
------------------
-
-By default, all services log directly to stdout/stderr. Logs can be collected by any docker log processing solution.
-
-Postfix writes the logs to a syslog server which logs to stdout. This is used to filter
-out messages from the healthcheck. In some situations, a separate mail log is required
-(e.g. for legal reasons). The syslog server can be configured to write log files to a volume.
-It can be configured with the following option:
-
-- ``POSTFIX_LOG_FILE``: The file to log the mail log to. When enabled, the syslog server will also log to stdout.
-
-When ``POSTFIX_LOG_FILE`` is enabled, the logrotate program will automatically rotate the
-logs every week and keep 52 logs. To override the logrotate configuration, create the file logrotate.conf
-with the desired configuration in the :ref:`Postfix overrides folder<override-label>`.
-
 .. _header_authentication:
 
 Header authentication using an external proxy
diff --git a/docs/contributors/guidelines.rst b/docs/contributors/guidelines.rst
index 8644d83e..2fa7007f 100644
--- a/docs/contributors/guidelines.rst
+++ b/docs/contributors/guidelines.rst
@@ -93,7 +93,7 @@ Configuration files should be compiled at runtime by the container `start.py`
 script and all conditional syntax should be handled using Jinja logic.
 
 The `socrate` Python package should include relevant functions for container
-lifecycle management.
+life-cycle management.
 
 Anything that is not static, i.e. able to change at runtime, either due to
 configuration in the admin UI or user behavior, should take advantage of the
diff --git a/docs/contributors/memo.rst b/docs/contributors/memo.rst
index 65b86649..6b09cd36 100644
--- a/docs/contributors/memo.rst
+++ b/docs/contributors/memo.rst
@@ -8,7 +8,7 @@ Mailu uses Babel for internationalization and localization. Before any
 of your work is merged, you must make sure that your strings are internationalized
 using Babel.
 
-If you used ``_``, ``trans`` blocks and other Babel syntaxes in your code, run the
+If you used ``_``, ``trans`` blocks and other Babel syntax in your code, run the
 following command to update the POT file:
 
 .. code-block:: bash
@@ -26,7 +26,7 @@ Please resolve fuzzy strings to the best of your knowledge.
 Update information files
 ------------------------
 
-If you added a feature or fixed a bug or committed anything that is worth mentionning
+If you added a feature or fixed a bug or committed anything that is worth mentioning
 for the next upgrade, add it in the ``CHANGELOG.md`` file.
 
 Also, if you would like to be mentioned by name or add a comment in ``AUTHORS.md``,
diff --git a/docs/contributors/workflow.rst b/docs/contributors/workflow.rst
index 957d4a9b..b233e0db 100644
--- a/docs/contributors/workflow.rst
+++ b/docs/contributors/workflow.rst
@@ -19,8 +19,8 @@ This is a community project, thus commits should be readable enough for any of
 the contributors to guess the content by simply reading the comment or find a
 proper commit when one knows what they are looking for.
 
-Usual standards remain: write english comments, single line short comments and
-additional multiline if required (keep in mind that the most important piece
+Usual standards remain: write English comments, single line short comments and
+additional multi-line if required (keep in mind that the most important piece
 of information should fit in the first line).
 
 Branches
diff --git a/docs/database.rst b/docs/database.rst
index 26da8dd5..54e5015a 100644
--- a/docs/database.rst
+++ b/docs/database.rst
@@ -25,9 +25,9 @@ To switch to a different database back-end:
 
   1. Drop into a shell inside the admin container as you'll need to execute multiple commands. E.g. `docker exec -i $(docker compose ps -q admin) bash`
 
-  2. Initialize the new database backend: `flask mailu db init`
+  2. Initialize the new database back-end: `flask mailu db init`
 
-  3. Migrate the new database backend to the current state: `flask mailu db upgrade`
+  3. Migrate the new database back-end to the current state: `flask mailu db upgrade`
 
   4. Import the configuration export: `flask mailu config-import -v < /data/mail-config.yml`
 
@@ -216,4 +216,4 @@ Optionally you can remove left-over files which were used by the old database:
 
 .. note::
    Roundcube does not offer a migration tool for moving from SQLite to PostgreSQL.
-   In case roundcube is used, the Mailu setup utility can be used to specify SQLite for the roundcube database backend.
+   In case roundcube is used, the Mailu setup utility can be used to specify SQLite for the roundcube database back-end.
diff --git a/docs/demo.rst b/docs/demo.rst
index 46bedc0e..0619e218 100644
--- a/docs/demo.rst
+++ b/docs/demo.rst
@@ -35,7 +35,7 @@ Connecting to the server
  * Webmail : https://test.mailu.io/webmail/
  * Admin UI : https://test.mailu.io/admin/
  * Admin login : ``admin@test.mailu.io``
- * Admin password : ``letmein``
+ * Admin password : ``Mailu+Demo@test.mailu.io`` (remove + and @test.mailu.io to get the correct password).
  * RESTful API: https://test.mailu.io/api
  * API token: ``Bearer APITokenForMailu``
 
diff --git a/docs/faq.rst b/docs/faq.rst
index 5772978a..5dfc0fa1 100644
--- a/docs/faq.rst
+++ b/docs/faq.rst
@@ -11,8 +11,7 @@ Where to ask questions?
 
 First, please read this FAQ to check if your question is listed here.
 Simple questions are best asked in our `Matrix`_ room.
-For more complex questions, you can always open a `new issue`_ on GitHub.
-We actively monitor the issues list.
+For more complex questions, you can always open a `new discussion`_ on GitHub.
 
 
 My installation is broken!
@@ -33,16 +32,17 @@ I want a new feature or enhancement!
 
 Great! We are always open for suggestions. We currently maintain two tags:
 
-- `Enhancement issues`_: Typically used for optimization of features in the project.
-- `Feature request issues`_: For implementing new functionality,
+- ``type/enhancement``: Typically used for optimization of features in the project.
+- ``type/feature``: For implementing new functionality,
   plugins and applications.
 
-Please check if your idea (or something similar) is already mentioned there.
+Feature requests are discussed on the discussion page of the project (see `feature requests`_).
+Please check if your idea (or something similar) is already mentioned on the project.
 If there is one open, you can choose to vote with a thumbs up, so we can
 estimate the popular demand. Please refrain from writing comments like
 *"me too"* as it clobbers the actual discussion.
 
-If you can't find anything similar, you can open a `new issue`_.
+If you can't find anything similar, you can open a `new feature request`_.
 Please also share (where applicable):
 
 - Use case: how does this improve the project?
@@ -89,8 +89,9 @@ Please click the |sponsor| button on top of our GitHub Page for current possibil
 .. _`Matrix`: https://matrix.to/#/#mailu:tedomum.net
 .. _`open issues`: https://github.com/Mailu/Mailu/issues
 .. _`new issue`: https://github.com/Mailu/Mailu/issues/new
-.. _`Enhancement issues`: https://github.com/Mailu/Mailu/issues?q=is%3Aissue+is%3Aopen+label%3Atype%2Fenhancement
-.. _`Feature request issues`: https://github.com/Mailu/Mailu/issues?q=is%3Aopen+is%3Aissue+label%3Atype%2Ffeature
+.. _`new discussion`: https://github.com/Mailu/Mailu/discussions/categories/user-support
+.. _`feature requests`: https://github.com/Mailu/Mailu/discussions/categories/feature-requests-ideas
+.. _`new feature request`: https://github.com/Mailu/Mailu/discussions/new?category=feature-requests-ideas
 .. _`GitHub`: https://github.com/Mailu/Mailu
 .. _`Community Bridge`: https://funding.communitybridge.org/projects/mailu
 
@@ -192,8 +193,8 @@ This means it can be scaled horizontally. For more information, refer to :ref:`k
 
 *Issue reference:* `165`_, `520`_.
 
-How to achieve HA / failover?
-`````````````````````````````
+How to achieve HA / fail-over?
+``````````````````````````````
 
 The mailboxes and databases for Mailu are kept on the host filesystem under ``$ROOT/``.
 For making the **storage** highly available, all sorts of techniques can be used:
@@ -287,7 +288,7 @@ I want to integrate Nextcloud 15 (and newer) with Mailu
 
 
 If a domain name (e.g. example.com) is specified, then this makes sure that only users from this domain will be allowed to login.
-After successfull login the domain part will be stripped and the rest used as username in Nextcloud. e.g. 'username@example.com' will be 'username' in Nextcloud. Disable this behaviour by changing true (the fifth parameter) to false.
+After successful login the domain part will be stripped and the rest used as username in Nextcloud. e.g. 'username@example.com' will be 'username' in Nextcloud. Disable this behaviour by changing true (the fifth parameter) to false.
 
 *Issue reference:* `575`_.
 
@@ -474,7 +475,7 @@ down and up again. A container restart is not sufficient.
 SMTP Banner from overrides/postfix.cf is ignored
 ````````````````````````````````````````````````
 
-Any mail related connection is proxied by nginx. Therefore the SMTP Banner is also set by nginx. Overwriting in overrides/postfix.cf does not apply.
+Any mail related connection is proxied by the front container. Therefore the SMTP Banner is also set by front container. Overwriting in overrides/postfix.cf does not apply.
 
 *Issue reference:* `1368`_.
 
@@ -496,8 +497,8 @@ Re-starting the smtp container will be required for changes to take effect.
 
 .. _`2213`: https://github.com/Mailu/Mailu/issues/2213
 
-My emails are getting defered, what can I do?
-`````````````````````````````````````````````
+My emails are getting deferred, what can I do?
+``````````````````````````````````````````````
 
 Emails are asynchronous and it's not abnormal for them to be defered sometimes. That being said, Mailu enforces secure connections where possible using DANE and MTA-STS, both of which have the potential to delay indefinitely delivery if something is misconfigured.
 
@@ -754,8 +755,8 @@ Restart the Fail2Ban service.
 Users can't change their password from webmail
 ``````````````````````````````````````````````
 
-All users have the abilty to login to the admin interface. Non-admin users
-have only restricted funtionality such as changing their password and the
+All users have the ability to login to the admin interface. Non-admin users
+have only restricted functionality such as changing their password and the
 spam filter weight settings.
 
 *Issue reference:* `503`_.
@@ -903,6 +904,13 @@ We have seen a fair amount of support requests related to the following:
 
 .. _`netplan does not play nicely with docker`: https://github.com/Mailu/Mailu/issues/2868#issuecomment-1606014184
 
+How can I use Mailu without docker?
+```````````````````````````````````
+
+Running Mailu without docker is not supported. If you want to do so, you need to export an environment variable called ``I_KNOW_MY_SETUP_DOESNT_FIT_REQUIREMENTS_AND_WONT_FILE_ISSUES_WITHOUT_PATCHES`` to the ``admin`` container.
+
+We welcome patches but do not have the bandwidth to test and fix issues related to your unsupported setup. If you do want to help, we welcome new maintainers: please get in touch.
+
 How can I add more languages to roundcube's spellchecker?
 `````````````````````````````````````````````````````````
 
@@ -938,3 +946,64 @@ I see a lot of "Unable to lookup the TLSA record for XXX. Is the DNSSEC zone oka
 There may be multiple causes for it but if you are running docker 24.0.0, odds are you are `experiencing this docker bug`_ and the workaround is to switch to a different version of docker.
 
 .. _`experiencing this docker bug`: https://github.com/Mailu/Mailu/issues/2827
+
+How can I view and export the logs of a Mailu container?
+````````````````````````````````````````````````````````
+
+In some situations, a separate log is required. For example a separate mail log (from postfix) could be required due to legal reasons.
+
+All Mailu containers log the output to journald. The logs are written to journald with the tag:
+
+| mailu-<service name>
+| where <service-name> is the name of the service in the docker-compose.yml file.
+| For example, the service running postfix is called smtp. To view the postfix logs use:
+
+.. code-block:: bash
+
+  journalctl -t mailu-smtp
+
+Note: ``SHIFT+G`` can be used to jump to the end of the log file. ``G`` can be used to jump back to the top of the log file.
+
+To export the log files from journald to the file system, the logs could be imported into a syslog program like ``rsyslog``.
+Via ``rsyslog`` the container specific logs could be written to a separate file using a filter.
+
+Below are the steps for writing the postfix (mail) logs to a log file on the file system.
+
+1. Install the ``rsyslog`` package. Note: on most distributions this program is already installed.
+2. Edit ``/etc/systemd/journald.conf``.
+3. Enable ``ForwardToSyslog=yes``. Note: on most distributions this is already enabled by default. This forwards journald to syslog.
+4. ``sudo touch /var/log/postfix.log``. This step creates the mail log file.
+5. ``sudo chown syslog:syslog /var/log/postfix.log``. This provides rsyslog the permissions for accessing this file.
+6. Create a new config file in ``/etc/rsyslog.d/export-postfix.conf``
+7. Add ``:programname, contains, "mailu-smtp" /var/log/postfix.log``. This instructs rsyslog to write the logs for mailu-smtp to a log file on file system.
+8. ``sudo systemctl restart systemd-journald.service``
+9. ``sudo systemctl restart rsyslog``
+10. All messages from the smtp/postfix container are now logged to ``/var/log/postfix.log``.
+11. Rsyslog does not perform log rotation. The program (package) ``log rotate`` can be used for this task. Install the ``logrotate`` package.
+12. Modify the existing configuration file for rsyslog: ``sudo nano /etc/logrotate.d/rsyslog``
+13. Add at the top add: ``/var/log/postfix.log``. Of course you can also use your own configuration. This is just an example. A complete example for configuring log rotate is:
+
+.. code-block:: bash
+
+  /var/log/postfix.log
+  {
+       rotate 4
+       weekly
+       missingok
+       notifempty
+       compress
+       delaycompress
+       sharedscripts
+       postrotate
+           /usr/lib/rsyslog/rsyslog-rotate
+       endscript
+  }
+
+.. code-block:: bash
+
+  #!/bin/sh
+  #/usr/lib/rsyslog/rsyslog-rotate
+
+  if [ -d /run/systemd/system ]; then
+      systemctl kill -s HUP rsyslog.service
+  fi
diff --git a/docs/index.rst b/docs/index.rst
index 0f16335c..f2cf56f3 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -8,8 +8,8 @@ Mailu
 .. image:: https://img.shields.io/github/stars/mailu/mailu.svg?label=github&logo=github&maxAge=2592000
    :target: https://github.com/mailu/mailu
 
-.. image:: https://img.shields.io/docker/pulls/mailu/admin.svg?label=docker&maxAge=2592000
-   :target: https://hub.docker.com/u/mailu/
+.. image:: https://img.shields.io/badge/Mailu-latest_release-blue
+   :target: https://github.com/Mailu/Mailu/releases
 
 .. image:: https://img.shields.io/badge/matrix-%23mailu%3Atedomum.net-7bc9a4.svg
    :target: https://matrix.to/#/#mailu:tedomum.net
@@ -23,8 +23,8 @@ popular groupware.
 
 Main features include:
 
-- **Standard email server**, IMAP and IMAP+, SMTP and Submission with autoconfiguration profiles for clients
-- **Advanced email features**, aliases, domain aliases, custom routing
+- **Standard email server**, IMAP and IMAP+, SMTP and Submission with auto-configuration profiles for clients
+- **Advanced email features**, aliases, domain aliases, custom routing, full-text search of email attachments
 - **Web access**, multiple Webmails and administration interface
 - **User features**, aliases, auto-reply, auto-forward, fetched accounts, managesieve
 - **Admin features**, global admins, announcements, per-domain delegation, quotas
diff --git a/docs/mailu-network-diagram.ipynb b/docs/mailu-network-diagram.ipynb
new file mode 100644
index 00000000..7b4336a5
--- /dev/null
+++ b/docs/mailu-network-diagram.ipynb
@@ -0,0 +1,517 @@
+{
+ "cells": [
+  {
+   "cell_type": "code",
+   "execution_count": 2,
+   "metadata": {},
+   "outputs": [
+    {
+     "data": {
+      "image/svg+xml": [
+       "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n",
+       "<!DOCTYPE svg PUBLIC \"-//W3C//DTD SVG 1.1//EN\"\n",
+       " \"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd\">\n",
+       "<!-- Generated by graphviz version 2.43.0 (0)\n",
+       " -->\n",
+       "<!-- Title: mailu Pages: 1 -->\n",
+       "<svg width=\"706pt\" height=\"553pt\"\n",
+       " viewBox=\"0.00 0.00 706.00 553.00\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\">\n",
+       "<g id=\"graph0\" class=\"graph\" transform=\"scale(1 1) rotate(0) translate(4 549)\">\n",
+       "<title>mailu</title>\n",
+       "<polygon fill=\"white\" stroke=\"transparent\" points=\"-4,4 -4,-549 702,-549 702,4 -4,4\"/>\n",
+       "<text text-anchor=\"middle\" x=\"349\" y=\"-7.8\" font-family=\"arial\" font-size=\"14.00\">Mailu</text>\n",
+       "<!-- internet -->\n",
+       "<g id=\"node1\" class=\"node\">\n",
+       "<title>internet</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"297,-545 243,-545 243,-509 297,-509 297,-545\"/>\n",
+       "<text text-anchor=\"middle\" x=\"270\" y=\"-525.1\" font-family=\"arial\" font-size=\"8.00\">Internet</text>\n",
+       "</g>\n",
+       "<!-- front -->\n",
+       "<g id=\"node2\" class=\"node\">\n",
+       "<title>front</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"364,-464 310,-464 310,-428 364,-428 364,-464\"/>\n",
+       "<text text-anchor=\"middle\" x=\"337\" y=\"-444.1\" font-family=\"arial\" font-size=\"8.00\">Front</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge1\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M242.81,-521.99C180.56,-512.79 33,-491 33,-491 33,-491 33,-482 33,-482 33,-482 218.14,-460.68 299.46,-451.32\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"300.22,-454.76 309.75,-450.14 299.42,-447.8 300.22,-454.76\"/>\n",
+       "<text text-anchor=\"middle\" x=\"46.5\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">80/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge2\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M242.81,-520.91C190.94,-511.2 83,-491 83,-491 83,-491 83,-482 83,-482 83,-482 228.93,-461.89 299.56,-452.16\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"300.39,-455.58 309.82,-450.75 299.43,-448.64 300.39,-455.58\"/>\n",
+       "<text text-anchor=\"middle\" x=\"99\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">443/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge3\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M242.97,-518.83C204.35,-508.59 138,-491 138,-491 138,-491 138,-482 138,-482 138,-482 241.91,-463.72 299.56,-453.59\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"300.5,-456.97 309.75,-451.79 299.29,-450.08 300.5,-456.97\"/>\n",
+       "<text text-anchor=\"middle\" x=\"151.5\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">25/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge4\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M242.7,-514.35C218.84,-504.16 188,-491 188,-491 188,-491 188,-482 188,-482 188,-482 255.7,-466.1 299.83,-455.73\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"300.74,-459.11 309.67,-453.42 299.14,-452.3 300.74,-459.11\"/>\n",
+       "<text text-anchor=\"middle\" x=\"204\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">465/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge5\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M256.82,-508.91C249.96,-500.03 243,-491 243,-491 243,-491 243,-482 243,-482 243,-482 273.97,-470.47 300.36,-460.64\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"301.66,-463.89 309.81,-457.12 299.22,-457.33 301.66,-463.89\"/>\n",
+       "<text text-anchor=\"middle\" x=\"259\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">587/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge6\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M280.91,-508.86C288.77,-496.51 298,-482 298,-482 298,-482 303.42,-477.13 310.23,-471.03\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"312.85,-473.37 317.96,-464.09 308.18,-468.16 312.85,-473.37\"/>\n",
+       "<text text-anchor=\"middle\" x=\"314\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">110/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge7\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M297.25,-517.71C331.26,-507.36 385,-491 385,-491 385,-491 385,-482 385,-482 385,-482 377.6,-476.6 368.6,-470.04\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"370.58,-467.15 360.44,-464.09 366.46,-472.81 370.58,-467.15\"/>\n",
+       "<text text-anchor=\"middle\" x=\"401\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">995/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge8\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M297.34,-519.66C340.86,-509.58 421,-491 421,-491 421,-491 421,-482 421,-482 421,-482 396.19,-471.66 373.54,-462.22\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"374.62,-458.88 364.04,-458.27 371.93,-465.34 374.62,-458.88\"/>\n",
+       "<text text-anchor=\"middle\" x=\"437\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">143/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge9\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M297.19,-510.14C313.07,-500.88 330,-491 330,-491 330,-491 331.24,-483.18 332.68,-474.13\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"336.16,-474.56 334.27,-464.14 329.25,-473.46 336.16,-474.56\"/>\n",
+       "<text text-anchor=\"middle\" x=\"348\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">993/tcp</text>\n",
+       "</g>\n",
+       "<!-- internet&#45;&gt;front -->\n",
+       "<g id=\"edge10\" class=\"edge\">\n",
+       "<title>internet&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M297.19,-520.91C349.06,-511.2 457,-491 457,-491 457,-491 457,-482 457,-482 457,-482 409.48,-468.14 374.25,-457.86\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"374.81,-454.38 364.23,-454.94 372.85,-461.1 374.81,-454.38\"/>\n",
+       "<text text-anchor=\"middle\" x=\"475.5\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">4190/tcp</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;front -->\n",
+       "<g id=\"edge11\" class=\"edge\">\n",
+       "<title>front&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M364.24,-449.75C374.02,-449.83 382,-448.58 382,-446 382,-444.43 379.04,-443.35 374.51,-442.77\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"374.4,-439.26 364.24,-442.25 374.05,-446.25 374.4,-439.26\"/>\n",
+       "<text text-anchor=\"middle\" x=\"400.5\" y=\"-444.1\" font-family=\"Times,serif\" font-size=\"8.00\">8008/tcp</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;front -->\n",
+       "<g id=\"edge12\" class=\"edge\">\n",
+       "<title>front&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M364.06,-452.31C389.18,-455.1 419,-452.99 419,-446 419,-439.94 396.57,-437.55 374.23,-438.84\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"373.73,-435.37 364.06,-439.69 374.31,-442.34 373.73,-435.37\"/>\n",
+       "<text text-anchor=\"middle\" x=\"437.5\" y=\"-444.1\" font-family=\"Times,serif\" font-size=\"8.00\">8000/tcp</text>\n",
+       "</g>\n",
+       "<!-- admin -->\n",
+       "<g id=\"node3\" class=\"node\">\n",
+       "<title>admin</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"556,-302 502,-302 502,-266 556,-266 556,-302\"/>\n",
+       "<text text-anchor=\"middle\" x=\"529\" y=\"-282.1\" font-family=\"arial\" font-size=\"8.00\">Admin</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;admin -->\n",
+       "<g id=\"edge13\" class=\"edge\">\n",
+       "<title>front&#45;&gt;admin</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M364.05,-434.12C389.59,-423.84 424,-410 424,-410 424,-410 465,-347 465,-347 465,-347 485.85,-326.8 503.75,-309.46\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"506.43,-311.74 511.17,-302.27 501.55,-306.71 506.43,-311.74\"/>\n",
+       "<text text-anchor=\"middle\" x=\"483.5\" y=\"-363.1\" font-family=\"Times,serif\" font-size=\"8.00\">8080/tcp</text>\n",
+       "</g>\n",
+       "<!-- smtp -->\n",
+       "<g id=\"node4\" class=\"node\">\n",
+       "<title>smtp</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"565,-383 511,-383 511,-347 565,-347 565,-383\"/>\n",
+       "<text text-anchor=\"middle\" x=\"538\" y=\"-363.1\" font-family=\"arial\" font-size=\"8.00\">SMTP</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;smtp -->\n",
+       "<g id=\"edge17\" class=\"edge\">\n",
+       "<title>front&#45;&gt;smtp</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M364.19,-439.53C413.12,-429.69 511,-410 511,-410 511,-410 516.33,-401.32 522.25,-391.67\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"525.24,-393.49 527.48,-383.14 519.27,-389.83 525.24,-393.49\"/>\n",
+       "<text text-anchor=\"middle\" x=\"529.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">25/tcp</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;smtp -->\n",
+       "<g id=\"edge18\" class=\"edge\">\n",
+       "<title>front&#45;&gt;smtp</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M364.02,-440.5C420.74,-431.04 547,-410 547,-410 547,-410 547,-401 547,-401 547,-401 546.14,-397.65 544.95,-393.02\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"548.27,-391.9 542.39,-383.09 541.5,-393.65 548.27,-391.9\"/>\n",
+       "<text text-anchor=\"middle\" x=\"568.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">10025/tcp</text>\n",
+       "</g>\n",
+       "<!-- antispam -->\n",
+       "<g id=\"node6\" class=\"node\">\n",
+       "<title>antispam</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"632,-140 578,-140 578,-104 632,-104 632,-140\"/>\n",
+       "<text text-anchor=\"middle\" x=\"605\" y=\"-120.1\" font-family=\"arial\" font-size=\"8.00\">Antispam</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;antispam -->\n",
+       "<g id=\"edge20\" class=\"edge\">\n",
+       "<title>front&#45;&gt;antispam</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M364.02,-441.32C430,-432.33 594,-410 594,-410 594,-410 649,-248 649,-248 649,-248 649,-239 649,-239 649,-239 620,-158 620,-158 620,-158 618.41,-154.3 616.27,-149.3\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"619.48,-147.9 612.32,-140.09 613.05,-150.66 619.48,-147.9\"/>\n",
+       "<text text-anchor=\"middle\" x=\"663.5\" y=\"-282.1\" font-family=\"Times,serif\" font-size=\"8.00\">11334/tcp</text>\n",
+       "</g>\n",
+       "<!-- imap -->\n",
+       "<g id=\"node8\" class=\"node\">\n",
+       "<title>imap</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"411,-221 357,-221 357,-185 411,-185 411,-221\"/>\n",
+       "<text text-anchor=\"middle\" x=\"384\" y=\"-201.1\" font-family=\"arial\" font-size=\"8.00\">IMAP</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;imap -->\n",
+       "<g id=\"edge14\" class=\"edge\">\n",
+       "<title>front&#45;&gt;imap</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M338.92,-427.88C342.75,-393.65 351,-320 351,-320 351,-320 370,-239 370,-239 370,-239 371.41,-235.47 373.34,-230.66\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"376.7,-231.67 377.16,-221.09 370.2,-229.07 376.7,-231.67\"/>\n",
+       "<text text-anchor=\"middle\" x=\"369.5\" y=\"-322.6\" font-family=\"Times,serif\" font-size=\"8.00\">4190/tcp</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;imap -->\n",
+       "<g id=\"edge15\" class=\"edge\">\n",
+       "<title>front&#45;&gt;imap</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M309.86,-441.8C236.54,-433.16 40,-410 40,-410 40,-410 0,-383 0,-383 0,-383 0,-347 0,-347 0,-347 286,-239 286,-239 286,-239 319.57,-227.01 347.42,-217.07\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"348.72,-220.32 356.96,-213.66 346.37,-213.72 348.72,-220.32\"/>\n",
+       "<text text-anchor=\"middle\" x=\"87\" y=\"-322.6\" font-family=\"Times,serif\" font-size=\"8.00\">143/tcp</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;imap -->\n",
+       "<g id=\"edge16\" class=\"edge\">\n",
+       "<title>front&#45;&gt;imap</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M346.28,-427.91C351.1,-419.03 356,-410 356,-410 356,-410 388,-329 388,-329 388,-329 388,-320 388,-320 388,-320 386.13,-265.76 384.95,-231.46\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"388.43,-230.99 384.59,-221.12 381.44,-231.23 388.43,-230.99\"/>\n",
+       "<text text-anchor=\"middle\" x=\"404\" y=\"-322.6\" font-family=\"Times,serif\" font-size=\"8.00\">110/tcp</text>\n",
+       "</g>\n",
+       "<!-- webdav -->\n",
+       "<g id=\"node9\" class=\"node\">\n",
+       "<title>webdav</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"63,-383 9,-383 9,-347 63,-347 63,-383\"/>\n",
+       "<text text-anchor=\"middle\" x=\"36\" y=\"-363.1\" font-family=\"arial\" font-size=\"8.00\">WebDAV</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;webdav -->\n",
+       "<g id=\"edge21\" class=\"edge\">\n",
+       "<title>front&#45;&gt;webdav</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M309.79,-441.74C237.3,-433.05 45,-410 45,-410 45,-410 43.4,-402.18 41.55,-393.13\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"44.94,-392.23 39.51,-383.14 38.08,-393.64 44.94,-392.23\"/>\n",
+       "<text text-anchor=\"middle\" x=\"63.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">5232/tcp</text>\n",
+       "</g>\n",
+       "<!-- webmail -->\n",
+       "<g id=\"node10\" class=\"node\">\n",
+       "<title>webmail</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"211,-383 157,-383 157,-347 211,-347 211,-383\"/>\n",
+       "<text text-anchor=\"middle\" x=\"184\" y=\"-363.1\" font-family=\"arial\" font-size=\"8.00\">Webmail</text>\n",
+       "</g>\n",
+       "<!-- front&#45;&gt;webmail -->\n",
+       "<g id=\"edge19\" class=\"edge\">\n",
+       "<title>front&#45;&gt;webmail</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M310,-437.06C274.89,-426.73 218,-410 218,-410 218,-410 211.02,-400.97 203.39,-391.09\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"206.13,-388.91 197.24,-383.14 200.59,-393.19 206.13,-388.91\"/>\n",
+       "<text text-anchor=\"middle\" x=\"231.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">80/tcp</text>\n",
+       "</g>\n",
+       "<!-- redis -->\n",
+       "<g id=\"node5\" class=\"node\">\n",
+       "<title>redis</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"537,-59 483,-59 483,-23 537,-23 537,-59\"/>\n",
+       "<text text-anchor=\"middle\" x=\"510\" y=\"-39.1\" font-family=\"arial\" font-size=\"8.00\">Redis</text>\n",
+       "</g>\n",
+       "<!-- admin&#45;&gt;redis -->\n",
+       "<g id=\"edge32\" class=\"edge\">\n",
+       "<title>admin&#45;&gt;redis</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M522.36,-265.88C509.84,-233.62 484,-167 484,-167 484,-167 484,-158 484,-158 484,-158 496.26,-103.29 503.95,-69.01\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"507.39,-69.64 506.16,-59.12 500.56,-68.11 507.39,-69.64\"/>\n",
+       "<text text-anchor=\"middle\" x=\"502.5\" y=\"-160.6\" font-family=\"Times,serif\" font-size=\"8.00\">6379/tcp</text>\n",
+       "</g>\n",
+       "<!-- admin&#45;&gt;imap -->\n",
+       "<g id=\"edge33\" class=\"edge\">\n",
+       "<title>admin&#45;&gt;imap</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M501.75,-274.71C467.74,-264.36 414,-248 414,-248 414,-248 408.08,-239.32 401.5,-229.67\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"404.21,-227.43 395.68,-221.14 398.43,-231.37 404.21,-227.43\"/>\n",
+       "<text text-anchor=\"middle\" x=\"432.5\" y=\"-241.6\" font-family=\"Times,serif\" font-size=\"8.00\">2525/tcp</text>\n",
+       "</g>\n",
+       "<!-- smtp&#45;&gt;front -->\n",
+       "<g id=\"edge23\" class=\"edge\">\n",
+       "<title>smtp&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M510.95,-379.68C485.41,-392.6 451,-410 451,-410 451,-410 407.25,-423.43 373.95,-433.65\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"372.55,-430.42 364.02,-436.71 374.6,-437.12 372.55,-430.42\"/>\n",
+       "<text text-anchor=\"middle\" x=\"485.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">2525/tcp</text>\n",
+       "</g>\n",
+       "<!-- smtp&#45;&gt;admin -->\n",
+       "<g id=\"edge22\" class=\"edge\">\n",
+       "<title>smtp&#45;&gt;admin</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M536.05,-346.86C534.89,-336.71 533.4,-323.63 532.09,-312.12\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"535.56,-311.65 530.95,-302.11 528.6,-312.44 535.56,-311.65\"/>\n",
+       "<text text-anchor=\"middle\" x=\"551.5\" y=\"-322.6\" font-family=\"Times,serif\" font-size=\"8.00\">8080/tcp</text>\n",
+       "</g>\n",
+       "<!-- smtp&#45;&gt;antispam -->\n",
+       "<g id=\"edge24\" class=\"edge\">\n",
+       "<title>smtp&#45;&gt;antispam</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M555.58,-346.91C564.72,-338.03 574,-329 574,-329 574,-329 608,-221 608,-221 608,-221 608,-185 608,-185 608,-185 607.12,-166.91 606.32,-150.27\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"609.81,-150.09 605.84,-140.27 602.82,-150.43 609.81,-150.09\"/>\n",
+       "<text text-anchor=\"middle\" x=\"623.5\" y=\"-241.6\" font-family=\"Times,serif\" font-size=\"8.00\">11332/tcp</text>\n",
+       "</g>\n",
+       "<!-- antispam&#45;&gt;admin -->\n",
+       "<g id=\"edge35\" class=\"edge\">\n",
+       "<title>antispam&#45;&gt;admin</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M597.99,-140.14C592.94,-152.49 587,-167 587,-167 587,-167 559.17,-222.66 542.07,-256.87\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"538.9,-255.37 537.56,-265.88 545.16,-258.5 538.9,-255.37\"/>\n",
+       "<text text-anchor=\"middle\" x=\"590.5\" y=\"-201.1\" font-family=\"Times,serif\" font-size=\"8.00\">80/tcp</text>\n",
+       "</g>\n",
+       "<!-- antispam&#45;&gt;redis -->\n",
+       "<g id=\"edge34\" class=\"edge\">\n",
+       "<title>antispam&#45;&gt;redis</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M583.03,-103.91C571.6,-95.03 560,-86 560,-86 560,-86 548.91,-76.24 537.17,-65.91\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"539.29,-63.12 529.47,-59.14 534.67,-68.37 539.29,-63.12\"/>\n",
+       "<text text-anchor=\"middle\" x=\"578.5\" y=\"-79.6\" font-family=\"Times,serif\" font-size=\"8.00\">6379/tcp</text>\n",
+       "</g>\n",
+       "<!-- antivirus -->\n",
+       "<g id=\"node7\" class=\"node\">\n",
+       "<title>antivirus</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"698,-59 644,-59 644,-23 698,-23 698,-59\"/>\n",
+       "<text text-anchor=\"middle\" x=\"671\" y=\"-39.1\" font-family=\"arial\" font-size=\"8.00\">Anti&#45;Virus</text>\n",
+       "</g>\n",
+       "<!-- antispam&#45;&gt;antivirus -->\n",
+       "<g id=\"edge37\" class=\"edge\">\n",
+       "<title>antispam&#45;&gt;antivirus</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M626.48,-103.91C637.65,-95.03 649,-86 649,-86 649,-86 653.17,-77.67 657.87,-68.26\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"661.09,-69.65 662.43,-59.14 654.83,-66.52 661.09,-69.65\"/>\n",
+       "<text text-anchor=\"middle\" x=\"671.5\" y=\"-79.6\" font-family=\"Times,serif\" font-size=\"8.00\">3310/tcp</text>\n",
+       "</g>\n",
+       "<!-- oletools -->\n",
+       "<g id=\"node12\" class=\"node\">\n",
+       "<title>oletools</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"626,-59 572,-59 572,-23 626,-23 626,-59\"/>\n",
+       "<text text-anchor=\"middle\" x=\"599\" y=\"-39.1\" font-family=\"arial\" font-size=\"8.00\">Oletools</text>\n",
+       "</g>\n",
+       "<!-- antispam&#45;&gt;oletools -->\n",
+       "<g id=\"edge36\" class=\"edge\">\n",
+       "<title>antispam&#45;&gt;oletools</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M603.7,-103.86C602.93,-93.71 601.93,-80.63 601.06,-69.12\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"604.55,-68.81 600.3,-59.11 597.57,-69.34 604.55,-68.81\"/>\n",
+       "<text text-anchor=\"middle\" x=\"623.5\" y=\"-79.6\" font-family=\"Times,serif\" font-size=\"8.00\">11343/tcp</text>\n",
+       "</g>\n",
+       "<!-- imap&#45;&gt;front -->\n",
+       "<g id=\"edge27\" class=\"edge\">\n",
+       "<title>imap&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M374.23,-221.09C369.16,-229.97 364,-239 364,-239 364,-239 320,-320 320,-320 320,-320 320,-329 320,-329 320,-329 328.02,-383.71 333.04,-417.99\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"329.58,-418.5 334.49,-427.88 336.5,-417.48 329.58,-418.5\"/>\n",
+       "<text text-anchor=\"middle\" x=\"333.5\" y=\"-322.6\" font-family=\"Times,serif\" font-size=\"8.00\">25/tcp</text>\n",
+       "</g>\n",
+       "<!-- imap&#45;&gt;admin -->\n",
+       "<g id=\"edge25\" class=\"edge\">\n",
+       "<title>imap&#45;&gt;admin</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M411.25,-217.43C431.27,-227.3 455,-239 455,-239 455,-239 474.19,-250.41 493.02,-261.61\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"491.48,-264.76 501.87,-266.87 495.06,-258.75 491.48,-264.76\"/>\n",
+       "<text text-anchor=\"middle\" x=\"487.5\" y=\"-241.6\" font-family=\"Times,serif\" font-size=\"8.00\">8080/tcp</text>\n",
+       "</g>\n",
+       "<!-- imap&#45;&gt;antispam -->\n",
+       "<g id=\"edge26\" class=\"edge\">\n",
+       "<title>imap&#45;&gt;antispam</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M411.19,-195.25C452.16,-185.08 525,-167 525,-167 525,-167 547.74,-154.49 568.98,-142.81\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"570.84,-145.78 577.92,-137.9 567.47,-139.65 570.84,-145.78\"/>\n",
+       "<text text-anchor=\"middle\" x=\"561.5\" y=\"-160.6\" font-family=\"Times,serif\" font-size=\"8.00\">11334/tcp</text>\n",
+       "</g>\n",
+       "<!-- fts_attachments -->\n",
+       "<g id=\"node13\" class=\"node\">\n",
+       "<title>fts_attachments</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"411,-140 357,-140 357,-104 411,-104 411,-140\"/>\n",
+       "<text text-anchor=\"middle\" x=\"384\" y=\"-120.1\" font-family=\"arial\" font-size=\"8.00\">Tika</text>\n",
+       "</g>\n",
+       "<!-- imap&#45;&gt;fts_attachments -->\n",
+       "<g id=\"edge28\" class=\"edge\">\n",
+       "<title>imap&#45;&gt;fts_attachments</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M384,-184.86C384,-174.71 384,-161.63 384,-150.12\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"387.5,-150.11 384,-140.11 380.5,-150.11 387.5,-150.11\"/>\n",
+       "<text text-anchor=\"middle\" x=\"402.5\" y=\"-160.6\" font-family=\"Times,serif\" font-size=\"8.00\">9998/tcp</text>\n",
+       "</g>\n",
+       "<!-- webmail&#45;&gt;front -->\n",
+       "<g id=\"edge29\" class=\"edge\">\n",
+       "<title>webmail&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M211.04,-380.16C235.6,-393.03 268,-410 268,-410 268,-410 283.98,-418.1 300.56,-426.51\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"299.23,-429.76 309.73,-431.17 302.39,-423.52 299.23,-429.76\"/>\n",
+       "<text text-anchor=\"middle\" x=\"289.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">14190/tcp</text>\n",
+       "</g>\n",
+       "<!-- webmail&#45;&gt;front -->\n",
+       "<g id=\"edge30\" class=\"edge\">\n",
+       "<title>webmail&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M156.96,-375.66C127.95,-386.02 86,-401 86,-401 86,-401 86,-410 86,-410 86,-410 229.5,-430.01 299.49,-439.77\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"299.27,-443.27 309.66,-441.19 300.24,-436.34 299.27,-443.27\"/>\n",
+       "<text text-anchor=\"middle\" x=\"107.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">10025/tcp</text>\n",
+       "</g>\n",
+       "<!-- webmail&#45;&gt;front -->\n",
+       "<g id=\"edge31\" class=\"edge\">\n",
+       "<title>webmail&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M174.72,-383.09C169.9,-391.97 165,-401 165,-401 165,-401 165,-410 165,-410 165,-410 249.24,-427.14 299.81,-437.43\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"299.25,-440.89 309.75,-439.45 300.64,-434.03 299.25,-440.89\"/>\n",
+       "<text text-anchor=\"middle\" x=\"186.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">10143/tcp</text>\n",
+       "</g>\n",
+       "<!-- fetchmail -->\n",
+       "<g id=\"node11\" class=\"node\">\n",
+       "<title>fetchmail</title>\n",
+       "<polygon fill=\"#d3edea\" stroke=\"#d3edea\" points=\"654,-545 600,-545 600,-509 654,-509 654,-545\"/>\n",
+       "<text text-anchor=\"middle\" x=\"627\" y=\"-525.1\" font-family=\"arial\" font-size=\"8.00\">Fetchmail</text>\n",
+       "</g>\n",
+       "<!-- fetchmail&#45;&gt;front -->\n",
+       "<g id=\"edge39\" class=\"edge\">\n",
+       "<title>fetchmail&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M599.96,-516.78C562.13,-503.87 498,-482 498,-482 498,-482 421.83,-465.44 374.28,-455.1\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"374.83,-451.64 364.31,-452.94 373.34,-458.48 374.83,-451.64\"/>\n",
+       "<text text-anchor=\"middle\" x=\"535.5\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">25/tcp</text>\n",
+       "</g>\n",
+       "<!-- fetchmail&#45;&gt;front -->\n",
+       "<g id=\"edge40\" class=\"edge\">\n",
+       "<title>fetchmail&#45;&gt;front</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M599.87,-509.87C578.75,-497.31 553,-482 553,-482 553,-482 436.36,-463.1 374.51,-453.08\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"374.79,-449.58 364.36,-451.43 373.67,-456.49 374.79,-449.58\"/>\n",
+       "<text text-anchor=\"middle\" x=\"585.5\" y=\"-484.6\" font-family=\"Times,serif\" font-size=\"8.00\">2525/tcp</text>\n",
+       "</g>\n",
+       "<!-- fetchmail&#45;&gt;admin -->\n",
+       "<g id=\"edge38\" class=\"edge\">\n",
+       "<title>fetchmail&#45;&gt;admin</title>\n",
+       "<path fill=\"none\" stroke=\"black\" d=\"M622.57,-508.79C609.83,-459.28 574,-320 574,-320 574,-320 567.2,-314.71 558.88,-308.24\"/>\n",
+       "<polygon fill=\"black\" stroke=\"black\" points=\"561.02,-305.47 550.97,-302.09 556.72,-310.99 561.02,-305.47\"/>\n",
+       "<text text-anchor=\"middle\" x=\"614.5\" y=\"-403.6\" font-family=\"Times,serif\" font-size=\"8.00\">8080/tcp</text>\n",
+       "</g>\n",
+       "</g>\n",
+       "</svg>\n"
+      ],
+      "text/plain": [
+       "<graphviz.sources.Source at 0x7f2c4e69e690>"
+      ]
+     },
+     "execution_count": 2,
+     "metadata": {},
+     "output_type": "execute_result"
+    }
+   ],
+   "source": [
+    "import graphviz\n",
+    "\n",
+    "a = \"\"\"\n",
+    "digraph mailu {\n",
+    "    label = \"Mailu\";\n",
+    "    fontname = \"arial\";\n",
+    "    \n",
+    "    node [shape = box; fontname = \"arial\"; fontsize = 8; style = filled; color = \"#d3edea\";];\n",
+    "    splines = \"compound\";\n",
+    "    // node [shape = \"box\"; fontsize = \"10\";];\n",
+    "    edge [fontsize = \"8\";];\n",
+    "    \n",
+    "    # Components\n",
+    "    internet [label = \"Internet\";];\n",
+    "    front [label = \"Front\";];\n",
+    "    admin [label = \"Admin\";];\n",
+    "    smtp [label = \"SMTP\";];\n",
+    "    redis [label = \"Redis\";];\n",
+    "    antispam [label = \"Antispam\";];\n",
+    "    antivirus [label = \"Anti-Virus\";];\n",
+    "    imap [label = \"IMAP\";];\n",
+    "    webdav [label = \"WebDAV\";];\n",
+    "    webmail [label = \"Webmail\";];\n",
+    "    fetchmail [label = \"Fetchmail\";];\n",
+    "    oletools [label = \"Oletools\"];\n",
+    "    fts_attachments [label = \"Tika\"];\n",
+    "    \n",
+    "    # Front from internet\n",
+    "    internet -> front [label = \"80/tcp\";];\n",
+    "    internet -> front [label = \"443/tcp\";];\n",
+    "    internet -> front [label = \"25/tcp\";];\n",
+    "    internet -> front [label = \"465/tcp\";];\n",
+    "    internet -> front [label = \"587/tcp\";];\n",
+    "    internet -> front [label = \"110/tcp\";];\n",
+    "    internet -> front [label = \"995/tcp\";];\n",
+    "    internet -> front [label = \"143/tcp\";];\n",
+    "    internet -> front [label = \"993/tcp\";];\n",
+    "    internet -> front [label = \"4190/tcp\";];\n",
+    "    \n",
+    "    front -> front [label = \"8008/tcp\";];\n",
+    "    front -> front [label = \"8000/tcp\";];\n",
+    "    front -> admin [label = \"8080/tcp\";];\n",
+    "    front -> imap [label = \"4190/tcp\";];\n",
+    "    front -> imap [label = \"143/tcp\";];\n",
+    "    front -> imap [label = \"110/tcp\";];\n",
+    "    front -> smtp [label = \"25/tcp\";];\n",
+    "    front -> smtp [label = \"10025/tcp\";];\n",
+    "    front -> webmail [label = \"80/tcp\";];\n",
+    "    front -> antispam [label = \"11334/tcp\";];\n",
+    "    front -> webdav [label = \"5232/tcp\";];\n",
+    "    \n",
+    "    smtp -> admin [label = \"8080/tcp\";];\n",
+    "    smtp -> front [label = \"2525/tcp\";];\n",
+    "    smtp -> antispam [label = \"11332/tcp\";];\n",
+    "    \n",
+    "    imap -> admin [label = \"8080/tcp\";];\n",
+    "    imap -> antispam [label = \"11334/tcp\";];\n",
+    "    imap -> front [label = \"25/tcp\";];\n",
+    "    imap -> fts_attachments [label = \"9998/tcp\";];\n",
+    "    \n",
+    "    webmail -> front [label = \"14190/tcp\";];\n",
+    "    webmail -> front [label = \"10025/tcp\";];\n",
+    "    webmail -> front [label = \"10143/tcp\";];\n",
+    "    \n",
+    "    admin -> redis [label = \"6379/tcp\";];\n",
+    "    admin -> imap [label = \"2525/tcp\";];\n",
+    "    \n",
+    "    antispam -> redis [label = \"6379/tcp\";];\n",
+    "    antispam -> admin [label = \"80/tcp\";];\n",
+    "    antispam -> oletools [label = \"11343/tcp\";];\n",
+    "    antispam -> antivirus [label = \"3310/tcp\";];\n",
+    "    \n",
+    "    fetchmail -> admin [label = \"8080/tcp\"]\n",
+    "    fetchmail -> front [label = \"25/tcp\"]\n",
+    "    fetchmail -> front [label = \"2525/tcp\"]\n",
+    "    #\n",
+    "    # those don't need internet:\n",
+    "    # oletools\n",
+    "    # fts_attachments\n",
+    "    # redis\n",
+    "}\n",
+    "\"\"\"\n",
+    "\n",
+    "dot = graphviz.Source(a)\n",
+    "dot\n"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [],
+   "source": []
+  },
+  {
+   "cell_type": "code",
+   "execution_count": null,
+   "metadata": {},
+   "outputs": [],
+   "source": []
+  }
+ ],
+ "metadata": {
+  "kernelspec": {
+   "display_name": "Python 3 (ipykernel)",
+   "language": "python",
+   "name": "python3"
+  },
+  "language_info": {
+   "codemirror_mode": {
+    "name": "ipython",
+    "version": 3
+   },
+   "file_extension": ".py",
+   "mimetype": "text/x-python",
+   "name": "python",
+   "nbconvert_exporter": "python",
+   "pygments_lexer": "ipython3",
+   "version": "3.11.2"
+  }
+ },
+ "nbformat": 4,
+ "nbformat_minor": 2
+}
diff --git a/docs/releases.rst b/docs/releases.rst
index b290d639..c35c9e8a 100644
--- a/docs/releases.rst
+++ b/docs/releases.rst
@@ -342,9 +342,9 @@ A fair amount of work went in this release; In no particular order:
 - outbound SMTP connections from Mailu are now enjoying some protection against active attackers thanks to DANE and MTA-STS support. Specific policies can be configured for specific destinations thanks to ``tls_policy_maps`` and configuring your system to publish a policy has been documented in the FAQ.
 - outbound emails can now be rate-limited (to mitigate SPAM in case an account is taken over)
 - long term storage of passwords has been rethought to enable stronger protection against offline attackers (switch to iterated and salted SHA+bcrypt) while enabling much better performance (credential cache). Please encourage your users to use tokens where appropriate and keep in mind that existing hashes will be converted on first use to the new format.
-- session handling has been reworked from the grounds up: they have been switched from client side (cookies) to server-side, unified (SSO, expiry, lifetime) accross all web-facing applications and some mitigations against session fixation have been implemented.
-- rate limiting has seen many improvements: It is now deployed on all entry points (SMTP/IMAP/POP3/WEB/WEBMAIL) and configured to defeat both password bruteforces (thanks to a limit against total number of failed attempts against an account over a period) and password spraying (thanks to a limit for each client on the total number of non-existing accounts that can be queried). Exemption mechanisms have been put in place (device tokens, dynamic IP whitelists) to ensure that genuine clients and users won't be affected by default and the default configuration thought to fit most usecases.
-- if you use letsencrypt, Mailu is now configured to offer both RSA and ECC certificates to clients; It will OSCP stapple its replies where appropriate
+- session handling has been reworked from the grounds up: they have been switched from client side (cookies) to server-side, unified (SSO, expiry, lifetime) across all web-facing applications and some mitigations against session fixation have been implemented.
+- rate limiting has seen many improvements: It is now deployed on all entry points (SMTP/IMAP/POP3/WEB/WEBMAIL) and configured to defeat both password bruteforces (thanks to a limit against total number of failed attempts against an account over a period) and password spraying (thanks to a limit for each client on the total number of non-existing accounts that can be queried). Exemption mechanisms have been put in place (device tokens, dynamic IP whitelists) to ensure that genuine clients and users won't be affected by default and the default configuration thought to fit most use-cases.
+- if you use letsencrypt, Mailu is now configured to offer both RSA and ECC certificates to clients; It will OSCP staple its replies where appropriate
 
 
 Updated Admin interface
diff --git a/docs/requirements.txt b/docs/requirements.txt
index 2c3169b7..46d263a7 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -1,5 +1,5 @@
 recommonmark==0.7.1
-Sphinx==5.2.0
+Sphinx==7.2.6
 sphinx-autobuild==2021.3.14
-sphinx-rtd-theme==1.0.0
-docutils==0.16
+sphinx-rtd-theme==1.3.0
+docutils==0.18.1
diff --git a/docs/reverse.rst b/docs/reverse.rst
index 7b89c09e..8a3a4e2a 100644
--- a/docs/reverse.rst
+++ b/docs/reverse.rst
@@ -4,7 +4,7 @@ Using an external reverse proxy
 One of Mailu's use cases is as part of a larger services platform, where maybe
 other Web services are available on other FQDNs served from the same IP address.
 
-In such a configuration, one would usually run a frontend reverse proxy to serve all
+In such a configuration, one would usually run a front-end reverse proxy to serve all
 Web contents based on criteria like the requested hostname (virtual hosts).
 
 .. _traefik_proxy:
@@ -134,4 +134,4 @@ in mailu.env:
   TLS_FLAVOR=mail-letsencrypt
   WEBROOT_REDIRECT=/sso/login
 
-Using the above configuration, Traefik will proxy all the traffic related to Mailu's FQDNs without requiring dupplicate certificates.
+Using the above configuration, Traefik will proxy all the traffic related to Mailu's FQDNs without requiring duplicate certificates.
diff --git a/docs/webadministration.rst b/docs/webadministration.rst
index 6521fc2e..93cbb56b 100644
--- a/docs/webadministration.rst
+++ b/docs/webadministration.rst
@@ -254,7 +254,7 @@ The menu item Antispam opens the Rspamd webgui. For more information how spam fi
 The spam filtering page also contains a section that describes how to create a local blacklist for blocking email messages from specific domains.
 The Rspamd webgui offers basic functions for setting metric actions, scores, viewing statistics and learning.
 
-The following settings are not persisent and are *lost* when the Antispam container is recreated or restarted:
+The following settings are not persistent and are *lost* when the Antispam container is recreated or restarted:
 
 * On the configuration tab, any changes to config files that do not reside in /var/lib or /etc/rspamd/override.d. The last location is mapped to the Mailu overrides folder.
 
@@ -282,7 +282,7 @@ On the `Mail domains` page all the domains served by Mailu are configured. Via t
 Details
 ```````
 
-This page is also accessible for domain managers. On the details page all DNS settings are displayed for configuring your DNS server. It contains information on what to configure as MX record and SPF record. On this page it is also possible to (re-)generate the keys for DKIM and DMARC. The option for generating keys for DKIM and DMARC is only available for global administrators.  After generating the keys for DKIM and DMARC, this page will also show the DNS records for configuring the DKIM/DMARC records on the DNS server.
+This page is also accessible for domain managers. On the details page all DNS settings are displayed for configuring your DNS server. It contains information on what to configure as MX record and SPF record. On this page it is also possible to (re-)generate the keys for DKIM and DMARC. The option for generating keys for DKIM and DMARC is only available for global administrators.  After generating the keys for DKIM and DMARC, this page will also show the DNS records for configuring the DKIM/DMARC records on the DNS server. You can also download a zonefile for easy upload to your nameserver.
 
 
 Edit
diff --git a/optional/clamav/Dockerfile b/optional/clamav/Dockerfile
deleted file mode 100644
index a0a67749..00000000
--- a/optional/clamav/Dockerfile
+++ /dev/null
@@ -1,22 +0,0 @@
-# syntax=docker/dockerfile-upstream:1.4.3
-
-# clamav image
-FROM base
-
-ARG VERSION=local
-LABEL version=$VERSION
-
-RUN set -euxo pipefail \
-  ; apk add --no-cache clamav clamav-libunrar rsyslog wget
-
-COPY conf/ /etc/clamav/
-COPY start.py /
-
-RUN echo $VERSION >/version
-
-#EXPOSE 3310/tcp
-HEALTHCHECK CMD kill -0 `cat /run/clamd.pid` && kill -0 `cat /run/freshclam.pid`
-
-VOLUME ["/data"]
-
-CMD /start.py
diff --git a/optional/clamav/README.md b/optional/clamav/README.md
deleted file mode 100644
index 68cd3ffe..00000000
--- a/optional/clamav/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-Mailu ClamAV container
-======================
-
-ClamAV is an open source antivirus engine for detecting trojans, viruses,
-malware & other malicious threats.
-
-Resources
----------
-
- * [Report issues](https://github.com/Mailu/Mailu/issues) and
-    [send Pull Requests](https://github.com/Mailu/Mailu/pulls)
-    in the [main Mailu repository](https://github.com/Mailu/Mailu)
\ No newline at end of file
diff --git a/optional/clamav/conf/clamd.conf b/optional/clamav/conf/clamd.conf
deleted file mode 100644
index 061d7f6a..00000000
--- a/optional/clamav/conf/clamd.conf
+++ /dev/null
@@ -1,56 +0,0 @@
-###############
-# General
-###############
-
-DatabaseDirectory /data
-TemporaryDirectory /tmp
-LogTime yes
-PidFile /run/clamd.pid
-LocalSocket /tmp/clamd.sock
-TCPSocket 3310
-Foreground yes
-
-###############
-# Results
-###############
-
-DetectPUA yes
-ExcludePUA NetTool
-ExcludePUA PWTool
-HeuristicAlerts yes
-Bytecode yes
-
-###############
-# Scan
-###############
-
-ScanPE yes
-DisableCertCheck yes
-ScanELF yes
-AlertBrokenExecutables yes
-ScanOLE2 yes
-ScanPDF yes
-ScanSWF yes
-ScanMail yes
-PhishingSignatures yes
-PhishingScanURLs yes
-ScanHTML yes
-ScanArchive yes
-
-###############
-# Scan
-###############
-
-MaxScanSize 150M
-MaxFileSize 30M
-MaxRecursion 10
-MaxFiles 15000
-MaxEmbeddedPE 10M
-MaxHTMLNormalize 10M
-MaxHTMLNoTags 2M
-MaxScriptNormalize 5M
-MaxZipTypeRcg 1M
-MaxPartitions 128
-MaxIconsPE 200
-PCREMatchLimit 10000
-PCRERecMatchLimit 10000
diff --git a/optional/clamav/conf/freshclam.conf b/optional/clamav/conf/freshclam.conf
deleted file mode 100644
index 828163a0..00000000
--- a/optional/clamav/conf/freshclam.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-###############
-# General
-###############
-
-DatabaseDirectory /data
-UpdateLogFile /dev/stdout
-LogTime yes
-PidFile /run/freshclam.pid
-DatabaseOwner root
-
-###############
-# Updates
-###############
-
-DatabaseMirror database.clamav.net
-ScriptedUpdates yes
-NotifyClamd /etc/clamav/clamd.conf
-Bytecode yes
diff --git a/optional/clamav/start.py b/optional/clamav/start.py
deleted file mode 100755
index 684d9edd..00000000
--- a/optional/clamav/start.py
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/usr/bin/env python3
-
-import os
-import logging as logger
-import sys
-from socrate import system
-
-system.set_env(log_filters=r'SelfCheck: Database status OK\.$')
-
-# Bootstrap the database if clamav is running for the first time
-if not os.path.isfile("/data/main.cvd"):
-    logger.info("Starting primary virus DB download")
-    os.system("freshclam")
-
-# Run the update daemon
-logger.info("Starting the update daemon")
-os.system("freshclam -d -c 6")
-
-# Run clamav
-logger.info("Starting clamav")
-os.system("clamd")
diff --git a/optional/fetchmail/fetchmail.py b/optional/fetchmail/fetchmail.py
index 35b2ee22..a298cf53 100755
--- a/optional/fetchmail/fetchmail.py
+++ b/optional/fetchmail/fetchmail.py
@@ -64,7 +64,7 @@ def run(debug):
                 username=escape_rc_string(fetch["username"]),
                 password=escape_rc_string(fetch["password"]),
                 options=options,
-                folders=folders,
+                folders='' if fetch['protocol'] == 'pop3' else folders,
                 lmtp='' if fetch['scan'] else 'lmtp',
             )
             if debug:
diff --git a/setup/flavors/compose/docker-compose.yml b/setup/flavors/compose/docker-compose.yml
index b266fec0..75fa6f08 100644
--- a/setup/flavors/compose/docker-compose.yml
+++ b/setup/flavors/compose/docker-compose.yml
@@ -58,6 +58,10 @@ services:
   resolver:
     image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-{{ version }}}
     env_file: {{ env }}
+    logging:
+      driver: journald
+      options:
+        tag: mailu-resolver
     restart: always
     networks:
       default:
@@ -98,8 +102,16 @@ services:
     volumes:
       - "{{ root }}/mail:/mail"
       - "{{ root }}/overrides/dovecot:/overrides:ro"
+    networks:
+      - default
+    {% if tika_enabled %}
+      - fts_attachments
+    {% endif %}
     depends_on:
       - front
+    {% if tika_enabled %}
+      - fts_attachments
+    {% endif %}
     {% if resolver_enabled %}
       - resolver
     dns:
@@ -129,9 +141,13 @@ services:
   oletools:
     image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}oletools:${MAILU_VERSION:-{{ version }}}
     hostname: oletools
+    logging:
+      driver: journald
+      options:
+        tag: mailu-oletools
     restart: always
     networks:
-      - noinet
+      - oletools
     depends_on:
     {% if resolver_enabled %}
       - resolver
@@ -140,6 +156,31 @@ services:
     {% endif %}
 {% endif %}
 
+{% if tika_enabled %}
+  fts_attachments:
+    image: ghcr.io/paperless-ngx/tika:2.9.0-full
+    hostname: tika
+    logging:
+      driver: journald
+      options:
+        tag: mailu-tika
+    restart: always
+    networks:
+      - fts_attachments
+    depends_on:
+    {% if resolver_enabled %}
+      - resolver
+    dns:
+      - {{ dns }}
+    {% endif %}
+    healthcheck:
+      test: ["CMD-SHELL", "wget -nv -t1 -O /dev/null http://127.0.0.1:9998/tika || exit 1"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 10s
+{% endif %}
+
   antispam:
     image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-{{ version }}}
     hostname: antispam
@@ -149,10 +190,13 @@ services:
       driver: journald
       options:
         tag: mailu-antispam
-{% if oletools_enabled %}
     networks:
       - default
-      - noinet
+{% if oletools_enabled %}
+      - oletools
+{% endif %}
+{% if antivirus_enabled %}
+      - clamav
 {% endif %}
     volumes:
       - "{{ root }}/filter:/var/lib/rspamd"
@@ -175,23 +219,32 @@ services:
   # Optional services
   {% if antivirus_enabled %}
   antivirus:
-    image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-{{ version }}}
+    image: clamav/clamav-debian:1.2.0-6
     restart: always
-    env_file: {{ env }}
+    logging:
+      driver: journald
+      options:
+        tag: mailu-antivirus
+    networks:
+      - clamav
     volumes:
-      - "{{ root }}/filter:/data"
-    {% if resolver_enabled %}
-    depends_on:
-      - resolver
-    dns:
-      - {{ dns }}
-    {% endif %}
+      - "{{ root }}/filter/clamav:/var/lib/clamav"
+    healthcheck:
+      test: ["CMD-SHELL", "kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 10s
   {% endif %}
 
   {% if webdav_enabled %}
   webdav:
     image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-{{ version }}}
     restart: always
+    logging:
+      driver: journald
+      options:
+        tag: mailu-webdav
     volumes:
       - "{{ root }}/dav:/data"
     networks:
@@ -203,6 +256,10 @@ services:
     image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-{{ version }}}
     restart: always
     env_file: {{ env }}
+    logging:
+      driver: journald
+      options:
+        tag: mailu-fetchmail
     volumes:
       - "{{ root }}/data/fetchmail:/data"
     depends_on:
@@ -222,6 +279,10 @@ services:
     image: ${DOCKER_ORG:-ghcr.io/mailu}/${DOCKER_PREFIX:-}webmail:${MAILU_VERSION:-{{ version }}}
     restart: always
     env_file: {{ env }}
+    logging:
+      driver: journald
+      options:
+        tag: mailu-webmail
     volumes:
       - "{{ root }}/webmail:/data"
       - "{{ root }}/overrides/{{ webmail_type }}:/overrides:ro"
@@ -252,8 +313,17 @@ networks:
   webmail:
     driver: bridge
 {% endif %}
+{% if antivirus_enabled %}
+  clamav:
+    driver: bridge
+{% endif %}
 {% if oletools_enabled %}
-  noinet:
+  oletools:
+    driver: bridge
+    internal: true
+{% endif %}
+{% if tika_enabled %}
+  fts_attachments:
     driver: bridge
     internal: true
 {% endif %}
diff --git a/setup/flavors/compose/mailu.env b/setup/flavors/compose/mailu.env
index 616cd89b..7c36a7ec 100644
--- a/setup/flavors/compose/mailu.env
+++ b/setup/flavors/compose/mailu.env
@@ -40,7 +40,11 @@ AUTH_RATELIMIT_USER={{ auth_ratelimit_user }}/day
 {% endif %}
 
 # Opt-out of statistics, replace with "True" to opt out
-DISABLE_STATISTICS={{ disable_statistics or 'False' }}
+{% if statistics_enabled %}
+DISABLE_STATISTICS=False
+{% else %}
+DISABLE_STATISTICS=True
+{% endif %}
 
 ###################################
 # Optional features
@@ -49,19 +53,19 @@ DISABLE_STATISTICS={{ disable_statistics or 'False' }}
 # Expose the admin interface (value: true, false)
 ADMIN={{ admin_enabled or 'false' }}
 
-# Choose which webmail to run if any (values: roundcube, snappymail, none)
+# Choose which webmail to run if any (values: roundcube, snappymail, none). To enable this feature, recreate the docker-compose.yml file via setup.
 WEBMAIL={{ webmail_type }}
 
 # Expose the API interface (value: true, false)
 API={{ api_enabled or 'false' }}
 
-# Dav server implementation (value: radicale, none)
+# Dav server implementation (value: radicale, none). To enable this feature, recreate the docker-compose.yml file via setup.
 WEBDAV={{ webdav_enabled or 'none' }}
 
-# Antivirus solution (value: clamav, none)
+# Antivirus solution (value: clamav, none). To enable this feature, recreate the docker-compose.yml file via setup.
 ANTIVIRUS={{ antivirus_enabled or 'none' }}
 
-# Scan Macros solution (value: true, false)
+# Scan Macros solution (value: true, false). To enable this feature, recreate the docker-compose.yml file via setup.
 SCAN_MACROS={{ oletools_enabled or 'false' }}
 
 ###################################
@@ -110,32 +114,32 @@ COMPRESSION={{ compression }}
 # change compression-level, default: 6 (value: 1-9)
 COMPRESSION_LEVEL={{ compression_level }}
 
-# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
-# FULL_TEXT_SEARCH=off
+# IMAP full-text search is enabled by default.
+# Set the following variable to off in order to disable the feature
+# or a comma separated list of language codes to support
+FULL_TEXT_SEARCH=en
 
 ###################################
 # Web settings
 ###################################
 
 # Path to redirect / to
-{% if webmail_type != 'none' and webmail_path == '' %}
-WEBROOT_REDIRECT=/
+{% if webmail_type != 'none' %}
+WEBROOT_REDIRECT=/webmail
+{% elif admin_enabled %}
+WEBROOT_REDIRECT=/admin
 {% else %}
-WEBROOT_REDIRECT={{ webmail_path }}
+WEBROOT_REDIRECT=
 {% endif %}
 
 # Path to the admin interface if enabled
-WEB_ADMIN={{ admin_path }}
+WEB_ADMIN=/admin
 
 # Path to the webmail if enabled
-{% if webmail_type != 'none' and webmail_path == '' %}
-WEB_WEBMAIL=/
-{% else %}
-WEB_WEBMAIL={{ webmail_path }}
-{% endif %}
+WEB_WEBMAIL=/webmail
 
 # Path to the API interface if enabled
-WEB_API={{ api_path }}
+WEB_API=/api
 
 # Website name
 SITENAME={{ site_name }}
@@ -186,3 +190,5 @@ DEFAULT_SPAM_THRESHOLD=80
 # This is a mandatory setting for using the RESTful API.
 API_TOKEN={{ api_token }}
 
+# Whether tika should be enabled (scan/OCR email attachements). To enable this feature, recreate the docker-compose.yml file via setup.
+FULL_TEXT_SEARCH_ATTACHMENTS={{ tika_enabled }}
diff --git a/setup/server.py b/setup/server.py
index 622905ed..806be40e 100644
--- a/setup/server.py
+++ b/setup/server.py
@@ -10,12 +10,16 @@ import random
 import ipaddress
 import hashlib
 import time
-
+import secrets
+from flask_bootstrap import StaticCDN
 
 version = os.getenv("this_version", "master")
 static_url_path = "/" + version + "/static"
 app = flask.Flask(__name__, static_url_path=static_url_path)
+app.secret_key = secrets.token_hex(16)
 flask_bootstrap.Bootstrap(app)
+# Load our jQuery. Do not use jQuery 1.
+app.extensions['bootstrap']['cdns']['jquery'] = StaticCDN()
 db = redis.StrictRedis(host='redis', port=6379, db=0)
 
 
@@ -90,12 +94,47 @@ def build_app(path):
     def submit():
         data = flask.request.form.copy()
         data['uid'] = str(uuid.uuid4())
+        valid = True
+        try:
+            ipaddress.IPv4Address(data['bind4'])
+        except:
+            flask.flash('Configured IPv4 address is invalid', 'error')
+            valid = False
+        try:
+            ipaddress.IPv6Address(data['bind6'])
+        except:
+            flask.flash('Configured IPv6 address is invalid', 'error')
+            valid = False
+        try:
+            ipaddress.IPv4Network(data['subnet'])
+        except:
+            flask.flash('Configured subnet(IPv4) is invalid', 'error')
+            valid = False
+        try:
+            ipaddress.IPv6Network(data['subnet6'])
+        except:
+            flask.flash('Configured subnet(IPv6) is invalid', 'error')
+            valid = False
         try:
             data['dns'] = str(ipaddress.IPv4Network(data['subnet'], strict=False)[-2])
         except ValueError as err:
-            return "Error while generating files: " + str(err)
-        db.set(data['uid'], json.dumps(data))
-        return flask.redirect(flask.url_for('.setup', uid=data['uid']))
+            flask.flash('Invalid configuration: ' + str(err))
+            valid = False
+        if 'api_enabled' in data:
+            if (data['api_enabled'] == 'true'):
+                if  data['api_token'] == '':
+                    flask.flash('API token cannot be empty when API is enabled', 'error')
+                    valid = False
+        if valid:
+            db.set(data['uid'], json.dumps(data))
+            return flask.redirect(flask.url_for('.setup', uid=data['uid']))
+        else:
+            return flask.render_template(
+                'wizard.html',
+                flavor="compose",
+                steps=sorted(os.listdir(os.path.join(path, "templates", "steps", "compose"))),
+                subnet6=random_ipv6_subnet()
+            )
 
     @prefix_bp.route("/setup/<uid>", methods=["GET"])
     @root_bp.route("/setup/<uid>", methods=["GET"])
diff --git a/setup/static/jquery.min.js b/setup/static/jquery.min.js
new file mode 100644
index 00000000..7f37b5d9
--- /dev/null
+++ b/setup/static/jquery.min.js
@@ -0,0 +1,2 @@
+/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */
+!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[i.call(e)]||"object":typeof e}var t="3.7.1",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||v(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===i?e.textContent:9===i?e.documentElement.textContent:3===i||4===i?e.nodeValue:n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!l.test(t||n&&n.nodeName||"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(c(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g(a)},guid:1,support:le}),"function"==typeof Symbol&&(ce.fn[Symbol.iterator]=oe[Symbol.iterator]),ce.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var pe=oe.pop,de=oe.sort,he=oe.splice,ge="[\\x20\\t\\r\\n\\f]",ve=new RegExp("^"+ge+"+|((?:^|[^\\\\])(?:\\\\.)*)"+ge+"+$","g");ce.contains=function(e,t){var n=t&&t.parentNode;return e===n||!(!n||1!==n.nodeType||!(e.contains?e.contains(n):e.compareDocumentPosition&&16&e.compareDocumentPosition(n)))};var f=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\x80-\uFFFF\w-]/g;function p(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e}ce.escapeSelector=function(e){return(e+"").replace(f,p)};var ye=C,me=s;!function(){var e,b,w,o,a,T,r,C,d,i,k=me,S=ce.expando,E=0,n=0,s=W(),c=W(),u=W(),h=W(),l=function(e,t){return e===t&&(a=!0),0},f="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",t="(?:\\\\[\\da-fA-F]{1,6}"+ge+"?|\\\\[^\\r\\n\\f]|[\\w-]|[^\0-\\x7f])+",p="\\["+ge+"*("+t+")(?:"+ge+"*([*^$|!~]?=)"+ge+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+t+"))|)"+ge+"*\\]",g=":("+t+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+p+")*)|.*)\\)|)",v=new RegExp(ge+"+","g"),y=new RegExp("^"+ge+"*,"+ge+"*"),m=new RegExp("^"+ge+"*([>+~]|"+ge+")"+ge+"*"),x=new RegExp(ge+"|>"),j=new RegExp(g),A=new RegExp("^"+t+"$"),D={ID:new RegExp("^#("+t+")"),CLASS:new RegExp("^\\.("+t+")"),TAG:new RegExp("^("+t+"|[*])"),ATTR:new RegExp("^"+p),PSEUDO:new RegExp("^"+g),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+ge+"*(even|odd|(([+-]|)(\\d*)n|)"+ge+"*(?:([+-]|)"+ge+"*(\\d+)|))"+ge+"*\\)|)","i"),bool:new RegExp("^(?:"+f+")$","i"),needsContext:new RegExp("^"+ge+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+ge+"*((?:-\\d)?\\d*)"+ge+"*\\)|)(?=[^-]|$)","i")},N=/^(?:input|select|textarea|button)$/i,q=/^h\d$/i,L=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,H=/[+~]/,O=new RegExp("\\\\[\\da-fA-F]{1,6}"+ge+"?|\\\\([^\\r\\n\\f])","g"),P=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},M=function(){V()},R=J(function(e){return!0===e.disabled&&fe(e,"fieldset")},{dir:"parentNode",next:"legend"});try{k.apply(oe=ae.call(ye.childNodes),ye.childNodes),oe[ye.childNodes.length].nodeType}catch(e){k={apply:function(e,t){me.apply(e,ae.call(t))},call:function(e){me.apply(e,ae.call(arguments,1))}}}function I(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(V(e),e=e||T,C)){if(11!==p&&(u=L.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return k.call(n,a),n}else if(f&&(a=f.getElementById(i))&&I.contains(e,a)&&a.id===i)return k.call(n,a),n}else{if(u[2])return k.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&e.getElementsByClassName)return k.apply(n,e.getElementsByClassName(i)),n}if(!(h[t+" "]||d&&d.test(t))){if(c=t,f=e,1===p&&(x.test(t)||m.test(t))){(f=H.test(t)&&U(e.parentNode)||e)==e&&le.scope||((s=e.getAttribute("id"))?s=ce.escapeSelector(s):e.setAttribute("id",s=S)),o=(l=Y(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+Q(l[o]);c=l.join(",")}try{return k.apply(n,f.querySelectorAll(c)),n}catch(e){h(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return re(t.replace(ve,"$1"),e,n,r)}function W(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function F(e){return e[S]=!0,e}function $(e){var t=T.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function B(t){return function(e){return fe(e,"input")&&e.type===t}}function _(t){return function(e){return(fe(e,"input")||fe(e,"button"))&&e.type===t}}function z(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&R(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function X(a){return F(function(o){return o=+o,F(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function U(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}function V(e){var t,n=e?e.ownerDocument||e:ye;return n!=T&&9===n.nodeType&&n.documentElement&&(r=(T=n).documentElement,C=!ce.isXMLDoc(T),i=r.matches||r.webkitMatchesSelector||r.msMatchesSelector,r.msMatchesSelector&&ye!=T&&(t=T.defaultView)&&t.top!==t&&t.addEventListener("unload",M),le.getById=$(function(e){return r.appendChild(e).id=ce.expando,!T.getElementsByName||!T.getElementsByName(ce.expando).length}),le.disconnectedMatch=$(function(e){return i.call(e,"*")}),le.scope=$(function(){return T.querySelectorAll(":scope")}),le.cssHas=$(function(){try{return T.querySelector(":has(*,:jqfake)"),!1}catch(e){return!0}}),le.getById?(b.filter.ID=function(e){var t=e.replace(O,P);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&C){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(O,P);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&C){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):t.querySelectorAll(e)},b.find.CLASS=function(e,t){if("undefined"!=typeof t.getElementsByClassName&&C)return t.getElementsByClassName(e)},d=[],$(function(e){var t;r.appendChild(e).innerHTML="<a id='"+S+"' href='' disabled='disabled'></a><select id='"+S+"-\r\\' disabled='disabled'><option selected=''></option></select>",e.querySelectorAll("[selected]").length||d.push("\\["+ge+"*(?:value|"+f+")"),e.querySelectorAll("[id~="+S+"-]").length||d.push("~="),e.querySelectorAll("a#"+S+"+*").length||d.push(".#.+[+~]"),e.querySelectorAll(":checked").length||d.push(":checked"),(t=T.createElement("input")).setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),r.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&d.push(":enabled",":disabled"),(t=T.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||d.push("\\["+ge+"*name"+ge+"*="+ge+"*(?:''|\"\")")}),le.cssHas||d.push(":has"),d=d.length&&new RegExp(d.join("|")),l=function(e,t){if(e===t)return a=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!le.sortDetached&&t.compareDocumentPosition(e)===n?e===T||e.ownerDocument==ye&&I.contains(ye,e)?-1:t===T||t.ownerDocument==ye&&I.contains(ye,t)?1:o?se.call(o,e)-se.call(o,t):0:4&n?-1:1)}),T}for(e in I.matches=function(e,t){return I(e,null,null,t)},I.matchesSelector=function(e,t){if(V(e),C&&!h[t+" "]&&(!d||!d.test(t)))try{var n=i.call(e,t);if(n||le.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){h(t,!0)}return 0<I(t,T,null,[e]).length},I.contains=function(e,t){return(e.ownerDocument||e)!=T&&V(e),ce.contains(e,t)},I.attr=function(e,t){(e.ownerDocument||e)!=T&&V(e);var n=b.attrHandle[t.toLowerCase()],r=n&&ue.call(b.attrHandle,t.toLowerCase())?n(e,t,!C):void 0;return void 0!==r?r:e.getAttribute(t)},I.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},ce.uniqueSort=function(e){var t,n=[],r=0,i=0;if(a=!le.sortStable,o=!le.sortStable&&ae.call(e,0),de.call(e,l),a){while(t=e[i++])t===e[i]&&(r=n.push(i));while(r--)he.call(e,n[r],1)}return o=null,e},ce.fn.uniqueSort=function(){return this.pushStack(ce.uniqueSort(ae.apply(this)))},(b=ce.expr={cacheLength:50,createPseudo:F,match:D,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(O,P),e[3]=(e[3]||e[4]||e[5]||"").replace(O,P),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||I.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&I.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return D.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&j.test(n)&&(t=Y(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(O,P).toLowerCase();return"*"===e?function(){return!0}:function(e){return fe(e,t)}},CLASS:function(e){var t=s[e+" "];return t||(t=new RegExp("(^|"+ge+")"+e+"("+ge+"|$)"))&&s(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=I.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1<t.indexOf(i):"$="===r?i&&t.slice(-i.length)===i:"~="===r?-1<(" "+t.replace(v," ")+" ").indexOf(i):"|="===r&&(t===i||t.slice(0,i.length+1)===i+"-"))}},CHILD:function(d,e,t,h,g){var v="nth"!==d.slice(0,3),y="last"!==d.slice(-4),m="of-type"===e;return 1===h&&0===g?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u=v!==y?"nextSibling":"previousSibling",l=e.parentNode,c=m&&e.nodeName.toLowerCase(),f=!n&&!m,p=!1;if(l){if(v){while(u){o=e;while(o=o[u])if(m?fe(o,c):1===o.nodeType)return!1;s=u="only"===d&&!s&&"nextSibling"}return!0}if(s=[y?l.firstChild:l.lastChild],y&&f){p=(a=(r=(i=l[S]||(l[S]={}))[d]||[])[0]===E&&r[1])&&r[2],o=a&&l.childNodes[a];while(o=++a&&o&&o[u]||(p=a=0)||s.pop())if(1===o.nodeType&&++p&&o===e){i[d]=[E,a,p];break}}else if(f&&(p=a=(r=(i=e[S]||(e[S]={}))[d]||[])[0]===E&&r[1]),!1===p)while(o=++a&&o&&o[u]||(p=a=0)||s.pop())if((m?fe(o,c):1===o.nodeType)&&++p&&(f&&((i=o[S]||(o[S]={}))[d]=[E,p]),o===e))break;return(p-=g)===h||p%h==0&&0<=p/h}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||I.error("unsupported pseudo: "+e);return a[S]?a(o):1<a.length?(t=[e,e,"",o],b.setFilters.hasOwnProperty(e.toLowerCase())?F(function(e,t){var n,r=a(e,o),i=r.length;while(i--)e[n=se.call(e,r[i])]=!(t[n]=r[i])}):function(e){return a(e,0,t)}):a}},pseudos:{not:F(function(e){var r=[],i=[],s=ne(e.replace(ve,"$1"));return s[S]?F(function(e,t,n,r){var i,o=s(e,null,r,[]),a=e.length;while(a--)(i=o[a])&&(e[a]=!(t[a]=i))}):function(e,t,n){return r[0]=e,s(r,null,n,i),r[0]=null,!i.pop()}}),has:F(function(t){return function(e){return 0<I(t,e).length}}),contains:F(function(t){return t=t.replace(O,P),function(e){return-1<(e.textContent||ce.text(e)).indexOf(t)}}),lang:F(function(n){return A.test(n||"")||I.error("unsupported lang: "+n),n=n.replace(O,P).toLowerCase(),function(e){var t;do{if(t=C?e.lang:e.getAttribute("xml:lang")||e.getAttribute("lang"))return(t=t.toLowerCase())===n||0===t.indexOf(n+"-")}while((e=e.parentNode)&&1===e.nodeType);return!1}}),target:function(e){var t=ie.location&&ie.location.hash;return t&&t.slice(1)===e.id},root:function(e){return e===r},focus:function(e){return e===function(){try{return T.activeElement}catch(e){}}()&&T.hasFocus()&&!!(e.type||e.href||~e.tabIndex)},enabled:z(!1),disabled:z(!0),checked:function(e){return fe(e,"input")&&!!e.checked||fe(e,"option")&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!b.pseudos.empty(e)},header:function(e){return q.test(e.nodeName)},input:function(e){return N.test(e.nodeName)},button:function(e){return fe(e,"input")&&"button"===e.type||fe(e,"button")},text:function(e){var t;return fe(e,"input")&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:X(function(){return[0]}),last:X(function(e,t){return[t-1]}),eq:X(function(e,t,n){return[n<0?n+t:n]}),even:X(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:X(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:X(function(e,t,n){var r;for(r=n<0?n+t:t<n?t:n;0<=--r;)e.push(r);return e}),gt:X(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}}).pseudos.nth=b.pseudos.eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=B(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=_(e);function G(){}function Y(e,t){var n,r,i,o,a,s,u,l=c[e+" "];if(l)return t?0:l.slice(0);a=e,s=[],u=b.preFilter;while(a){for(o in n&&!(r=y.exec(a))||(r&&(a=a.slice(r[0].length)||a),s.push(i=[])),n=!1,(r=m.exec(a))&&(n=r.shift(),i.push({value:n,type:r[0].replace(ve," ")}),a=a.slice(n.length)),b.filter)!(r=D[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?I.error(e):c(e,s).slice(0)}function Q(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function J(a,e,t){var s=e.dir,u=e.next,l=u||s,c=t&&"parentNode"===l,f=n++;return e.first?function(e,t,n){while(e=e[s])if(1===e.nodeType||c)return a(e,t,n);return!1}:function(e,t,n){var r,i,o=[E,f];if(n){while(e=e[s])if((1===e.nodeType||c)&&a(e,t,n))return!0}else while(e=e[s])if(1===e.nodeType||c)if(i=e[S]||(e[S]={}),u&&fe(e,u))e=e[s]||e;else{if((r=i[l])&&r[0]===E&&r[1]===f)return o[2]=r[2];if((i[l]=o)[2]=a(e,t,n))return!0}return!1}}function K(i){return 1<i.length?function(e,t,n){var r=i.length;while(r--)if(!i[r](e,t,n))return!1;return!0}:i[0]}function Z(e,t,n,r,i){for(var o,a=[],s=0,u=e.length,l=null!=t;s<u;s++)(o=e[s])&&(n&&!n(o,r,i)||(a.push(o),l&&t.push(s)));return a}function ee(d,h,g,v,y,e){return v&&!v[S]&&(v=ee(v)),y&&!y[S]&&(y=ee(y,e)),F(function(e,t,n,r){var i,o,a,s,u=[],l=[],c=t.length,f=e||function(e,t,n){for(var r=0,i=t.length;r<i;r++)I(e,t[r],n);return n}(h||"*",n.nodeType?[n]:n,[]),p=!d||!e&&h?f:Z(f,u,d,n,r);if(g?g(p,s=y||(e?d:c||v)?[]:t,n,r):s=p,v){i=Z(s,l),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(s[l[o]]=!(p[l[o]]=a))}if(e){if(y||d){if(y){i=[],o=s.length;while(o--)(a=s[o])&&i.push(p[o]=a);y(null,s=[],i,r)}o=s.length;while(o--)(a=s[o])&&-1<(i=y?se.call(e,a):u[o])&&(e[i]=!(t[i]=a))}}else s=Z(s===t?s.splice(c,s.length):s),y?y(null,t,s,r):k.apply(t,s)})}function te(e){for(var i,t,n,r=e.length,o=b.relative[e[0].type],a=o||b.relative[" "],s=o?1:0,u=J(function(e){return e===i},a,!0),l=J(function(e){return-1<se.call(i,e)},a,!0),c=[function(e,t,n){var r=!o&&(n||t!=w)||((i=t).nodeType?u(e,t,n):l(e,t,n));return i=null,r}];s<r;s++)if(t=b.relative[e[s].type])c=[J(K(c),t)];else{if((t=b.filter[e[s].type].apply(null,e[s].matches))[S]){for(n=++s;n<r;n++)if(b.relative[e[n].type])break;return ee(1<s&&K(c),1<s&&Q(e.slice(0,s-1).concat({value:" "===e[s-2].type?"*":""})).replace(ve,"$1"),t,s<n&&te(e.slice(s,n)),n<r&&te(e=e.slice(n)),n<r&&Q(e))}c.push(t)}return K(c)}function ne(e,t){var n,v,y,m,x,r,i=[],o=[],a=u[e+" "];if(!a){t||(t=Y(e)),n=t.length;while(n--)(a=te(t[n]))[S]?i.push(a):o.push(a);(a=u(e,(v=o,m=0<(y=i).length,x=0<v.length,r=function(e,t,n,r,i){var o,a,s,u=0,l="0",c=e&&[],f=[],p=w,d=e||x&&b.find.TAG("*",i),h=E+=null==p?1:Math.random()||.1,g=d.length;for(i&&(w=t==T||t||i);l!==g&&null!=(o=d[l]);l++){if(x&&o){a=0,t||o.ownerDocument==T||(V(o),n=!C);while(s=v[a++])if(s(o,t||T,n)){k.call(r,o);break}i&&(E=h)}m&&((o=!s&&o)&&u--,e&&c.push(o))}if(u+=l,m&&l!==u){a=0;while(s=y[a++])s(c,f,t,n);if(e){if(0<u)while(l--)c[l]||f[l]||(f[l]=pe.call(r));f=Z(f)}k.apply(r,f),i&&!e&&0<f.length&&1<u+y.length&&ce.uniqueSort(r)}return i&&(E=h,w=p),c},m?F(r):r))).selector=e}return a}function re(e,t,n,r){var i,o,a,s,u,l="function"==typeof e&&e,c=!r&&Y(e=l.selector||e);if(n=n||[],1===c.length){if(2<(o=c[0]=c[0].slice(0)).length&&"ID"===(a=o[0]).type&&9===t.nodeType&&C&&b.relative[o[1].type]){if(!(t=(b.find.ID(a.matches[0].replace(O,P),t)||[])[0]))return n;l&&(t=t.parentNode),e=e.slice(o.shift().value.length)}i=D.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(O,P),H.test(o[0].type)&&U(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&Q(o)))return k.apply(n,r),n;break}}}return(l||ne(e,c))(r,t,!C,n,!t||H.test(e)&&U(t.parentNode)||t),n}G.prototype=b.filters=b.pseudos,b.setFilters=new G,le.sortStable=S.split("").sort(l).join("")===S,V(),le.sortDetached=$(function(e){return 1&e.compareDocumentPosition(T.createElement("fieldset"))}),ce.find=I,ce.expr[":"]=ce.expr.pseudos,ce.unique=ce.uniqueSort,I.compile=ne,I.select=re,I.setDocument=V,I.tokenize=Y,I.escape=ce.escapeSelector,I.getText=ce.text,I.isXML=ce.isXMLDoc,I.selectors=ce.expr,I.support=ce.support,I.uniqueSort=ce.uniqueSort}();var d=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&ce(e).is(n))break;r.push(e)}return r},h=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},b=ce.expr.match.needsContext,w=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function T(e,n,r){return v(n)?ce.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?ce.grep(e,function(e){return e===n!==r}):"string"!=typeof n?ce.grep(e,function(e){return-1<se.call(n,e)!==r}):ce.filter(n,e,r)}ce.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?ce.find.matchesSelector(r,e)?[r]:[]:ce.find.matches(e,ce.grep(t,function(e){return 1===e.nodeType}))},ce.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(ce(e).filter(function(){for(t=0;t<r;t++)if(ce.contains(i[t],this))return!0}));for(n=this.pushStack([]),t=0;t<r;t++)ce.find(e,i[t],n);return 1<r?ce.uniqueSort(n):n},filter:function(e){return this.pushStack(T(this,e||[],!1))},not:function(e){return this.pushStack(T(this,e||[],!0))},is:function(e){return!!T(this,"string"==typeof e&&b.test(e)?ce(e):e||[],!1).length}});var k,S=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(ce.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||k,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:S.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof ce?t[0]:t,ce.merge(this,ce.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:C,!0)),w.test(r[1])&&ce.isPlainObject(t))for(r in t)v(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=C.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):v(e)?void 0!==n.ready?n.ready(e):e(ce):ce.makeArray(e,this)}).prototype=ce.fn,k=ce(C);var E=/^(?:parents|prev(?:Until|All))/,j={children:!0,contents:!0,next:!0,prev:!0};function A(e,t){while((e=e[t])&&1!==e.nodeType);return e}ce.fn.extend({has:function(e){var t=ce(e,this),n=t.length;return this.filter(function(){for(var e=0;e<n;e++)if(ce.contains(this,t[e]))return!0})},closest:function(e,t){var n,r=0,i=this.length,o=[],a="string"!=typeof e&&ce(e);if(!b.test(e))for(;r<i;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(n.nodeType<11&&(a?-1<a.index(n):1===n.nodeType&&ce.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(1<o.length?ce.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?se.call(ce(e),this[0]):se.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(ce.uniqueSort(ce.merge(this.get(),ce(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}}),ce.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return d(e,"parentNode")},parentsUntil:function(e,t,n){return d(e,"parentNode",n)},next:function(e){return A(e,"nextSibling")},prev:function(e){return A(e,"previousSibling")},nextAll:function(e){return d(e,"nextSibling")},prevAll:function(e){return d(e,"previousSibling")},nextUntil:function(e,t,n){return d(e,"nextSibling",n)},prevUntil:function(e,t,n){return d(e,"previousSibling",n)},siblings:function(e){return h((e.parentNode||{}).firstChild,e)},children:function(e){return h(e.firstChild)},contents:function(e){return null!=e.contentDocument&&r(e.contentDocument)?e.contentDocument:(fe(e,"template")&&(e=e.content||e),ce.merge([],e.childNodes))}},function(r,i){ce.fn[r]=function(e,t){var n=ce.map(this,i,e);return"Until"!==r.slice(-5)&&(t=e),t&&"string"==typeof t&&(n=ce.filter(t,n)),1<this.length&&(j[r]||ce.uniqueSort(n),E.test(r)&&n.reverse()),this.pushStack(n)}});var D=/[^\x20\t\r\n\f]+/g;function N(e){return e}function q(e){throw e}function L(e,t,n,r){var i;try{e&&v(i=e.promise)?i.call(e).done(t).fail(n):e&&v(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}ce.Callbacks=function(r){var e,n;r="string"==typeof r?(e=r,n={},ce.each(e.match(D)||[],function(e,t){n[t]=!0}),n):ce.extend({},r);var i,t,o,a,s=[],u=[],l=-1,c=function(){for(a=a||r.once,o=i=!0;u.length;l=-1){t=u.shift();while(++l<s.length)!1===s[l].apply(t[0],t[1])&&r.stopOnFalse&&(l=s.length,t=!1)}r.memory||(t=!1),i=!1,a&&(s=t?[]:"")},f={add:function(){return s&&(t&&!i&&(l=s.length-1,u.push(t)),function n(e){ce.each(e,function(e,t){v(t)?r.unique&&f.has(t)||s.push(t):t&&t.length&&"string"!==x(t)&&n(t)})}(arguments),t&&!i&&c()),this},remove:function(){return ce.each(arguments,function(e,t){var n;while(-1<(n=ce.inArray(t,s,n)))s.splice(n,1),n<=l&&l--}),this},has:function(e){return e?-1<ce.inArray(e,s):0<s.length},empty:function(){return s&&(s=[]),this},disable:function(){return a=u=[],s=t="",this},disabled:function(){return!s},lock:function(){return a=u=[],t||i||(s=t=""),this},locked:function(){return!!a},fireWith:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},ce.extend({Deferred:function(e){var o=[["notify","progress",ce.Callbacks("memory"),ce.Callbacks("memory"),2],["resolve","done",ce.Callbacks("once memory"),ce.Callbacks("once memory"),0,"resolved"],["reject","fail",ce.Callbacks("once memory"),ce.Callbacks("once memory"),1,"rejected"]],i="pending",a={state:function(){return i},always:function(){return s.done(arguments).fail(arguments),this},"catch":function(e){return a.then(null,e)},pipe:function(){var i=arguments;return ce.Deferred(function(r){ce.each(o,function(e,t){var n=v(i[t[4]])&&i[t[4]];s[t[1]](function(){var e=n&&n.apply(this,arguments);e&&v(e.promise)?e.promise().progress(r.notify).done(r.resolve).fail(r.reject):r[t[0]+"With"](this,n?[e]:arguments)})}),i=null}).promise()},then:function(t,n,r){var u=0;function l(i,o,a,s){return function(){var n=this,r=arguments,e=function(){var e,t;if(!(i<u)){if((e=a.apply(n,r))===o.promise())throw new TypeError("Thenable self-resolution");t=e&&("object"==typeof e||"function"==typeof e)&&e.then,v(t)?s?t.call(e,l(u,o,N,s),l(u,o,q,s)):(u++,t.call(e,l(u,o,N,s),l(u,o,q,s),l(u,o,N,o.notifyWith))):(a!==N&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){ce.Deferred.exceptionHook&&ce.Deferred.exceptionHook(e,t.error),u<=i+1&&(a!==q&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(ce.Deferred.getErrorHook?t.error=ce.Deferred.getErrorHook():ce.Deferred.getStackHook&&(t.error=ce.Deferred.getStackHook()),ie.setTimeout(t))}}return ce.Deferred(function(e){o[0][3].add(l(0,e,v(r)?r:N,e.notifyWith)),o[1][3].add(l(0,e,v(t)?t:N)),o[2][3].add(l(0,e,v(n)?n:q))}).promise()},promise:function(e){return null!=e?ce.extend(e,a):a}},s={};return ce.each(o,function(e,t){var n=t[2],r=t[5];a[t[1]]=n.add,r&&n.add(function(){i=r},o[3-e][2].disable,o[3-e][3].disable,o[0][2].lock,o[0][3].lock),n.add(t[3].fire),s[t[0]]=function(){return s[t[0]+"With"](this===s?void 0:this,arguments),this},s[t[0]+"With"]=n.fireWith}),a.promise(s),e&&e.call(s,s),s},when:function(e){var n=arguments.length,t=n,r=Array(t),i=ae.call(arguments),o=ce.Deferred(),a=function(t){return function(e){r[t]=this,i[t]=1<arguments.length?ae.call(arguments):e,--n||o.resolveWith(r,i)}};if(n<=1&&(L(e,o.done(a(t)).resolve,o.reject,!n),"pending"===o.state()||v(i[t]&&i[t].then)))return o.then();while(t--)L(i[t],a(t),o.reject);return o.promise()}});var H=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;ce.Deferred.exceptionHook=function(e,t){ie.console&&ie.console.warn&&e&&H.test(e.name)&&ie.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},ce.readyException=function(e){ie.setTimeout(function(){throw e})};var O=ce.Deferred();function P(){C.removeEventListener("DOMContentLoaded",P),ie.removeEventListener("load",P),ce.ready()}ce.fn.ready=function(e){return O.then(e)["catch"](function(e){ce.readyException(e)}),this},ce.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--ce.readyWait:ce.isReady)||(ce.isReady=!0)!==e&&0<--ce.readyWait||O.resolveWith(C,[ce])}}),ce.ready.then=O.then,"complete"===C.readyState||"loading"!==C.readyState&&!C.documentElement.doScroll?ie.setTimeout(ce.ready):(C.addEventListener("DOMContentLoaded",P),ie.addEventListener("load",P));var M=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===x(n))for(s in i=!0,n)M(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,v(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(ce(e),n)})),t))for(;s<u;s++)t(e[s],n,a?r:r.call(e[s],s,t(e[s],n)));return i?e:l?t.call(e):u?t(e[0],n):o},R=/^-ms-/,I=/-([a-z])/g;function W(e,t){return t.toUpperCase()}function F(e){return e.replace(R,"ms-").replace(I,W)}var $=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function B(){this.expando=ce.expando+B.uid++}B.uid=1,B.prototype={cache:function(e){var t=e[this.expando];return t||(t={},$(e)&&(e.nodeType?e[this.expando]=t:Object.defineProperty(e,this.expando,{value:t,configurable:!0}))),t},set:function(e,t,n){var r,i=this.cache(e);if("string"==typeof t)i[F(t)]=n;else for(r in t)i[F(r)]=t[r];return i},get:function(e,t){return void 0===t?this.cache(e):e[this.expando]&&e[this.expando][F(t)]},access:function(e,t,n){return void 0===t||t&&"string"==typeof t&&void 0===n?this.get(e,t):(this.set(e,t,n),void 0!==n?n:t)},remove:function(e,t){var n,r=e[this.expando];if(void 0!==r){if(void 0!==t){n=(t=Array.isArray(t)?t.map(F):(t=F(t))in r?[t]:t.match(D)||[]).length;while(n--)delete r[t[n]]}(void 0===t||ce.isEmptyObject(r))&&(e.nodeType?e[this.expando]=void 0:delete e[this.expando])}},hasData:function(e){var t=e[this.expando];return void 0!==t&&!ce.isEmptyObject(t)}};var _=new B,z=new B,X=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,U=/[A-Z]/g;function V(e,t,n){var r,i;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(U,"-$&").toLowerCase(),"string"==typeof(n=e.getAttribute(r))){try{n="true"===(i=n)||"false"!==i&&("null"===i?null:i===+i+""?+i:X.test(i)?JSON.parse(i):i)}catch(e){}z.set(e,t,n)}else n=void 0;return n}ce.extend({hasData:function(e){return z.hasData(e)||_.hasData(e)},data:function(e,t,n){return z.access(e,t,n)},removeData:function(e,t){z.remove(e,t)},_data:function(e,t,n){return _.access(e,t,n)},_removeData:function(e,t){_.remove(e,t)}}),ce.fn.extend({data:function(n,e){var t,r,i,o=this[0],a=o&&o.attributes;if(void 0===n){if(this.length&&(i=z.get(o),1===o.nodeType&&!_.get(o,"hasDataAttrs"))){t=a.length;while(t--)a[t]&&0===(r=a[t].name).indexOf("data-")&&(r=F(r.slice(5)),V(o,r,i[r]));_.set(o,"hasDataAttrs",!0)}return i}return"object"==typeof n?this.each(function(){z.set(this,n)}):M(this,function(e){var t;if(o&&void 0===e)return void 0!==(t=z.get(o,n))?t:void 0!==(t=V(o,n))?t:void 0;this.each(function(){z.set(this,n,e)})},null,e,1<arguments.length,null,!0)},removeData:function(e){return this.each(function(){z.remove(this,e)})}}),ce.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=_.get(e,t),n&&(!r||Array.isArray(n)?r=_.access(e,t,ce.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=ce.queue(e,t),r=n.length,i=n.shift(),o=ce._queueHooks(e,t);"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,function(){ce.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return _.get(e,n)||_.access(e,n,{empty:ce.Callbacks("once memory").add(function(){_.remove(e,[t+"queue",n])})})}}),ce.fn.extend({queue:function(t,n){var e=2;return"string"!=typeof t&&(n=t,t="fx",e--),arguments.length<e?ce.queue(this[0],t):void 0===n?this:this.each(function(){var e=ce.queue(this,t,n);ce._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&ce.dequeue(this,t)})},dequeue:function(e){return this.each(function(){ce.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=ce.Deferred(),o=this,a=this.length,s=function(){--r||i.resolveWith(o,[o])};"string"!=typeof e&&(t=e,e=void 0),e=e||"fx";while(a--)(n=_.get(o[a],e+"queueHooks"))&&n.empty&&(r++,n.empty.add(s));return s(),i.promise(t)}});var G=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,Y=new RegExp("^(?:([+-])=|)("+G+")([a-z%]*)$","i"),Q=["Top","Right","Bottom","Left"],J=C.documentElement,K=function(e){return ce.contains(e.ownerDocument,e)},Z={composed:!0};J.getRootNode&&(K=function(e){return ce.contains(e.ownerDocument,e)||e.getRootNode(Z)===e.ownerDocument});var ee=function(e,t){return"none"===(e=t||e).style.display||""===e.style.display&&K(e)&&"none"===ce.css(e,"display")};function te(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return ce.css(e,t,"")},u=s(),l=n&&n[3]||(ce.cssNumber[t]?"":"px"),c=e.nodeType&&(ce.cssNumber[t]||"px"!==l&&+u)&&Y.exec(ce.css(e,t));if(c&&c[3]!==l){u/=2,l=l||c[3],c=+u||1;while(a--)ce.style(e,t,c+l),(1-o)*(1-(o=s()/u||.5))<=0&&(a=0),c/=o;c*=2,ce.style(e,t,c+l),n=n||[]}return n&&(c=+c||+u||0,i=n[1]?c+(n[1]+1)*n[2]:+n[2],r&&(r.unit=l,r.start=c,r.end=i)),i}var ne={};function re(e,t){for(var n,r,i,o,a,s,u,l=[],c=0,f=e.length;c<f;c++)(r=e[c]).style&&(n=r.style.display,t?("none"===n&&(l[c]=_.get(r,"display")||null,l[c]||(r.style.display="")),""===r.style.display&&ee(r)&&(l[c]=(u=a=o=void 0,a=(i=r).ownerDocument,s=i.nodeName,(u=ne[s])||(o=a.body.appendChild(a.createElement(s)),u=ce.css(o,"display"),o.parentNode.removeChild(o),"none"===u&&(u="block"),ne[s]=u)))):"none"!==n&&(l[c]="none",_.set(r,"display",n)));for(c=0;c<f;c++)null!=l[c]&&(e[c].style.display=l[c]);return e}ce.fn.extend({show:function(){return re(this,!0)},hide:function(){return re(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){ee(this)?ce(this).show():ce(this).hide()})}});var xe,be,we=/^(?:checkbox|radio)$/i,Te=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,Ce=/^$|^module$|\/(?:java|ecma)script/i;xe=C.createDocumentFragment().appendChild(C.createElement("div")),(be=C.createElement("input")).setAttribute("type","radio"),be.setAttribute("checked","checked"),be.setAttribute("name","t"),xe.appendChild(be),le.checkClone=xe.cloneNode(!0).cloneNode(!0).lastChild.checked,xe.innerHTML="<textarea>x</textarea>",le.noCloneChecked=!!xe.cloneNode(!0).lastChild.defaultValue,xe.innerHTML="<option></option>",le.option=!!xe.lastChild;var ke={thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};function Se(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&fe(e,t)?ce.merge([e],n):n}function Ee(e,t){for(var n=0,r=e.length;n<r;n++)_.set(e[n],"globalEval",!t||_.get(t[n],"globalEval"))}ke.tbody=ke.tfoot=ke.colgroup=ke.caption=ke.thead,ke.th=ke.td,le.option||(ke.optgroup=ke.option=[1,"<select multiple='multiple'>","</select>"]);var je=/<|&#?\w+;/;function Ae(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===x(o))ce.merge(p,o.nodeType?[o]:o);else if(je.test(o)){a=a||f.appendChild(t.createElement("div")),s=(Te.exec(o)||["",""])[1].toLowerCase(),u=ke[s]||ke._default,a.innerHTML=u[1]+ce.htmlPrefilter(o)+u[2],c=u[0];while(c--)a=a.lastChild;ce.merge(p,a.childNodes),(a=f.firstChild).textContent=""}else p.push(t.createTextNode(o));f.textContent="",d=0;while(o=p[d++])if(r&&-1<ce.inArray(o,r))i&&i.push(o);else if(l=K(o),a=Se(f.appendChild(o),"script"),l&&Ee(a),n){c=0;while(o=a[c++])Ce.test(o.type||"")&&n.push(o)}return f}var De=/^([^.]*)(?:\.(.+)|)/;function Ne(){return!0}function qe(){return!1}function Le(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)Le(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=qe;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return ce().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=ce.guid++)),e.each(function(){ce.event.add(this,t,i,r,n)})}function He(e,r,t){t?(_.set(e,r,!1),ce.event.add(e,r,{namespace:!1,handler:function(e){var t,n=_.get(this,r);if(1&e.isTrigger&&this[r]){if(n)(ce.event.special[r]||{}).delegateType&&e.stopPropagation();else if(n=ae.call(arguments),_.set(this,r,n),this[r](),t=_.get(this,r),_.set(this,r,!1),n!==t)return e.stopImmediatePropagation(),e.preventDefault(),t}else n&&(_.set(this,r,ce.event.trigger(n[0],n.slice(1),this)),e.stopPropagation(),e.isImmediatePropagationStopped=Ne)}})):void 0===_.get(e,r)&&ce.event.add(e,r,Ne)}ce.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=_.get(t);if($(t)){n.handler&&(n=(o=n).handler,i=o.selector),i&&ce.find.matchesSelector(J,i),n.guid||(n.guid=ce.guid++),(u=v.events)||(u=v.events=Object.create(null)),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof ce&&ce.event.triggered!==e.type?ce.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(D)||[""]).length;while(l--)d=g=(s=De.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=ce.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=ce.event.special[d]||{},c=ce.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&ce.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),ce.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=_.hasData(e)&&_.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(D)||[""]).length;while(l--)if(d=g=(s=De.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=ce.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||ce.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)ce.event.remove(e,d+t[l],n,r,!0);ce.isEmptyObject(u)&&_.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=new Array(arguments.length),u=ce.event.fix(e),l=(_.get(this,"events")||Object.create(null))[u.type]||[],c=ce.event.special[u.type]||{};for(s[0]=u,t=1;t<arguments.length;t++)s[t]=arguments[t];if(u.delegateTarget=this,!c.preDispatch||!1!==c.preDispatch.call(this,u)){a=ce.event.handlers.call(this,u,l),t=0;while((i=a[t++])&&!u.isPropagationStopped()){u.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!u.isImmediatePropagationStopped())u.rnamespace&&!1!==o.namespace&&!u.rnamespace.test(o.namespace)||(u.handleObj=o,u.data=o.data,void 0!==(r=((ce.event.special[o.origType]||{}).handle||o.handler).apply(i.elem,s))&&!1===(u.result=r)&&(u.preventDefault(),u.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,u),u.result}},handlers:function(e,t){var n,r,i,o,a,s=[],u=t.delegateCount,l=e.target;if(u&&l.nodeType&&!("click"===e.type&&1<=e.button))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n<u;n++)void 0===a[i=(r=t[n]).selector+" "]&&(a[i]=r.needsContext?-1<ce(i,this).index(l):ce.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u<t.length&&s.push({elem:l,handlers:t.slice(u)}),s},addProp:function(t,e){Object.defineProperty(ce.Event.prototype,t,{enumerable:!0,configurable:!0,get:v(e)?function(){if(this.originalEvent)return e(this.originalEvent)}:function(){if(this.originalEvent)return this.originalEvent[t]},set:function(e){Object.defineProperty(this,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[ce.expando]?e:new ce.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return we.test(t.type)&&t.click&&fe(t,"input")&&He(t,"click",!0),!1},trigger:function(e){var t=this||e;return we.test(t.type)&&t.click&&fe(t,"input")&&He(t,"click"),!0},_default:function(e){var t=e.target;return we.test(t.type)&&t.click&&fe(t,"input")&&_.get(t,"click")||fe(t,"a")}},beforeunload:{postDispatch:function(e){void 0!==e.result&&e.originalEvent&&(e.originalEvent.returnValue=e.result)}}}},ce.removeEvent=function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n)},ce.Event=function(e,t){if(!(this instanceof ce.Event))return new ce.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||void 0===e.defaultPrevented&&!1===e.returnValue?Ne:qe,this.target=e.target&&3===e.target.nodeType?e.target.parentNode:e.target,this.currentTarget=e.currentTarget,this.relatedTarget=e.relatedTarget):this.type=e,t&&ce.extend(this,t),this.timeStamp=e&&e.timeStamp||Date.now(),this[ce.expando]=!0},ce.Event.prototype={constructor:ce.Event,isDefaultPrevented:qe,isPropagationStopped:qe,isImmediatePropagationStopped:qe,isSimulated:!1,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=Ne,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=Ne,e&&!this.isSimulated&&e.stopPropagation()},stopImmediatePropagation:function(){var e=this.originalEvent;this.isImmediatePropagationStopped=Ne,e&&!this.isSimulated&&e.stopImmediatePropagation(),this.stopPropagation()}},ce.each({altKey:!0,bubbles:!0,cancelable:!0,changedTouches:!0,ctrlKey:!0,detail:!0,eventPhase:!0,metaKey:!0,pageX:!0,pageY:!0,shiftKey:!0,view:!0,"char":!0,code:!0,charCode:!0,key:!0,keyCode:!0,button:!0,buttons:!0,clientX:!0,clientY:!0,offsetX:!0,offsetY:!0,pointerId:!0,pointerType:!0,screenX:!0,screenY:!0,targetTouches:!0,toElement:!0,touches:!0,which:!0},ce.event.addProp),ce.each({focus:"focusin",blur:"focusout"},function(r,i){function o(e){if(C.documentMode){var t=_.get(this,"handle"),n=ce.event.fix(e);n.type="focusin"===e.type?"focus":"blur",n.isSimulated=!0,t(e),n.target===n.currentTarget&&t(n)}else ce.event.simulate(i,e.target,ce.event.fix(e))}ce.event.special[r]={setup:function(){var e;if(He(this,r,!0),!C.documentMode)return!1;(e=_.get(this,i))||this.addEventListener(i,o),_.set(this,i,(e||0)+1)},trigger:function(){return He(this,r),!0},teardown:function(){var e;if(!C.documentMode)return!1;(e=_.get(this,i)-1)?_.set(this,i,e):(this.removeEventListener(i,o),_.remove(this,i))},_default:function(e){return _.get(e.target,r)},delegateType:i},ce.event.special[i]={setup:function(){var e=this.ownerDocument||this.document||this,t=C.documentMode?this:e,n=_.get(t,i);n||(C.documentMode?this.addEventListener(i,o):e.addEventListener(r,o,!0)),_.set(t,i,(n||0)+1)},teardown:function(){var e=this.ownerDocument||this.document||this,t=C.documentMode?this:e,n=_.get(t,i)-1;n?_.set(t,i,n):(C.documentMode?this.removeEventListener(i,o):e.removeEventListener(r,o,!0),_.remove(t,i))}}}),ce.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(e,i){ce.event.special[e]={delegateType:i,bindType:i,handle:function(e){var t,n=e.relatedTarget,r=e.handleObj;return n&&(n===this||ce.contains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),ce.fn.extend({on:function(e,t,n,r){return Le(this,e,t,n,r)},one:function(e,t,n,r){return Le(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleObj)return r=e.handleObj,ce(e.delegateTarget).off(r.namespace?r.origType+"."+r.namespace:r.origType,r.selector,r.handler),this;if("object"==typeof e){for(i in e)this.off(i,t,e[i]);return this}return!1!==t&&"function"!=typeof t||(n=t,t=void 0),!1===n&&(n=qe),this.each(function(){ce.event.remove(this,e,n,t)})}});var Oe=/<script|<style|<link/i,Pe=/checked\s*(?:[^=]|=\s*.checked.)/i,Me=/^\s*<!\[CDATA\[|\]\]>\s*$/g;function Re(e,t){return fe(e,"table")&&fe(11!==t.nodeType?t:t.firstChild,"tr")&&ce(e).children("tbody")[0]||e}function Ie(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function We(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Fe(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(_.hasData(e)&&(s=_.get(e).events))for(i in _.remove(t,"handle events"),s)for(n=0,r=s[i].length;n<r;n++)ce.event.add(t,i,s[i][n]);z.hasData(e)&&(o=z.access(e),a=ce.extend({},o),z.set(t,a))}}function $e(n,r,i,o){r=g(r);var e,t,a,s,u,l,c=0,f=n.length,p=f-1,d=r[0],h=v(d);if(h||1<f&&"string"==typeof d&&!le.checkClone&&Pe.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),$e(t,r,i,o)});if(f&&(t=(e=Ae(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.length&&(e=t),t||o)){for(s=(a=ce.map(Se(e,"script"),Ie)).length;c<f;c++)u=e,c!==p&&(u=ce.clone(u,!0,!0),s&&ce.merge(a,Se(u,"script"))),i.call(n[c],u,c);if(s)for(l=a[a.length-1].ownerDocument,ce.map(a,We),c=0;c<s;c++)u=a[c],Ce.test(u.type||"")&&!_.access(u,"globalEval")&&ce.contains(l,u)&&(u.src&&"module"!==(u.type||"").toLowerCase()?ce._evalUrl&&!u.noModule&&ce._evalUrl(u.src,{nonce:u.nonce||u.getAttribute("nonce")},l):m(u.textContent.replace(Me,""),u,l))}return n}function Be(e,t,n){for(var r,i=t?ce.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||ce.cleanData(Se(r)),r.parentNode&&(n&&K(r)&&Ee(Se(r,"script")),r.parentNode.removeChild(r));return e}ce.extend({htmlPrefilter:function(e){return e},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=K(e);if(!(le.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||ce.isXMLDoc(e)))for(a=Se(c),r=0,i=(o=Se(e)).length;r<i;r++)s=o[r],u=a[r],void 0,"input"===(l=u.nodeName.toLowerCase())&&we.test(s.type)?u.checked=s.checked:"input"!==l&&"textarea"!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||Se(e),a=a||Se(c),r=0,i=o.length;r<i;r++)Fe(o[r],a[r]);else Fe(e,c);return 0<(a=Se(c,"script")).length&&Ee(a,!f&&Se(e,"script")),c},cleanData:function(e){for(var t,n,r,i=ce.event.special,o=0;void 0!==(n=e[o]);o++)if($(n)){if(t=n[_.expando]){if(t.events)for(r in t.events)i[r]?ce.event.remove(n,r):ce.removeEvent(n,r,t.handle);n[_.expando]=void 0}n[z.expando]&&(n[z.expando]=void 0)}}}),ce.fn.extend({detach:function(e){return Be(this,e,!0)},remove:function(e){return Be(this,e)},text:function(e){return M(this,function(e){return void 0===e?ce.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return $e(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||Re(this,e).appendChild(e)})},prepend:function(){return $e(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Re(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return $e(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return $e(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(ce.cleanData(Se(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return ce.clone(this,e,t)})},html:function(e){return M(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!Oe.test(e)&&!ke[(Te.exec(e)||["",""])[1].toLowerCase()]){e=ce.htmlPrefilter(e);try{for(;n<r;n++)1===(t=this[n]||{}).nodeType&&(ce.cleanData(Se(t,!1)),t.innerHTML=e);t=0}catch(e){}}t&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var n=[];return $e(this,arguments,function(e){var t=this.parentNode;ce.inArray(this,n)<0&&(ce.cleanData(Se(this)),t&&t.replaceChild(e,this))},n)}}),ce.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,a){ce.fn[e]=function(e){for(var t,n=[],r=ce(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),ce(r[o])[a](t),s.apply(n,t.get());return this.pushStack(n)}});var _e=new RegExp("^("+G+")(?!px)[a-z%]+$","i"),ze=/^--/,Xe=function(e){var t=e.ownerDocument.defaultView;return t&&t.opener||(t=ie),t.getComputedStyle(e)},Ue=function(e,t,n){var r,i,o={};for(i in t)o[i]=e.style[i],e.style[i]=t[i];for(i in r=n.call(e),t)e.style[i]=o[i];return r},Ve=new RegExp(Q.join("|"),"i");function Ge(e,t,n){var r,i,o,a,s=ze.test(t),u=e.style;return(n=n||Xe(e))&&(a=n.getPropertyValue(t)||n[t],s&&a&&(a=a.replace(ve,"$1")||void 0),""!==a||K(e)||(a=ce.style(e,t)),!le.pixelBoxStyles()&&_e.test(a)&&Ve.test(t)&&(r=u.width,i=u.minWidth,o=u.maxWidth,u.minWidth=u.maxWidth=u.width=a,a=n.width,u.width=r,u.minWidth=i,u.maxWidth=o)),void 0!==a?a+"":a}function Ye(e,t){return{get:function(){if(!e())return(this.get=t).apply(this,arguments);delete this.get}}}!function(){function e(){if(l){u.style.cssText="position:absolute;left:-11111px;width:60px;margin-top:1px;padding:0;border:0",l.style.cssText="position:relative;display:block;box-sizing:border-box;overflow:scroll;margin:auto;border:1px;padding:1px;width:60%;top:1%",J.appendChild(u).appendChild(l);var e=ie.getComputedStyle(l);n="1%"!==e.top,s=12===t(e.marginLeft),l.style.right="60%",o=36===t(e.right),r=36===t(e.width),l.style.position="absolute",i=12===t(l.offsetWidth/3),J.removeChild(u),l=null}}function t(e){return Math.round(parseFloat(e))}var n,r,i,o,a,s,u=C.createElement("div"),l=C.createElement("div");l.style&&(l.style.backgroundClip="content-box",l.cloneNode(!0).style.backgroundClip="",le.clearCloneStyle="content-box"===l.style.backgroundClip,ce.extend(le,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),s},scrollboxSize:function(){return e(),i},reliableTrDimensions:function(){var e,t,n,r;return null==a&&(e=C.createElement("table"),t=C.createElement("tr"),n=C.createElement("div"),e.style.cssText="position:absolute;left:-11111px;border-collapse:separate",t.style.cssText="box-sizing:content-box;border:1px solid",t.style.height="1px",n.style.height="9px",n.style.display="block",J.appendChild(e).appendChild(t).appendChild(n),r=ie.getComputedStyle(t),a=parseInt(r.height,10)+parseInt(r.borderTopWidth,10)+parseInt(r.borderBottomWidth,10)===t.offsetHeight,J.removeChild(e)),a}}))}();var Qe=["Webkit","Moz","ms"],Je=C.createElement("div").style,Ke={};function Ze(e){var t=ce.cssProps[e]||Ke[e];return t||(e in Je?e:Ke[e]=function(e){var t=e[0].toUpperCase()+e.slice(1),n=Qe.length;while(n--)if((e=Qe[n]+t)in Je)return e}(e)||e)}var et=/^(none|table(?!-c[ea]).+)/,tt={position:"absolute",visibility:"hidden",display:"block"},nt={letterSpacing:"0",fontWeight:"400"};function rt(e,t,n){var r=Y.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function it(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0,l=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(l+=ce.css(e,n+Q[a],!0,i)),r?("content"===n&&(u-=ce.css(e,"padding"+Q[a],!0,i)),"margin"!==n&&(u-=ce.css(e,"border"+Q[a]+"Width",!0,i))):(u+=ce.css(e,"padding"+Q[a],!0,i),"padding"!==n?u+=ce.css(e,"border"+Q[a]+"Width",!0,i):s+=ce.css(e,"border"+Q[a]+"Width",!0,i));return!r&&0<=o&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))||0),u+l}function ot(e,t,n){var r=Xe(e),i=(!le.boxSizingReliable()||n)&&"border-box"===ce.css(e,"boxSizing",!1,r),o=i,a=Ge(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if(_e.test(a)){if(!n)return a;a="auto"}return(!le.boxSizingReliable()&&i||!le.reliableTrDimensions()&&fe(e,"tr")||"auto"===a||!parseFloat(a)&&"inline"===ce.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===ce.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+it(e,t,n||(i?"border":"content"),o,r,a)+"px"}function at(e,t,n,r,i){return new at.prototype.init(e,t,n,r,i)}ce.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Ge(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,aspectRatio:!0,borderImageSlice:!0,columnCount:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,scale:!0,widows:!0,zIndex:!0,zoom:!0,fillOpacity:!0,floodOpacity:!0,stopOpacity:!0,strokeMiterlimit:!0,strokeOpacity:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=F(t),u=ze.test(t),l=e.style;if(u||(t=Ze(s)),a=ce.cssHooks[t]||ce.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=Y.exec(n))&&i[1]&&(n=te(e,t,i),o="number"),null!=n&&n==n&&("number"!==o||u||(n+=i&&i[3]||(ce.cssNumber[s]?"":"px")),le.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=F(t);return ze.test(t)||(t=Ze(s)),(a=ce.cssHooks[t]||ce.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=Ge(e,t,r)),"normal"===i&&t in nt&&(i=nt[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),ce.each(["height","width"],function(e,u){ce.cssHooks[u]={get:function(e,t,n){if(t)return!et.test(ce.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?ot(e,u,n):Ue(e,tt,function(){return ot(e,u,n)})},set:function(e,t,n){var r,i=Xe(e),o=!le.scrollboxSize()&&"absolute"===i.position,a=(o||n)&&"border-box"===ce.css(e,"boxSizing",!1,i),s=n?it(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-it(e,u,"border",!1,i)-.5)),s&&(r=Y.exec(t))&&"px"!==(r[3]||"px")&&(e.style[u]=t,t=ce.css(e,u)),rt(0,t,s)}}}),ce.cssHooks.marginLeft=Ye(le.reliableMarginLeft,function(e,t){if(t)return(parseFloat(Ge(e,"marginLeft"))||e.getBoundingClientRect().left-Ue(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),ce.each({margin:"",padding:"",border:"Width"},function(i,o){ce.cssHooks[i+o]={expand:function(e){for(var t=0,n={},r="string"==typeof e?e.split(" "):[e];t<4;t++)n[i+Q[t]+o]=r[t]||r[t-2]||r[0];return n}},"margin"!==i&&(ce.cssHooks[i+o].set=rt)}),ce.fn.extend({css:function(e,t){return M(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=Xe(e),i=t.length;a<i;a++)o[t[a]]=ce.css(e,t[a],!1,r);return o}return void 0!==n?ce.style(e,t,n):ce.css(e,t)},e,t,1<arguments.length)}}),((ce.Tween=at).prototype={constructor:at,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||ce.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(ce.cssNumber[n]?"":"px")},cur:function(){var e=at.propHooks[this.prop];return e&&e.get?e.get(this):at.propHooks._default.get(this)},run:function(e){var t,n=at.propHooks[this.prop];return this.options.duration?this.pos=t=ce.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):at.propHooks._default.set(this),this}}).init.prototype=at.prototype,(at.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=ce.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){ce.fx.step[e.prop]?ce.fx.step[e.prop](e):1!==e.elem.nodeType||!ce.cssHooks[e.prop]&&null==e.elem.style[Ze(e.prop)]?e.elem[e.prop]=e.now:ce.style(e.elem,e.prop,e.now+e.unit)}}}).scrollTop=at.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},ce.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},ce.fx=at.prototype.init,ce.fx.step={};var st,ut,lt,ct,ft=/^(?:toggle|show|hide)$/,pt=/queueHooks$/;function dt(){ut&&(!1===C.hidden&&ie.requestAnimationFrame?ie.requestAnimationFrame(dt):ie.setTimeout(dt,ce.fx.interval),ce.fx.tick())}function ht(){return ie.setTimeout(function(){st=void 0}),st=Date.now()}function gt(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=Q[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function vt(e,t,n){for(var r,i=(yt.tweeners[t]||[]).concat(yt.tweeners["*"]),o=0,a=i.length;o<a;o++)if(r=i[o].call(n,t,e))return r}function yt(o,e,t){var n,a,r=0,i=yt.prefilters.length,s=ce.Deferred().always(function(){delete u.elem}),u=function(){if(a)return!1;for(var e=st||ht(),t=Math.max(0,l.startTime+l.duration-e),n=1-(t/l.duration||0),r=0,i=l.tweens.length;r<i;r++)l.tweens[r].run(n);return s.notifyWith(o,[l,n,t]),n<1&&i?t:(i||s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l]),!1)},l=s.promise({elem:o,props:ce.extend({},e),opts:ce.extend(!0,{specialEasing:{},easing:ce.easing._default},t),originalProperties:e,originalOptions:t,startTime:st||ht(),duration:t.duration,tweens:[],createTween:function(e,t){var n=ce.Tween(o,l.opts,e,t,l.opts.specialEasing[e]||l.opts.easing);return l.tweens.push(n),n},stop:function(e){var t=0,n=e?l.tweens.length:0;if(a)return this;for(a=!0;t<n;t++)l.tweens[t].run(1);return e?(s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l,e])):s.rejectWith(o,[l,e]),this}}),c=l.props;for(!function(e,t){var n,r,i,o,a;for(n in e)if(i=t[r=F(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=ce.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=yt.prefilters[r].call(l,o,c,l.opts))return v(n.stop)&&(ce._queueHooks(l.elem,l.opts.queue).stop=n.stop.bind(n)),n;return ce.map(c,vt,l),v(l.opts.start)&&l.opts.start.call(o,l),l.progress(l.opts.progress).done(l.opts.done,l.opts.complete).fail(l.opts.fail).always(l.opts.always),ce.fx.timer(ce.extend(u,{elem:o,anim:l,queue:l.opts.queue})),l}ce.Animation=ce.extend(yt,{tweeners:{"*":[function(e,t){var n=this.createTween(e,t);return te(n.elem,e,Y.exec(t),n),n}]},tweener:function(e,t){v(e)?(t=e,e=["*"]):e=e.match(D);for(var n,r=0,i=e.length;r<i;r++)n=e[r],yt.tweeners[n]=yt.tweeners[n]||[],yt.tweeners[n].unshift(t)},prefilters:[function(e,t,n){var r,i,o,a,s,u,l,c,f="width"in t||"height"in t,p=this,d={},h=e.style,g=e.nodeType&&ee(e),v=_.get(e,"fxshow");for(r in n.queue||(null==(a=ce._queueHooks(e,"fx")).unqueued&&(a.unqueued=0,s=a.empty.fire,a.empty.fire=function(){a.unqueued||s()}),a.unqueued++,p.always(function(){p.always(function(){a.unqueued--,ce.queue(e,"fx").length||a.empty.fire()})})),t)if(i=t[r],ft.test(i)){if(delete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||ce.style(e,r)}if((u=!ce.isEmptyObject(t))||!ce.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null==(l=v&&v.display)&&(l=_.get(e,"display")),"none"===(c=ce.css(e,"display"))&&(l?c=l:(re([e],!0),l=e.style.display||l,c=ce.css(e,"display"),re([e]))),("inline"===c||"inline-block"===c&&null!=l)&&"none"===ce.css(e,"float")&&(u||(p.done(function(){h.display=l}),null==l&&(c=h.display,l="none"===c?"":c)),h.display="inline-block")),n.overflow&&(h.overflow="hidden",p.always(function(){h.overflow=n.overflow[0],h.overflowX=n.overflow[1],h.overflowY=n.overflow[2]})),u=!1,d)u||(v?"hidden"in v&&(g=v.hidden):v=_.access(e,"fxshow",{display:l}),o&&(v.hidden=!g),g&&re([e],!0),p.done(function(){for(r in g||re([e]),_.remove(e,"fxshow"),d)ce.style(e,r,d[r])})),u=vt(g?v[r]:0,r,p),r in v||(v[r]=u.start,g&&(u.end=u.start,u.start=0))}],prefilter:function(e,t){t?yt.prefilters.unshift(e):yt.prefilters.push(e)}}),ce.speed=function(e,t,n){var r=e&&"object"==typeof e?ce.extend({},e):{complete:n||!n&&t||v(e)&&e,duration:e,easing:n&&t||t&&!v(t)&&t};return ce.fx.off?r.duration=0:"number"!=typeof r.duration&&(r.duration in ce.fx.speeds?r.duration=ce.fx.speeds[r.duration]:r.duration=ce.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){v(r.old)&&r.old.call(this),r.queue&&ce.dequeue(this,r.queue)},r},ce.fn.extend({fadeTo:function(e,t,n,r){return this.filter(ee).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(t,e,n,r){var i=ce.isEmptyObject(t),o=ce.speed(e,n,r),a=function(){var e=yt(this,ce.extend({},t),o);(i||_.get(this,"finish"))&&e.stop(!0)};return a.finish=a,i||!1===o.queue?this.each(a):this.queue(o.queue,a)},stop:function(i,e,o){var a=function(e){var t=e.stop;delete e.stop,t(o)};return"string"!=typeof i&&(o=e,e=i,i=void 0),e&&this.queue(i||"fx",[]),this.each(function(){var e=!0,t=null!=i&&i+"queueHooks",n=ce.timers,r=_.get(this);if(t)r[t]&&r[t].stop&&a(r[t]);else for(t in r)r[t]&&r[t].stop&&pt.test(t)&&a(r[t]);for(t=n.length;t--;)n[t].elem!==this||null!=i&&n[t].queue!==i||(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o||ce.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a||"fx"),this.each(function(){var e,t=_.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=ce.timers,o=n?n.length:0;for(t.finish=!0,ce.queue(this,a,[]),r&&r.stop&&r.stop.call(this,!0),e=i.length;e--;)i[e].elem===this&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),ce.each(["toggle","show","hide"],function(e,r){var i=ce.fn[r];ce.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i.apply(this,arguments):this.animate(gt(r,!0),e,t,n)}}),ce.each({slideDown:gt("show"),slideUp:gt("hide"),slideToggle:gt("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,r){ce.fn[e]=function(e,t,n){return this.animate(r,e,t,n)}}),ce.timers=[],ce.fx.tick=function(){var e,t=0,n=ce.timers;for(st=Date.now();t<n.length;t++)(e=n[t])()||n[t]!==e||n.splice(t--,1);n.length||ce.fx.stop(),st=void 0},ce.fx.timer=function(e){ce.timers.push(e),ce.fx.start()},ce.fx.interval=13,ce.fx.start=function(){ut||(ut=!0,dt())},ce.fx.stop=function(){ut=null},ce.fx.speeds={slow:600,fast:200,_default:400},ce.fn.delay=function(r,e){return r=ce.fx&&ce.fx.speeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=ie.setTimeout(e,r);t.stop=function(){ie.clearTimeout(n)}})},lt=C.createElement("input"),ct=C.createElement("select").appendChild(C.createElement("option")),lt.type="checkbox",le.checkOn=""!==lt.value,le.optSelected=ct.selected,(lt=C.createElement("input")).value="t",lt.type="radio",le.radioValue="t"===lt.value;var mt,xt=ce.expr.attrHandle;ce.fn.extend({attr:function(e,t){return M(this,ce.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){ce.removeAttr(this,e)})}}),ce.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?ce.prop(e,t,n):(1===o&&ce.isXMLDoc(e)||(i=ce.attrHooks[t.toLowerCase()]||(ce.expr.match.bool.test(t)?mt:void 0)),void 0!==n?null===n?void ce.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=ce.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!le.radioValue&&"radio"===t&&fe(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(D);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),mt={set:function(e,t,n){return!1===t?ce.removeAttr(e,n):e.setAttribute(n,n),n}},ce.each(ce.expr.match.bool.source.match(/\w+/g),function(e,t){var a=xt[t]||ce.find.attr;xt[t]=function(e,t,n){var r,i,o=t.toLowerCase();return n||(i=xt[o],xt[o]=r,r=null!=a(e,t,n)?o:null,xt[o]=i),r}});var bt=/^(?:input|select|textarea|button)$/i,wt=/^(?:a|area)$/i;function Tt(e){return(e.match(D)||[]).join(" ")}function Ct(e){return e.getAttribute&&e.getAttribute("class")||""}function kt(e){return Array.isArray(e)?e:"string"==typeof e&&e.match(D)||[]}ce.fn.extend({prop:function(e,t){return M(this,ce.prop,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[ce.propFix[e]||e]})}}),ce.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&ce.isXMLDoc(e)||(t=ce.propFix[t]||t,i=ce.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=ce.find.attr(e,"tabindex");return t?parseInt(t,10):bt.test(e.nodeName)||wt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),le.optSelected||(ce.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),ce.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){ce.propFix[this.toLowerCase()]=this}),ce.fn.extend({addClass:function(t){var e,n,r,i,o,a;return v(t)?this.each(function(e){ce(this).addClass(t.call(this,e,Ct(this)))}):(e=kt(t)).length?this.each(function(){if(r=Ct(this),n=1===this.nodeType&&" "+Tt(r)+" "){for(o=0;o<e.length;o++)i=e[o],n.indexOf(" "+i+" ")<0&&(n+=i+" ");a=Tt(n),r!==a&&this.setAttribute("class",a)}}):this},removeClass:function(t){var e,n,r,i,o,a;return v(t)?this.each(function(e){ce(this).removeClass(t.call(this,e,Ct(this)))}):arguments.length?(e=kt(t)).length?this.each(function(){if(r=Ct(this),n=1===this.nodeType&&" "+Tt(r)+" "){for(o=0;o<e.length;o++){i=e[o];while(-1<n.indexOf(" "+i+" "))n=n.replace(" "+i+" "," ")}a=Tt(n),r!==a&&this.setAttribute("class",a)}}):this:this.attr("class","")},toggleClass:function(t,n){var e,r,i,o,a=typeof t,s="string"===a||Array.isArray(t);return v(t)?this.each(function(e){ce(this).toggleClass(t.call(this,e,Ct(this),n),n)}):"boolean"==typeof n&&s?n?this.addClass(t):this.removeClass(t):(e=kt(t),this.each(function(){if(s)for(o=ce(this),i=0;i<e.length;i++)r=e[i],o.hasClass(r)?o.removeClass(r):o.addClass(r);else void 0!==t&&"boolean"!==a||((r=Ct(this))&&_.set(this,"__className__",r),this.setAttribute&&this.setAttribute("class",r||!1===t?"":_.get(this,"__className__")||""))}))},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&-1<(" "+Tt(Ct(n))+" ").indexOf(t))return!0;return!1}});var St=/\r/g;ce.fn.extend({val:function(n){var r,e,i,t=this[0];return arguments.length?(i=v(n),this.each(function(e){var t;1===this.nodeType&&(null==(t=i?n.call(this,e,ce(this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=ce.map(t,function(e){return null==e?"":e+""})),(r=ce.valHooks[this.type]||ce.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=ce.valHooks[t.type]||ce.valHooks[t.nodeName.toLowerCase()])&&"get"in r&&void 0!==(e=r.get(t,"value"))?e:"string"==typeof(e=t.value)?e.replace(St,""):null==e?"":e:void 0}}),ce.extend({valHooks:{option:{get:function(e){var t=ce.find.attr(e,"value");return null!=t?t:Tt(ce.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r<u;r++)if(((n=i[r]).selected||r===o)&&!n.disabled&&(!n.parentNode.disabled||!fe(n.parentNode,"optgroup"))){if(t=ce(n).val(),a)return t;s.push(t)}return s},set:function(e,t){var n,r,i=e.options,o=ce.makeArray(t),a=i.length;while(a--)((r=i[a]).selected=-1<ce.inArray(ce.valHooks.option.get(r),o))&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),ce.each(["radio","checkbox"],function(){ce.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=-1<ce.inArray(ce(e).val(),t)}},le.checkOn||(ce.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})});var Et=ie.location,jt={guid:Date.now()},At=/\?/;ce.parseXML=function(e){var t,n;if(!e||"string"!=typeof e)return null;try{t=(new ie.DOMParser).parseFromString(e,"text/xml")}catch(e){}return n=t&&t.getElementsByTagName("parsererror")[0],t&&!n||ce.error("Invalid XML: "+(n?ce.map(n.childNodes,function(e){return e.textContent}).join("\n"):e)),t};var Dt=/^(?:focusinfocus|focusoutblur)$/,Nt=function(e){e.stopPropagation()};ce.extend(ce.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||C],d=ue.call(e,"type")?e.type:e,h=ue.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||C,3!==n.nodeType&&8!==n.nodeType&&!Dt.test(d+ce.event.triggered)&&(-1<d.indexOf(".")&&(d=(h=d.split(".")).shift(),h.sort()),u=d.indexOf(":")<0&&"on"+d,(e=e[ce.expando]?e:new ce.Event(d,"object"==typeof e&&e)).isTrigger=r?2:3,e.namespace=h.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=n),t=null==t?[e]:ce.makeArray(t,[e]),c=ce.event.special[d]||{},r||!c.trigger||!1!==c.trigger.apply(n,t))){if(!r&&!c.noBubble&&!y(n)){for(s=c.delegateType||d,Dt.test(s+d)||(o=o.parentNode);o;o=o.parentNode)p.push(o),a=o;a===(n.ownerDocument||C)&&p.push(a.defaultView||a.parentWindow||ie)}i=0;while((o=p[i++])&&!e.isPropagationStopped())f=o,e.type=1<i?s:c.bindType||d,(l=(_.get(o,"events")||Object.create(null))[e.type]&&_.get(o,"handle"))&&l.apply(o,t),(l=u&&o[u])&&l.apply&&$(o)&&(e.result=l.apply(o,t),!1===e.result&&e.preventDefault());return e.type=d,r||e.isDefaultPrevented()||c._default&&!1!==c._default.apply(p.pop(),t)||!$(n)||u&&v(n[d])&&!y(n)&&((a=n[u])&&(n[u]=null),ce.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,Nt),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,Nt),ce.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=ce.extend(new ce.Event,n,{type:e,isSimulated:!0});ce.event.trigger(r,null,t)}}),ce.fn.extend({trigger:function(e,t){return this.each(function(){ce.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return ce.event.trigger(e,t,n,!0)}});var qt=/\[\]$/,Lt=/\r?\n/g,Ht=/^(?:submit|button|image|reset|file)$/i,Ot=/^(?:input|select|textarea|keygen)/i;function Pt(n,e,r,i){var t;if(Array.isArray(e))ce.each(e,function(e,t){r||qt.test(n)?i(n,t):Pt(n+"["+("object"==typeof t&&null!=t?e:"")+"]",t,r,i)});else if(r||"object"!==x(e))i(n,e);else for(t in e)Pt(n+"["+t+"]",e[t],r,i)}ce.param=function(e,t){var n,r=[],i=function(e,t){var n=v(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!ce.isPlainObject(e))ce.each(e,function(){i(this.name,this.value)});else for(n in e)Pt(n,e[n],t,i);return r.join("&")},ce.fn.extend({serialize:function(){return ce.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=ce.prop(this,"elements");return e?ce.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!ce(this).is(":disabled")&&Ot.test(this.nodeName)&&!Ht.test(e)&&(this.checked||!we.test(e))}).map(function(e,t){var n=ce(this).val();return null==n?null:Array.isArray(n)?ce.map(n,function(e){return{name:t.name,value:e.replace(Lt,"\r\n")}}):{name:t.name,value:n.replace(Lt,"\r\n")}}).get()}});var Mt=/%20/g,Rt=/#.*$/,It=/([?&])_=[^&]*/,Wt=/^(.*?):[ \t]*([^\r\n]*)$/gm,Ft=/^(?:GET|HEAD)$/,$t=/^\/\//,Bt={},_t={},zt="*/".concat("*"),Xt=C.createElement("a");function Ut(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(D)||[];if(v(t))while(n=i[r++])"+"===n[0]?(n=n.slice(1)||"*",(o[n]=o[n]||[]).unshift(t)):(o[n]=o[n]||[]).push(t)}}function Vt(t,i,o,a){var s={},u=t===_t;function l(e){var r;return s[e]=!0,ce.each(t[e]||[],function(e,t){var n=t(i,o,a);return"string"!=typeof n||u||s[n]?u?!(r=n):void 0:(i.dataTypes.unshift(n),l(n),!1)}),r}return l(i.dataTypes[0])||!s["*"]&&l("*")}function Gt(e,t){var n,r,i=ce.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&ce.extend(!0,e,r),e}Xt.href=Et.href,ce.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:Et.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(Et.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":zt,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":ce.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?Gt(Gt(e,ce.ajaxSettings),t):Gt(ce.ajaxSettings,e)},ajaxPrefilter:Ut(Bt),ajaxTransport:Ut(_t),ajax:function(e,t){"object"==typeof e&&(t=e,e=void 0),t=t||{};var c,f,p,n,d,r,h,g,i,o,v=ce.ajaxSetup({},t),y=v.context||v,m=v.context&&(y.nodeType||y.jquery)?ce(y):ce.event,x=ce.Deferred(),b=ce.Callbacks("once memory"),w=v.statusCode||{},a={},s={},u="canceled",T={readyState:0,getResponseHeader:function(e){var t;if(h){if(!n){n={};while(t=Wt.exec(p))n[t[1].toLowerCase()+" "]=(n[t[1].toLowerCase()+" "]||[]).concat(t[2])}t=n[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return h?p:null},setRequestHeader:function(e,t){return null==h&&(e=s[e.toLowerCase()]=s[e.toLowerCase()]||e,a[e]=t),this},overrideMimeType:function(e){return null==h&&(v.mimeType=e),this},statusCode:function(e){var t;if(e)if(h)T.always(e[T.status]);else for(t in e)w[t]=[w[t],e[t]];return this},abort:function(e){var t=e||u;return c&&c.abort(t),l(0,t),this}};if(x.promise(T),v.url=((e||v.url||Et.href)+"").replace($t,Et.protocol+"//"),v.type=t.method||t.type||v.method||v.type,v.dataTypes=(v.dataType||"*").toLowerCase().match(D)||[""],null==v.crossDomain){r=C.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Xt.protocol+"//"+Xt.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=ce.param(v.data,v.traditional)),Vt(Bt,v,t,T),h)return T;for(i in(g=ce.event&&v.global)&&0==ce.active++&&ce.event.trigger("ajaxStart"),v.type=v.type.toUpperCase(),v.hasContent=!Ft.test(v.type),f=v.url.replace(Rt,""),v.hasContent?v.data&&v.processData&&0===(v.contentType||"").indexOf("application/x-www-form-urlencoded")&&(v.data=v.data.replace(Mt,"+")):(o=v.url.slice(f.length),v.data&&(v.processData||"string"==typeof v.data)&&(f+=(At.test(f)?"&":"?")+v.data,delete v.data),!1===v.cache&&(f=f.replace(It,"$1"),o=(At.test(f)?"&":"?")+"_="+jt.guid+++o),v.url=f+o),v.ifModified&&(ce.lastModified[f]&&T.setRequestHeader("If-Modified-Since",ce.lastModified[f]),ce.etag[f]&&T.setRequestHeader("If-None-Match",ce.etag[f])),(v.data&&v.hasContent&&!1!==v.contentType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+zt+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=Vt(_t,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d=ie.setTimeout(function(){T.abort("timeout")},v.timeout));try{h=!1,c.send(a,l)}catch(e){if(h)throw e;l(-1,e)}}else l(-1,"No Transport");function l(e,t,n,r){var i,o,a,s,u,l=t;h||(h=!0,d&&ie.clearTimeout(d),c=void 0,p=r||"",T.readyState=0<e?4:0,i=200<=e&&e<300||304===e,n&&(s=function(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}(v,T,n)),!i&&-1<ce.inArray("script",v.dataTypes)&&ce.inArray("json",v.dataTypes)<0&&(v.converters["text script"]=function(){}),s=function(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}(v,s,T,i),i?(v.ifModified&&((u=T.getResponseHeader("Last-Modified"))&&(ce.lastModified[f]=u),(u=T.getResponseHeader("etag"))&&(ce.etag[f]=u)),204===e||"HEAD"===v.type?l="nocontent":304===e?l="notmodified":(l=s.state,o=s.data,i=!(a=s.error))):(a=l,!e&&l||(l="error",e<0&&(e=0))),T.status=e,T.statusText=(t||l)+"",i?x.resolveWith(y,[o,l,T]):x.rejectWith(y,[T,l,a]),T.statusCode(w),w=void 0,g&&m.trigger(i?"ajaxSuccess":"ajaxError",[T,v,i?o:a]),b.fireWith(y,[T,l]),g&&(m.trigger("ajaxComplete",[T,v]),--ce.active||ce.event.trigger("ajaxStop")))}return T},getJSON:function(e,t,n){return ce.get(e,t,n,"json")},getScript:function(e,t){return ce.get(e,void 0,t,"script")}}),ce.each(["get","post"],function(e,i){ce[i]=function(e,t,n,r){return v(t)&&(r=r||n,n=t,t=void 0),ce.ajax(ce.extend({url:e,type:i,dataType:r,data:t,success:n},ce.isPlainObject(e)&&e))}}),ce.ajaxPrefilter(function(e){var t;for(t in e.headers)"content-type"===t.toLowerCase()&&(e.contentType=e.headers[t]||"")}),ce._evalUrl=function(e,t,n){return ce.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){ce.globalEval(e,t,n)}})},ce.fn.extend({wrapAll:function(e){var t;return this[0]&&(v(e)&&(e=e.call(this[0])),t=ce(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(n){return v(n)?this.each(function(e){ce(this).wrapInner(n.call(this,e))}):this.each(function(){var e=ce(this),t=e.contents();t.length?t.wrapAll(n):e.append(n)})},wrap:function(t){var n=v(t);return this.each(function(e){ce(this).wrapAll(n?t.call(this,e):t)})},unwrap:function(e){return this.parent(e).not("body").each(function(){ce(this).replaceWith(this.childNodes)}),this}}),ce.expr.pseudos.hidden=function(e){return!ce.expr.pseudos.visible(e)},ce.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},ce.ajaxSettings.xhr=function(){try{return new ie.XMLHttpRequest}catch(e){}};var Yt={0:200,1223:204},Qt=ce.ajaxSettings.xhr();le.cors=!!Qt&&"withCredentials"in Qt,le.ajax=Qt=!!Qt,ce.ajaxTransport(function(i){var o,a;if(le.cors||Qt&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in i.mimeType&&r.overrideMimeType&&r.overrideMimeType(i.mimeType),i.crossDomain||e["X-Requested-With"]||(e["X-Requested-With"]="XMLHttpRequest"),e)r.setRequestHeader(n,e[n]);o=function(e){return function(){o&&(o=a=r.onload=r.onerror=r.onabort=r.ontimeout=r.onreadystatechange=null,"abort"===e?r.abort():"error"===e?"number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Yt[r.status]||r.status,r.statusText,"text"!==(r.responseType||"text")||"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a=r.onerror=r.ontimeout=o("error"),void 0!==r.onabort?r.onabort=a:r.onreadystatechange=function(){4===r.readyState&&ie.setTimeout(function(){o&&a()})},o=o("abort");try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw e}},abort:function(){o&&o()}}}),ce.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),ce.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return ce.globalEval(e),e}}}),ce.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),ce.ajaxTransport("script",function(n){var r,i;if(n.crossDomain||n.scriptAttrs)return{send:function(e,t){r=ce("<script>").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),C.head.appendChild(r[0])},abort:function(){i&&i()}}});var Jt,Kt=[],Zt=/(=)\?(?=&|$)|\?\?/;ce.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Kt.pop()||ce.expando+"_"+jt.guid++;return this[e]=!0,e}}),ce.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Zt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Zt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=v(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Zt,"$1"+r):!1!==e.jsonp&&(e.url+=(At.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||ce.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=ie[r],ie[r]=function(){o=arguments},n.always(function(){void 0===i?ce(ie).removeProp(r):ie[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Kt.push(r)),o&&v(i)&&i(o[0]),o=i=void 0}),"script"}),le.createHTMLDocument=((Jt=C.implementation.createHTMLDocument("").body).innerHTML="<form></form><form></form>",2===Jt.childNodes.length),ce.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(le.createHTMLDocument?((r=(t=C.implementation.createHTMLDocument("")).createElement("base")).href=C.location.href,t.head.appendChild(r)):t=C),o=!n&&[],(i=w.exec(e))?[t.createElement(i[1])]:(i=Ae([e],t,o),o&&o.length&&ce(o).remove(),ce.merge([],i.childNodes)));var r,i,o},ce.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1<s&&(r=Tt(e.slice(s)),e=e.slice(0,s)),v(t)?(n=t,t=void 0):t&&"object"==typeof t&&(i="POST"),0<a.length&&ce.ajax({url:e,type:i||"GET",dataType:"html",data:t}).done(function(e){o=arguments,a.html(r?ce("<div>").append(ce.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},ce.expr.pseudos.animated=function(t){return ce.grep(ce.timers,function(e){return t===e.elem}).length},ce.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=ce.css(e,"position"),c=ce(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=ce.css(e,"top"),u=ce.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),v(t)&&(t=t.call(e,n,ce.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},ce.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){ce.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===ce.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===ce.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=ce(e).offset()).top+=ce.css(e,"borderTopWidth",!0),i.left+=ce.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-ce.css(r,"marginTop",!0),left:t.left-i.left-ce.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===ce.css(e,"position"))e=e.offsetParent;return e||J})}}),ce.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;ce.fn[t]=function(e){return M(this,function(e,t,n){var r;if(y(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),ce.each(["top","left"],function(e,n){ce.cssHooks[n]=Ye(le.pixelPosition,function(e,t){if(t)return t=Ge(e,n),_e.test(t)?ce(e).position()[n]+"px":t})}),ce.each({Height:"height",Width:"width"},function(a,s){ce.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){ce.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return M(this,function(e,t,n){var r;return y(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?ce.css(e,t,i):ce.style(e,t,n,i)},s,n?e:void 0,n)}})}),ce.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){ce.fn[t]=function(e){return this.on(t,e)}}),ce.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.on("mouseenter",e).on("mouseleave",t||e)}}),ce.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){ce.fn[n]=function(e,t){return 0<arguments.length?this.on(n,null,e,t):this.trigger(n)}});var en=/^[\s\uFEFF\xA0]+|([^\s\uFEFF\xA0])[\s\uFEFF\xA0]+$/g;ce.proxy=function(e,t){var n,r,i;if("string"==typeof t&&(n=e[t],t=e,e=n),v(e))return r=ae.call(arguments,2),(i=function(){return e.apply(t||this,r.concat(ae.call(arguments)))}).guid=e.guid=e.guid||ce.guid++,i},ce.holdReady=function(e){e?ce.readyWait++:ce.ready(!0)},ce.isArray=Array.isArray,ce.parseJSON=JSON.parse,ce.nodeName=fe,ce.isFunction=v,ce.isWindow=y,ce.camelCase=F,ce.type=x,ce.now=Date.now,ce.isNumeric=function(e){var t=ce.type(e);return("number"===t||"string"===t)&&!isNaN(e-parseFloat(e))},ce.trim=function(e){return null==e?"":(e+"").replace(en,"$1")},"function"==typeof define&&define.amd&&define("jquery",[],function(){return ce});var tn=ie.jQuery,nn=ie.$;return ce.noConflict=function(e){return ie.$===ce&&(ie.$=nn),e&&ie.jQuery===ce&&(ie.jQuery=tn),ce},"undefined"==typeof e&&(ie.jQuery=ie.$=ce),ce});
diff --git a/setup/static/render.js b/setup/static/render.js
index 2a1d0fae..cde25107 100644
--- a/setup/static/render.js
+++ b/setup/static/render.js
@@ -2,51 +2,17 @@
 var token = $("#api_token").val();
 
 $(document).ready(function() {
-	if ($("#webmail").val() == 'none') {
-		$("#webmail_path").hide();
-		$("#webmail_path").val("");
-	} else {
-		$("#webmail_path").show();
-		$("#webmail_path").val("/webmail");
-	}
-	$("#webmail").click(function() {
-		if (this.value == 'none') {
-			$("#webmail_path").hide();
-			$("#webmail_path").val("");
-		} else {
-			$("#webmail_path").show();
-			$("#webmail_path").val("/webmail");
-		}
-	});
-});
-
-$(document).ready(function() {
-	if ($('#admin').prop('checked')) {
-		$("#admin_path").show();
-		$("#admin_path").val("/admin");
-	}
-	$("#admin").change(function() {
-		if ($(this).is(":checked")) {
-			$("#admin_path").show();
-			$("#admin_path").val("/admin");
-		} else {
-			$("#admin_path").hide();
-			$("#admin_path").val("");
-		}
-	});
+	$("#no_java_script").hide();
+	$("#container").show();
 });
 
 $(document).ready(function() {
 	if ($('#api_enabled').prop('checked')) {
-		$("#api_path").show();
-		$("#api_path").val("/api")
 		$("#api_token").show();
 		$("#api_token").prop('required',true);
 		$("#api_token").val(token);
 		$("#api_token_label").show();
 	} else {
-		$("#api_path").hide();
-		$("#api_path").val("")
 		$("#api_token").hide();
 		$("#api_token").prop('required',false);
 		$("#api_token").val("");
@@ -54,15 +20,11 @@ $(document).ready(function() {
 	}
 	$("#api_enabled").change(function() {
 		if ($(this).is(":checked")) {
-			$("#api_path").show();
-			$("#api_path").val("/api");
 			$("#api_token").show();
 			$("#api_token").prop('required',true);
 			$("#api_token").val(token)
 			$("#api_token_label").show();
 		} else {
-			$("#api_path").hide();
-			$("#api_path").val("")
 			$("#api_token").hide();
 			$("#api_token").prop('required',false);
 			$("#api_token").val("");
@@ -71,45 +33,6 @@ $(document).ready(function() {
 	});
 });
 
-$(document).ready(function() {
-	if ($("#database").val() == 'sqlite') {
-		$("#external_db").hide();
-	} else {
-		$("#external_db").show();
-	}
-
-	$("#webmail").click(function() {
-		if (this.value == 'roundcube') {
-			$("#db_flavor_rc_sel").show();
-		} else {
-			$("#db_flavor_rc_sel").hide();
-			$("#roundcube_db_user,#roundcube_db_pw,#roundcube_db_url,#roundcube_db_name").prop('required',false);
-		}
-	});
-
-	$("#database").click(function() {
-		if (this.value == 'sqlite') {
-			$("#external_db").hide();
-			$("#db_user,#db_pw,#db_url,#db_name").prop('required',false);
-			$("#roundcube_db_user,#roundcube_db_pw,#roundcube_db_url,#roundcube_db_name").prop('required',false);
-		} else {
-			$("#external_db").show();
-			$("#db_user,#db_pw,#db_url,#db_name").prop('required',true);
-		}
-	});
-
-	$("#database_rc").click(function() {
-		if (this.value == 'sqlite'){
-			$("#roundcube_external_db").hide();
-			$("#roundcube_db_user,#roundcube_db_pw,#roundcube_db_url,#roundcube_db_name").prop('required',false);
-		}
-		else if ($("#webmail").val() == 'roundcube') {
-			$("#roundcube_external_db").show();
-			$("#roundcube_db_user,#roundcube_db_pw,#roundcube_db_url,#roundcube_db_name").prop('required',true);
-		}
-	});
-});
-
 $(document).ready(function() {
 	if ($('#enable_ipv6').prop('checked')) {
 		$("#ipv6").show();
diff --git a/setup/templates/base.html b/setup/templates/base.html
index 5752e91f..41d85b54 100644
--- a/setup/templates/base.html
+++ b/setup/templates/base.html
@@ -1,11 +1,18 @@
 {% extends "bootstrap/base.html" %}
 {% import "macros.html" as macros %}
+{% from 'bootstrap/utils.html' import flashed_messages %}
 
 {% block title %}Mailu setup{% endblock %}
 
 {% block content %}
-<div class="container">
+
+<div id=no_java_script class="noscriptmsg">
+  JavaScript is not enabled or JavaScript files were blocked. The Mailu setup site does not function when JavaScript is disabled.
+</div>
+
+<div id="container" class="container" style="display:none;">
   <h1>Mailu configuration</h1>
+  {{ flashed_messages() }}
   <p>
     Version
     <select id=version_select onchange="window.location.href=this.value;" class="btn btn-primary dropdown-toggle">
@@ -27,4 +34,11 @@ For production scenarios we recommend to use the stable version.
 
 </div>
 <p></p>
+
 {% endblock %}
+
+{% block scripts %}
+<script type="text/javascript" src="{{ url_for('static', filename='jquery.min.js') }}"></script>
+<script type="text/javascript" src="{{ url_for('static', filename='render.js') }}"></script>
+{{super()}}
+{% endblock %}
\ No newline at end of file
diff --git a/setup/templates/steps/compose/02_services.html b/setup/templates/steps/compose/02_services.html
index 2311e4a3..2d4bdd50 100644
--- a/setup/templates/steps/compose/02_services.html
+++ b/setup/templates/steps/compose/02_services.html
@@ -9,7 +9,7 @@ bound to the internal IMAP and SMTP server for users to access their mailbox thr
 the Web. By exposing a complex application such as a Webmail, you should be aware of
 the security implications caused by such an increase of attack surface.<p>
 <div class="form-group">
-  <label>Enable Web email client (and path to the Web email client)</label>
+  <label>Enable Web email client</label>
   <br/>
   <select class="btn btn-primary dropdown-toggle" name="webmail_type" id="webmail">
   	{% for webmailtype in ["none", "roundcube", "snappymail"] %}
@@ -17,9 +17,6 @@ the security implications caused by such an increase of attack surface.<p>
   	{% endfor %}
   </select>
   <p></p>
-  <div class="input-group">
-    <input class="form-control" type="text" name="webmail_path" id="webmail_path" style="display: none">
-  </div>
 </div>
 
 
@@ -61,12 +58,16 @@ the security implications caused by such an increase of attack surface.<p>
     Enable oletools
   </label>
 
-  <i>Oletools scans documents in email attachements for malicious macros. It has a much lower memory footprint than a full-fledged anti-virus.</i>
+  <i>Oletools scans documents in email attachments for malicious macros. It has a much lower memory footprint than a full-fledged anti-virus.</i>
 </div>
 
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
-
-<script type="text/javascript" src="{{ url_for('static', filename='render.js') }}"></script>
+<div class="form-check form-check-inline">
+  <label class="form-check-label">
+    <input class="form-check-input" type="checkbox" name="tika_enabled" value="true">
+    Enable Tika
+  </label>
 
+  <i>Tika enables the functionality for searching through attachments. Tika scans documents in email attachments, process (OCR, keyword extraction) and then index them in a way they can be efficiently searched. This requires significant resources (RAM, CPU and storage).</i>
+</div>
 
 {% endcall %}
diff --git a/setup/templates/steps/compose/03_expose.html b/setup/templates/steps/compose/03_expose.html
index c1d3ca8c..e14e4bbc 100644
--- a/setup/templates/steps/compose/03_expose.html
+++ b/setup/templates/steps/compose/03_expose.html
@@ -16,11 +16,10 @@ avoid generic all-interfaces addresses like <code>0.0.0.0</code> or <code>::</co
 <div class="form-group">
   <label>IPv4 listen address</label>
 <!--   Validates IPv4 address -->
-  <input class="form-control" type="text" name="bind4" value="127.0.0.1" 
-  		pattern="^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$">
-  <label>Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)</label>
-  <input class="form-control" type="text" name="subnet" required pattern="^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))$"
-    value="192.168.203.0/24">
+  <input class="form-control" type="text" name="bind4" value="127.0.0.1" >
+  <label>Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
+    Usually the format is '*.*.*.0/24'</label>
+  <input class="form-control" type="text" name="subnet" value="192.168.203.0/24">
 </div>
 
 <div class="form-check form-check-inline">
@@ -34,8 +33,7 @@ avoid generic all-interfaces addresses like <code>0.0.0.0</code> or <code>::</co
   <p><span class="label label-danger">Read this:</span> Docker currently does not expose the IPv6 ports properly, as it does not interface with <code>ip6tables</code>. Read <a href="https://mailu.io/{{ version }}/faq.html#how-to-make-ipv6-work">FAQ section</a> and be <b>very careful</b>. We do <b>NOT</b> recommend that you enable this!</p>
   <label>IPv6 listen address</label>
 <!--   Validates IPv6 address -->
-  <input class="form-control" type="text" name="bind6" value="::1"
-  		pattern="^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$">
+  <input class="form-control" type="text" name="bind6" value="::1" >
   <label>Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)</label>
   <input class="form-control" type="text" name="subnet6" required value="{{ subnet6 }}:beef::/64">
 </div>
diff --git a/setup/templates/steps/config.html b/setup/templates/steps/config.html
index 025a2a2c..e01d9c97 100644
--- a/setup/templates/steps/config.html
+++ b/setup/templates/steps/config.html
@@ -4,13 +4,13 @@
 <div class="form-group">
   <label>Mailu storage path: </label>
 <!--   Validates path -->
-  <input class="form-control" type="text" name="root" value="/mailu" required pattern="^/[-_A-Za-z0-9]+(/[-_A-Za-z0-9]*)*">
+  <input class="form-control" type="text" name="root" value="/mailu" required pattern="^\/[\-_A-Za-z0-9\.]+(\/[\-_A-Za-z0-9\.]*)*">
 </div>
 
 <p>In the following sections we need to set the postmaster address. This is a combination of the <i>postmaster</i> local part and the <i>main mail domain</i>.
 The <i>main mail domain</i> is also used as </i>"server display name"</i>. This is the way the SMTP server identifies itself when connecting to others.
 The Postmaster will get an e-mail address &lt;postmaster&gt;@&lt;main_domain&gt;. This address will receive the DMARC "rua" and "ruf" reports.
-Or in plain english: if receivers start to classify your mail as spam, this postmaster will be informed.</p>
+Or in plain English: if receivers start to classify your mail as spam, this postmaster will be informed.</p>
 
 <div class="form-group">
   <label>
@@ -60,8 +60,8 @@ Or in plain english: if receivers start to classify your mail as spam, this post
 
 <div class="form-check form-check-inline">
   <label class="form-check-label">
-    <input class="form-check-input" type="checkbox" name="disable_statistics" value="True">
-    Opt-out of statistics
+    <input class="form-check-input" type="checkbox" name="statistics_enabled"  value="True">
+    Opt-in for anonymized statistics
   </label>
 </div>
 
@@ -82,8 +82,7 @@ manage your email domains, users, etc.</p>
 
 <div class="form-group">
     <input type="checkbox" name="admin_enabled" value="true" id="admin" checked>
-  	<label>Enable the admin UI (and path to the admin UI)</label>
-    <input class="form-control" type="text" name="admin_path" id="admin_path" style="display: none">
+  	<label>Enable the admin UI</label>
 </div>
 
 <p>The API interface is a RESTful API for changing the Mailu configuration.
@@ -93,14 +92,10 @@ manage your email domains, users, etc.</p>
 
   <div class="form-group">
       <input type="checkbox" name="api_enabled" value="true" id="api_enabled" >
-      <label>Enable the API (and path to the API)</label>
-      <input class="form-control" type="text" name="api_path" id="api_path" style="display: none">
+      <label>Enable the API</label>
+      <br>
       <label name="api_token_label" id="api_token_label">API token</label>
       <input class="form-control" type="text" name="api_token" id="api_token" style="display: none" value="{{ secret(32) }}">
   </div>
 
-<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
-
-<script type="text/javascript" src="{{ url_for('static', filename='render.js') }}"></script>
-
 {% endcall %}
diff --git a/tests/build-ci.hcl b/tests/build-ci.hcl
index a78488f8..ad7f4bf7 100644
--- a/tests/build-ci.hcl
+++ b/tests/build-ci.hcl
@@ -49,7 +49,6 @@ group "default" {
 
     "webmail",
 
-    "antivirus",
     "fetchmail",
     "resolver",
     "traefik-certdumper",
@@ -207,15 +206,6 @@ target "webmail" {
 # -----------------------------------------------------------------------------------------
 # Optional images
 # -----------------------------------------------------------------------------------------
-target "antivirus" {
-  inherits = ["defaults"]
-  context = "optional/clamav/"
-  contexts = {
-    base = "docker-image://${DOCKER_ORG}/base:${MAILU_VERSION}"
-  }
-  tags = tag("clamav")
-}
-
 target "fetchmail" {
   inherits = ["defaults"]
   context = "optional/fetchmail/"
diff --git a/tests/build.hcl b/tests/build.hcl
index e7c8387a..c5a9d10b 100644
--- a/tests/build.hcl
+++ b/tests/build.hcl
@@ -45,7 +45,6 @@ group "default" {
 
     "webmail",
 
-    "antivirus",
     "fetchmail",
     "resolver",
     "traefik-certdumper",
@@ -201,15 +200,6 @@ target "webmail" {
 # -----------------------------------------------------------------------------------------
 # Optional images
 # -----------------------------------------------------------------------------------------
-target "antivirus" {
-  inherits = ["defaults"]
-  context = "optional/clamav/"
-  contexts = {
-    base = "target:base"
-  }
-  tags = tag("clamav")
-}
-
 target "fetchmail" {
   inherits = ["defaults"]
   context = "optional/fetchmail/"
diff --git a/tests/compose/filters/01_email_test.sh b/tests/compose/filters/01_email_test.sh
index 50e904f8..1e437732 100755
--- a/tests/compose/filters/01_email_test.sh
+++ b/tests/compose/filters/01_email_test.sh
@@ -1,6 +1,10 @@
 python3 tests/email_test.py message-virus "tests/compose/filters/eicar.com.txt"
-if [ $? -eq 99 ]; then
-	exit 0
-else
-	exit 1
+if [ $? -ne 25 ]; then
+  exit 1
 fi
+python3 tests/email_test.py message-PUA "tests/compose/filters/PotentiallyUnwanted.exe_"
+if [ $? -ne 25 ]; then
+  exit 1
+fi
+
+exit 0
diff --git a/tests/compose/filters/02_email_antispam.sh b/tests/compose/filters/02_email_antispam.sh
index ac2653a3..3972cb1c 100755
--- a/tests/compose/filters/02_email_antispam.sh
+++ b/tests/compose/filters/02_email_antispam.sh
@@ -1,7 +1,7 @@
 # GTUBE should be blocked, see https://rspamd.com/doc/gtube_patterns.html
 python3 tests/email_test.py "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X"
-if [ $? -eq 25 ]; then
-	exit 0
-else
+if [ $? -ne 25 ]; then
 	exit 1
 fi
+
+exit 0
diff --git a/tests/compose/filters/PotentiallyUnwanted.exe_ b/tests/compose/filters/PotentiallyUnwanted.exe_
new file mode 100644
index 00000000..6a12a279
Binary files /dev/null and b/tests/compose/filters/PotentiallyUnwanted.exe_ differ
diff --git a/tests/compose/filters/docker-compose.yml b/tests/compose/filters/docker-compose.yml
index 3eb2d84c..5a508d58 100644
--- a/tests/compose/filters/docker-compose.yml
+++ b/tests/compose/filters/docker-compose.yml
@@ -70,7 +70,7 @@ services:
     hostname: oletools
     restart: always
     networks:
-      - noinet
+      - oletools
 
   antispam:
     image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-local}
@@ -78,21 +78,35 @@ services:
     env_file: mailu.env
     networks:
       - default
-      - noinet
+      - oletools
+      - clamav
     volumes:
       - "/mailu/filter:/var/lib/rspamd"
       - "/mailu/dkim:/dkim"
       - "/mailu/overrides/rspamd:/etc/rspamd/override.d"
     depends_on:
       - front
+      - antivirus
+      - oletools
 
   # Optional services
   antivirus:
-    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-local}
+    image: clamav/clamav-debian:1.2.0-6
     restart: always
-    env_file: mailu.env
+    logging:
+      driver: journald
+      options:
+        tag: mailu-clamav
+    networks:
+      - clamav
     volumes:
-      - "/mailu/filter:/data"
+      - "/mailu/filter/clamav:/var/lib/clamav"
+    healthcheck:
+      test: ["CMD-SHELL", "kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 10s
 
   resolver:
     image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-local}
@@ -112,6 +126,8 @@ networks:
       driver: default
       config:
         - subnet: 192.168.203.0/24
-  noinet:
+  clamav:
+    driver: bridge
+  oletools:
     driver: bridge
     internal: true
diff --git a/tests/email_test.py b/tests/email_test.py
index e7cd66ed..68398823 100755
--- a/tests/email_test.py
+++ b/tests/email_test.py
@@ -21,19 +21,31 @@ if len(sys.argv) == 3:
     part.add_header('Content-Disposition', "attachment; filename=%s" % ntpath.basename(sys.argv[2]))
     msg.attach(part)
 
-try:
-    smtp_server = smtplib.SMTP('localhost')
-    smtp_server.set_debuglevel(1)
-    smtp_server.connect('localhost', 587)
-    smtp_server.ehlo()
-    smtp_server.starttls()
-    smtp_server.ehlo()
-    smtp_server.login("admin@mailu.io", "password")
+for i in range(5):
+    try:
+        smtp_server = smtplib.SMTP('localhost')
+        smtp_server.set_debuglevel(1)
+        smtp_server.connect('localhost', 587)
+        smtp_server.ehlo()
+        smtp_server.starttls()
+        smtp_server.ehlo()
+        smtp_server.login("admin@mailu.io", "password")
 
-    smtp_server.sendmail("admin@mailu.io", "user@mailu.io", msg.as_string())
-    smtp_server.quit()
-except:
-    sys.exit(25)
+        smtp_server.sendmail("admin@mailu.io", "user@mailu.io", msg.as_string())
+        smtp_server.quit()
+    except smtplib.SMTPRecipientsRefused:
+            sys.exit(25)
+    except smtplib.SMTPDataError as e:
+        if e.smtp_code == 451:
+            print(f"Not ready attempt {i}")
+            time.sleep(5)
+            continue
+        if e.smtp_code >= 500 and e.smtp_code <600:
+            sys.exit(25)
+        sys.exit(2525)
+    except:
+        sys.exit(2525)
+    break
 
 time.sleep(30)
 
diff --git a/towncrier/newsfragments/2059.misc b/towncrier/newsfragments/2059.misc
new file mode 100644
index 00000000..b6797b81
--- /dev/null
+++ b/towncrier/newsfragments/2059.misc
@@ -0,0 +1 @@
+Switch to upstream's clamav image
diff --git a/towncrier/newsfragments/2824.feature b/towncrier/newsfragments/2824.feature
new file mode 100644
index 00000000..a5c65570
--- /dev/null
+++ b/towncrier/newsfragments/2824.feature
@@ -0,0 +1 @@
+Enhance RESTful API user retrieval with quota used bytes. This is the current size of the user's email box in bytes.
diff --git a/towncrier/newsfragments/2890.bugfix b/towncrier/newsfragments/2890.bugfix
new file mode 100644
index 00000000..bd547567
--- /dev/null
+++ b/towncrier/newsfragments/2890.bugfix
@@ -0,0 +1,5 @@
+Setup:
+Regular expression for checking the Mailu storage path was invalid.
+Added checks to make sure JavaScript is enabled and that all JS files could be loaded. The setup site malfunctions if this is not the case.
+Added server side validation of entered values in setup.
+Simplified setup by removing the settings for configuring the WEB_* settings. Advanced users can still modify mailu.env.
\ No newline at end of file
diff --git a/towncrier/newsfragments/2918.misc b/towncrier/newsfragments/2918.misc
new file mode 100644
index 00000000..441806c4
--- /dev/null
+++ b/towncrier/newsfragments/2918.misc
@@ -0,0 +1 @@
+Upgrade dovecot to ensure we can proxy ipv6 via XCLIENT.
diff --git a/towncrier/newsfragments/2928.bugfix b/towncrier/newsfragments/2928.bugfix
new file mode 100644
index 00000000..23bf644b
--- /dev/null
+++ b/towncrier/newsfragments/2928.bugfix
@@ -0,0 +1 @@
+fix fetchmail when used with POP3: disregard "folders"
diff --git a/towncrier/newsfragments/2934.bugfix b/towncrier/newsfragments/2934.bugfix
new file mode 100644
index 00000000..349bc8e1
--- /dev/null
+++ b/towncrier/newsfragments/2934.bugfix
@@ -0,0 +1,3 @@
+Upgrade to alpine 3.18.4: this will fix a bug whereby musl wasn't retrying using TCP when it received truncated DNS replies from its upstream. In practice, this has been seen in the wild when postfix complains of:
+
+"Host or domain name not found. Name service error for name=outlook-com.olc.protection.outlook.com type=AAAA: Host found but no data record of requested type"
diff --git a/towncrier/newsfragments/2935.misc b/towncrier/newsfragments/2935.misc
new file mode 100644
index 00000000..b6219c6d
--- /dev/null
+++ b/towncrier/newsfragments/2935.misc
@@ -0,0 +1 @@
+Add Persian (aka Farsi) Translation
diff --git a/towncrier/newsfragments/2936.feature b/towncrier/newsfragments/2936.feature
new file mode 100644
index 00000000..4f012613
--- /dev/null
+++ b/towncrier/newsfragments/2936.feature
@@ -0,0 +1 @@
+Add ukrainian translation
diff --git a/towncrier/newsfragments/2937.bugfix b/towncrier/newsfragments/2937.bugfix
new file mode 100644
index 00000000..7ccd316c
--- /dev/null
+++ b/towncrier/newsfragments/2937.bugfix
@@ -0,0 +1,2 @@
+forbidden_file_extension.map could not be overridden. This file can be overriden to tweak with file extensions are allowed.
+The instructions on https://mailu.io/master/antispam.html#can-i-change-the-list-of-authorized-file-attachments work again.
diff --git a/towncrier/newsfragments/2939.bugfix b/towncrier/newsfragments/2939.bugfix
new file mode 100644
index 00000000..beadfb33
--- /dev/null
+++ b/towncrier/newsfragments/2939.bugfix
@@ -0,0 +1,4 @@
+Fixed log filter not filtering out log messages for dovecot/nginx/postfix.
+Fixed postfix not logging to standard out.
+Fixed not all containers logging to journald.
+Removed POSTFIX_LOG_FILE functionality. Added documentation on how to achieve the same (log to file) via journald & rsyslogd (see new FAQ entry 'How can I view and export the logs of a Mailu container?').
\ No newline at end of file
diff --git a/towncrier/newsfragments/2945.bugfix b/towncrier/newsfragments/2945.bugfix
new file mode 100644
index 00000000..175548b3
--- /dev/null
+++ b/towncrier/newsfragments/2945.bugfix
@@ -0,0 +1 @@
+Upgrade webmails: roundcube 1.6.3, rcmcarddav 5.1.0, snappymail 2.28.4
diff --git a/towncrier/newsfragments/2948.feature b/towncrier/newsfragments/2948.feature
new file mode 100644
index 00000000..5b92ab02
--- /dev/null
+++ b/towncrier/newsfragments/2948.feature
@@ -0,0 +1 @@
+Add Traditional Chinese translation
diff --git a/towncrier/newsfragments/2950.misc b/towncrier/newsfragments/2950.misc
new file mode 100644
index 00000000..c21a90a8
--- /dev/null
+++ b/towncrier/newsfragments/2950.misc
@@ -0,0 +1 @@
+Upgrade to snuffleupagus 0.10.0
diff --git a/towncrier/newsfragments/2955.misc b/towncrier/newsfragments/2955.misc
new file mode 100644
index 00000000..42d8719c
--- /dev/null
+++ b/towncrier/newsfragments/2955.misc
@@ -0,0 +1 @@
+Remove the version pinning on hardened malloc
diff --git a/towncrier/newsfragments/2959.bugfix b/towncrier/newsfragments/2959.bugfix
new file mode 100644
index 00000000..9da9c300
--- /dev/null
+++ b/towncrier/newsfragments/2959.bugfix
@@ -0,0 +1,3 @@
+Update hardened malloc as the original package is not available from alpine anymore.
+The newer version of hardened malloc requires AVX2: Disable it by default at startup and hint in the logs when it should be enabled instead.
+Upgrade snappymail to v2.29.1
diff --git a/towncrier/newsfragments/2962.bugfix b/towncrier/newsfragments/2962.bugfix
new file mode 100644
index 00000000..59149a0e
--- /dev/null
+++ b/towncrier/newsfragments/2962.bugfix
@@ -0,0 +1 @@
+Fix letsencrypt on master
diff --git a/towncrier/newsfragments/2971.bugfix b/towncrier/newsfragments/2971.bugfix
new file mode 100644
index 00000000..e247ccbc
--- /dev/null
+++ b/towncrier/newsfragments/2971.bugfix
@@ -0,0 +1,13 @@
+- Switch from fts-xapian to fts-flatcurve. This should address the problem with indexes getting too big and will be the default in dovecot 2.4
+- Enable full-text search of email attachments if configured (via Tika: you'll need to re-run setup)
+
+If you would like more than english to be supported, please ensure you update your FULL_TEXT_SEARCH configuration variable.
+
+You may also want to dispose of old indexes using a command such as:
+
+find /mailu/mail -type d -name xapian-indexes -prune -exec rm -r {} \+
+
+And proactively force a reindexing using:
+
+docker compose exec imap doveadm fts rescan -A
+docker compose exec imap doveadm user '*'|while read u; do docker compose exec imap doveadm index -u $u '*'; done
diff --git a/towncrier/newsfragments/2974.feature b/towncrier/newsfragments/2974.feature
new file mode 100644
index 00000000..5351654e
--- /dev/null
+++ b/towncrier/newsfragments/2974.feature
@@ -0,0 +1 @@
+Enhance RESTful API with functionality for managing authentication tokens of users
diff --git a/towncrier/newsfragments/2977.misc b/towncrier/newsfragments/2977.misc
new file mode 100644
index 00000000..afc9c97b
--- /dev/null
+++ b/towncrier/newsfragments/2977.misc
@@ -0,0 +1 @@
+Improve FTS by adding the snowball filter. This should significantly cut down the size of indexes. You may want to re-index after upgrading.
diff --git a/towncrier/newsfragments/2985.misc b/towncrier/newsfragments/2985.misc
new file mode 100644
index 00000000..fdcc52eb
--- /dev/null
+++ b/towncrier/newsfragments/2985.misc
@@ -0,0 +1,2 @@
+- Upgrade to roundcube 1.6.4 (fix XSS)
+- Implement a new check to make it clear that unsupported setups are unsupported
diff --git a/towncrier/newsfragments/2990.misc b/towncrier/newsfragments/2990.misc
new file mode 100644
index 00000000..6d122e90
--- /dev/null
+++ b/towncrier/newsfragments/2990.misc
@@ -0,0 +1 @@
+Fix letsencrypt
diff --git a/towncrier/newsfragments/3007.misc b/towncrier/newsfragments/3007.misc
new file mode 100644
index 00000000..69f46598
--- /dev/null
+++ b/towncrier/newsfragments/3007.misc
@@ -0,0 +1 @@
+Introduce AUTH_REQUIRE_TOKENS to enforce that thick clients use tokens instead of passwords
diff --git a/towncrier/newsfragments/3023.feature b/towncrier/newsfragments/3023.feature
new file mode 100644
index 00000000..1bc39cb1
--- /dev/null
+++ b/towncrier/newsfragments/3023.feature
@@ -0,0 +1 @@
+Add "download zonefile" button to domain configuration and un-split dkim key in dns table
diff --git a/towncrier/newsfragments/3024.misc b/towncrier/newsfragments/3024.misc
new file mode 100644
index 00000000..c5f34547
--- /dev/null
+++ b/towncrier/newsfragments/3024.misc
@@ -0,0 +1 @@
+Upgrade to roundcube 1.6.5 (fix XSS)
diff --git a/towncrier/newsfragments/3032.misc b/towncrier/newsfragments/3032.misc
new file mode 100644
index 00000000..1ecc2b57
--- /dev/null
+++ b/towncrier/newsfragments/3032.misc
@@ -0,0 +1 @@
+Update all python dependencies in preparation of next Mailu release.
diff --git a/towncrier/newsfragments/3048.bugfix b/towncrier/newsfragments/3048.bugfix
new file mode 100644
index 00000000..0bc83bbb
--- /dev/null
+++ b/towncrier/newsfragments/3048.bugfix
@@ -0,0 +1 @@
+Ensure that we do not silently discard PUAs flagged by clamav. Instead we will reject emails.
diff --git a/webmails/Dockerfile b/webmails/Dockerfile
index cf468314..09fbd8ee 100644
--- a/webmails/Dockerfile
+++ b/webmails/Dockerfile
@@ -19,6 +19,7 @@ RUN set -euxo pipefail \
     aspell-uk aspell-ru aspell-fr aspell-de aspell-en \
   ; rm /etc/nginx/http.d/default.conf \
   ; rm /etc/php81/php-fpm.d/www.conf \
+  ; mkdir -m 700 /root/.gnupg/ \
   ; gpg --import /tmp/snappymail.asc \
   ; gpg --import /tmp/roundcube.asc \
   ; echo extension=snuffleupagus > /etc/php81/conf.d/snuffleupagus.ini \
@@ -26,14 +27,14 @@ RUN set -euxo pipefail \
   ; mkdir -p /run/nginx /conf
 
 # roundcube
-ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.1/roundcubemail-1.6.1-complete.tar.gz
-ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v5.0.1/carddav-v5.0.1.tar.gz
+ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.5/roundcubemail-1.6.5-complete.tar.gz
+ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v5.1.0/carddav-v5.1.0.tar.gz
 
 RUN set -euxo pipefail \
   ; cd /var/www \
   ; curl -sLo /dev/shm/roundcube.tgz ${ROUNDCUBE_URL} \
   ; curl -sLo /dev/shm/roundcube.tgz.asc ${ROUNDCUBE_URL}.asc \
-  ; gpg --status-fd 1 --verify /dev/shm/roundcube.tgz.asc \
+  ; gpg --status-fd 1 --verify /dev/shm/roundcube.tgz.asc /dev/shm/roundcube.tgz \
   ; tar xzf /dev/shm/roundcube.tgz \
   ; curl -sL ${CARDDAV_URL} | tar xz \
   ; mv roundcubemail-* roundcube \
@@ -52,15 +53,15 @@ COPY roundcube/config/config.inc.carddav.php /var/www/roundcube/plugins/carddav/
 
 # snappymail
 
-ENV SNAPPYMAIL_URL https://github.com/the-djmaze/snappymail/releases/download/v2.26.4/snappymail-2.26.4.tar.gz
+ENV SNAPPYMAIL_URL https://github.com/the-djmaze/snappymail/releases/download/v2.29.1/snappymail-2.29.1.tar.gz
 
 RUN set -euxo pipefail \
   ; mkdir  /var/www/snappymail \
   ; cd /var/www/snappymail \
   ; curl -sLo /dev/shm/snappymail.tgz  ${SNAPPYMAIL_URL} \
   ; curl -sLo /dev/shm/snappymail.tgz.asc  ${SNAPPYMAIL_URL}.asc \
-  ; gpg --status-fd 1 --verify /dev/shm/snappymail.tgz.asc \
-  ; tar xzf /dev/shm/snappymail.tgz
+  ; gpg --status-fd 1 --verify /dev/shm/snappymail.tgz.asc /dev/shm/snappymail.tgz \
+  ; cat /dev/shm/snappymail.tgz | tar xz
 
 # SnappyMail login
 COPY snappymail/login/include.php /var/www/snappymail/
diff --git a/webmails/roundcube/config/config.inc.php b/webmails/roundcube/config/config.inc.php
index 045919da..0791bad9 100644
--- a/webmails/roundcube/config/config.inc.php
+++ b/webmails/roundcube/config/config.inc.php
@@ -18,6 +18,11 @@ $config['session_lifetime'] = {{ (((PERMANENT_SESSION_LIFETIME | default(10800))
 $config['request_path'] = '{{ WEB_WEBMAIL or "none" }}';
 $config['trusted_host_patterns'] = [ {{ HOSTNAMES.split(",") | map("tojson") | join(',') }}];
 
+{% if (FULL_TEXT_SEARCH or '').lower() not in ['off', 'false', '0'] %}
+$config['search_mods'] = ['*' => ['subject'=>1, 'from'=>1, 'to'=>1, 'cc'=>1, 'bcc'=>1, 'replyto'=>1, 'followupto'=>1, 'body'=>1]];
+$config['search_scope'] = 'sub';
+{% endif %}
+
 // Mail servers
 $config['imap_host'] = 'tls://{{ FRONT_ADDRESS or "front" }}:10143';
 $config['imap_conn_options'] = array(
diff --git a/webmails/snappymail/defaults/default.json b/webmails/snappymail/defaults/default.json
index d7659405..12252aee 100644
--- a/webmails/snappymail/defaults/default.json
+++ b/webmails/snappymail/defaults/default.json
@@ -12,7 +12,10 @@
             "SNI_enabled": true,
             "disable_compression": true,
             "security_level": 1
-        }
+        },
+	{% if (FULL_TEXT_SEARCH or '').lower() not in ['off', 'false', '0'] %}
+        "fast_simple_search": "false"
+	{% endif %}
     },
     "SMTP": {
         "host": "{{ FRONT_ADDRESS }}",
diff --git a/webmails/snuffleupagus.rules b/webmails/snuffleupagus.rules
index 5e619a8a..b3f69819 100644
--- a/webmails/snuffleupagus.rules
+++ b/webmails/snuffleupagus.rules
@@ -43,6 +43,7 @@ sp.disable_function.function("mail").param("additional_parameters").value_r("\\-
 
 # Since it's now burned, me might as well mitigate it publicly
 sp.disable_function.function("putenv").param("assignment").value_r("LD_").drop()
+sp.disable_function.function("putenv").param("assignment").value("PATH").drop()
 
 # This one was burned in Nov 2019 - https://gist.github.com/LoadLow/90b60bd5535d6c3927bb24d5f9955b80
 sp.disable_function.function("putenv").param("assignment").value_r("GCONV_").drop()