diff --git a/production/haraka-wildduck/docker-compose.yml b/production/haraka-wildduck/docker-compose.yml
new file mode 100644
index 0000000..28f4f00
--- /dev/null
+++ b/production/haraka-wildduck/docker-compose.yml
@@ -0,0 +1,87 @@
+version: "2.3"
+services:
+    wildduck:
+        build: ./wildduck
+        hostname: wildduck
+        container_name: wildduck
+        restart: always
+        entrypoint:
+          - /bin/bash
+          - /entrypoint.sh
+        ports:
+          - "25:25"
+          - "587:587"
+          - "993:993"
+        expose:
+          - 80
+          - 12080
+        volumes:
+          - ./entrypoint.sh:/entrypoint.sh:ro
+          - /opt/docker/secure:/secure:ro
+          - ./wildduck/config:/wildduck/config
+          - ./wildduck-mta/config:/wildduck-mta/config
+          - ./haraka/config:/haraka/config
+        depends_on:
+          - redis
+          - mongo
+        networks:
+          mynet:
+            ipv4_address: 172.200.0.101
+
+    redis:
+        image: redis:alpine
+        hostname: redis
+        container_name: redis
+        restart: always
+        volumes:
+          - ./redis:/data
+        expose:
+          - 6379
+        networks:
+          mynet:
+            ipv4_address: 172.200.0.102
+    
+    mongo:
+        image: mongo
+        hostname: mongo
+        container_name: mongo
+        restart: always
+        volumes:
+          - ./mongodb:/data/db
+        expose:
+          - 27017
+        networks:
+          mynet:
+            ipv4_address: 172.200.0.103
+
+    webmail:
+        build: ./webmail
+        hostname: webmail
+        container_name: webmail
+        restart: always
+        working_dir: /webmail
+        entrypoint:
+          - node
+          - server.js
+          - --config=/webmail/config/default.toml
+        expose:
+          - 3000
+        volumes:
+          - ./webmail/config:/webmail/config
+          - ./webmail/views:/webmail/views
+          - ./webmail/logo.png:/webmail/public/logo.png
+        depends_on:
+          - redis
+          - mongo
+          - wildduck
+        networks:
+          mynet:
+            ipv4_address: 172.200.0.104
+
+
+networks:
+  mynet:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.200.0.0/24
diff --git a/production/haraka-wildduck/entrypoint.sh b/production/haraka-wildduck/entrypoint.sh
new file mode 100644
index 0000000..6f5663a
--- /dev/null
+++ b/production/haraka-wildduck/entrypoint.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+sudo service rspamd start
+cd /haraka
+node haraka.js &
+cd /wildduck
+node server.js &
+cd /wildduck-mta
+npm start --production &
+/bin/sleep infinity
diff --git a/production/haraka-wildduck/haraka/config/access.domains b/production/haraka-wildduck/haraka/config/access.domains
new file mode 100755
index 0000000..17b50fc
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/access.domains
@@ -0,0 +1,13 @@
+# Basic whitelist/blacklist mechanism for domains and e-mail addresses
+# add a single domain or e-mail per line
+# default behavior for entries is to DENY or blacklist
+# reverse behavior by prepending an exclamation point !
+# foo.com    <-- denied
+# !foo.com   <-- allowed
+#
+# More complex/granular behaviors are possible, e.g.
+# To block everything claiming to be from aol.com, but still allow a single aol address:
+# aol.com
+# !friend@aol.com
+#
+# See full docs for details:  http://haraka.github.io/manual/plugins/access.html
diff --git a/production/haraka-wildduck/haraka/config/access.ini b/production/haraka-wildduck/haraka/config/access.ini
new file mode 100755
index 0000000..2d6a1a9
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/access.ini
@@ -0,0 +1,6 @@
+[check]
+any=false
+conn=true
+helo=false
+mail=true
+rcpt=true
diff --git a/production/haraka-wildduck/haraka/config/aliases b/production/haraka-wildduck/haraka/config/aliases
new file mode 100755
index 0000000..5f7a27b
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/aliases
@@ -0,0 +1,14 @@
+{
+  "postmaster@hatthieves.es": {
+    "action": "alias", "to": ["webmaster@hatthieves.es"]
+  },
+  "info@hatthieves.es": {
+    "action": "alias", "to": ["webmaster@hatthieves.es"]
+  },
+  "admin@hatthieves.es": {
+    "action": "alias", "to": ["webmaster@hatthieves.es"]
+  },
+  "root@hatthieves.es": {
+    "action": "alias", "to": ["webmaster@hatthieves.es"]
+  }
+}
diff --git a/production/haraka-wildduck/haraka/config/attachment.ctype.regex b/production/haraka-wildduck/haraka/config/attachment.ctype.regex
new file mode 100755
index 0000000..0798108
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/attachment.ctype.regex
@@ -0,0 +1,2 @@
+executable
+partial
diff --git a/production/haraka-wildduck/haraka/config/attachment.filename.regex b/production/haraka-wildduck/haraka/config/attachment.filename.regex
new file mode 100755
index 0000000..954d4f5
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/attachment.filename.regex
@@ -0,0 +1 @@
+\.(?:ade|adp|bat|chm|cmd|com|cpl|dll|exe|hta|ins|isp|jar|js|jse|lib|lnk|mde|msc|msp|mst|pif|scr|sct|shb|sys|vb|vbe|vbs|vxd|wsc|wsf|wsh)$
diff --git a/production/haraka-wildduck/haraka/config/auth_flat_file.ini b/production/haraka-wildduck/haraka/config/auth_flat_file.ini
new file mode 100755
index 0000000..dc6118f
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/auth_flat_file.ini
@@ -0,0 +1,5 @@
+[core]
+methods=CRAM-MD5
+
+[users]
+; matt=test
diff --git a/production/haraka-wildduck/haraka/config/auth_vpopmaild.ini b/production/haraka-wildduck/haraka/config/auth_vpopmaild.ini
new file mode 100755
index 0000000..ff15a0d
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/auth_vpopmaild.ini
@@ -0,0 +1,7 @@
+host=127.0.0.6
+port=89
+;sysadmin=postmaster@example.com:sekret
+
+[example.com]
+host=127.0.0.10
+;sysadmin=postmaster@example.com:sekret
diff --git a/production/haraka-wildduck/haraka/config/avg.ini b/production/haraka-wildduck/haraka/config/avg.ini
new file mode 100755
index 0000000..a5a4c51
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/avg.ini
@@ -0,0 +1,5 @@
+;host=
+;port=54322
+;tmpdir=/tmp
+;connect_timeout=10
+;session_timeout=30
diff --git a/production/haraka-wildduck/haraka/config/bounce.ini b/production/haraka-wildduck/haraka/config/bounce.ini
new file mode 100755
index 0000000..0196627
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/bounce.ini
@@ -0,0 +1,13 @@
+[check]
+reject_all=false
+single_recipient=true
+empty_return_path=true
+bad_rcpt=true
+bounce_spf=true
+non_local_msgid=true
+
+[reject]
+single_recipient=true
+empty_return_path=true
+bounce_spf=false
+non_local_msgid=false
diff --git a/production/haraka-wildduck/haraka/config/clamd.ini b/production/haraka-wildduck/haraka/config/clamd.ini
new file mode 100644
index 0000000..4173089
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/clamd.ini
@@ -0,0 +1,5 @@
+
+clamd_socket = /run/clamav/clamd.sock
+[reject]
+virus=true
+error=false
diff --git a/production/haraka-wildduck/haraka/config/data.headers.ini b/production/haraka-wildduck/haraka/config/data.headers.ini
new file mode 100755
index 0000000..893bd0a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/data.headers.ini
@@ -0,0 +1,62 @@
+; configuration for data.headers plugin
+
+; Requiring a date header will cause the loss of valid mail. The JavaMail
+; sender used by some banks, photo processing services, health insurance
+; companies, bounce senders, and others send messages without a Date header.
+;
+; If you can afford to reject some valid mail, please do enforce this, and
+; encourage mailers toward RFC adherence. Otherwise, do not require Date.
+
+; Headers that MUST be present (RFC 5322)
+; required=From,Date   ; <-- RFC 5322 compliant
+required=From,Date
+
+; Received
+; If you have no outbound, add 'Received' to the required list for an
+; aggressive anti-spam measure. It works because all real mail relays will
+; add a `Received` header. It may false positive on some bulk mail that
+; uses a custom tool to send, but this appears to be fairly rare.
+
+; If the date header is present, and future and/or past days are
+; defined, it will be validated. 0 = disabled
+date_future_days=2
+date_past_days=15
+
+
+; Headers that MUST be unique if present (RFC 5322)
+; singular=Date,From,Sender,Reply-To,To,Cc,Bcc,Message-Id,In-Reply-To,References,Subject (RFC 5322)
+singular=Date,From,Sender,Reply-To,To,Cc,Bcc,Message-Id,In-Reply-To,References,Subject
+
+; enable/disable the various header checks
+[check]
+; duplicate_singular=true
+; missing_required=true
+; invalid_return_path=true
+; invalid_date=true
+; user_agent=true
+; direct_to_mx=true
+; from_match=true
+; mailing_list=true
+; delivered_to=true
+
+
+[reject]
+; reject switches for each header check
+; default are shown. Rejecting based on any of these
+; criteria will result in the loss of valid mail.
+;
+; duplicate_singular=false
+; missing_required=false
+; invalid_return_path=false
+; invalid_date=false
+
+; arriving messages should not have Delivered-To set to the RCPT TO address.
+; delivered_to=true
+
+; these 4 do not have reject support, and likely shouldn't.
+; user_agent=false
+; direct_to_mx=false
+; from_match=false
+; from_match=true
+; mailing_list=false
+
diff --git a/production/haraka-wildduck/haraka/config/data.uribl.excludes b/production/haraka-wildduck/haraka/config/data.uribl.excludes
new file mode 100755
index 0000000..432e234
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/data.uribl.excludes
@@ -0,0 +1,202 @@
+# List derived from SpamAssassin
+126.com
+163.com
+2o7.net
+4at1.com
+5iantlavalamp.com
+about.com
+adelphia.net
+adobe.com
+agora-inc.com
+agoramedia.com
+akamai.net
+akamaitech.net
+alexa.com
+amazon.com
+ancestry.com
+aol.com
+apache.org
+apple.com
+arcamax.com
+ask.com
+astrology.com
+atdmt.com
+att.net
+baidu.com
+bbc.co.uk
+bcentral.com
+bellsouth.net
+bfi0.com
+bing.com
+bridgetrack.com
+cafe24.com
+charter.net
+citibank.com
+citizensbank.com
+cjb.net
+classmates.com
+clickbank.net
+cnet.com
+cnn.com
+comcast.net
+com.com
+com.ne.kr
+corporate-ir.net
+cox.net
+craigslist.org
+cs.com
+custhelp.com
+daum.net
+dd.se
+debian.org
+dell.com
+directnic.com
+directtrack.com
+div.tk
+domain.com
+doubleclick.com
+dsbl.org
+earthlink.net
+ebay.com
+ebay.co.uk
+ebay.de
+ebayimg.com
+ebaystatic.com
+edgesuite.net
+ediets.com
+egroups.com
+emode.com
+example.com
+example.net
+example.org
+excite.com
+facebook.com
+fedex.com
+flickr.com
+freebsd.org
+free.fr
+f-secure.com
+gentoo.org
+geocities.com
+gmail.com
+gmx.net
+go.com
+godaddy.com
+googleadservices.com
+google.co.in
+google.com
+google.it
+grisoft.com
+hallmark.com
+hinet.net
+hotbar.com
+hotmail.com
+hotpop.com
+hp.com
+ibm.com
+incredimail.com
+investorplace.com
+ivillage.com
+joingevalia.com
+juno.com
+kernel.org
+li.tk
+livejournal.com
+lycos.com
+m7z.net
+mac.com
+macromedia.com
+mail.com
+mail.ru
+mailscanner.info
+marketwatch.com
+mcafee.com
+mchsi.com
+messagelabs.com
+microsoft.com
+military.com
+mindspring.com
+mit.edu
+monster.com
+mozilla.com
+msn.com
+myspace.com
+nate.com
+netflix.com
+netscape.com
+netscape.net
+netzero.net
+norman.com
+nytimes.com
+openoffice.org
+openxmlformats.org
+optonline.net
+osdn.com
+overstock.com
+pacbell.net
+pandasoftware.com
+passport.com
+paypal.com
+peoplepc.com
+plaxo.com
+prodigy.net
+p.tk
+radaruol.com.br
+real.com
+redhat.com
+rediff.com
+regions.com
+regionsnet.com
+rogers.com
+rr.com
+sbcglobal.net
+sec.gov
+sf.net
+shaw.ca
+shockwave.com
+smithbarney.com
+sourceforge.net
+spamcop.net
+speedera.net
+sportsline.com
+sun.com
+suntrust.com
+sympatico.ca
+tails.nl
+telus.net
+terra.com.br
+ticketmaster.com
+tinyurl.com
+tiscali.co.uk
+tom.com
+tone.co.nz
+t-online.de
+tux.org
+twitter.com
+uol.com.br
+ups.com
+usps.com
+verizon.net
+w3.org
+wamu.com
+wanadoo.fr
+washingtonpost.com
+weatherbug.com
+web.de
+webshots.com
+webtv.net
+wordpress.com
+wsj.com
+xmlsoap.org
+yahoo.ca
+yahoo.co.jp
+yahoo.co.kr
+yahoo.com
+yahoo.com.br
+yahoo.co.uk
+yahoogroups.com
+yimg.com
+yopi.de
+yoursite.com
+youtube.com
+zdnet.com
diff --git a/production/haraka-wildduck/haraka/config/data.uribl.ini b/production/haraka-wildduck/haraka/config/data.uribl.ini
new file mode 100755
index 0000000..990067c
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/data.uribl.ini
@@ -0,0 +1,37 @@
+; If DBL not IPv6 compatible set:
+; not_ipv6_compatible=1
+
+[dbl.spamhaus.org]
+validate=^(?:127|172)
+rdns=1
+helo=1
+envfrom=1
+from=1
+msgid=1
+body=1
+no_ip_lookups=1
+custom_msg={uri} listed in {zone}; see http://www.spamhaus.org/query/dbl?domain={uri}
+
+[multi.uribl.com]
+validate=^(?:127|172)
+strip_to_domain=1
+; BLACK list only
+bitmask=2
+body=1
+custom_msg={uri} listed in {zone}; see http://lookup.uribl.com/?domain={uri}
+
+[multi.surbl.org]
+validate=^(?:127|172)
+strip_to_domain=1
+body=1
+
+;[fresh15.spameatingmonkey.net]
+;validate=^127
+;rdns=1
+;helo=1
+;envfrom=1
+;from=1
+;msgid=1
+;body=1
+;no_ip_lookups=1
+;custom_msg={uri} domain registered within the last 15 days; see http://spameatingmonkey.com/lookup/{uri}
diff --git a/production/haraka-wildduck/haraka/config/databytes b/production/haraka-wildduck/haraka/config/databytes
new file mode 100644
index 0000000..56e1e76
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/databytes
@@ -0,0 +1 @@
+26214400
diff --git a/production/haraka-wildduck/haraka/config/delay_deny.ini b/production/haraka-wildduck/haraka/config/delay_deny.ini
new file mode 100755
index 0000000..029f044
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/delay_deny.ini
@@ -0,0 +1,8 @@
+
+; excluded plugins: a list of denials that are to be excluded (ie, all the immediate rejection)
+; Examples: <plugin>
+;           <plugin>:<hook>
+;           <plugin>:<hook>:<function name>
+; 
+;excluded_plugins=spf,lookup_rdns_strict
+;excluded_plugins=data.uribl:lookup_rdns:hook_lookup_rdns
diff --git a/production/haraka-wildduck/haraka/config/dhparams.pem b/production/haraka-wildduck/haraka/config/dhparams.pem
new file mode 100644
index 0000000..dc8975b
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/dhparams.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAojogVOvUcEffntS6DTp5zIMGWPJrFW8ZxZKIvSYUUlGD/QGWk8/T
+CV6irXW7PrfGaOqn3DR+gHjwxoDHvz7tv5mBLvGgWDdEn4/4FNfdYIL3tC2E7Uaw
+e2OwUCUgwWYh9Uytssrt0TXyjrAR54MEucU2ObS47m0sVkNNnRT1EfJU/LGC+Qtf
+MVSL9FsLBZsexdQHJRXdUaInt/PclKgju0+D1gEzWBagqIPojukmuwl/kPSiV/qe
+70By3wWp+fVZw5BXnXDKfQZ6Ox5nirNLPEZa4CaOEOfaTIsFhCBzn7wnLPWEp/Y+
+VfnMbTRnRTP7HfrPw/MMCB7LYtVZU4JEUwIBAg==
+-----END DH PARAMETERS-----
diff --git a/production/haraka-wildduck/haraka/config/dkim/dkim_key_gen.sh b/production/haraka-wildduck/haraka/config/dkim/dkim_key_gen.sh
new file mode 100644
index 0000000..8e279c8
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/dkim/dkim_key_gen.sh
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+usage() {
+    echo "   usage: $0 <example.com> [haraka username]"
+    echo " "
+    exit
+}
+
+if [ -z "$1" ];
+then
+    usage
+fi
+
+DOMAIN=$1
+SMTPD=$2
+if [ -z "$SMTPD" ];
+then
+    SMTPD="www"
+fi
+
+# create a directory for each DKIM signing domain
+mkdir -p "$DOMAIN"
+cd "$DOMAIN" || exit
+
+# The selector can be any value that is a valid DNS label
+# create in the common format: mmmYYYY (apr2014)
+date '+%h%Y' | tr "[:upper:]" "[:lower:]" > selector
+
+# generate private and public keys
+#            key length considerations
+# The minimum recommended key length for short duration keys (ones that
+# will be replaced within a few months) is 1024. If you are unlikely to
+# rotate your keys frequently, choose 2048, at the expense of more CPU.
+openssl genrsa -out private 2048
+chmod 400 private
+openssl rsa -in private -out public -pubout
+
+DNS_NAME="$(tr -d "\n" < selector)._domainkey"
+DNS_ADDRESS="v=DKIM1;p=$(grep -v -e '^-' public | tr -d "\n")"
+
+# fold width is arbitrary, any value between 80 and 255 is reasonable.
+BIND_SPLIT_ADDRESS="$(echo "$DNS_ADDRESS" | fold -w 110 | sed -e 's/^/	"/g; s/$/"/g')"
+
+# make it really easy to publish the public key in DNS
+# by creating a file named 'dns', with instructions
+cat > dns <<EO_DKIM_DNS
+
+Add this TXT record to the $DOMAIN DNS zone.
+
+$DNS_NAME    IN   TXT   $DNS_ADDRESS
+
+
+BIND zone file formatted:
+
+$DNS_NAME    IN   TXT (
+$BIND_SPLIT_ADDRESS
+        )
+
+Tell the world that the ONLY mail servers that send mail from this domain are DKIM signed and/or bear our MX and A records.
+
+With SPF:
+
+        SPF "v=spf1 mx a -all"
+        TXT "v=spf1 mx a -all"
+
+With DMARC:
+
+_dmarc  TXT "v=DMARC1; p=reject; adkim=s; aspf=r; rua=mailto:dmarc-feedback@$DOMAIN; ruf=mailto:dmarc-feedback@$DOMAIN; pct=100"
+
+For more information about DKIM and SPF policy, the documentation within each plugin contains a longer discussion and links to more detailed information:
+
+   haraka -h dkim_sign
+   haraka -h spf
+
+
+EO_DKIM_DNS
+
+cd ..
diff --git a/production/haraka-wildduck/haraka/config/dkim_private.key b/production/haraka-wildduck/haraka/config/dkim_private.key
new file mode 100644
index 0000000..f3d416a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/dkim_private.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAwW/PdLPz9OkDAU57zdV22m7jZdLPfyWzwzmhYOvzcZkxUpFd
+5+t7BLY5zt2DzF2iKiAhT2op5/FO2UuPYPms+YGVzrT7IIrHz0+3fDJEC1f/rnwE
+JvpoCynx0ae7TiO3ITsioDaoyxtzu0cqB8X86hqdH4uz800qZn0yWUaMK+evW9HE
+uvTcnXef854vDOEfQgoPO9sF1P9vVnP/ArhS0PIdtOiZMcvC1hT4Gh07NDPir2//
+Ubg534ubaq0vbTctXshoFonACz5Z/3To3gpsmKczWmuJcs+3t66a/OKOQzC9+Qn2
+8xI1PMxINJU8nli7okCA5EcrRnstH7CBlFxJHQIDAQABAoIBADhxWrRv6eh1sVXJ
+Q+DMv9B++MV2XOt54dk+ULOKRc/I5pZ0KlWI5a17SqTtCA8y5yWpmG6myLGQPPS0
+0pJ2aB2pzT+ymXBmbmU0mpKXzDkPJWEReNiyyncvdws5CTOEwmPk8HaVXG1fhkaI
+PmBkSic5Os3AovKEerHLKEzag/4vKrfKNnnDuEbjhJRzvwU73SmoeGhyADIo2r7T
+xx9R6b7e035PMLcFXNpj/6tSj2hW8gj4DEC8gjAMVVPZJNqFvUEcK5cT75uOK5UA
+9uN0h6lzHAfmYt5OJm+3MFuGATTAOQOu7HKDiV4kCNyUFoAEWnYKnB6UoUAS+PoW
+1e/1ouECgYEA+qPn0r1WU5ei6cXPYaD+MmP2xPI+b75xwQ6yOkKNy9yWHbjzTLTw
+bLe9Xp2j4dNEmALvVtL+q24WgDKB8HDDZG0JTE330UsNz+1rux2aarNCXT22JjMj
+RKPYRiBN5H+LiXW3RFMzWv+4AHLk+0Ehyu3raspoeuWUjHhG3pvHuvUCgYEAxZLA
+nbFkFkLWmzfG24uFgVza+FjCoxJE1+DG5X52T2ooUjgHrcghhrd6cfakEhuEr5Kt
+irmk8QEetwByImHubSo4fh8Hn0PymINBhrCAWfTHVOaGk42gQeU3GvQHqUkbsmEG
+vPCl5G4w2SGlt/wv/GmsCGq+hbD3NqC/mCTGzIkCgYAgWcWTWuLomTrq56BT3p7Q
+zDxOwWGztKYkIAx7HpoExS0PGw80SGp77d9gdgJwJH/HCyHvV/6NDAGVfG9vJG7j
+6Hr5wVqKRiC7RM7R8Qk8WnTnag63sYQM2QUSUBsdsiTFkk8cX4zSYw1R6YKKt6Zv
+9fOb7hI8QqPA2clz9DF8fQKBgBNnCgtydEXLYo/ztk+xL/c4SzjAXrzs+l3I8T9w
+X+YEotkQL5Ddao10T04JzqsIkMs9OFW7TXtthLqsDIlb3LJTxyB7o5/8aEKaAUFc
+6/3pj/nCeczbx7Uw8WxwMqBpUZL+/E5pw6DfQWTRbRjYZ03+gqqA8Rzn+B8hQi+K
+zQshAoGAIyLLecmZJu8Z0/6++nKTd5RWuFRSFnbzJc+jRWrpIIy2Zr4MtdjGE8LU
+89CX9MZzgjSEqBzg5q2p/rARluNDrdVBKN18txeY5r2kLzjO60blao5f0Cp3GKEC
+OB9Gw9Lx1wrpz2Q+Rrq/qMdC/CufQjieTnq7LMVLa2X4OllNAOA=
+-----END RSA PRIVATE KEY-----
diff --git a/production/haraka-wildduck/haraka/config/dkim_sign.ini b/production/haraka-wildduck/haraka/config/dkim_sign.ini
new file mode 100755
index 0000000..732d5a0
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/dkim_sign.ini
@@ -0,0 +1,5 @@
+disabled = false
+selector = dkim
+domain = hatthieves.es
+headers_to_sign = From, Sender, Reply-To, Subject, Date, Message-ID, To, Cc, MIME-Version
+dkim.private.key = /secure/dkim_private.key
diff --git a/production/haraka-wildduck/haraka/config/dnsbl.ini b/production/haraka-wildduck/haraka/config/dnsbl.ini
new file mode 100755
index 0000000..717f5ad
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/dnsbl.ini
@@ -0,0 +1,23 @@
+
+; reject: (default: true)
+;      denies connections from IPs on any active DNSBL
+reject=true
+
+; periodically check each DNSBL, disabling ones that fail checks
+periodic_checks = 30
+
+; search: Default (first)
+;     first: consider first DNSBL response conclusive. End processing.
+;     all:   process all DNSBL results
+search=first
+
+; enable_stats (Default: false)
+;   stores stats in a Redis DB (see plugins/dns_list_base)
+;enable_stats=true
+
+; stats_redis_host (Default: localhost)
+
+
+; zones: a comma separated list of DNSBL zones
+;        or list DNSBL zones in config/dnsbl.zones
+zones=zen.spamhaus.org
diff --git a/production/haraka-wildduck/haraka/config/early_talker.ini b/production/haraka-wildduck/haraka/config/early_talker.ini
new file mode 100755
index 0000000..481ac00
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/early_talker.ini
@@ -0,0 +1,11 @@
+
+; delay in seconds
+pause=5
+
+; terminate the connection? (default: true)
+; reject=false
+
+; Whitelist of client IP ranges to skip delay on
+[ip_whitelist]
+::1
+127.0.0.1
diff --git a/production/haraka-wildduck/haraka/config/fcrdns.ini b/production/haraka-wildduck/haraka/config/fcrdns.ini
new file mode 100755
index 0000000..65ecf4e
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/fcrdns.ini
@@ -0,0 +1,14 @@
+[reject]
+; reject if the IP address has no PTR record
+no_rdns=true
+
+; reject if the FCrDNS test fails
+no_fcrdns=true
+
+; reject if the PTR points to a hostname without a valid TLD
+invalid_tld=false
+
+; reject if the rDNS is generic, examples:
+; 1.2.3.4.in.addr.arpa
+; c-67-171-0-90.hsd1.wa.comcast.net
+generic_rdns=false
diff --git a/production/haraka-wildduck/haraka/config/greylist.ini b/production/haraka-wildduck/haraka/config/greylist.ini
new file mode 100755
index 0000000..69577fd
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/greylist.ini
@@ -0,0 +1,43 @@
+; Config for greylisting plugin
+
+; greylisting action text
+text = Greylisted. Please come back later.
+
+[redis]
+host = 127.0.0.1
+; port = 6379
+db = 11
+
+[skip]
+; skip for DNSWL hosts having high reputation
+dnswlorg = true
+mailspikewl = true
+
+[period]
+# transition path: first_connect --> black (defer) --> grey(allow) --> white (allow) --> expired
+
+# 14 minutes
+black = 850
+# 25 hours
+grey = 90000
+# 35 days
+white = 3024000
+
+[envelope_whitelist]
+# Envelope emails or domains, one per line
+
+
+[ip_whitelist]
+# IP or Subnet, one per line
+
+
+[recipient_whitelist]
+# Recipient emails or domains, one per line
+
+
+[special_dynamic_domains]
+# Put domains that should be always treated as dynamic here.
+# Pattern is matched at the end of rdns
+
+# SiteGround VPS service
+sgvps.net
diff --git a/production/haraka-wildduck/haraka/config/helo.checks.ini b/production/haraka-wildduck/haraka/config/helo.checks.ini
new file mode 100755
index 0000000..e20b18c
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/helo.checks.ini
@@ -0,0 +1,57 @@
+; disable checks or reject for each test if you are worried about strictness
+
+;dns_timeout=30
+
+[check]
+; match_re=true
+bare_ip=true
+; dynamic=true
+; big_company=true
+; literal_mismatch:  1 = exact IP match, 2 = IP/24 match, 3 = /24 or RFC1918
+; literal_mismatch=2
+valid_hostname=true
+forward_dns=true
+rdns_match=true
+; host_mismatch:  hostname differs between EHLO invocations
+host_mismatch=true
+; proto_mismatch: host sent EHLO but then tries to sent HELO or vice-versa
+proto_mismatch=true
+
+[reject]
+host_mismatch=true
+; proto_mismatch=false
+proto_mismatch=true
+; rdns_match=false
+rdns_match=true
+; dynamic=false
+; bare_ip=false
+bare_ip=true
+; literal_mismatch=false
+; valid_hostname=false
+valid_hostname=true
+; forward_dns=false
+forward_dns=true
+; big_company=true
+
+[skip]
+; private_ip=true
+; relaying=true
+; whitelist=true  ; TODO
+
+[bigco]
+msn.com=msn.com
+hotmail.com=hotmail.com
+yahoo.com=yahoo.com,yahoo.co.jp
+yahoo.co.jp=yahoo.com,yahoo.co.jp
+yahoo.co.uk=yahoo.co.uk
+excite.com=excite.com,excitenetwork.com
+mailexcite.com=excite.com,excitenetwork.com
+yahoo.co.jp=yahoo.com,yahoo.co.jp
+mailexcite.com=excite.com,excitenetwork.com
+aol.com=aol.com
+compuserve.com=compuserve.com,adelphia.net
+nortelnetworks.com=nortelnetworks.com,nortel.com
+earthlink.net=earthlink.net
+earthling.net=earthling.net
+google.com=google.com
+gmail.com=google.com,gmail.com
diff --git a/production/haraka-wildduck/haraka/config/host_list b/production/haraka-wildduck/haraka/config/host_list
new file mode 100644
index 0000000..0055b41
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/host_list
@@ -0,0 +1,2 @@
+# add hosts in here we want to accept mail for
+hatthieves.es
diff --git a/production/haraka-wildduck/haraka/config/host_list_regex b/production/haraka-wildduck/haraka/config/host_list_regex
new file mode 100755
index 0000000..4b1b7d9
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/host_list_regex
@@ -0,0 +1,6 @@
+# Add regexes in here we want to accept mail for.
+# Specifies the list of regexes that are local to this server.  Note
+# all these regexes are anchored with ^regex$. One can not choose not to
+# anchor with .* and that there is a good potential for bad regexes being
+# over permissive if we don't do this.
+
diff --git a/production/haraka-wildduck/haraka/config/http.ini b/production/haraka-wildduck/haraka/config/http.ini
new file mode 100755
index 0000000..f5feda5
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/http.ini
@@ -0,0 +1,7 @@
+
+; listen: the HTTP address:port(s) to listen on
+; default: [::]:80 (port 80 on all IPv4 and IPv6 addresses)
+; listen=[::]:80
+
+; docroot: the directory where web content is served from
+;docroot=/usr/local/haraka/html
diff --git a/production/haraka-wildduck/haraka/config/internalcmd_key b/production/haraka-wildduck/haraka/config/internalcmd_key
new file mode 100644
index 0000000..0f4add9
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/internalcmd_key
@@ -0,0 +1 @@
+1d1336164e2210ed49371832271103fbc60a4bf6ab38c7ad07b25851290f19af
\ No newline at end of file
diff --git a/production/haraka-wildduck/haraka/config/karma.ini b/production/haraka-wildduck/haraka/config/karma.ini
new file mode 100644
index 0000000..464d418
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/karma.ini
@@ -0,0 +1,302 @@
+; karma.ini,  see 'haraka -h karma'
+
+; Redis: karma's high speed key/value store for concurrency, IP history,
+;        and AS history
+[redis]
+ host   = 172.200.0.102
+ port   = 6379
+ db     = 1
+
+; karma IP history is expired after this many days. This value is refreshed
+;       at every connection. Frequent senders may never expire.
+expire_days = 60
+
+
+[asn]
+; track karma for AS? (network neighborhood)
+enable=true
+;report_as=asn
+
+
+[tarpit]
+delay=0
+
+; If you make the remote wait too long, they drop the connection.
+; 'max' limits how long to make remotes wait between responses.
+max=4
+
+; max_msa: applied for connections to port 587 and 465, when Haraka is acting
+; as a Message Submission Agent for roaming users.
+; max_msa=1
+max_msa=1
+
+[thresholds]
+; negative: the threshold below which a connection is denied/rejected
+;           Be conservative to avoid false positives!
+negative=-8
+
+; score above which connections are considered 'good'
+positive=2
+
+; karma history = good - bad connections. A negative score means a sender has
+; sent more bad than good messages. IPs are not subject to the penalty box
+; until they have made > 5 connections and achieved a score lower than this.
+history_negative=-3
+
+
+[deny]
+; hooks to disconnect on. When the score is below [threshholds]negative,
+;     deny the connection on these hooks:
+;hooks=connect,unrecognized_command,helo,ehlo,mail,rcpt,data,data_post
+hooks=unrecognized_command,data,data_post,queue
+
+;message=very bad karma score: {score}
+;message=https://example.com/logs/{uuid}
+
+[deny_excludes]
+; karma captures and scores deny requests from other plugins, permitting finer
+; control over connection handling. For plugins that should be able to reject
+; the connection, add their name to the plugin list:
+plugins=send_email, tls, access, helo.checks, data.headers, rspamd, spamassassin, avg, clamd, attachment
+
+; hooks whose DENY rejections should be not be captured.
+hooks=rcpt, queue
+
+
+[spammy_tlds]
+; award negative karma to spammy TLDs
+; caution, awarding karma > msg_negative_limit may blacklist that TLD
+work=-4
+rocks=-3
+ninja=-3
+info=-2
+biz=-2
+pw=-2
+me=-1
+us=-5
+eu=-4
+link=-3
+science=-6
+top=-4
+ru=-2
+club=-3
+stream=-3
+bid=-3
+trade=-3
+
+
+[tls]
+; awards based on whether the sender opportunistically encrypted
+; spammy senders usually do not. Plenty (~1/4) of ham senders don't either
+; use with caution.
+set=0
+unset=0
+
+;                          CONNECTION / NOTE AWARDS
+;
+; NOTICE: Generic awards are mostly deprecated in favor of [asn_awards] and
+; [result_awards].  These still exist because there are connection properties
+; that can't yet be scored any other way.
+;
+; karma can award points by inspecting connection objects and notes
+; saved by other plugins.
+;
+; syntax: lo.ca.tion = N [if condition VAL]
+;
+; location: an object or attribute in the connection or transaction object.
+;           Use the transaction prefix to check only the transaction note.
+; N:      a numeric karma score to award: + to praise, - to smite
+; VAL:    the value to use in the conditional match
+;
+; conditions:
+;     if match          // performs a case insensitive regex match on VAL
+;     if equals         // performs an === comparison
+;     if gt             // performs a greater-than comparison
+;     if lt             // performs a less-than comparison
+;     if length (gt|lt) // matches against array length
+;     if in             // matches in arrays
+
+[awards]
+relaying                         =  6
+early_talker                     = -3
+
+
+;                            ASN AWARDS
+; Award karma points to specific ASNs. This is much shorter than writing
+; result_awards and I score many ASNs. I score an ASN by analyzing the
+; past 30 days of traffic. An ASN that sends mostly spam would get an
+; award sufficient to "tip the scales" of any indetermine message
+; towards spam and vise versa for hammy senders.
+
+[asn_awards]
+;55286  = -6
+;33182  = -4
+;46717  = -4
+;13332  = -4
+;200002 = -4
+
+
+;                           RESULT AWARDS
+; karma subscribes to each connections result store. Any plugin that saves
+; results can thus have those results scored by karma.
+;
+; Example:
+; in a plugin named 'example-pi', a result is saved:
+;     connection.results.add(plugin, { pass: 'someval' });
+;
+; in karma.ini, these rules match and assign +1 karma point each:
+;    000       = example-pi  | pass     | eq       | someval | 1
+;    001       = example-pi  | pass     | match    |  omeva  | 1
+;
+; result awards have the folowing syntax:
+;    unique ID = plugin name | property | operator | value | award | reason | remedy
+;
+; operators: equal, match, gt, and lt.
+; award: any integer (negative values smite, positive values praise)
+; reason: an optional human readable reason for the award
+
+[result_awards]
+;geoip.too_far       = -1
+001 = geoip         | distance | gt     | 4000         | -1  | Geographic distance is unusual for ham
+002 = geoip         | distance | gt     | 8000         | -1  | Geographic distance is unusual for ham
+
+003 = karma         | fail     | equals | env_user_match | -2 | Envelope sender doesn't match message sender
+
+004 = karma         | history  | lt     | -1           | -1  | IP reputation is poor
+005 = karma         | history  | lt     | -3           | -1  | IP reputation is very poor
+006 = karma         | pass     | equals | all_good     |  2  | IP reputation is good
+007 = karma         | fail     | equals | all_bad      | -2  | IP reputation is spam-only
+
+; based on ASN history
+008 = karma         | pass     | equals | asn          |  1  | ASN reputation is good
+009 = karma         | fail     | equals | asn          | -1  | ASN reputation is bad
+010 = karma         | pass     | equals | asn_all_good |  2  | ASN reputation is very good
+011 = karma         | fail     | equals | asn_all_bad  | -2  | ASN reputation is very bad
+
+012 = karma         | fail     | equals | rfc5321.MailFrom | -1 | RFC Ignorant MTA | Use a RFC compliant MTA
+013 = karma         | fail     | equals | rfc5321.RcptTo   | -1 | RFC Ignorant MTA | Use a RFC compliant MTA
+
+020 = asn           | pass     | equals | karma        |  1  | ASN reputation is good
+021 = asn           | fail     | equals | karma        | -1  | ASN reputation is bad
+022 = asn           | pass     | equals | asn_all_good |  2  | ASN reputation is ham-only
+023 = asn           | fail     | equals | asn_all_bad  | -2  | ASN reputation is spam-only
+
+;030 = connect.p0f  | os_name   | match  | freebsd      |  1  | FreeBSD
+031 = connect.p0f   | os_name   | match  | windows      | -1  | Windows OS, likely infected by malware | Don't use Windows as MTA
+032 = connect.p0f   | os_flavor | equals | XP           | -2  | Windows XP, likely infected by malware | Upgrade to a supported OS
+
+; give back the point penalized for running windows
+080 = fcrdns | fcrdns  | match  | outlook.com | 1
+084 = fcrdns | fail    | match  | ptr_valid   | -4  | FCrDNS has no valid PTR | Set up https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
+085 = fcrdns | fail    | match  | valid_tld   | -6  | FCrDNS has no valid TLD | Set up https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
+086 = fcrdns | fail    | equals | has_rdns    | -6  | FCrDNS has no rDNS      | Set up https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
+087 = fcrdns | ip_in_rdns   | equals | true  |  -1  | FCrDNS has IP in rDNS   | Configure proper hostnames for your MTA
+088 = fcrdns | generic_rdns | equals | true  |  -1  | FCrDNS host is generic
+; well known senders
+089 = fcrdns | fcrdns  | match  |  google.com |  2  | FCrDNS Well Known Sender
+090 = fcrdns | fcrdns  | match  | twitter.com |  2  | FCrDNS Well Known Sender
+
+100 = access    | whitelist     | equals | true |  9  | Policy Whitelist
+101 = access    | blacklist     | equals | true | -7  | Policy Blacklist | Unsubscribe the user, stop spamming them.
+102 = access    | pass | equals | connect.rdns_access.whitelist | 8
+103 = access    | pass | equals | mail_from.access.whitelist    | 8
+104 = access    | pass | equals | rcpt_to.access.whitelist    | 8
+
+; Scores for specific DNSBLs
+111 = dnsbl       | fail | equals | b.barracudacentral.org  | -7 | DNS Blacklist | Disinfect your host/network
+112 = dnsbl       | fail | equals | truncate.gbudb.net      | -5 | DNS Blacklist | Disinfect your host/network
+113 = dnsbl       | fail | equals | psbl.surriel.com        | -6 | DNS Blacklist | Disinfect your host/network
+114 = dnsbl       | fail | equals | bl.spamcop.net          | -3 | DNS Blacklist | Disinfect your host/network
+115 = dnsbl       | fail | equals | dnsbl-1.uceprotect.net  | -3 | DNS Blacklist | Disinfect your host/network
+116 = dnsbl       | fail | equals | zen.spamhaus.org        | -5 | DNS Blacklist | Disinfect your host/network
+117 = dnsbl       | fail | equals | xbl.spamhaus.org        | -6 | DNS Blacklist | Disinfect your host/network
+118 = dnsbl       | fail | equals | cbl.abuseat.org         | -5 | DNS Blacklist | Disinfect your host/network
+119 = dnsbl       | fail | equals | dnsbl.justspam.org      | -1 | DNS Blacklist | Disinfect your host/network
+
+130 = helo.checks | fail | match | valid_hostname | -1  | HELO host invalid      | Use valid HELO hostname
+131 = helo.checks | pass | match | forward_dns    |  1  | HELO host has forward DNS
+132 = helo.checks | skip | match | forward_dns    | -1  | HELO host skipped
+133 = helo.checks | fail | match | forward_dns    | -1  | HELO host fails forward DNS | Use valid HELO hostname
+134 = helo.checks | fail | match | dynamic        | -1  | HELO host has dynamic name
+135 = helo.checks | fail | match | reverse_dns    | -1  | HELO host missing rDNS
+
+; SPF survey in March 2014: over 95% of ham has SPF Pass
+;                           over 60% of spam has SPF Pass
+; None, Pass, Fail, SoftFail, Neutral, TempError, PermError
+150 = spf         | result | equals | Fail      | -4  | SPF fail | Update SPF record
+151 = spf         | result | equals | SoftFail  | -3  | SPF soft fail | Maintain DNS properly
+152 = spf         | result | equals | Neutral   | -1  | SPF neutral  | Set up SPF records
+153 = spf         | result | equals | TempError | -2
+154 = spf         | result | equals | PermError | -2
+
+160 = auth                | fail    | match  | auth      | -4  | Authentication failure
+161 = auth/auth_base      | fail    | match  | auth      | -4  | Authentication failure
+162 = auth                | pass    | match  | auth      |  9  | Authentication success
+; 163 = auth/auth_vpopmaild | success | equals | false   | -4  | Authentication failure
+
+168 = mail_from.is_resolvable   | fail   | length | gt 0        | -8  | Mail From host DNS failure
+169 = mail_from.is_resolvable   | pass   | equals | implicit_mx | -4  | Envelope From host has no MX
+
+170 = rcpt_to.qmail_deliverable | fail   |    gt  |    0 | -1 | Invalid envelope recipient
+;171 = rcpt_to.qmail_deliverable | pass   |    gt  |    0 |  1 | Valid Envelope recipient
+172 = rcpt_to.in_host_list      | fail   |    gt  |    0 | -1 | Invalid envelope recipient
+;173 = rcpt_to.in_host_list      | pass   |    gt  |    0 |  1 | Valid Envelope recipient
+
+181 = data.headers | fail       | match  |   from_match | -1 | Envelope From does not match Message From:
+182 = data.headers | pass       | match  |   from_match |  1 | Envelope From matches Message From:
+183 = data.headers | fail       | equals |           UA | -1 | Uncommon MUA
+184 = data.headers | fail       | match  | direct-to-mx | -1 | Not relayed
+185 = data.headers | fail       | match  |      missing | -1 | Missing a required header
+
+190 = data.uribl   | fail       | equals | fresh15.spameatingmonkey.net | -2  | URI blacklist: fresh15.spameatingmonkey.net
+191 = data.uribl   | fail       | equals | dbl.spamhaus.org             | -2  | URI blacklist: dbl.spamhaus.org
+192 = data.uribl   | fail       | equals | multi.uribl.com              | -2  | URI blacklist: multi.uribl.com
+193 = data.uribl   | fail       | equals | multi.surbl.org              | -2  | URI blacklist: multi.surbl.org
+194 = data.uribl   | fail       | match  | rdns                         | -2  | URI Blacklist | Don't send spam
+195 = data.uribl   | fail       | match  | helo                         | -2  | URI Blacklist | Don't send spam
+196 = data.uribl   | fail       | match  | ehlo                         | -2  | URI Blacklist | Don't send spam
+197 = data.uribl   | fail       | match  | envfrom                      | -2  | URI Blacklist | Don't send spam
+198 = data.uribl   | fail       | match  | from                         | -2  | URI Blacklist | Don't send spam
+199 = data.uribl   | fail       | match  | replyto                      | -2  | URI Blacklist | Don't send spam
+200 = data.uribl   | fail       | match  | body                         | -2  | URI Blacklist | Don't send spam
+201 = data.uribl   | fail       | match  | msgid                        | -2  | URI Blacklist | Don't send spam
+
+205 = bounce       | fail       | equals | single_recipient  | -8  | Invalid bounce
+206 = bounce       | fail       | equals | empty_return_path | -8  | Invalid bounce
+207 = bounce       | fail       | equals | bad_rcpt          | -8  | Invalid bounce
+
+210 = clamd        | fail       | match  | executable   | -4 | Clam AntiVirus Executable
+211 = clamd        | fail       | match  | structured   | -2 | Clam AntiVirus Structured
+212 = clamd        | fail       | match  | encrypted    | -4 | Clam AntiVirus Encrypted Archive
+213 = clamd        | fail       | match  | pua          | -4 | Clam AntiVirus Potentially Unwanted Application
+214 = clamd        | fail       | match  | ole2         | -5 | Clam AntiVirus OLE2
+215 = clamd        | fail       | match  | safebrows    | -4 | Clam AntiVirus SafeBrowsing
+216 = clamd        | fail       | match  | unofficial   | -4 | Clam AntiVirus UNOFFICIAL
+217 = clamd        | fail       | match  | phish        | -3 | Clam AntiVirus Phishing
+218 = clamd        | fail       | match  | spam         | -2 | Clam AntiVirus Spam
+;219 = clamd        | pass       | equals | clean       |  1 | Clam AntiVirus Executable
+
+230 = rspamd       | is_spam    | equals | true         | -2 | rspamd detected as spam
+231 = rspamd       | action     | equals | greylist     | -1 | rspamd suggested greylist
+232 = rspamd       | score      | lt     | 0            |  1 | rspamd positive score
+233 = rspamd       | score      | gt     | 6            | -1 | rspamd moderate score
+234 = rspamd       | score      | gt     | 10           | -1 | rspamd high score
+235 = rspamd       | is_spam    | equals | false        |  1 | rspamd detected as ham
+
+251 = spamassassin | hits       | lt     |  0           |   1 |
+252 = spamassassin | hits       | lt     | -2           |   1 |
+253 = spamassassin | hits       | lt     | -5           |   1 |
+254 = spamassassin | hits       | lt     | -10          |   2 |
+255 = spamassassin | hits       | lt     | -20          |   5 |
+256 = spamassassin | hits       | gt     |   1          |  -1 |
+257 = spamassassin | hits       | gt     |   2          |  -1 |
+259 = spamassassin | hits       | gt     |   3          |  -2 |
+260 = spamassassin | flag       | equals | Yes          |  -5 | SpamAssassin detected as spam
+;261 = spamassassin | hits       | gt     |   6          |  -2 |
+;263 = spamassassin | hits       | gt     |   8          |  -2 |
+264 = spamassassin | hits       | gt     |   9          |  -2 |
+265 = spamassassin | hits       | gt     |  20          | -10 |
+
+280 = known-senders | pass      | length | gt 0         |  5  | Known Sender
+281 = limit         | fail      | length | gt 0         | -3  | Exceeding rate limits
+
diff --git a/production/haraka-wildduck/haraka/config/limit.ini b/production/haraka-wildduck/haraka/config/limit.ini
new file mode 100644
index 0000000..d7753d4
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/limit.ini
@@ -0,0 +1,120 @@
+; limits imposed on connection(s)
+
+tarpit_delay=3
+
+;                    REDIS CONFIG
+[redis]
+host=172.200.0.102
+port=6379
+db=4
+;
+
+
+;                      CONNECTION CONCURRENCY LIMITS
+[concurrency]
+; enabled=false
+max=3
+
+
+; [concurrency_history]
+; History: when enabled, the plugin is one which stores IP history. The history
+;    plugin results must have a positive integers for good connections negative
+;    integers for poor / undesirable connections. Karma is one such plugin.
+plugin=karma
+good=10
+bad=1
+none=2
+
+
+;                             RECIPIENT LIMITS
+
+[recipients]
+; enabled=false
+; max=20
+; max_relaying=100
+
+
+[recipients_history]
+;     The same history notes for [concurrency] apply here.
+plugin=karma
+bad=1
+none=5
+good=50
+
+
+;                         UNRECOGNIZED COMMAND LIMITS
+
+[unrecognized_commands]
+; enabled=false
+max=10
+
+
+;                           ERRORS COMMAND LIMITS
+[errors]
+; enabled=false
+max=10
+
+
+;                           CONNECTION RATE LIMITS
+
+[rate_conn]
+; enabled=false
+; Maximum number of connections from an IP or host over an interval
+
+127=0
+
+; no interval defaults to 60s
+default=5
+
+; The history notes for [concurrency] apply here too.
+[rate_conn_history]
+plugin=karma
+bad=1/15m
+none=1/5m
+good=15/1m
+
+
+;                       RECIPIENT RATE LIMITS by HOST
+
+[rate_rcpt_host]
+; enabled=false
+; Maximum number of recipients from an IP or host over an interval
+
+127=0
+
+; 50 RCPT To: maximum in 5 minutes
+default=50/5m
+
+
+;                       RECIPIENT RATE LIMITS by Sender
+
+[rate_rcpt_sender]
+; enabled=false
+; Maximum number of recipients from a sender over an interval
+
+127=0
+default=50/5m
+
+
+;                       RECIPIENT RATE LIMITS by Recipient
+
+[rate_rcpt]
+; enabled=false
+; Limit the rate of message attempts over a interval to a recipient
+
+127=0
+default=50/5m
+
+
+[rate_rcpt_null]
+; enabled=false
+; Limit the number of DSN/MDN messages by recipient
+
+default=1
+
+
+[outbound]
+; Limit outbound concurrency by destination domain name
+; enabled=false
+; example.com=10
+
diff --git a/production/haraka-wildduck/haraka/config/lmtp.ini b/production/haraka-wildduck/haraka/config/lmtp.ini
new file mode 100755
index 0000000..2e6c73a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/lmtp.ini
@@ -0,0 +1,7 @@
+;[main]
+host=127.0.0.1
+port=2424
+
+; host=127.0.0.1
+
+; [example.com]
diff --git a/production/haraka-wildduck/haraka/config/log.ini b/production/haraka-wildduck/haraka/config/log.ini
new file mode 100644
index 0000000..0187f6a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/log.ini
@@ -0,0 +1,11 @@
+[main]
+
+; level=data, protocol, debug, info, notice, warn, error, crit, alert, emerg
+level=info
+
+; prepend timestamps to log entries? This setting does NOT affect logs emitted
+; by logging plugins (like syslog).
+timestamps=false
+
+;  format=default, logfmt
+format=default
diff --git a/production/haraka-wildduck/haraka/config/lookup_rdns.strict.ini b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.ini
new file mode 100755
index 0000000..c8b53b0
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.ini
@@ -0,0 +1,14 @@
+[general]
+nomatch=Please setup matching DNS and rDNS records.
+timeout=60
+timeout_msg=DNS check timed out.
+
+[forward]
+nxdomain=Please setup a forward DNS record.
+timeout=60
+dnserror=Please setup matching DNS and rDNS records.
+
+[reverse]
+nxdomain=Please setup a reverse DNS record.
+timeout=60
+dnserror=Please setup matching DNS and rDNS records.
diff --git a/production/haraka-wildduck/haraka/config/lookup_rdns.strict.timeout b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.timeout
new file mode 100755
index 0000000..573541a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.timeout
@@ -0,0 +1 @@
+0
diff --git a/production/haraka-wildduck/haraka/config/lookup_rdns.strict.whitelist b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.whitelist
new file mode 100755
index 0000000..0e7940a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.whitelist
@@ -0,0 +1,6 @@
+# Hostnames and IPs are matched exactly as written on each line.
+127.0.0.1
+::1
+172.200.0.1
+172.200.0.101
+82.223.3.135
diff --git a/production/haraka-wildduck/haraka/config/lookup_rdns.strict.whitelist_regex b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.whitelist_regex
new file mode 100755
index 0000000..bbfb0bd
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/lookup_rdns.strict.whitelist_regex
@@ -0,0 +1,5 @@
+# Does the same thing as the whitelist file, but each line is a regex.
+# Each line is also anchored for you, meaning '^' + regex + '$' is added for
+# you.  If you need to get around this restriction, you may use a '.*' at
+# either the start or the end of your regex.  This should help prevent people
+# from writing overly permissive rules on accident.
diff --git a/production/haraka-wildduck/haraka/config/mail_from.is_resolvable.ini b/production/haraka-wildduck/haraka/config/mail_from.is_resolvable.ini
new file mode 100755
index 0000000..e7724a0
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/mail_from.is_resolvable.ini
@@ -0,0 +1,4 @@
+timeout=30
+allow_mx_ip=0
+reject_no_mx=1
+re_bogus_ip=^(?:0\.0\.0\.0|255\.255\.255\.255|127\.)
diff --git a/production/haraka-wildduck/haraka/config/max_unrecognized_commands b/production/haraka-wildduck/haraka/config/max_unrecognized_commands
new file mode 100755
index 0000000..f599e28
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/max_unrecognized_commands
@@ -0,0 +1 @@
+10
diff --git a/production/haraka-wildduck/haraka/config/me b/production/haraka-wildduck/haraka/config/me
new file mode 100644
index 0000000..c57ccd7
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/me
@@ -0,0 +1 @@
+hatthieves.es
diff --git a/production/haraka-wildduck/haraka/config/messagesniffer.ini b/production/haraka-wildduck/haraka/config/messagesniffer.ini
new file mode 100755
index 0000000..d1750dd
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/messagesniffer.ini
@@ -0,0 +1,18 @@
+;port=9001
+;tmpdir=/tmp
+;gbudb_report_deny=true
+;tag_string=[SPAM]
+
+;[gbudb]
+;white=accept
+;caution=allow
+;black=allow
+;truncate=reject
+
+;[message]
+;white=allow
+;local_white=accept
+;caution=allow
+;black=allow
+;truncate=reject
+;nonzero=reject
diff --git a/production/haraka-wildduck/haraka/config/mongodb.ini b/production/haraka-wildduck/haraka/config/mongodb.ini
new file mode 100755
index 0000000..27f0bb6
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/mongodb.ini
@@ -0,0 +1,30 @@
+; This file must be placed in "config" directory of your Haraka server.
+
+;
+; MongoDB Credentials
+;
+
+[mongodb]
+; user
+user=
+; password
+pass=
+; host
+host=127.0.0.1
+; port
+port=27017
+; database name
+db=haraka
+
+; collection name
+[collections]
+queue=email_incoming_haraka
+delivery=email_delivery_results
+
+; Absolute path to store attachments
+[attachments]
+path=/home/node/Haraka/attachments
+
+[enable]
+queue=yes
+delivery=yes
diff --git a/production/haraka-wildduck/haraka/config/outbound.bounce_message b/production/haraka-wildduck/haraka/config/outbound.bounce_message
new file mode 100755
index 0000000..2258211
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/outbound.bounce_message
@@ -0,0 +1,15 @@
+Received: (Haraka {pid} invoked for bounce); {date}
+Date: {date}
+From: MAILER-DAEMON@{me}
+To: {from}
+Subject: failure notice
+Message-Id: {msgid}
+
+Hi. This is the Haraka Mailer program at {me}.
+I'm afraid I wasn't able to deliver your message
+    "{subject}"
+to the following addresses.
+This is a permanent error; I've given up. Sorry it didn't work out.
+
+Intended Recipients: {recipients}
+Failure Reason: {reason}
diff --git a/production/haraka-wildduck/haraka/config/outbound.bounce_message_html b/production/haraka-wildduck/haraka/config/outbound.bounce_message_html
new file mode 100755
index 0000000..6b99270
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/outbound.bounce_message_html
@@ -0,0 +1,36 @@
+<html>
+<head>
+<style>
+* {
+font-family:Roboto, "Helvetica Neue", Helvetica, Arial, sans-serif;
+}
+</style>
+</head>
+<body>
+<table cellpadding="0" cellspacing="0" class="email-wrapper" style="padding-top:32px;background-color:#ffffff;"><tbody>
+<tr><td>
+<table cellpadding=0 cellspacing=0><tbody>
+<tr><td style="max-width:560px;padding:24px 24px 32px;background-color:#fafafa;border:1px solid #e0e0e0;border-radius:2px">
+<img style="padding:0 24px 16px 0;float:left" width=72 height=72 alt="Foutpictogram" src="cid:icon.png">
+<table style="min-width:272px;padding-top:8px"><tbody>
+<tr><td><h2 style="font-size:20px;color:#212121;font-weight:bold;margin:0">
+Message not delivered
+</h2></td></tr>
+<tr><td style="padding-top:20px;color:#757575;font-size:16px;font-weight:normal;text-align:left">
+A problem has occurred when trying to deliver your mail to <a style='color:#212121;text-decoration:none'><b>{recipients}</b></a> . Look below for the technical details.
+</td></tr>
+</tbody></table>
+</td></tr>
+</tbody></table>
+</td></tr>
+<tr style="border:none;background-color:#fff;font-size:12.8px;width:90%">
+<td align="left" style="padding:48px 10px">
+Reaction of the server: <br/>
+<p style="font-family:monospace">
+{reason}
+</p>
+</td>
+</tr>
+</tbody></table>
+</body>
+</html>
diff --git a/production/haraka-wildduck/haraka/config/outbound.bounce_message_image b/production/haraka-wildduck/haraka/config/outbound.bounce_message_image
new file mode 100755
index 0000000..fb796c9
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/outbound.bounce_message_image
@@ -0,0 +1,106 @@
+Content-Type: image/png; name="icon.png"
+Content-Disposition: attachment; filename="icon.png"
+Content-Transfer-Encoding: base64
+Content-ID: <icon.png>
+
+iVBORw0KGgoAAAANSUhEUgAAAJAAAACQCAYAAADnRuK4AAAAAXNSR0IArs4c6QAAFi1JREFUeAHt
+XUmMHVcVrfo9eYgUWDBsEsAxCQQFFCkSzsQgBQeMQGIBScSwYFoghg0CNoAlhgWjWLBhB0gMYsEO
+Z7AgQOwECRRCxBBwOwwLIGwwsdPt7v9/cc6571ZVO2771++q/6uq37N/1Xt3elX3nn9fVfXt6iSJ
+LXogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHog
+eiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHqgux5Iu3vozRx5dvTo4PRD9909TrIjmOF6zZIm
+vx9k6bEDt935g/To0XEzM3fTagRQKW6n7rz19dl49M0ky15eIhfdNP1jspB86KX3PvJgQdzdvQig
+EP9Thw/dlWXZd5IsWb4kJNJkI03T9xy8/5EfXlJulzAjgBBogicZZ9/PkmQif0AoSwbpPRFEEzqs
+z1+m00duedF4Y/QYwHNllfMEiM4MlhdedeAnJ/9WRa9vsoO+nVCV8+EFM8Dz3arg4RzUkS5sVJmz
+b7K7+uRXT9z3AQDh9mmDSt3Vk8feP61+H/QmWvP7cKIXnsPqHXdcOU7P/gV3XM+7kFdpnKb/GWRX
+vPSa48fPVNLrifCuzUDjwdNHdwweggAAlK2eAKLqaezKDHT6jbdeNxoOH4ezlqo6bBv5zYXFxRsO
+3HviiW34vSXvygw0Ho2+jojWBR6CYynY7C1QtjuxXQeg1TtueTMeGL5pO4dMS6dN2p5Wv6t6uwpA
+2Qc/uJQlo682FSza5hxN2W+j3V0FoNXTj38Mt97XNRUI2uYcTdlvo91dcxF96vAtz0/Goz8jyJWe
+OFcNGhx6JhksXHvw/pNPVdXtovyuyUBZNv5i0+AhADgH5+oiGKY55l2Rgf76pptvHA7Hv87wI9Bp
+nFRVJ02T8eLi4KYXH3v40aq6XZOfiUPn7ZTh5vgbswIPz5Vzcc55n/cs5u89gFbfcPM9WFam/nnX
+tEHgnJx7Wv2u6PV6CfvH22/ee/6/4yeQEa6aR0CwlP1j5TmD66760cNr85h/FnP2OgOt/3f8qXmB
+h8Hj3DyGWQRyXnP0NgOt3nHb1Vky/FOWZHvn5VzOmybpWposvuya4w/9fZ7H0dTcvc1A43T4lXmD
+h0HjMWTp8MtNBXDednuZgU7feevto9HwF/N2bnn+hYXF1xy478Qvy7Q+9HuXgVimOhqNWncLzWPi
+sfUBNOVz6N0JWYlpdmP5JNvRz27sY/lrr5aw2spUm0JcD8tfe5WBxsnZz9ZSptoUgFj+ymPsUetN
+BmqgTLWpMPeq/LU3GaiBMtWmAMTy1681ZXzWdnsBoKbKVJsKBspfj/Sl/LXzAGq6TLUxEPWk/LXz
+AFp98rGP4iffjZWpNgcglL/i2JuyPyu7nb6InlWZalPBgPM7X/7a6Qw0qzLVpgCEzNn58tfOZqBZ
+l6k2BaKul792NgPNuky1KQB1vfy1kwA6dfjVd7NktKmgztouz4XnNOt565ivc0vYvMtU63D6xWx0
+tfy1cxlo3mWqFwt+HbSulr92KgM1WaZ68IFHKuHg96+/KVlZXKykcznhLpa/dioDsTS0DWWqBMLZ
+zfVkczS8HCYq8btY/toZALFMFT9DekeliDQpjDXnf5vnk426QYRz5Lk2eeh12u4EgNpZporVf4zq
+HoBoczSqMyZJl8pfOwGgNpapYrnhr+ygfi1LnsZyVm8m6k75a+sBxDLVJEs/V+tXvA5jeHiTN4Do
+7OZGvSDCOevc80na2Wk9gFgCim/581vnPqxghqGAJIJoiOVsXM9yxnPuQvlrqwHEMlWE6cOtA8+W
+A/InIQAS/hDU2Y36QMRzNx9smbBVg1YDKJR+tvidgwBNSED6syPCUpac26jtFr/15a+tBVAoU+Uf
+fWtl87yz5eAIJmEqTc4NN2p5ToSlrNXlr60EUBfKVC3xAEZpnoIMS0QWrof4eWa4mWyMd/6wsc1v
+f20lgLpTpkqgADH86LY+ZCCSwBrjOdEzm5s7vrCGqdaWv7YOQCpTzZJP29e5vVtCRk0dAkn/sePz
+ISSmsEmZiXCLv+OHjfCJfBOmbcuudQBKsvEXEItGX8Vbh/NxjGhACTs5WAicQAMdjxn1oFHL2Qgg
+2sEtvnwC32jaFm1aBSCWqSIi722RfyY7FESXONKHaxcxJBxhA0CRjj+pmawzE2FZm75l7zUfTW+h
+bs1WAahLZar8MYZBxkLCa2ktWx4hoYbLmS1pRNUY4Frbwc/OoN66t7+2BkBdK1PltY5SDXHELBPw
+5CCyvZiWgXJgIRONpr+wxqytKn9tBYBYpgovf8l93IW9ZSDkIGUaYMiXLlu7AmhymOGUIEg8sYdl
+bB23+FNfE8FX8pmZm+u2FQBaP5N9Ev6/aq6eqDq5JRdp4WGfspBhhKDBuMBLYRk0vyaizjoeNg5H
+1a+J6Cv6rDA8v97cAcQy1XScfGJ+LphyZoKGIMFaFRKLMowwAgqXMPbZtA9rG4FDHaqTsYa7s9EU
+F9b0GX2nCea4mTuA2lSmWj0OQACRIEBY5vGLawGEQHKjBAwGPg54gjp+doZMNKp4i4/ZWvH217kC
+qHVlqh7sSfdEAREhEHFvijlsiC8ShRYOgkBQobL+gbw2HCbDqiBqQfnr3ADUzjJVA8Ak2xwKxIVw
+xA1v2gWZkgnQHTiedsC1rkkbBnlNRBBVuyaad/nr3AC0+tC974NnW/g21VLsL9Fl0NWIm4AmwkcJ
+xxkceBNKMDC0iMonRPxXSGXJBu7OqoEI5a/ypU80233uh1lOy1LNLD37Z6z/rak0PIcHfOdQDJY3
+LUvmHndS/mMKEPxCeKCsw6xhYKA+v5UGCtCELvLQ3JBkA5bQt28xjUJLuzTZg985WxgsUOuyDcfy
+VJpdce01x4+fuaxwzQJzyUBtLFPdv7SS8JO30nLjNF7wEhp6toy+L0NFCiEnLGFiUj6ghjtTNwr6
+HLLZPjBJhyyL9EfZZMsZv4jzKn8NZ2cnMott29+myizEbMRwDgSHMbaFm5R5xLPAi4fMUciUeiUQ
+Fngq8WXX4EM0+reZFM7DWVcWl5KF1DkgbN/m8vbXiY5s+2Ouzml7mer+5ZCJmAkEI4Qx4Ich1cqG
+0xZkGGTx7DrGQh4AQRkIW9bSwJYnWmX2kg3OYMa5elGTH9mRbpKcn/yaaC7lrzMF0OobXn0Ezmtt
+mSpip0YQXbGy7EOLKkeINQHjIGK02Q8sDC38AVWWRQwfUqasA8+0aM8MSJddG0qedjjkr1BPcmFN
+39LHbnsW+5kBSGWqWdKZ9yPvX9oTrolCRIWcAB6ByKONfUBRjhVHVc4KNggL8FyTiMz0U1gygrZA
+4xKAG22AvYHffh253UsgAyJfo68vIVIra2YA6k6ZauFfLWfLeywpMPCIsYWZnRBwiocuA11uGaMv
+Xmnpo2pJqNwXVDCPLYXkmDAhh2IQ3OLjwvoyz4kw43WnnvzdR0pTNNrdevwNTdX1t6nyd73W8OMG
++4k7XEakBM9pBRpYyI2IYPOiNweCwcpv+1PIsvECnYbI5bdYJkOWIziVecCwb7jp+JXWMm/xL3Fh
+DemZvf3Vjg8n0GjrSJnqdj64AtdE+xbtFl9wCIFWWD3oUPYAa0kD3TIQpCz+Ms+uDS2vSJ0bdWCd
+XUr6Hl2DGYnWbDnb/hYfVvDr4LMpf9Wx+oE1se/L21TpG97es0BeWacUYGYXa0ZkPuKdljILScSF
+ZMDBgAuSeNgb6IK2ywRrBCsTFvecQTZoC/0MsssLC9tmIrDHi4uDm1587OFHId5YazwDdalM9XJe
+toeNuDsjKCDMwLJp7xvsdZsuMFCOoKE0G8ATLpopnpPJ4oBEAI8f53OYa7MfxAi8S2Ui4pe+p+km
+W6MAOnX40F0459ubPIFZ296Hp9V78GGArYWIamChFjACCAw0xSKk23ZX5t7RQX329SHsiiZxB550
+mOFM4pIgUvnrobsKS/X3ysdZq/WuvU216jsSH7n1FcoYlkWYZcx9eegNRSUgcNkqFiz1ICM1bgCM
+fJkj+MCzZY508rEBwZdDA5XQJNBtt5xhhr+vPDd92VU/enit1gAHY41loE6WqVb0sAfc1ASFosu1
+B812xrM8ZPQS4grwBFZILtL3ayYJuc1gWMASuPw50bMvrDHn1U2WvzYCoM6WqSpkVTaMuEedey4t
+BA0ziBIDNhZhbi3fYCsSBYM6COxaOrLnQKZFGfQEHOwhR7qadMgjWdrbXhOx/PXU4dc0UnPeCICy
+ZPgluHCvn2sf9wqkkJCH1ACBkyVZVMWVgDAWM5D6Fm8TcgJoQVzuchH3naaijMtzHqEHNAoHBT1s
+vOCn+IrFeOPLbqvOfe0AUplqkjV64VanA6a1pZgxcgwoGq9ZlHV8HHjKGSG4RJZ3hTJFHsrQMdDR
+hhnwrQBD+5yKRBpAh5Z4IS2Lpqw+l9WLXVhD+q4m3v5aK4C6XqaK0FRqCrIjAhHWk2qMLbAGFrId
+BOIj8HYnJiTYfMGGZShuQYBxWQg8YsTxRiX1SaNgYHBePUIA9WIgaqL8tVYAdb1M1aJZYcuoWrgB
+CoYbH1yPKPBgkWsh9h6G1hVH/YAjYsBYQRaEPBsJPaaSS0FM8wQk+ZzMTtvf4tdf/lobgPRG0TT5
+vJ/mrth78BBMe3iIoDILEAriWbhDEoFLSCeL0WegNdQYFO0tCwXvBRscKSuxwwvmQNc8sKM7NdgU
+iMgzYzLOTDQuXxMhRnW+/bU2ACXp2c/Aia2pcaavZ9IYLLQ8ZspARrElJQi4EIYKNMdoDHvoCAiC
+gWTAY+YhG6AIUugbTRgSVgLkQHZgyn4AFm2fH7IUxG7xFSPESnPWsKkFQCxTxZsnZlZCUMN512OC
+AfaEoICFeJPon3CLzYxjpCJDGMmWPAJCoJDBQlQ6VKWwGgUJLn4AHgJKADO7BI/T8kwIkfI1EWNV
+19tfawFQ28tUg+fr31ksLUkocLbQWFYJAWeA2YgOgYljfAIgOAJHNnKMhLERMWCjUKkJcLJDYjGH
+ZSGSbEnLbUK/BKLayl93DKCulKmWfF9PF5GxxYPAwH9HAfbsFi2MGEnnWaqxMWgWagwdbAEPskl1
+6pHGvnZhSRMPG5qmgNBiGU06oGkqitAYBg4iLGW1lL+GQ7UDq7pl6eTq6ccex6F17u+2X3iu/tsY
+ZTrOS8HVNUXOsPzCeKkojHHDP4HJFBhPaWrrKYByOR8DRlY8k+Y3WWwbimddhxd1SCaVkmjoF8dG
+sLhNsOyI8r3kNYF6KgVZTAdPXHPgVTek3/rWplGrb3eUgVg6iWPqPHjotvy3MUo+9Oc2+hYTFqXg
+qcsgKZbYoKMsoZBZ6Gmq4GPgsSfRDEhacoHNvk2DTCJl2ibVVTgIGYg9ZhlaIRmKYSQ6iZIUk+xg
+CGNmomE23nH5a3GmmL9K63qZ6nbnWs5EikmIOkOjwDG6IVhug5ycTCL4zBRyLhmmIBmyt/BFsI00
+8jSFUZhHdtQnHDTKwRKwYfMbgn0CGSWg2PzaiGP2dQEOWyuLC2cWBkvXHrz/5FMSrLjZQQYafx6H
+1vq3qVb0x0UyEQNgH209YqAJG/keMfXJjCEt24QwUhf/7aEjrbFZzmCP8c8BUprHliZKWKMms5Pg
+xEkxn/Vp3MaaF0PSacqugTCWMvd2tLjFvxKvlpn6+Z1ZseOaeKvb9tHwDziYHQBw4unmIljORBYG
+uAqB8gTBQFh9PL/NDIiipOuiENot8jwJOTtstAvBJMeugQhKcbboGsWglavkXgGXAmF+QoldHSv7
+ZAYl8TD2fRBMUJ8/3r+y9/oD9554Ijc7YWcqAOC2/eM4yKl0JzyuuYttvSayEAokiobig2O0UOhg
+PfDk533GjtFjUG2vISkKOC2Ybd8Zn0GnPAVtZ91gAwNqaRp2QFYfOpaJjIat7Pi1T3EIZt/18Yxx
+cG59/eOSr7jh9JXak0de98Lh5vpfcYKlNxFUMtEpYXtrx7oCzYd5AwRLS42CVnIfusUohwUCC5Ah
+cn5NBDVkLpPklmPXU/YhgTTqaY++dzh2tDgNe7+eEZzD0uRGNQeRA3vOd3nOY+bEP7+wnL7k+vt+
+80/RJ9xUziKj4dpbdwt46EMrpN/DyNl1h0cdPH7f7Tt/EW87KhibwFYc2VcqoD45BpSCXFYgFU0G
+KA0et0FfY/A0BMvsmb54opkBjv1C2uXL+shCK8ON7C2UrtIqAwgHcajKBH2Q5XLGYnp9ixkfxZ2R
+s9gSRNbEsC5JFFT6ICkIs+fZJejl+Yri1KEuoqx5iB6MSbLZuJWgAGEg4Jj/qYMOmkASaNQmuHwp
+o2FlIWSrsj6y681SrrCpDCAcTGffKlbBL88SZSYSiBQMsBVgC1YhrMhbnAWEAloKO4GAj2sZKApt
+Mi3wjDw+EgANIDQdEoKBYEgcKdE24IC+AclEXZOzKAMFvlQ0BTd2JNhWjm1lAKFc4dmV2zy6XdD2
+Ly0n+/C78t4Ij+B7xdXoIfBkOAgs+kKOZwi3YYpBljChrAc06CnjkEylYJMsZQ/JeiYxvoAErjKO
+m6Yumqmb9oX6AFvl2FYGEED+tB3K7tzuA4gIJEVCEQkbBV4bRtYagmtdbNEXAAg6/HMRCXNAIGiP
+vqJcyJBFXRejcY4lAdkty1Fuh+CGBpXYAl065X5Jf5BkZ0148m1lAOFIfj65+X5KcikTiHB6nh0s
+wgwraCHajB8DWNyyi7sFCIRB3jz4EguRB5sA4WgLICyVgB7gqHmwISBoMwCDpqQHKuniqU8GD6+k
+nyS/oHyVVhlAePT9HR5rlUn6KLtXyxl/Q9WDgrOUVyxE7BNIwgTjGkJHIQaU8bdm3lS9TyAKcFAM
+5iTPWWxJQo+64HvmUV8TBkAQudK3PVRNlsdAoyI/W39haenb4aAm3lUG0NXHTq7i0eXUj74nPrIO
+CO5bxDWR/5ozgpIHBl2G3zMQT4VjirARAAokg6mOVIs+BfCRSaHI5GiB/9yS9jKqjfTzLCV9SOSs
+0AkWyCjr49nUF69/4Fd/4fFVaW61ig7OOUtXDx/6Ns793ZUUeyrMdwc9s4G3duD8GG9/UEhYKB/J
+y9iA6QG123UjeBD8Fl4PLGXJLcIOujaiTTQSBK5glH0JGGhs2aKgMSxbFXp59iJ/MPjeDT/99bsw
+P4UrtcoZiNY50cEHfvUevMf47TiPSk8uKx1dR4T3IhPt5XMiNIXXg8l4eJyNacFHPyQeUulQfbh0
+MWsRdHkkyWMDQToc8oMB4y1VMCVGAXQwEo9yomNPmimSBvsSTf+FWN79yp/95p3TgAcGZZX7qVt2
+9HWLp0+cfy3+puPbcJA34sBegMX/hTji/VMb7agiM9Ea/kqzoh3OAYEJF9UWQNzp4F/Z8eDza2wB
+zTmUZuPeNWjLaUSGgGaIsynBVsajjtZPGeWAafEc2P8G6194W95vs6WFH99w2/4H06MP7vzvkuuo
+4iZ6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6IHogeiB6
+IHogeiB6IHogeiB6IHogeiB6IHogemBaD/wfWl0tzAXA/nAAAAAASUVORK5CYII=
diff --git a/production/haraka-wildduck/haraka/config/outbound.ini b/production/haraka-wildduck/haraka/config/outbound.ini
new file mode 100755
index 0000000..ce86a4d
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/outbound.ini
@@ -0,0 +1,30 @@
+; see http://haraka.github.io/manual/Outbound.html
+;
+; disabled (default: false)
+; disabled=true
+
+; concurrency_max (default: 100)
+; concurrency_max=100
+
+; uncomment to disable tls for outbound mail
+; enable_tls=false
+
+; maxTempFailures (default: 13)
+
+; ipv6_enabled (default: false)
+
+; load_pid_queue
+; flush_queue
+
+; always_split: default: false
+; always_split=true
+
+; received_header (default: "Haraka outbound")
+; received_header=Haraka outbound
+
+; pool_timeout: default : 300
+; pool_timeout=0
+
+; pool_concurrency_max: default: 10
+; set to zero to disable pools
+; pool_concurrency_max=0
diff --git a/production/haraka-wildduck/haraka/config/plugins b/production/haraka-wildduck/haraka/config/plugins
new file mode 100644
index 0000000..2412ffd
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/plugins
@@ -0,0 +1,78 @@
+# This file lists plugins that Haraka will run
+#
+# Plugin ordering often matters, run 'haraka -o -c /path/to/haraka/config'
+# to see the order plugins (and their hooks) will run in.
+#
+# To see a list of all plugins, run 'haraka -l'
+#
+# To see the help docs for a particular plugin, run 'haraka -h plugin.name'
+
+#process_title
+# Log to syslog (see 'haraka -h syslog')
+# syslog
+
+# CONNECT
+#toobusy
+relay
+# control which IPs, rDNS hostnames, HELO hostnames, MAIL FROM addresses, and
+# RCPT TO address you accept mail from. See 'haraka -h access'.
+access
+#p0f
+# geoip
+# asn
+#fcrdns
+# block mails from known bad hosts (see config/dnsbl.zones for the DNS zones queried)
+#dnsbl
+redis
+
+# HELO
+#early_talker
+# see config/helo.checks.ini for configuration
+helo.checks
+# see 'haraka -h tls' for config instructions before enabling!
+tls
+aliases
+#
+# AUTH plugins require TLS before AUTH is advertised, see
+#     https://github.com/haraka/Haraka/wiki/Require-SSL-TLS
+# auth/flat_file
+# auth/auth_proxy
+# auth/auth_ldap
+
+# MAIL FROM
+# Only accept mail where the MAIL FROM domain is resolvable to an MX record
+mail_from.is_resolvable
+spf
+
+# RCPT TO
+# At least one rcpt_to plugin is REQUIRED for inbound email. The simplest
+# plugin is in_host_list, see 'haraka -h rcpt_to.in_host_list' to configure.
+rcpt_to.in_host_list
+#rcpt_to.qmail_deliverable
+#rcpt_to.ldap
+#rcpt_to.routes
+
+# DATA
+bounce
+# Check mail headers are valid
+data.headers
+#data.uribl
+#attachment
+#clamd
+rspamd
+##spamassassin
+dkim_sign
+karma
+limit
+
+# QUEUE
+# queues: discard  qmail-queue  quarantine  smtp_forward  smtp_proxy
+# Queue mail via smtp - see config/smtp_forward.ini for where your mail goes
+queue/lmtp
+#queue/smtp_forward
+
+# Disconnect client if they spew bad SMTP commands at us
+#max_unrecognized_commands
+
+#watch
+wildduck
diff --git a/production/haraka-wildduck/haraka/config/plugins.bak b/production/haraka-wildduck/haraka/config/plugins.bak
new file mode 100644
index 0000000..ff68886
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/plugins.bak
@@ -0,0 +1,6 @@
+spf
+clamd
+rspamd
+dkim_verify
+wildduck
+tls
diff --git a/production/haraka-wildduck/haraka/config/rabbitmq.ini b/production/haraka-wildduck/haraka/config/rabbitmq.ini
new file mode 100755
index 0000000..2a2f6c7
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/rabbitmq.ini
@@ -0,0 +1,10 @@
+[rabbitmq]
+exchangeName  = emailMessages
+server_ip = localhost
+server_port = 5672
+queueName = email
+deliveryMode = 2
+confirm = true
+durable = true
+autoDelete = false
+exchangeType = direct
diff --git a/production/haraka-wildduck/haraka/config/rabbitmq_amqplib.ini b/production/haraka-wildduck/haraka/config/rabbitmq_amqplib.ini
new file mode 100755
index 0000000..5c08aaa
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/rabbitmq_amqplib.ini
@@ -0,0 +1,12 @@
+[rabbitmq]
+host = localhost
+port = 5672
+user = guest
+password = guest
+exchangeName  = email_messages
+exchangeType = direct
+queueName = emails
+deliveryMode = 2
+confirm = true
+durable = true
+autoDelete = false
\ No newline at end of file
diff --git a/production/haraka-wildduck/haraka/config/rcpt_to.blocklist b/production/haraka-wildduck/haraka/config/rcpt_to.blocklist
new file mode 100755
index 0000000..3b11b87
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/rcpt_to.blocklist
@@ -0,0 +1 @@
+# This is a blocklist for the rcpt_to line. One address per line.
diff --git a/production/haraka-wildduck/haraka/config/rcpt_to.in_host_list b/production/haraka-wildduck/haraka/config/rcpt_to.in_host_list
new file mode 100644
index 0000000..b9978e2
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/rcpt_to.in_host_list
@@ -0,0 +1,2 @@
+;[main]
+host_list=hatthieves.es
diff --git a/production/haraka-wildduck/haraka/config/rdns.allow_regexps b/production/haraka-wildduck/haraka/config/rdns.allow_regexps
new file mode 100755
index 0000000..e69de29
diff --git a/production/haraka-wildduck/haraka/config/rdns.deny_regexps b/production/haraka-wildduck/haraka/config/rdns.deny_regexps
new file mode 100755
index 0000000..e69de29
diff --git a/production/haraka-wildduck/haraka/config/redis.ini b/production/haraka-wildduck/haraka/config/redis.ini
new file mode 100644
index 0000000..48f27a3
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/redis.ini
@@ -0,0 +1,14 @@
+
+[server]
+host=172.200.0.102
+port=6379
+db=2
+
+[pubsub]
+; host=127.0.0.1
+; port=6379
+
+[opts]
+; db=0
+; password=dontUseThisOne
+
diff --git a/production/haraka-wildduck/haraka/config/relay.ini b/production/haraka-wildduck/haraka/config/relay.ini
new file mode 100755
index 0000000..1a22421
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/relay.ini
@@ -0,0 +1,3 @@
+[relay]
+all=false
+acl=true
diff --git a/production/haraka-wildduck/haraka/config/relay_dest_domains.ini b/production/haraka-wildduck/haraka/config/relay_dest_domains.ini
new file mode 100755
index 0000000..64c97a1
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/relay_dest_domains.ini
@@ -0,0 +1,2 @@
+[domains]
+hatthieves.es = { "action": "continue" }
diff --git a/production/haraka-wildduck/haraka/config/rspamd.ini b/production/haraka-wildduck/haraka/config/rspamd.ini
new file mode 100644
index 0000000..1673981
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/rspamd.ini
@@ -0,0 +1,30 @@
+
+host = localhost
+port = 11333
+add_headers = always
+[dkim]
+enabled = true
+
+[header]
+bar = X-Rspamd-Bar
+report = X-Rspamd-Report
+score = X-Rspamd-Score
+spam = X-Rspamd-Spam
+
+[check]
+authenticated = true
+private_ip = true
+
+[reject]
+spam = false
+
+[soft_reject]
+enabled = true
+
+[rmilter_headers]
+enabled = true
+
+[spambar]
+positive = +
+negative = -
+neutral = /
diff --git a/production/haraka-wildduck/haraka/config/smtp.ini b/production/haraka-wildduck/haraka/config/smtp.ini
new file mode 100644
index 0000000..20248fa
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/smtp.ini
@@ -0,0 +1,47 @@
+; address to listen on (default: all IPv6 and IPv4 addresses, port 25)
+; use "[::0]:25" to listen on IPv6 and IPv4 (not all OSes)
+; listen=[::0]:25
+
+; Note you can listen on multiple IPs/ports using commas:
+;listen=127.0.0.1:2529,127.0.0.2:2529,127.0.0.3:2530
+
+; public IP address (default: none)
+; If your machine is behind a NAT, some plugins (SPF, GeoIP) gain features
+; if they know the servers public IP. If 'stun' is installed, Haraka will
+; try to figure it out. If that doesn't work, set it here.
+;public_ip=N.N.N.N
+public_ip=82.223.3.135
+
+; Time in seconds to let sockets be idle with no activity
+;inactivity_timeout=300
+
+; Drop privileges to this user/group
+;user=smtp
+;group=smtp
+
+; Don't stop Haraka if plugins fail to compile
+;ignore_bad_plugins=0
+
+; Run using cluster to fork multiple backend processes
+;nodes=cpus
+nodes=4
+
+; Daemonize
+;daemonize=true
+;daemon_log_file=/var/log/haraka.log
+;daemon_pid_file=/var/run/haraka.pid
+
+; Spooling
+; Save memory by spooling large messages to disk
+;spool_dir=/var/spool/haraka
+; Specify -1 to never spool to disk
+; Specify 0 to always spool to disk
+; Otherwise specify a size in bytes, once reached the
+; message will be spooled to disk to save memory.
+;spool_after=
+
+; Force Shutdown Timeout
+; - Haraka tries to close down gracefully, but if everything is shut down
+;   after this time it will hard close. 30s is usually long enough to
+;   wait for outbound connections to finish.
+;force_shutdown_timeout=30
diff --git a/production/haraka-wildduck/haraka/config/smtp_bridge.ini b/production/haraka-wildduck/haraka/config/smtp_bridge.ini
new file mode 100755
index 0000000..b9a91a8
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/smtp_bridge.ini
@@ -0,0 +1,4 @@
+host=localhost
+#port=
+#auth_type=
+#priority=10
\ No newline at end of file
diff --git a/production/haraka-wildduck/haraka/config/smtp_forward.ini.orig b/production/haraka-wildduck/haraka/config/smtp_forward.ini.orig
new file mode 100755
index 0000000..1fc05db
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/smtp_forward.ini.orig
@@ -0,0 +1,23 @@
+; host to connect to
+host=localhost
+;
+; port to connect to
+port=2555
+;
+; timeout backend connection from pool
+;timeout=300
+;
+; max connections in pool
+;max_connections=1000
+;
+; uncomment to enable TLS to the backend SMTP server
+;enable_tls=true
+;
+; for messages that have multiple RCPT, send a separate message for each RCPT
+; when forwarding.
+;one_message_per_rcpt=true
+;
+; uncomment to use smtp client authorization
+;auth_type=plain
+;auth_user=
+;auth_pass=
diff --git a/production/haraka-wildduck/haraka/config/smtp_proxy.ini b/production/haraka-wildduck/haraka/config/smtp_proxy.ini
new file mode 100755
index 0000000..80ff92d
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/smtp_proxy.ini
@@ -0,0 +1,19 @@
+; host to connect to
+host=localhost
+;
+; port to connect to
+port=2555
+;
+; timeout backend connection from pool
+;timeout=300
+;
+; max connections in pool
+;max_connections=1000
+;
+; uncomment to enable TLS to the backend SMTP server
+; enable_tls=1
+;
+; uncomment to use smtp client authorization
+;auth_type=plain
+;auth_user=
+;auth_pass=
diff --git a/production/haraka-wildduck/haraka/config/smtpgreeting b/production/haraka-wildduck/haraka/config/smtpgreeting
new file mode 100644
index 0000000..c380d65
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/smtpgreeting
@@ -0,0 +1 @@
+Wildduck Mail MX
diff --git a/production/haraka-wildduck/haraka/config/spamassassin.ini b/production/haraka-wildduck/haraka/config/spamassassin.ini
new file mode 100755
index 0000000..fba3aa0
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/spamassassin.ini
@@ -0,0 +1,41 @@
+; How does Haraka connect to the SpamAssassin spamd daemon?
+; TCP/IP: 127.0.0.1:783
+; socket: /var/run/spamd/spamd.sock
+spamd_socket=127.0.0.1:783
+
+; the username we tell spamd the message is to (default: default)
+;spamd_user=first-recipient (see docs)
+;spamd_user=
+
+; messages larger than this are not scored by SA
+max_size=500000
+
+; Munge the subject of messages with a score higher than..
+; munge_subject_threshold=5
+subject_prefix=*** SPAM ***
+
+; what to do with incoming messages with X-Spam-* headers
+; options are: rename, drop, keep
+old_headers_action=rename
+
+; use the SpamAssassin 3.0+ syntax in X-Spam-Status header
+; modern: No, score=0.8 required=8.0 tests=...
+; legacy: No, hits=0.8 required=8.0 tests=...
+modern_status_syntax=1
+
+; Reject all messages with more than this many hits
+; reject_threshold=10
+
+; when a connection has relay privileges, the rejection limit
+; relay_reject_threshold=7
+
+; How long should we wait for SpamAssassin to answer the socket
+; in seconds (default: 30)
+;connect_timeout=
+
+; How long should we wait for a result from SpamAssassin
+; in seconds (default: 300)
+;results_timeout=
+
+; Merge SpamAssassin's headers into the message
+;add_headers=true
diff --git a/production/haraka-wildduck/haraka/config/spf.ini b/production/haraka-wildduck/haraka/config/spf.ini
new file mode 100755
index 0000000..d6f5bae
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/spf.ini
@@ -0,0 +1,3 @@
+; See 'haraka -h spf' for options
+[relay]
+context=sender
diff --git a/production/haraka-wildduck/haraka/config/tarpit.timeout b/production/haraka-wildduck/haraka/config/tarpit.timeout
new file mode 100755
index 0000000..573541a
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/tarpit.timeout
@@ -0,0 +1 @@
+0
diff --git a/production/haraka-wildduck/haraka/config/tls.ini b/production/haraka-wildduck/haraka/config/tls.ini
new file mode 100644
index 0000000..61c0f05
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/tls.ini
@@ -0,0 +1,34 @@
+; See 'haraka -h tls'
+
+key=/secure/privkey.pem
+cert=/secure/fullchain.pem
+; dhparam=dhparams.pem
+
+; ciphers: a list of permitted ciphers
+; The default cipher list is provided by node.js and is considered secure at
+; the time of that versions release. If you have problems with the default cipher
+; list, try enabling this "kinda high but more compatible" setting.
+ciphers=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
+
+; honorCipherOrder=false
+; rejectUnauthorized=false
+; requestCert=true
+; requestOCSP=false
+
+
+[redis]
+; options in this block require redis to be enabled in config/plugins.
+
+; remember when a remote fails STARTTLS. The next time they connect,
+;     don't offer STARTTLS option (so message gets delivered).
+;     pro: increases mail reliability
+;     con: reduces security
+; default: false
+; disable_for_failed_hosts=true
+
+
+; no_tls_hosts - disable TLS for servers with broken TLS.
+[no_tls_hosts]
+; 127.0.0.1
+; 192.168.1.1
+; 172.16.0.0/16
diff --git a/production/haraka-wildduck/haraka/config/tls/tls_cert.pem b/production/haraka-wildduck/haraka/config/tls/tls_cert.pem
new file mode 100644
index 0000000..d26d8bc
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/tls/tls_cert.pem
@@ -0,0 +1,75 @@
+-----BEGIN CERTIFICATE-----
+MIIIVjCCBz6gAwIBAgISA8Jo2I+wm6HN874pZXaJJ2joMA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMjQxMTEyNDFaFw0x
+OTA2MjIxMTEyNDFaMBgxFjAUBgNVBAMTDWhhdHRoaWV2ZXMuZXMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDHIrop2jO4CgPl6wtswTN7q0hCpddL1B0I
+ucZwhDE8HsxqIqBLU6mbxqxB8Fy8sOPeiGkjpd0T4PXZf0XeChVMyevNw1pLac6x
+ORcEZXyjwcglwlk2iAkzqJTLbDlMBM2ngv9zVe1tN9h1cPCbGu5o/LSQd0pxPY0z
+7vAQynWXxAFDiFQ9LK0Cii05mxTJwQ6kWWZvuMvaSyxCP4yEQxtLrm9XN7MdwrJW
+ufYXE92jXPdWDrADuUjnlvvwBsKLKEnvOqU+Dzc6y/M55qIH4jz008n7IJ65BwGW
+yAgYaVAZMRGEPoSQi3uZmk5tqitxRBCPJIDDkr79FO7S7uPxVexQgtG263Z3E8IO
+NI1n9RtxrMel1enYqIqXf/1v6FK1XyAaeIGluPJvPdD5tVO7FdGa8Winu5uBSC3g
+KYXnxACrQ6HMb9R1EO0mH02PcsJlsqXpwYk3l6tuxgQ2gc61MuvnfJf0s8rdqjI1
+Dy0Hyyd1DKQ6yq1mclzLXRqafHHhR1p3IkZsbCMfJX9sEViD0suDCO4T7pkfgoHH
+Ru1XPsAqj1HyqGZ+qvqvfrtEGUVRe07TJjrZm7MQeOCGK3oeQ+HSQHP6gc8c8bEK
+VysUEDm34lWU+YoGmoSgPkq696LfFow932H0l/8GbpeW1379cMOmqNRtjcKldqs+
+bQ+j2yjUfwIDAQABo4IEZjCCBGIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSZfil2
+ea+w5jutRfuqQ2PfUHrcajAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js
+oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14
+My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14
+My5sZXRzZW5jcnlwdC5vcmcvMIICGgYDVR0RBIICETCCAg2CGGFwaS1tdXJkb3Qu
+aGF0dGhpZXZlcy5lc4IPZGVmYXVsdGRyb3AubmV0ghRkb2NrZXIuaGF0dGhpZXZl
+cy5lc4ITZ2l0ZWEuaGF0dGhpZXZlcy5lc4IUaGFkb29wLmhhdHRoaWV2ZXMuZXOC
+DWhhdHRoaWV2ZXMuZXOCFGhpZGRlbi5oYXR0aGlldmVzLmVzghJpbWFwLmhhdHRo
+aWV2ZXMuZXOCFWplbmtpbnMuaGF0dGhpZXZlcy5lc4ITbGFiLmRlZmF1bHRkcm9w
+Lm5ldIIYbGFuZ29zdGluby5oYXR0aGlldmVzLmVzghJtYWlsLmhhdHRoaWV2ZXMu
+ZXOCGG11bWJsZS13ZWIuaGF0dGhpZXZlcy5lc4IUbXVyZG90LmhhdHRoaWV2ZXMu
+ZXOCEG13LmhhdHRoaWV2ZXMuZXOCEXBhZC5oYXR0aGlldmVzLmVzghFwaWcuaGF0
+dGhpZXZlcy5lc4ISc210cC5oYXR0aGlldmVzLmVzghNzb25hci5oYXR0aGlldmVz
+LmVzghNzdGF0cy5oYXR0aGlldmVzLmVzghV0bHItYXBpLmhhdHRoaWV2ZXMuZXOC
+EXRsci5oYXR0aGlldmVzLmVzghV3ZWJtYWlsLmhhdHRoaWV2ZXMuZXOCEXd3dy5o
+YXR0aGlldmVzLmVzghJ5YWN5LmhhdHRoaWV2ZXMuZXMwTAYDVR0gBEUwQzAIBgZn
+gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
+ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB0ftqDMa0z
+EJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWmvngBDAAAEAwBHMEUCIHpwbOHw
+Y5kBY2d6fwrNIaLTRGiSgUvYVQ0LRYhOMhxRAiEA3+pzWzTRxEhh7HTm5FZxPhoN
+F/uSR2+tvzT7gLaQy2cAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvY
+jQAAAWmvngDNAAAEAwBHMEUCIQCG5JuVO7PeKpILRgABsLVvAER+8s4TNMJ+d7KU
+IajDMwIgOZi3G0uF0tfp8maGqkwiyLIGbBEKiJiHguMNEbyIwrswDQYJKoZIhvcN
+AQELBQADggEBAHYgte/aNIn/F1VoXGDDWsHKteyP/BsPLudYvrciqOYLfoEESM/T
+q+vdn/UKpV35B3hzCT7rX7GvkrYP6GAJBgR3CBfMKBcKTU1nipU1Ptol93vssTbk
+2NP2TphIxw5zMdO5E0/qMErfV+RXuvzOW7LCHs+NFdw9//K2yYL2KCGpoK9EI1ul
+/gu9oD3AE3fN7epbZqfwVIt+OBohqZj8BSpHyUMRTjSmG/vBzv1VggLcMLF1y4tM
+7mbO15306U/s1G/g53+Z0+1U6RwVvsBXAvOzKBppo0pIUD6kl37T5f27qTnlbkQI
+ksSqqZsZuVcfjar/F4wctnbR+9zyIzDrR88=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
+SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
+GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
+q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
+SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
+Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
+a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
+/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
+CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
+bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
+c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
+VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
+ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
+MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
+Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
+AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
+uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
+wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
+X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
+PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
+KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----
diff --git a/production/haraka-wildduck/haraka/config/tls/tls_key.pem b/production/haraka-wildduck/haraka/config/tls/tls_key.pem
new file mode 100644
index 0000000..d5d57c7
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/tls/tls_key.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAxyK6KdozuAoD5esLbMEze6tIQqXXS9QdCLnGcIQxPB7MaiKg
+S1Opm8asQfBcvLDj3ohpI6XdE+D12X9F3goVTMnrzcNaS2nOsTkXBGV8o8HIJcJZ
+NogJM6iUy2w5TATNp4L/c1XtbTfYdXDwmxruaPy0kHdKcT2NM+7wEMp1l8QBQ4hU
+PSytAootOZsUycEOpFlmb7jL2kssQj+MhEMbS65vVzezHcKyVrn2FxPdo1z3Vg6w
+A7lI55b78AbCiyhJ7zqlPg83OsvzOeaiB+I89NPJ+yCeuQcBlsgIGGlQGTERhD6E
+kIt7mZpObaorcUQQjySAw5K+/RTu0u7j8VXsUILRtut2dxPCDjSNZ/UbcazHpdXp
+2KiKl3/9b+hStV8gGniBpbjybz3Q+bVTuxXRmvFop7ubgUgt4CmF58QAq0OhzG/U
+dRDtJh9Nj3LCZbKl6cGJN5erbsYENoHOtTLr53yX9LPK3aoyNQ8tB8sndQykOsqt
+ZnJcy10amnxx4UdadyJGbGwjHyV/bBFYg9LLgwjuE+6ZH4KBx0btVz7AKo9R8qhm
+fqr6r367RBlFUXtO0yY62ZuzEHjghit6HkPh0kBz+oHPHPGxClcrFBA5t+JVlPmK
+BpqEoD5Kuvei3xaMPd9h9Jf/Bm6Xltd+/XDDpqjUbY3CpXarPm0Po9so1H8CAwEA
+AQKCAgA6F/B1azmxVAKlHXfcx1QsnOBcySLQ9VVvCTtR8c6nOljqEaXvs72EO2Zf
+ai6zwWsIrYT2qFmhhfxS8iVAzHJAT5viED6UR47L9tq3JqBA6bRpB5SdKvx8PI8D
+9VOV0MTqPHYngIbeWO9l+4fFyAqLSEWo65QlCw7ZerhAPcAmgUDZIblpi1IBrqvY
+5VwgK5kI6yfOKfwWd922ifGFWEprPr0ulYpEgVsjn+ah/uKm2OUzDt/chj41ib9/
+24j/rcY760DvpOK43WzclGLqp96ekfaXs4F6ewfEpCBwdrCuWLlCejaUMIzjV7fP
+mFhKF9A44i5KX9Il5OhzUsveyPFCW7ahdn5Yj4GweStGi+359+WZltcUE1dtLpsV
+Q7cXHtzVrx1jgqEEEqN+1qN7gyWQdxzGRl4EV4B9FkVyijKTf2lX4kSsVFCj6Y51
+Q497pGVYV5gQkS13O6Oy1Qothh2DFf1ixwBYbmGWAheoTbK340qjuZE4If7YOrQs
+aZT5F8Qpste7yUs00rP+Xi8bAgiMGVue+z4XCtukiDyW4IByTV2LLvM5cmklhIWr
+1pLHmus9imc7ArnNW5YUU+hz+ITTc5G9dcwezl9uQhPlpEVomHwvgKq4mdNted1D
+ub8PoPwfY945Uf8yCDPO6B2qIv0Jmw2sTEDW4EfVcFq0UOs4YQKCAQEA7H8WTRgp
++r1+O8ADikRi0td/UY0LIYe5eDjhcZ/ryRET/rQBQO0VjYcYVhwWgDmy8K2MdSDd
+vMpU6NvixJZxV8A44XYg8jPvbw0hgzbPaDtFi6dWBaS/lJ7ahHnBG2Lpvbvx3PRe
+PYnumo8OulgdpQjRYUnQi78K5GJO42gtCimigvnGmUdxn9/lx+0D/eXZC/sYahMo
+Ya9oIir/K5OZMyq6b2jpq943W+ylIHpBn/7vjg+yvjqOBsIvLl4I7XsbxU8A7L/E
+RCEhMHF3EX1l75ALLDkPwQWNZHwDemoBxXowXd7rb4CNbX0XJ3b8HJ0DTe3xabts
+5sbK7oM/GqrBLwKCAQEA147hFsWu6Y+aQdVxfxeEmmVReqVdCKvoI6RQx4qX6Rpb
+8ZZw9TxHhfSsrmMXQn7AgdiBYlpOax8kD3nmJv5jgqcV8CIsa1qVr8cv36eprkcs
+4ZaFZEJe5I17ePksDrXzlt8ACRoETwaB7/tjbf1Jlhbn5w2gfUPxe/65Zco2wMu+
+m/yAUYM1ryyZSNnoxAuYebghMs3kQzzh6QMb7TWpgRx10pRpvSiMQH1kvHooguoe
+yD23zBEEvKdfVKsul1FbQDoF+Vr2yrH6ua0f0yM/3C+ZZzPWeqR7EsID6wjv9Gcj
+2ohV60hBxBaWZdSjcaV40HxrYK6or9S8Oa7BmhwtsQKCAQEA4ee728S7ROKBlH2k
+ZA1TAOgMnE/IVC0bw3VCFJGYXyZLHT/A+s39ioWDf62w6Kc1AKYmxzOv28jCNvTj
+trmmZxYcv3Fhozps+n1mh7pxgLUth2s+xoFK56KeRXEwPwLLGAxRyqg65Tm+jDEe
+9m15U84Kg45JAVRqCSLHDH7UlyKSM954EK6oIPl0uvbymzNVkxY1ig3mwvkU1Z6Q
+xIVnD/M+x3FF1ICeDNcOHOnrifOxzNe9++xfAqG3A+mbSY4RRvZigcPkrNegpm+c
+Nz67gozrv0B6hfzRxSyY/fQI4SQI04I/DvGTJwUYewAzbvmk0Gn78u2v5vn5msAQ
+JV76zQKCAQBo5kJJx7gAN38VLJ8H/1TrogTNz61/q9DTj4I0KREWQlqeLd0YqtYP
+rWtfjh9in7ZlOgx05Yel/8iXs3W6Yi/hBBjb/HVrZPDVUvTMPZaIlmCUA6E0kkwF
+o4iD7ZZwLkG1mR42T6/rGTqgo9DWVN27qbf/LBV/AFKDSgnFLGwK1NwUowN7J4Q3
+lFegKVNqHE5+ZYnaZHIB+p3hvD6Z6HRtvYDlEo6GnDXsqFkek8AlPXPvdIF+UIXi
+nPz6gjexMclbbyE7IPZa29QtCcAkCtJn/84CeCqXEnZGQZ6QgY/se0jqb1CIqGhA
+2dElCx7jDmjF5NaIfVbgAoH6/D2BFtdxAoIBAQDdmdZTq0ya4+v15gzmuiuPyw50
+dY1St/FQkJEHB3pbIKtpyKc7L+chsEvYklTI+SjVCVZENZKWtgDjPx29GNSGNyf+
+zTbs8kxuH/a6gP4YZ1PfWSL1mCEybDwyErRfKpfoV0kqeVytkq2XnMSs5kkzBwfZ
+dOXCZa6EzkuTjA78n/FKB924fWHrHT5JR1MFi078H2AXwfEZ+bFlsa3D2KCCbrgk
+033CJE2hAyGjovCgU+xCMkjPF9jct0o9qO+4Tts06kW/ET0asrHjr9OyJOQ5D4pO
+hMF0wOyktFBPj1W63AWv8I6N6mRbWG/jSqATaPucv2VAT6e9J4BUi+SCVVY9
+-----END RSA PRIVATE KEY-----
diff --git a/production/haraka-wildduck/haraka/config/watch.ini b/production/haraka-wildduck/haraka/config/watch.ini
new file mode 100755
index 0000000..a5cc306
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/watch.ini
@@ -0,0 +1,12 @@
+; watch - a web interface for viewing Haraka activity
+
+; Sampling:Limit display to 1 connection per second (Default: false)
+; sampling=false
+
+[wss]
+; url (Default: same URL as HTTP client used)
+; The WebSocket client will attempt to connect via the same URI (changing only
+; the scheme) as the initial HTTP connection. WSS is stricter than typical
+; HTTP so the scheme and hostname *must* match else it silently fails.
+;
+; url=wss://mail.example.com/
diff --git a/production/haraka-wildduck/haraka/config/wildduck.ini b/production/haraka-wildduck/haraka/config/wildduck.ini
new file mode 100755
index 0000000..95af064
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/wildduck.ini
@@ -0,0 +1,92 @@
+## Connect to a master instance or Redis
+redis:
+    port: 6379
+    host: '172.200.0.102'
+    db: 3
+#  password: ""
+
+## Or alternatively, connect to Redis Sentinel
+# redis:
+#   name: "mymaster"
+#   password: ""
+#   db: 3
+#   sentinels:
+#     - host: "1.2.3.4"
+#       port: 26379
+#     - host: "1.2.3.5"
+#       port: 26379
+#     - host: "1.2.3.6"
+#       port: 26379
+
+mongo:
+    # connection string for main messages database
+    url: 'mongodb://172.200.0.103:27017/wildduck'
+
+    ## database name or connection string for the users db
+    users: 'mongodb://172.200.0.103:27017/wildduck'
+
+    ## database name or connection string for the attachments db
+    gridfs: 'mongodb://172.200.0.103:27017/wildduck'
+
+    ## database name or connection string for the outbound queue
+    sender: 'mongodb://172.200.0.103:27017/zone-mta'
+
+sender:
+    # Push messages to ZoneMTA queue for delivery
+    # if `false` then no messages are sent
+    enabled: true
+
+    # which ZoneMTA queue to use by default. This mostly affects forwarded messages
+    zone: 'default'
+
+    # Collection name for GridFS storage
+    gfs: 'mail'
+
+    # Collection name for the queue
+    # see [dbs].sender option for choosing correct database to use for ZoneMTA queues
+    # by default the main wildduck database is used
+    collection: 'zone-queue'
+
+srs:
+    # must be shared with ZoneMTA SRS config, otherwise messages sent from ZoneMTA are not recognized by Haraka
+    secret: 'asecretcat'
+
+attachments:
+    type: 'gridstore'
+    bucket: 'attachments'
+    decodeBase64: true
+
+log:
+    authlogExpireDays: 30
+
+limits:
+    windowSize: 3600 # 1 hour
+    rcptIp: 100 # allowed messages for the same recipient from same IP during window size
+    rcptWindowSize: 60 # 1 minute
+    rcpt: 60 # allowed messages for the same recipient during window size
+
+gelf:
+    enabled: false
+    component: 'mx'
+    options:
+        graylogPort: 12201
+        graylogHostname: '127.0.0.1'
+        connection: 'lan'
+
+rspamd:
+    # do not process forwarding addresses for messages with the following spam score
+    forwardSkip: 10
+
+    # if a message has one of the tags listed here with positive score, the message will be rejected
+    blacklist:
+        - DMARC_POLICY_REJECT
+
+    # if a message has one of the tags listed here with positive score, the message will be soft rejected
+    softlist:
+        - RBL_ZONE
+
+    # define special responses
+    responses:
+        DMARC_POLICY_REJECT: 'Unauthenticated email from {host} is not accepted due to domain''s DMARC policy'
+        RBL_ZONE: '[{host}] was found from Zone RBL'
+
diff --git a/production/haraka-wildduck/haraka/config/xclient.hosts b/production/haraka-wildduck/haraka/config/xclient.hosts
new file mode 100755
index 0000000..f587f7f
--- /dev/null
+++ b/production/haraka-wildduck/haraka/config/xclient.hosts
@@ -0,0 +1,2 @@
+# List of IP addresses that are allowed to use XCLIENT
+127.0.0.1
diff --git a/production/haraka-wildduck/webmail/Dockerfile b/production/haraka-wildduck/webmail/Dockerfile
new file mode 100644
index 0000000..316392f
--- /dev/null
+++ b/production/haraka-wildduck/webmail/Dockerfile
@@ -0,0 +1,8 @@
+FROM node:8-slim
+RUN apt update && apt -y install git python make sudo
+RUN git clone https://github.com/nodemailer/wildduck-webmail /webmail
+RUN chown node.node -R /webmail
+WORKDIR /webmail
+RUN git checkout 5c54625a8b192823184ba7f5da41f3414e76db94
+RUN sudo -u node npm install
+RUN sudo -u node npm run bowerdeps
diff --git a/production/haraka-wildduck/webmail/config/default.toml b/production/haraka-wildduck/webmail/config/default.toml
new file mode 100644
index 0000000..9e7d7d6
--- /dev/null
+++ b/production/haraka-wildduck/webmail/config/default.toml
@@ -0,0 +1,78 @@
+name="webmail.hatthieves.es"
+
+title="Wild Duck Mail - HatThieves.es"
+
+[service]
+    # email domain for new users
+    domain="hatthieves.es"
+    # default quotas for new users
+    quota=1024
+    recipients=2000
+    forwards=2000
+    identities=10
+    allowIdentityEdit=true
+    allowJoin=false
+    enableSpecial=true # if true the allow creating addresses with special usernames
+    # allowed domains for new addresses
+    domains=["hatthieves.es"]
+
+[api]
+#    url="http://127.0.0.1:8080"
+#    accessToken=""
+    url="http://172.200.0.101"
+    accessToken="nohaytoken"
+
+[dbs]
+    # mongodb connection string for the main database
+    mongo="mongodb://172.200.0.103:27017/wildduck"
+
+    # redis connection string for Express sessions
+    redis="redis://172.200.0.102:6379/3"
+
+[www]
+    host="172.200.0.104"
+    port=3000
+    proxy=true
+    postsize="5MB"
+    log="dev"
+    secret="secret time for hatthieves"
+    secure=false
+#    baseurl="https://webmail.hatthieves.es"
+    listSize=50
+
+[recaptcha]
+    enabled=false
+    siteKey=""
+    secretKey=""
+
+[totp]
+    # Issuer name for TOTP, defaults to config.name
+    issuer=false
+    # once setup do not change as it would invalidate all existing 2fa sessions
+    secret="a secret cat"
+
+[u2f]
+    # set to false if not using HTTPS
+    enabled=false
+    # must be https url or use default
+    #appId="https://127.0.0.1:8080"
+    appId="https://webmail.hatthieves.es"
+
+[log]
+    level="silly"
+    mail=true
+
+[setup]
+    # these values are shown in the configuration help page
+    [setup.imap]
+        hostname="imap.hatthieves.es"
+        secure=true
+        port=993
+    [setup.pop3]
+        hostname="imap.hatthieves.es"
+        secure=true
+        port=993
+    [setup.smtp]
+        hostname="smtp.hatthieves.es"
+        secure=true
+        port=587
diff --git a/production/haraka-wildduck/webmail/config/development.toml b/production/haraka-wildduck/webmail/config/development.toml
new file mode 100644
index 0000000..2d5cb21
--- /dev/null
+++ b/production/haraka-wildduck/webmail/config/development.toml
@@ -0,0 +1,28 @@
+name="Wild Duck Mail Temporary"
+
+[service]
+    # email domain for new users
+    domain="local.tahvel.info"
+    # default quotas for new users
+    quota=102400
+    # allowed domains for new addresses
+    domains=["local.tahvel.info", "example.com"]
+
+[www]
+    proxy=true
+    baseurl="https://local.tahvel.info"
+
+[setup]
+    # these values are shown in the configuration help page
+    [setup.imap]
+        hostname="local.tahvel.info"
+        secure=true
+        port=993
+    [setup.pop3]
+        hostname="local.tahvel.info"
+        secure=true
+        port=995
+    [setup.smtp]
+        hostname="local.tahvel.info"
+        secure=false
+        port=587
diff --git a/production/haraka-wildduck/webmail/logo.png b/production/haraka-wildduck/webmail/logo.png
new file mode 100644
index 0000000..df44e64
Binary files /dev/null and b/production/haraka-wildduck/webmail/logo.png differ
diff --git a/production/haraka-wildduck/webmail/views/account/2fa.hbs b/production/haraka-wildduck/webmail/views/account/2fa.hbs
new file mode 100644
index 0000000..6d77461
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/2fa.hbs
@@ -0,0 +1,85 @@
+<input type="hidden" id="_csrf" value="{{csrfToken}}" />
+
+<div class="panel panel-default">
+    <div class="panel-heading">
+        <h3 class="panel-title"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Two factor authentication</h3>
+    </div>
+    <div class="panel-body">
+
+        <div id="show-u2f" style="display:{{#if enabledU2f}}block{{else}}none{{/if}}">
+
+            <div style="margin:10px 0;">
+
+                <div id="u2f-wait">
+                    <img src="/images/u2f-wait.png" />
+                </div>
+
+                <div id="u2f-fail" style="display: none">
+                    <img src="/images/u2f-fail.png" />
+                </div>
+
+                <div id="u2f-success" style="display: none">
+                    <img src="/images/u2f-success.png" />
+                </div>
+
+            </div>
+
+            <p id="message">
+                Initializing...
+            </p>
+
+            <div>
+                <div class="pull-right">
+                    <a href="#" id="enable-totp">or use security code</a>
+                </div>
+                <a href="/account/logout"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
+            </div>
+
+        </div>
+
+        <div id="show-totp" style="display:{{#if enabledU2f}}none{{else}}block{{/if}}">
+
+            <form id="totp-form">
+
+                <p>
+                    Open your authentication app and enter the code to log in
+                </p>
+
+                <div class="form-group" id="totp-token-field">
+                    <label for="token">Security code</label>
+                    <input type="number" class="form-control" id="token" placeholder="6 digit code" required autofocus>
+                    <span class="help-block" id="totp-token-error" style="display: none"></span>
+                </div>
+
+                <div>
+                    <div class="pull-right">
+                        <button type="submit" id="totp-btn" class="btn btn-success" data-loading-text="Checking..."><span class="glyphicon glyphicon-ok" aria-hidden="true"></span> Verify</button>
+                    </div>
+                    <a href="/account/logout"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
+                </div>
+
+                <div class="clearfix"></div>
+
+            </form>
+
+        </div>
+
+        <div class="checkbox form-footer">
+            <label>
+                <input type="checkbox" id="remember2fa"> Trust this device for 30 days
+            </label>
+        </div>
+
+    </div>
+</div>
+
+<script>
+// U2F support must be checked *before* loading /u2f-api.js
+{{! only check if user has enabled u2f, otherwise no reason to use it }}
+var U2FSUPPORT = {{#if enabledU2f}}typeof u2f === 'object' || typeof chrome === 'object'{{else}}false{{/if}};
+</script>
+
+<script src="/login-key-handler.js"></script>
+<script src="/u2f-api.js"></script>
+
+<script src="/2fa.js"></script>
diff --git a/production/haraka-wildduck/webmail/views/account/autoreply.hbs b/production/haraka-wildduck/webmail/views/account/autoreply.hbs
new file mode 100644
index 0000000..16f8681
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/autoreply.hbs
@@ -0,0 +1,142 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-calendar" aria-hidden="true"></span> Autoreply</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+        <form method="post" action="/account/autoreply">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" id="start" name="start" value="{{#if values.start}}{{values.start}}{{/if}}" />
+            <input type="hidden" id="end" name="end" value="{{#if values.end}}{{values.end}}{{/if}}" />
+
+            <fieldset>
+                <div class="panel panel-default">
+                    <div class="panel-heading">
+                        <h3 class="panel-title">Autoreply settings</h3>
+                    </div>
+                    <div class="panel-body">
+
+                    <p>
+                        If enabled then an autoreply message is sent to all incoming messages. If a contact sends multiple messages then the autoreply is sent at most once in every four hours.
+                    </p>
+
+                    <div class="radio">
+                        <label>
+                            <input type="radio" name="status" value="false" {{#unless values.status}}checked{{/unless}}>
+                            Autoreply is {{#unless values.status}}<span class="label label-default">disabled</span>{{else}}disabled{{/unless}}
+                        </label>
+                    </div>
+
+                    <div class="radio">
+                        <label>
+                            <input type="radio" name="status" value="true" {{#if values.status}}checked{{/if}}>
+                            Autoreply is {{#if values.status}}<span class="label label-info">enabled</span>{{else}}enabled{{/if}}
+                        </label>
+                    </div>
+
+                    <div class="form-group">
+                        <label for="name">Name</label>
+                        <input type="text" class="form-control" id="name" name="name" value="{{values.name}}" placeholder="Sender name in the autoreply From: header">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="subject">Subject</label>
+                        <input type="text" class="form-control" id="subject" name="subject" value="{{values.subject}}" placeholder="Leave blank to use the default subject">
+                    </div>
+
+                    <div class="form-group">
+                        <label for="daterange">Time</label>
+                        <div class="form-group-sm daterangeElm" style="position: relative">
+                            <input type="text" id="daterange" class="form-control" value="">
+                            <i class="glyphicon glyphicon-calendar fa fa-calendar" style="position: absolute; bottom: 10px; right: 24px; top: auto; cursor: pointer;"></i>
+                        </div>
+                    </div>
+
+                    <div class="form-group">
+                        <label for="message">Message</label>
+                        <textarea class="form-control" name="text" value="{{values.text}}" rows="3">{{values.text}}</textarea>
+                    </div>
+
+                    <div class="form-group">
+                        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Update</button>
+                    </div>
+
+                </div>
+            </div>
+
+            </fieldset>
+        </form>
+
+    </div>
+</div>
+
+<script>
+    document.addEventListener("DOMContentLoaded", function(event) {
+        $('#daterange').daterangepicker({
+            "showDropdowns": true,
+            "showISOWeekNumbers": true,
+            "timePicker": true,
+            "timePicker24Hour": true,
+            "autoApply": true,
+            "autoUpdateInput": false,
+            "locale": {
+                "direction": "ltr",
+                "format": "DD/MM/YYYY HH:mm",
+                "separator": " - ",
+                "applyLabel": "Select",
+                "cancelLabel": "Cancel",
+                "fromLabel": "From",
+                "toLabel": "To",
+                "customRangeLabel": "Custom",
+                "daysOfWeek": [
+                    "Su",
+                    "Mo",
+                    "Tu",
+                    "We",
+                    "Th",
+                    "Fr",
+                    "Sa"
+                ],
+                "monthNames": [
+                    "January",
+                    "February",
+                    "March",
+                    "April",
+                    "May",
+                    "June",
+                    "July",
+                    "August",
+                    "September",
+                    "October",
+                    "November",
+                    "December"
+                ],
+                "firstDay": 1
+            },
+
+            {{#if values.start}}
+                "startDate": moment("{{values.start}}").format('DD/MM/YYYY HH:mm'),
+            {{/if}}
+
+            {{#if values.end}}
+                "endDate": moment("{{values.end}}").format('DD/MM/YYYY HH:mm'),
+            {{/if}}
+
+            "alwaysShowCalendars": true
+        }, function(start, end, label) {
+            document.getElementById('start').value = start.valueOf();
+            document.getElementById('end').value = end.valueOf();
+            document.getElementById('daterange').value = start.format('DD/MM/YYYY HH:mm') + ' – ' + end.format('DD/MM/YYYY HH:mm');
+        });
+
+        $('.daterangeElm i').click(function() {
+            $(this).parent().find('input').click();
+        });
+
+        {{#if values.start}}
+            document.getElementById('daterange').value = moment("{{values.start}}").format('DD/MM/YYYY HH:mm') + ' – ' + moment("{{values.end}}").format('DD/MM/YYYY HH:mm');
+        {{/if}}
+    });
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/create.hbs b/production/haraka-wildduck/webmail/views/account/create.hbs
new file mode 100644
index 0000000..df85d3e
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/create.hbs
@@ -0,0 +1,140 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Create new account</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <form method="post" id="create-form" action="/account/create">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" id="domain" name="domain" value="{{values.domain}}">
+
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account information</h3>
+                </div>
+                <div class="panel-body">
+
+                    <p>
+                        Enter your account details. Account username is allowed to include latin characters only. Activated accounts can add extra identity addresses that may contain unicode characters as well.
+                    </p>
+
+                    <div class="row">
+                        <div class="col-md-6">
+
+                            <div class="form-group{{#if errors.name}} has-error{{/if}}">
+                                <label for="name">Your name</label>
+                                <input type="text" class="form-control" name="name" id="name" placeholder="eg. &quot;Jaan Tamm&quot;" value="{{values.name}}" required>
+                                {{#if errors.name}}
+                                    <span class="help-block">{{errors.name}}</span>
+                                {{/if}}
+                            </div>
+
+                            <div class="form-group{{#if errors.username}} has-error{{/if}}">
+                                <label for="name">Your new address (also the username)</label>
+                                <div class="input-group">
+                                    <input type="text" class="form-control" name="username" id="username" placeholder="eg. &quot;username&quot; or &quot;user.name&quot;" value="{{values.username}}" pattern="^[A-Za-z0-9][A-Za-z\-\.0-9]*$" required>
+
+                                    <span class="input-group-btn">
+                                        <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                                            @<span class="selected-domain" style="text-transform: lowercase;">{{values.domain}}</span><span class="caret"></span>
+                                          </button>
+                                          <ul class="dropdown-menu dropdown-menu-right">
+                                              {{#each domains}}
+                                                <li><a href="#" class="change-domain-link" data-domain="{{this}}">{{this}}</a></li>
+                                              {{/each}}
+                                          </ul>
+                                     </span>
+                                </div>
+
+                                {{#if errors.username}}
+                                    <span class="help-block">{{errors.username}}</span>
+                                {{else}}
+                                    <span class="help-block">Latin letters and numbers only. Dots and dashes are allowed as separators.<span>
+                                {{/if}}
+                            </div>
+
+                            <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                                <label for="password">Your password</label>
+                                <input type="password" class="form-control" name="password" id="password" placeholder="eg. &quot;supersecret&quot;" required>
+                                {{#if errors.password}}
+                                    <span class="help-block">{{errors.password}}</span>
+                                {{/if}}
+                            </div>
+
+                            <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                                <label for="password2">Repeat password</label>
+                                <input type="password" class="form-control" name="password2" id="password2" placeholder="repeat password" required>
+                            </div>
+
+                            <div class="form-group{{#if errors.remember}} has-error{{/if}}">
+                                <div class="checkbox">
+                                    <label>
+                                        <input type="checkbox" name="remember" required> Agree to <a href="/tos" target="_blank">terms of service</a>
+                                        {{#if errors.remember}}
+                                            <span class="help-block">{{errors.remember}}</span>
+                                        {{/if}}
+                                    </label>
+                                </div>
+                            </div>
+
+                        </div>
+                    </div>
+
+                    <div class="form-group">
+                        {{#if recaptcha}}
+                            <button
+                                class="g-recaptcha btn btn-success"
+                                data-sitekey="{{recaptcha}}"
+                                data-callback="onCreateSubmit">
+                                <span class="glyphicon glyphicon-user" aria-hidden="true"></span>Create new account
+                            </button>
+                        {{else}}
+                            <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-user" aria-hidden="true"></span>Create new account</button>
+                        {{/if}}
+                    </div>
+                </div>
+            </div>
+
+        </form>
+
+    </div>
+</div>
+
+{{#if recaptcha}}
+    <script src='https://www.google.com/recaptcha/api.js'></script>
+
+    <script>
+    function onCreateSubmit(token) {
+        document.getElementById("create-form").submit();
+    }
+    </script>
+{{/if}}
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+
+    var domainElement = document.getElementById('domain');
+
+    var updateDomain = function(e,elm){
+        e.preventDefault();
+        var domain = elm.dataset.domain;
+        if(domain){
+            domainElement.value = domain;
+            document.querySelector('.selected-domain').textContent = domain;
+        }
+    };
+
+    var setupDomainButton = function(elm){
+        elm.addEventListener('click', function(e){updateDomain(e,elm)}, false);
+        elm.addEventListener('touch', function(e){updateDomain(e,elm)}, false);
+    }
+
+    var domainLinks = document.querySelectorAll('.change-domain-link');
+    for(var i=0, len = domainLinks.length; i<len; i++){
+        setupDomainButton(domainLinks[i]);
+    }
+}, false);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/filters.hbs b/production/haraka-wildduck/webmail/views/account/filters.hbs
new file mode 100644
index 0000000..7aeeb91
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/filters.hbs
@@ -0,0 +1,88 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Filters</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <div class="panel panel-default">
+            <div class="panel-heading">
+                <h3 class="panel-title">Mail Filters</h3></div>
+            <div class="panel-body">
+                <p>Here you can create and modify filters that apply on all incoming messages.</p>
+            </div>
+            <table class="table table-responsive">
+                <tbody>
+                    {{#if filters}}
+                        {{#each filters}}
+                            <tr>
+                                <th>
+                                    {{index}}
+                                </th>
+                                <td>
+                                    <div class="pull-right">
+                                        <a href="/account/filters/edit?id={{id}}" class="btn btn-info btn-xs"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> Edit</a>
+
+                                        <button type="button" data-filter="{{id}}" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
+                                    </div>
+                                    <div>
+                                        Query: <strong>{{query}}</strong><br /> Action: {{action}}
+                                    </div>
+                                </td>
+                            </tr>
+                        {{/each}}
+                    {{else}}
+                        <tr>
+                            <td colspan="3">
+                                There are no filters created
+                            </td>
+                        </tr>
+                    {{/if}}
+                </tbody>
+            </table>
+
+            <div class="panel-body">
+                <div class="form-group">
+                    <a href="/account/filters/create" class="btn btn-success"><span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Add new filter</a>
+                </div>
+
+            </div>
+        </div>
+
+    </div>
+</div>
+
+<!-- Modal -->
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="deleteModalLabel">Delete filter</h4>
+      </div>
+      <div class="modal-body">
+        Are you sure you want to permanently delete selected filter?
+      </div>
+      <div class="modal-footer">
+        <form method="post" action="/account/filters/delete">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" id="delete-form-filter" name="id" value="">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, delete</button>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    $('#deleteModal').on('show.bs.modal', function (event) {
+        var button = $(event.relatedTarget); // Button that triggered the modal
+        var filter = button.data('filter'); // Extract info from data-* attributes
+        document.getElementById('delete-form-filter').value = filter;
+    });
+}, false);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/filters/create.hbs b/production/haraka-wildduck/webmail/views/account/filters/create.hbs
new file mode 100644
index 0000000..ded7abc
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/filters/create.hbs
@@ -0,0 +1,18 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> Create filter</h1>
+    </div>
+</div>
+
+
+<form method="post" action="/account/filters/create">
+    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+    {{> filter}}
+
+    <div class="form-group">
+        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Create filter</button>
+        <a href="/account/filters" class="btn btn-warning"><span class="glyphicon glyphicon-menu-left" aria-hidden="true"></span> Cancel</a>
+    </div>
+
+</form>
diff --git a/production/haraka-wildduck/webmail/views/account/filters/edit.hbs b/production/haraka-wildduck/webmail/views/account/filters/edit.hbs
new file mode 100644
index 0000000..c5042fa
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/filters/edit.hbs
@@ -0,0 +1,18 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> Updated filter</h1>
+    </div>
+</div>
+
+<form method="post" action="/account/filters/edit">
+    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+    <input type="hidden" name="id" value="{{values.id}}">
+
+    {{> filter}}
+
+    <div class="form-group">
+        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Update filter</button>
+        <a href="/account/filters" class="btn btn-warning"><span class="glyphicon glyphicon-menu-left" aria-hidden="true"></span> Cancel</a>
+    </div>
+
+</form>
diff --git a/production/haraka-wildduck/webmail/views/account/identities.hbs b/production/haraka-wildduck/webmail/views/account/identities.hbs
new file mode 100644
index 0000000..2aad585
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/identities.hbs
@@ -0,0 +1,131 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> accountmenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <div class="panel panel-default">
+                    <div class="panel-heading">
+                        <h3 class="panel-title">Manage identities</h3></div>
+                    <div class="panel-body">
+                        <p>Here you can add and modify alias addresses for your account. Aliases act just like your main address. You can not send out emails from identities that you do not own.</p>
+                    </div>
+                    <table class="table table-responsive">
+                        <thead>
+                            <th>
+                                &nbsp;
+                            </th>
+                            <th>
+                                Identity name
+                            </th>
+                            <th>
+                                Alias Address
+                            </th>
+                            <th>
+                                Created
+                            </th>
+                            <th>
+                                &nbsp;
+                            </th>
+                        </thead>
+                        <tbody>
+                            {{#each identities}}
+                                <tr class="{{#if main}}identity-main{{/if}}">
+                                    <th>
+                                        {{index}}
+                                    </th>
+
+                                    <td>
+                                        {{#if name}}
+                                            {{name}}
+                                        {{else}}
+                                            <em>–</em>
+                                        {{/if}}
+                                    </td>
+
+                                    <td>
+                                        {{#if main}}
+                                            {{address}} <span>(default)</span>
+                                        {{else}}
+                                            {{address}}
+                                        {{/if}}
+                                    </td>
+
+                                    <td class="datestring" title="{{created}}">
+                                        {{created}}
+                                    </td>
+
+                                    <td class="text-right">
+                                        {{#if ../canEdit}}
+                                            <a href="/account/identities/edit?id={{id}}" class="btn btn-info btn-xs"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> Edit</a>
+                                        {{/if}}
+                                        <button class="btn btn-danger btn-xs" data-address="{{address}}" {{#if main}}disabled{{else}}data-identity="{{id}}" data-toggle="modal" data-target="#deleteModal"{{/if}}><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
+                                    </td>
+                                </tr>
+                            {{/each}}
+                        </tbody>
+                    </table>
+
+                    <div class="panel-body">
+                        <div class="form-group">
+                            {{#if canCreate}}
+                                <a href="/account/identities/create" class="btn btn-success"><span class="glyphicon glyphicon-list-alt" aria-hidden="true"></span> Add new address</a>
+                            {{else}}
+                                <p class="text-muted">
+                                    Maximum amount of identities created
+                                </p>
+                            {{/if}}
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<!-- Modal -->
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="deleteModalLabel">Delete address</h4>
+      </div>
+      <div class="modal-body">
+        Are you sure you want to permanently delete <strong id="delete-form-identity-val">this address</strong>?
+      </div>
+      <div class="modal-footer">
+        <form method="post" action="/account/identities/delete">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" id="delete-form-identity" name="id" value="">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, delete</button>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    $('#deleteModal').on('show.bs.modal', function (event) {
+        var button = $(event.relatedTarget); // Button that triggered the modal
+        var identity = button.data('identity'); // Extract info from data-* attributes
+        document.getElementById('delete-form-identity').value = identity;
+        document.getElementById('delete-form-identity-val').textContent = button.data('address');
+    });
+}, false);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/identities/create.hbs b/production/haraka-wildduck/webmail/views/account/identities/create.hbs
new file mode 100644
index 0000000..7492cf3
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/identities/create.hbs
@@ -0,0 +1,46 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> accountmenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <form method="post" action="/account/identities/create">
+                    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+                    <input type="hidden" id="domain" name="domain" value="{{values.domain}}">
+
+                    <div class="panel panel-default">
+                        <div class="panel-heading">
+                            <h3 class="panel-title">Identity information</h3>
+                        </div>
+                        <div class="panel-body">
+
+                            <div class="row">
+                                <div class="col-md-6">
+                                    {{> identity}}
+                                </div>
+                            </div>
+
+                            <div class="form-group">
+                                <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-list-alt" aria-hidden="true"></span> Add new address</button>
+                                <a href="/account/identities" class="btn btn-warning"><span class="glyphicon glyphicon-menu-left" aria-hidden="true"></span> Cancel</a>
+                            </div>
+                        </div>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/identities/edit.hbs b/production/haraka-wildduck/webmail/views/account/identities/edit.hbs
new file mode 100644
index 0000000..44bcdce
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/identities/edit.hbs
@@ -0,0 +1,46 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> accountmenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+                <form method="post" action="/account/identities/edit">
+                    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+                    <input type="hidden" name="id" value="{{values.id}}">
+                    <input type="hidden" id="domain" name="domain" value="{{values.domain}}">
+
+                    <div class="panel panel-default">
+                        <div class="panel-heading">
+                            <h3 class="panel-title">Identity information</h3>
+                        </div>
+                        <div class="panel-body">
+
+                            <div class="row">
+                                <div class="col-md-6">
+                                    {{> identity}}
+                                </div>
+                            </div>
+
+                            <div class="form-group">
+                                <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-list-alt" aria-hidden="true"></span> Edit address</button>
+                                <a href="/account/identities" class="btn btn-warning"><span class="glyphicon glyphicon-menu-left" aria-hidden="true"></span> Cancel</a>
+                            </div>
+                        </div>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/index.hbs b/production/haraka-wildduck/webmail/views/account/index.hbs
new file mode 100644
index 0000000..6addc7c
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/index.hbs
@@ -0,0 +1,103 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> accountmenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <div class="row">
+                    <div class="col-md-8">
+
+                        <div class="form-group">
+                            <label class="control-label">Address</label>
+                            <div class="input-group">
+                                <p class="form-control-static">
+                                    <a href="mailto:{{address}}">{{address}}</a>
+                                </p>
+                            </div>
+                        </div>
+
+                        <div class="form-group ">
+                            <div class="input-group ">
+                                <button type="button" id="reg-proto" class="btn btn-primary btn-xs"><span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> Register {{serviceName}} as default webmail handler</button>
+                            </div>
+                        </div>
+
+                        <div class="form-group ">
+                            <label class="control-label ">Quota</label>
+                            <div class="input-group ">
+                                <p class="form-control-static ">
+                                    Used <strong>{{storageUsed}}</strong> of <strong>{{quota}}</strong>
+                                </p>
+                            </div>
+                        </div>
+
+                        <div class="progress ">
+                            <div class="progress-bar " role="progressbar " aria-valuenow=" {{storageOverview}} " aria-valuemin="0 " aria-valuemax="100 " style="min-width: 2em; ">
+                                {{storageOverview}}%
+                            </div>
+                        </div>
+
+                        <div class="form-group ">
+                            <label class="control-label ">Messages sent</label>
+                            <div class="input-group ">
+                                <p class="form-control-static ">
+                                    Sent <strong>{{recipientsSent}}</strong> messages, daily allowed quota <strong>{{recipients}}</strong> messages
+                                </p>
+                            </div>
+                        </div>
+
+                        <div class="progress ">
+                            <div class="progress-bar " role="progressbar " aria-valuenow=" {{recipientsOverview}} " aria-valuemin="0 " aria-valuemax="100 " style="min-width: 2em; ">
+                                {{recipientsOverview}}%
+                            </div>
+                        </div>
+
+                        <div class="form-group ">
+                            <label class="control-label ">Forwarded messages</label>
+                            <div class="input-group ">
+                                <p class="form-control-static ">
+                                    Forwarded <strong>{{forwardsSent}}</strong> messages, daily allowed quota <strong>{{forwards}}</strong> messages
+                                </p>
+                            </div>
+                        </div>
+
+                        <div class="progress ">
+                            <div class="progress-bar " role="progressbar " aria-valuenow=" {{forwardsOverview}} " aria-valuemin="0 " aria-valuemax="100 " style="min-width: 2em; ">
+                                {{forwardsOverview}}%
+                            </div>
+                        </div>
+                    </div>
+                </div>
+
+            </div>
+        </div>
+    </div>
+</div>
+
+<input type="hidden" id="service-name" value="{{serviceName}}" />
+<script>
+    function registerMailClient(){
+        var origin = window.location.origin;
+
+        if (!origin) {
+            origin= window.location.protocol + '//' + window.location.hostname + (window.location.port ? (':' + window.location.port) : '');
+        }
+
+        navigator.registerProtocolHandler('mailto', origin + '/webmail/send?to=%s', document.getElementById('service-name').value);
+    }
+    document.getElementById('reg-proto').addEventListener('click', registerMailClient, false);
+
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/login.hbs b/production/haraka-wildduck/webmail/views/account/login.hbs
new file mode 100644
index 0000000..6553630
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/login.hbs
@@ -0,0 +1,68 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Log in</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <form method="post" action="/account/login">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" name="_2faToken" id="_2faToken" value="">
+
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account information</h3>
+                </div>
+                <div class="panel-body">
+
+                    <div class="row">
+                        <div class="col-md-6">
+
+                            <div class="form-group{{#if errors.username}} has-error{{/if}}">
+                                <label class="control-label" for="username">Username</label>
+                                <input type="text" class="form-control lowercase" name="username" id="username" placeholder="username" value="{{values.username}}" required>
+                                {{#if errors.username}}
+                                    <span class="help-block">{{errors.username}}{{#if errors.username_action}} –  <a href="{{errors.username_action.target}}">{{errors.username_action.title}}</a>{{/if}}</span>
+                                {{/if}}
+                            </div>
+
+                            <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                                <label for="password">Your password</label>
+                                <input type="password" class="form-control" name="password" id="password" placeholder="v3rys3cret" required>
+                                {{#if errors.password}}
+                                    <span class="help-block">{{errors.password}}</span>
+                                {{/if}}
+                            </div>
+                        </div>
+                    </div>
+
+                    <div class="form-group">
+                        <div class="checkbox">
+                            <label>
+                                <input type="checkbox" name="remember"> Remember me
+                            </label>
+                        </div>
+                    </div>
+
+
+                    <div class="form-group">
+                        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-log-in" aria-hidden="true"></span> Log in</button>
+                    </div>
+                </div>
+                
+            </div>
+        </form>
+
+    </div>
+</div>
+
+<script src="/login-key-handler.js"></script>
+<script>
+loginKeyHandler.setup(
+    document.getElementById('username'),
+    document.getElementById('_2faToken'),
+    '2fa'
+);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/login.hbs.new b/production/haraka-wildduck/webmail/views/account/login.hbs.new
new file mode 100644
index 0000000..ceedeca
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/login.hbs.new
@@ -0,0 +1,52 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Log in <small>(Autoconfig with <a href="https://www.mozilla.org/thunderbird/" target="_blank">thunderbird</a>)</small></h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-6">
+
+        <form method="post" action="/account/login">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+            <fieldset>
+
+                <div class="form-group{{#if errors.username}} has-error{{/if}}">
+                    <label class="control-label" for="username">Username</label>
+                    <div class="input-group">
+                        <input type="text" class="form-control lowercase" name="username" id="username" placeholder="username" value="{{values.username}}" pattern="^[A-Za-z0-9][A-Za-z\-\.0-9]*[A-Za-z0-9]$" required title="Valid email address user">
+                        <span class="input-group-addon">@{{serviceDomain}}</span>
+                    </div>
+                    {{#if errors.username}}
+                        <span class="help-block">{{errors.username}}{{#if errors.username_action}} –  <a href="{{errors.username_action.target}}">{{errors.username_action.title}}</a>{{/if}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                    <label for="password">Password</label>
+                    <input type="password" class="form-control" name="password" id="password" placeholder="v3rys3cret" required>
+                    {{#if errors.password}}
+                        <span class="help-block">{{errors.password}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group">
+                    <div class="checkbox">
+                        <label>
+                            <input type="checkbox" name="remember"> Remember me
+                        </label>
+                    </div>
+                </div>
+
+            </fieldset>
+
+            <div class="form-group">
+                <button type="submit" class="btn btn-success">Log in</button>
+            </div>
+
+        </form>
+
+    </div>
+</div>
+
diff --git a/production/haraka-wildduck/webmail/views/account/login.hbs.orig b/production/haraka-wildduck/webmail/views/account/login.hbs.orig
new file mode 100644
index 0000000..6553630
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/login.hbs.orig
@@ -0,0 +1,68 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Log in</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <form method="post" action="/account/login">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" name="_2faToken" id="_2faToken" value="">
+
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account information</h3>
+                </div>
+                <div class="panel-body">
+
+                    <div class="row">
+                        <div class="col-md-6">
+
+                            <div class="form-group{{#if errors.username}} has-error{{/if}}">
+                                <label class="control-label" for="username">Username</label>
+                                <input type="text" class="form-control lowercase" name="username" id="username" placeholder="username" value="{{values.username}}" required>
+                                {{#if errors.username}}
+                                    <span class="help-block">{{errors.username}}{{#if errors.username_action}} –  <a href="{{errors.username_action.target}}">{{errors.username_action.title}}</a>{{/if}}</span>
+                                {{/if}}
+                            </div>
+
+                            <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                                <label for="password">Your password</label>
+                                <input type="password" class="form-control" name="password" id="password" placeholder="v3rys3cret" required>
+                                {{#if errors.password}}
+                                    <span class="help-block">{{errors.password}}</span>
+                                {{/if}}
+                            </div>
+                        </div>
+                    </div>
+
+                    <div class="form-group">
+                        <div class="checkbox">
+                            <label>
+                                <input type="checkbox" name="remember"> Remember me
+                            </label>
+                        </div>
+                    </div>
+
+
+                    <div class="form-group">
+                        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-log-in" aria-hidden="true"></span> Log in</button>
+                    </div>
+                </div>
+                
+            </div>
+        </form>
+
+    </div>
+</div>
+
+<script src="/login-key-handler.js"></script>
+<script>
+loginKeyHandler.setup(
+    document.getElementById('username'),
+    document.getElementById('_2faToken'),
+    '2fa'
+);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/profile.hbs b/production/haraka-wildduck/webmail/views/account/profile.hbs
new file mode 100644
index 0000000..6523035
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/profile.hbs
@@ -0,0 +1,98 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> accountmenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+
+                <form method="post" action="/account/profile">
+                    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+                    <fieldset>
+                        <div class="panel panel-default">
+                            <div class="panel-heading">
+                                <h3 class="panel-title">General</h3>
+                            </div>
+                            <div class="panel-body">
+
+                                <div class="form-group">
+                                    <label class="control-label">Username</label>
+                                    <div class="input-group">
+                                        <p class="form-control-static">{{values.username}}</p>
+                                    </div>
+                                </div>
+
+                                <div class="form-group{{#if errors.name}} has-error{{/if}}">
+                                    <label for="name">Your name</label>
+                                    <input type="text" class="form-control" name="name" id="name" placeholder="eg. &quot;Jaan Tamm&quot;" value="{{values.name}}">
+                                    {{#if errors.name}}
+                                        <span class="help-block">{{errors.name}}</span>
+                                    {{/if}}
+                                </div>
+
+                                <div class="form-group{{#if errors.spamLevel}} has-error{{/if}}">
+                                    <label for="name">Spam detection level</label>
+                                    <select class="form-control" name="spamLevel">
+                                        <option value="">
+                                            -- Select --
+                                        </option>
+                                        {{#each spamLevels}}
+                                            <option value="{{value}}" {{#if selected}}selected{{/if}}>
+                                                {{description}}
+                                            </option>
+                                        {{/each}}
+                                    </select>
+
+                                    {{#if errors.spamLevel}}
+                                        <span class="help-block">{{errors.spamLevel}}</span>
+                                    {{/if}}
+                                </div>
+
+                            </div>
+                        </div>
+
+                        <div class="panel panel-default">
+                            <div class="panel-heading">
+                                <h3 class="panel-title">Message forwarding</h3>
+                            </div>
+                            <div class="panel-body">
+
+                                <p>
+                                    Leave the following fields blank if you do not wish to forward all incoming emails
+                                </p>
+
+                                <div class="form-group{{#if errors.targets}} has-error{{/if}}">
+                                    <label for="targets">Forward incoming messages to:</label>
+                                    <input type="text" class="form-control" name="targets" id="targets" placeholder="user@example.com" value="{{values.targets}}">
+                                    {{#if errors.targets}}
+                                        <span class="help-block">{{errors.targets}}</span>
+                                    {{/if}}
+                                    <span class="help-block">Use comma separated list of addresses for multiple recipients</span>
+                                </div>
+                            </div>
+                        </div>
+
+                    </fieldset>
+
+                    <div class="form-group">
+                        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Update</button>
+                    </div>
+
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/security.hbs b/production/haraka-wildduck/webmail/views/account/security.hbs
new file mode 100644
index 0000000..8c6914c
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security.hbs
@@ -0,0 +1,26 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> securitymenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <p>
+                    Future feature
+                </p>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/security/2fa.hbs b/production/haraka-wildduck/webmail/views/account/security/2fa.hbs
new file mode 100644
index 0000000..f3bf0ae
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/2fa.hbs
@@ -0,0 +1,131 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> securitymenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <div class="panel panel-default">
+                    <div class="panel-heading">
+                        <h3 class="panel-title">Two factor authentication</h3>
+                    </div>
+                    <div class="panel-body">
+                        <p>
+                            If two-factor authentication is enabled then you will be required to enter a code from an authenticator app when logging in.
+                            TOTP compatible authenticator app like Google Authenticator is needed to use two-factor authentication.
+                        </p>
+
+                        <p>
+                            <a href='https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1' style="display:inline-block;overflow:hidden;background:url(/images/en_badge_web_generic.png) no-repeat;width:135px;height:40px;background-size:contain;background-position: center;" target="_blank"></a>
+
+                            <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8" style="display:inline-block;overflow:hidden;background:url(//linkmaker.itunes.apple.com/assets/shared/badges/en-us/appstore-lrg.svg) no-repeat;width:135px;height:40px;background-size:contain;" target="_blank"></a>
+                        </p>
+
+                        <p>
+                            External applications can not access IMAP, POP3 ja SMTP using the account password if two-factor authentication is enabled. <a href="/account/security/asps">Application specific passwords</a> must be generated instead for these applications.
+                        </p>
+                    </div>
+
+                    <table class="table table-responsive">
+                        <tr>
+                            <td>
+                                {{#if enabled2fa}}
+                                    Two factor authentication is <span class="label label-success"><span class="glyphicon glyphicon-qrcode" aria-hidden="true"></span> Enabled</span>
+                                {{else}}
+                                    Two factor authentication is <span class="label label-default"><span class="glyphicon glyphicon-qrcode" aria-hidden="true"></span> Disabled</span>
+                                {{/if}}
+                            </td>
+                            <td class="text-right">
+                                {{#if enabled2fa}}
+                                    <button type="button" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-minus-sign" aria-hidden="true"></span> Disable</button>
+                                {{else}}
+                                    <form method="post" id="enable-2fa" action="/account/security/2fa/enable-totp">
+                                        <input type="hidden" name="_csrf" value="{{csrfToken}}">
+                                        <button type="submit" class="btn btn-success btn-xs"><span class="glyphicon glyphicon-plus-sign" aria-hidden="true"></span> Enable</button>
+                                    </form>
+                                {{/if}}
+                            </td>
+                        </tr>
+
+                        {{#if enabled2fa}}
+                        <tr>
+                            <td>
+                                {{#if enabledU2f}}
+                                    U2F security key is <span class="label label-success"><span class="glyphicon glyphicon-flash" aria-hidden="true"></span> Enabled</span>
+                                {{else}}
+                                    U2F security key is <span class="label label-default"><span class="glyphicon glyphicon-flash" aria-hidden="true"></span> Disabled</span>
+                                {{/if}}
+                            </td>
+                            <td class="text-right">
+                                {{#if enabledU2f}}
+                                    <button type="button" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#revokeModal"><span class="glyphicon glyphicon-minus-sign" aria-hidden="true"></span> Disable</button>
+                                {{else}}
+                                    <form method="post" id="enable-u2f" action="/account/security/2fa/enable-u2f">
+                                        <input type="hidden" name="_csrf" value="{{csrfToken}}">
+                                        <button type="submit" class="btn btn-success btn-xs"><span class="glyphicon glyphicon-plus-sign" aria-hidden="true"></span> Enable</button>
+                                    </form>
+                                {{/if}}
+                            </td>
+                        </tr>
+                        {{/if}}
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<!-- Modal -->
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="deleteModalLabel">Disable 2FA</h4>
+      </div>
+      <div class="modal-body">
+        Are you sure you want to disable two factor authentication?
+      </div>
+      <div class="modal-footer">
+        <form method="post" action="/account/security/2fa/disable-totp">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, disable</button>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div class="modal" id="revokeModal" tabindex="-1" role="dialog" aria-labelledby="revokeModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="revokeModalLabel">Revoke key</h4>
+      </div>
+      <div class="modal-body">
+        Are you sure you want to revoke U2F security key?
+      </div>
+      <div class="modal-footer">
+        <form method="post" action="/account/security/2fa/disable-u2f">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, revoke</button>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/security/asp.hbs b/production/haraka-wildduck/webmail/views/account/security/asp.hbs
new file mode 100644
index 0000000..3e184b5
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/asp.hbs
@@ -0,0 +1,35 @@
+<form method="post" id="generate-autoconfig" action="/account/autoconfig">
+    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+    <input type="hidden" name="password" value="{{password}}">
+</form>
+
+<div class="panel panel-default">
+    <div class="panel-heading">
+        <h3 class="panel-title">Application specific password</h3>
+    </div>
+    <div class="panel-body">
+
+        <p>
+            Use the generated password in external application for IMAP, POP3 or SMTP
+        </p>
+
+        <p>
+            <strong>{{description}}</strong>
+        </p>
+
+        <p class="lead bg-info text-center">
+            {{passwordFormatted}}
+        </p>
+
+        <p>
+            For OSX and iOS you can download configuration profile to auto-configure your email application
+        </p>
+
+        <p>
+            <div class="pull-right">
+                <a href="data:application/x-apple-aspen-config;base64,{{mobileconfig}}" download="{{user.username}}.mobileconfig" class="btn btn-info btn-xs"><span class="glyphicon glyphicon-cloud-download" aria-hidden="true"></span> OSX / iOS</a>
+            </div>
+            <a href="/account/security/asps"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Go back</a>
+        </p>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/security/asps.hbs b/production/haraka-wildduck/webmail/views/account/security/asps.hbs
new file mode 100644
index 0000000..6c4f9be
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/asps.hbs
@@ -0,0 +1,151 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> securitymenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <div class="panel panel-default">
+                    <div class="panel-heading">
+                        <h3 class="panel-title">Application specific passwords</h3></div>
+                    <div class="panel-body">
+                        <p>Here are listed passwords generated for specific applications. If the password is leaked then delete it and generate a new one.</p>
+                        <p>
+                            Application Specific Passwords must be used for external applications if two factor authentication is enabled.
+                        </p>
+                    </div>
+                    <table class="table table-responsive">
+                        <thead>
+                            <tr>
+                                <th>
+                                    #
+                                </th>
+                                <th>
+                                    Description
+                                </th>
+                                <th>
+                                    Created
+                                </th>
+                                <th>
+                                    Used
+                                </th>
+                                <th>
+                                    &nbsp;
+                                </th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            {{#if asps}}
+
+                                {{#each asps}}
+                                    <tr>
+                                        <th>
+                                            {{index}}
+                                        </th>
+                                        <td>
+                                            {{description}}
+                                        </td>
+                                        <td class="datestring" title="{{created}}">
+                                            {{created}}
+                                        </td>
+                                        <td>
+                                            {{#if lastUse.time}}
+                                                <a href="/account/security/events?event={{lastUse.event}}"><span class="datestring" title="{{lastUse.time}}">{{lastUse.time}}</span></a>
+                                            {{else}}
+                                                never
+                                            {{/if}}
+                                        </td>
+                                        <td>
+                                            <div class="pull-right">
+                                                <button type="button" data-asp="{{id}}" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
+                                            </div>
+                                        </td>
+                                    </tr>
+                                {{/each}}
+                            {{else}}
+                                <tr>
+                                    <td colspan="4">
+                                        No application specific passwords generated
+                                    </td>
+                                </tr>
+                            {{/if}}
+                        </tbody>
+                    </table>
+                </div>
+
+                <form method="post" action="/account/security/asps/create">
+                    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+                    <fieldset>
+                        <div class="panel panel-default">
+                            <div class="panel-heading">
+                                <h3 class="panel-title">Create new application specific password</h3>
+                            </div>
+                            <div class="panel-body">
+
+                                <div class="form-group{{#if errors.description}} has-error{{/if}}">
+                                    <label for="description">Application description</label>
+                                    <input type="text" class="form-control" name="description" id="description" placeholder="Password for Outlook ..." required>
+                                    {{#if errors.description}}
+                                        <span class="help-block">{{errors.description}}</span>
+                                    {{/if}}
+                                </div>
+
+                                <div class="form-group">
+                                    <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Generate password</button>
+                                </div>
+
+                            </div>
+                        </div>
+                    </fieldset>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
+
+
+<!-- Modal -->
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="deleteModalLabel">Delete password</h4>
+      </div>
+      <div class="modal-body">
+        Are you sure you want to permanently delete Application Specific Password?
+      </div>
+      <div class="modal-footer">
+        <form method="post" action="/account/security/asps/delete">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+            <input type="hidden" id="delete-form-asp" name="id" value="">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, delete</button>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    $('#deleteModal').on('show.bs.modal', function (event) {
+        var button = $(event.relatedTarget); // Button that triggered the modal
+        var asp = button.data('asp'); // Extract info from data-* attributes
+        document.getElementById('delete-form-asp').value = asp;
+    });
+}, false);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/account/security/enable-totp.hbs b/production/haraka-wildduck/webmail/views/account/security/enable-totp.hbs
new file mode 100644
index 0000000..e02f68a
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/enable-totp.hbs
@@ -0,0 +1,34 @@
+<form id="totp-form">
+    <input type="hidden" id="_csrf" value="{{csrfToken}}">
+
+    <div class="panel panel-default">
+        <div class="panel-heading">
+            <h3 class="panel-title"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Two factor authentication</h3>
+        </div>
+        <div class="panel-body">
+
+            <p>
+                Scan the code with an authenticator app and enter resulting security code below to verify
+            </p>
+
+            <p class="lead text-center">
+                <img src="{{imageUrl}}" style="width: 200px;" width="200">
+            </p>
+
+            <div class="form-group" id="totp-token-field">
+                <label for="token">Security code</label>
+                <input type="number" class="form-control" id="token" placeholder="6 digit code" required autofocus>
+                <span class="help-block" id="totp-token-error" style="display: none"></span>
+            </div>
+
+            <div>
+                <div class="pull-right">
+                    <button type="submit" id="totp-btn" class="btn btn-success" data-loading-text="Checking..."><span class="glyphicon glyphicon-ok" aria-hidden="true"></span> Verify</button>
+                </div>
+                <a href="/account/security"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
+            </div>
+        </div>
+    </div>
+</form>
+
+<script src="/enable-totp.js"></script>
diff --git a/production/haraka-wildduck/webmail/views/account/security/enable-u2f.hbs b/production/haraka-wildduck/webmail/views/account/security/enable-u2f.hbs
new file mode 100644
index 0000000..08b4fa8
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/enable-u2f.hbs
@@ -0,0 +1,45 @@
+
+<input type="hidden" id="_csrf" value="{{csrfToken}}">
+<input id="version" type="hidden" id="version" value="{{u2fRegRequest.version}}">
+<input id="appId" type="hidden" id="appId" value="{{u2fRegRequest.appId}}">
+<input id="challenge" type="hidden" id="challenge" value="{{u2fRegRequest.challenge}}">
+
+<div class="panel panel-default">
+    <div class="panel-heading">
+        <h3 class="panel-title"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Two factor authentication</h3>
+    </div>
+    <div class="panel-body">
+
+        <div style="margin:10px 0;">
+
+            <div id="u2f-wait">
+                <img src="/images/u2f-wait.png" />
+            </div>
+
+            <div id="u2f-fail" style="display: none">
+                <img src="/images/u2f-fail.png" />
+            </div>
+
+            <div id="u2f-success" style="display: none">
+                <img src="/images/u2f-success.png" />
+            </div>
+
+        </div>
+
+        <p id="message">
+            Initializing...
+        </p>
+
+        <div>
+            <a href="/account/security"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
+        </div>
+    </div>
+</div>
+
+<script>
+// U2F support must be checked *before* loading /u2f-api.js
+var U2FSUPPORT = typeof u2f === 'object' || typeof chrome === 'object';
+</script>
+
+<script src="/u2f-api.js"></script>
+<script src="/enable-u2f.js"></script>
diff --git a/production/haraka-wildduck/webmail/views/account/security/events.hbs b/production/haraka-wildduck/webmail/views/account/security/events.hbs
new file mode 100644
index 0000000..3ff2971
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/events.hbs
@@ -0,0 +1,115 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> securitymenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <table class="table table-responsive">
+                    <thead>
+                        <tr>
+                            <th>
+                                Environment
+                            </th>
+                            <th>
+                                Action
+                            </th>
+                            <th>
+                                Result
+                            </th>
+                            <th>
+                                IP
+                            </th>
+                            <th>
+                                Session
+                            </th>
+                            <th>
+                                Time
+                            </th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        {{#if results}}
+
+                            {{#each results}}
+                                <tr>
+                                    <td>
+                                        {{protocol}}
+                                    </td>
+                                    <td>
+
+
+                                        {{#if asp}}
+                                            <div class="pull-right">
+                                                <strong>{{asp.name}}</strong>
+                                            </div>
+                                        {{/if}}
+
+                                        {{action}}
+
+                                        ({{events}})
+                                    </td>
+                                    <td>
+                                        {{#if label}}
+                                            <span class="label label-{{label}}">{{result}}</span>
+                                        {{else}}
+                                            {{result}}
+                                        {{/if}}
+                                    </td>
+                                    <td>
+                                        {{ip}}
+                                    </td>
+                                    <td>
+                                        {{#if sess}}
+                                            <em>{{sessStr}}</em>
+                                        {{else}}
+                                            –
+                                        {{/if}}
+                                    </td>
+                                    <td class="datestring-fixed text-right" title="{{created}}">
+                                        {{created}}
+                                    </td>
+                                </tr>
+                            {{/each}}
+                        {{else}}
+                            <tr>
+                                <td colspan="6">
+                                    <em>No events found</em>
+                                </td>
+                            </tr>
+                        {{/if}}
+                    </tbody>
+                </table>
+
+                <nav aria-label="nav">
+                    <ul class="pager">
+                        {{#if previousCursor}}
+                            <li class="previous"><a href="/account/security/events?previous={{previousCursor}}&amp;page={{previousPage}}"><span aria-hidden="true">&larr;</span> Newer</a></li>
+                        {{else}}
+                            <li class="previous disabled"><a href="#"><span aria-hidden="true">&larr;</span> Newer</a></li>
+                        {{/if}}
+
+                        {{#if nextCursor}}
+                            <li class="next"><a href="/account/security/events?next={{nextCursor}}&amp;page={{nextPage}}">Older <span aria-hidden="true">&rarr;</span></a></li>
+                        {{else}}
+                            <li class="next disabled"><a href="#">Older <span aria-hidden="true">&rarr;</span></a></li>
+                        {{/if}}
+                    </ul>
+                </nav>
+
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/security/gpg.hbs b/production/haraka-wildduck/webmail/views/account/security/gpg.hbs
new file mode 100644
index 0000000..5323f73
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/gpg.hbs
@@ -0,0 +1,98 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> securitymenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <form method="post" action="/account/security/gpg">
+                    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+                    <fieldset>
+
+                        <div class="panel panel-default">
+                            <div class="panel-heading">
+                                <h3 class="panel-title">GPG Encryption</h3>
+                            </div>
+                            <div class="panel-body">
+
+                                <p>
+                                    If encryption is enabled then all cleartext messages that are archived to this
+                                    account are encrypted using provided public key. Private key is not known to the
+                                    service so if they key is lost then messages can not be recovered. {{serviceName}}
+                                    is able to display encrypted messages if <a
+                                        href="https://www.mailvelope.com/">Mailvelope browser extension</a> is
+                                    installed, otherwise you would have to download the messages and open these in a
+                                    GPG-compatible email client.
+                                </p>
+
+                                <div class="form-group{{#if errors.encryptMessages}} has-error{{/if}}">
+                                    <label class="radio-inline">
+                                        <input type="radio" name="encryptMessages" id="encryptMessagesNo" value="false"
+                                            {{#unless values.encryptMessages}}checked{{/unless}}> Disable encryption
+                                    </label>
+                                    <label class="radio-inline">
+                                        <input type="radio" name="encryptMessages" id="encryptMessagesYes" value="true"
+                                            {{#if values.encryptMessages}}checked{{/if}}> Enable encryption
+                                    </label>
+                                    {{#if errors.encryptMessages}}
+                                    <span class="help-block">{{errors.encryptMessages}}</span>
+                                    {{/if}}
+                                </div>
+
+                                {{#if fingerprint}}
+                                <div class="form-group">
+                                    <label>Current key:</label>
+                                    <div class="form-control-static">
+                                        <div class="pull-right">
+                                            <label>
+                                                <input type="checkbox" name="removeKey" value="yes" /> Remove current
+                                                key
+                                            </label>
+                                        </div>
+                                        <div>
+                                            <code class="response">{{fingerprint}}</code>
+                                            {{#if keyAddress}}(<em>{{keyAddress}}</em>){{/if}}
+                                        </div>
+                                    </div>
+                                </div>
+                                {{/if}}
+
+                                <div class="form-group{{#if errors.pubKey}} has-error{{/if}}">
+                                    <label for="pubKey">GPG Public Key{{#if fingerprint}} (replaces current key){{/if}}:
+                                    </label>
+                                    <textarea class="form-control" style="font-family: monospace;" rows="6" id="pubKey"
+                                        name="pubKey"
+                                        placeholder="Begins with &#39;-----BEGIN PGP PUBLIC KEY BLOCK-----&#39;">{{pubKey}}</textarea>
+                                    {{#if errors.pubKey}}
+                                    <span class="help-block">{{errors.pubKey}}</span>
+                                    {{/if}}
+                                    <span class="help-block">Leave empty if you do not want to replace the current
+                                        key</span>
+                                </div>
+
+                                <div class="form-group">
+                                    <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-lock"
+                                            aria-hidden="true"></span> Update encryption settings</button>
+                                </div>
+
+                            </div>
+                        </div>
+                    </fieldset>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
\ No newline at end of file
diff --git a/production/haraka-wildduck/webmail/views/account/security/password.hbs b/production/haraka-wildduck/webmail/views/account/security/password.hbs
new file mode 100644
index 0000000..8aa632b
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/security/password.hbs
@@ -0,0 +1,67 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <!-- Nav tabs -->
+        <ul class="nav nav-tabs" role="tablist">
+            {{> securitymenu}}
+        </ul>
+
+        <div class="tab-content">
+            <div role="tabpanel" class="tab-pane active" id="overview">
+
+                <p>&nbsp;</p>
+
+                <form method="post" action="/account/security/password">
+                    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+                    <fieldset>
+
+                        <div class="panel panel-default">
+                            <div class="panel-heading">
+                                <h3 class="panel-title">Change Password</h3>
+                            </div>
+                            <div class="panel-body">
+
+                                <p>
+                                    Change your account password here
+                                </p>
+
+                                <div class="form-group{{#if errors.existingPassword}} has-error{{/if}}">
+                                    <label for="existingPassword">Current password</label>
+                                    <input type="password" class="form-control" name="existingPassword" id="existingPassword" placeholder="eg. &quot;supersecret&quot;" autocomplete="off">
+                                    {{#if errors.existingPassword}}
+                                        <span class="help-block">{{errors.existingPassword}}</span>
+                                    {{/if}}
+                                </div>
+
+                                <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                                    <label for="password">New password</label>
+                                    <input type="password" class="form-control" name="password" id="password" placeholder="eg. &quot;supersecret&quot;" autocomplete="off">
+                                    {{#if errors.password}}
+                                        <span class="help-block">{{errors.password}}</span>
+                                    {{/if}}
+                                </div>
+
+                                <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                                    <label for="password2">Repeat password</label>
+                                    <input type="password" class="form-control" name="password2" id="password2" placeholder="repeat password" autocomplete="off">
+                                </div>
+
+                                <div class="form-group">
+                                    <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Change Password</button>
+                                </div>
+
+                            </div>
+                        </div>
+                    </fieldset>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/account/update-password.hbs b/production/haraka-wildduck/webmail/views/account/update-password.hbs
new file mode 100644
index 0000000..9258a94
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/account/update-password.hbs
@@ -0,0 +1,43 @@
+<div class="panel panel-default">
+    <div class="panel-heading">
+        <h3 class="panel-title"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Change Password</h3>
+    </div>
+    <div class="panel-body">
+
+        <form method="post" action="/account/update-password">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}" />
+
+            <p>
+                Your password needs to be changed. Enter your new account password below
+            </p>
+
+            <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                <label for="password">New password</label>
+                <input type="password" class="form-control" name="password" id="password" placeholder="eg. &quot;supersecret&quot;" autocomplete="off">
+                {{#if errors.password}}
+                    <span class="help-block">{{errors.password}}</span>
+                {{/if}}
+            </div>
+
+            <div class="form-group{{#if errors.password2}} has-error{{/if}}">
+                <label for="password2">Repeat password</label>
+                <input type="password" class="form-control" name="password2" id="password2" placeholder="repeat password" autocomplete="off">
+                {{#if errors.password2}}
+                    <span class="help-block">{{errors.password2}}</span>
+                {{/if}}
+            </div>
+
+            <div>
+                <div class="pull-right">
+                    <button type="submit" id="totp-btn" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Change Password</button>
+                </div>
+                <a href="/account/logout"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
+            </div>
+
+            <div class="clearfix"></div>
+
+        </form>
+
+    </div>
+
+</div>
diff --git a/production/haraka-wildduck/webmail/views/error.hbs b/production/haraka-wildduck/webmail/views/error.hbs
new file mode 100644
index 0000000..9577352
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/error.hbs
@@ -0,0 +1,7 @@
+<h3>{{error.status}} Error</h3>
+
+<p class="lead">{{message}}</p>
+
+{{#if error.stack}}
+    <pre>{{error.stack}}</pre>
+{{/if}}
diff --git a/production/haraka-wildduck/webmail/views/help.hbs b/production/haraka-wildduck/webmail/views/help.hbs
new file mode 100644
index 0000000..a06de21
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/help.hbs
@@ -0,0 +1,160 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Help</h1>
+    </div>
+</div>
+
+<div class="panel panel-default">
+    <div class="panel-heading">
+        <h3 class="panel-title">Account configuration</h3></div>
+    <div class="panel-body">
+        <p>
+            Use the following configuration for your desktop email client.
+        </p>
+    </div>
+    <table class="table table-responsive table-bordered">
+        <thead>
+            <tr>
+                <th>
+                    &nbsp;
+                </th>
+                <th>
+                    IMAP
+                </th>
+                <th>
+                    POP3
+                </th>
+                <th>
+                    SMTP
+                </th>
+            </tr>
+        </thead>
+        <tbody>
+            <tr>
+                <th>
+                    Description
+                </th>
+                <td>
+                    Access all messages and mailboxes
+                </td>
+                <td>
+                    Access INBOX
+                </td>
+                <td>
+                    Send messages
+                </td>
+            </tr>
+            {{#if user}}
+                <tr>
+                    <th>
+                        E-mail address
+                    </th>
+                    <td>
+                        {{user.username}}@{{serviceDomain}}
+                    </td>
+                    <td>
+                        {{user.username}}@{{serviceDomain}}
+                    </td>
+                    <td>
+                        {{user.username}}@{{serviceDomain}}
+                    </td>
+                </tr>
+            {{/if}}
+            <tr>
+                <th>
+                    Server
+                </th>
+                <td>
+                    {{setup.imap.hostname}}
+                </td>
+                <td>
+                    {{setup.pop3.hostname}}
+                </td>
+                <td>
+                    {{setup.smtp.hostname}}
+                </td>
+            </tr>
+            <tr>
+                <th>
+                    Port
+                </th>
+                <td>
+                    {{setup.imap.port}}
+                </td>
+                <td>
+                    {{setup.pop3.port}}
+                </td>
+                <td>
+                    {{setup.smtp.port}}
+                </td>
+            </tr>
+            <tr>
+                <th>
+                    Security
+                </th>
+                <td>
+                    {{#if setup.imap.secure}}
+                        TLS/SSL
+                    {{else}}
+                        STARTTLS
+                    {{/if}}
+                </td>
+                <td>
+                    {{#if setup.pop3.secure}}
+                        TLS/SSL
+                    {{else}}
+                        STARTTLS
+                    {{/if}}
+                </td>
+                <td>
+                    {{#if setup.smtp.secure}}
+                        TLS/SSL
+                    {{else}}
+                        STARTTLS
+                    {{/if}}
+                </td>
+            </tr>
+            <tr>
+                <th>
+                    Username
+                </th>
+                {{#if user}}
+                    <td>
+                        {{user.username}}
+                    </td>
+                    <td>
+                        {{user.username}}
+                    </td>
+                    <td>
+                        {{user.username}}
+                    </td>
+
+                {{else}}
+                    <td>
+                        Your username
+                    </td>
+                    <td>
+                        Your username
+                    </td>
+                    <td>
+                        Your username
+                    </td>
+                {{/if}}
+            </tr>
+            <tr>
+                <th>
+                    Password
+                </th>
+                <td>
+                    ********
+                </td>
+                <td>
+                    ********
+                </td>
+                <td>
+                    ********
+                </td>
+            </tr>
+        </tbody>
+    </table>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/index.hbs b/production/haraka-wildduck/webmail/views/index.hbs
new file mode 100644
index 0000000..98863ea
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/index.hbs
@@ -0,0 +1,3 @@
+<script>
+  window.location.href = "https://webmail.hatthieves.es/account/login";
+</script>
diff --git a/production/haraka-wildduck/webmail/views/index.hbs.new b/production/haraka-wildduck/webmail/views/index.hbs.new
new file mode 100644
index 0000000..f882265
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/index.hbs.new
@@ -0,0 +1,61 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Lo
+g in <small>(Autoconfig with <a href="https://www.mozilla.org/thunderbird/" targ
+et="_blank">thunderbird</a>)</small></h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-6">
+
+        <form method="post" action="/account/login">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+            <fieldset>
+
+                <div class="form-group{{#if errors.username}} has-error{{/if}}">
+                    <label class="control-label" for="username">Username</label>
+                    <div class="input-group">
+                        <input type="text" class="form-control lowercase" name="
+username" id="username" placeholder="username" value="{{values.username}}" patte
+rn="^[A-Za-z0-9][A-Za-z\-\.0-9]*[A-Za-z0-9]$" required title="Valid email addres
+s user">
+                        <span class="input-group-addon">@{{serviceDomain}}</span
+>
+                    </div>
+                    {{#if errors.username}}
+                        <span class="help-block">{{errors.username}}{{#if errors
+.username_action}} –  <a href="{{errors.username_action.target}}">{{errors.usern
+ame_action.title}}</a>{{/if}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.password}} has-error{{/if}}">
+                    <label for="password">Password</label>
+                    <input type="password" class="form-control" name="password" 
+id="password" placeholder="v3rys3cret" required>
+                    {{#if errors.password}}
+                        <span class="help-block">{{errors.password}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group">
+                    <div class="checkbox">
+                        <label>
+                            <input type="checkbox" name="remember"> Remember me
+                        </label>
+                    </div>
+                </div>
+
+            </fieldset>
+
+            <div class="form-group">
+                <button type="submit" class="btn btn-success">Log in</button>
+            </div>
+
+        </form>
+
+    </div>
+</div>
+
diff --git a/production/haraka-wildduck/webmail/views/index.hbs.orig b/production/haraka-wildduck/webmail/views/index.hbs.orig
new file mode 100644
index 0000000..0f0d7f6
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/index.hbs.orig
@@ -0,0 +1,206 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> {{serviceName}}</h1>
+    </div>
+</div>
+
+<div class="row">
+    <div class="col-md-12">
+
+        <h3>
+          What is this?
+        </h3>
+
+        <p>
+            <a href="https://github.com/nodemailer/wildduck">WildDuck</a> is an open source email server software and this webpage runs on the default webmail software for WildDuck.
+        </p>
+
+        <p>
+            <a class="btn btn-primary btn-md" href="https://github.com/nodemailer/wildduck" role="button"><span class="glyphicon glyphicon-cloud-download" aria-hidden="true"></span> Source for the mail server</a>
+
+            <a class="btn btn-primary btn-md" href="https://github.com/nodemailer/wildduck-webmail" role="button"><span class="glyphicon glyphicon-cloud-download" aria-hidden="true"></span> Source for the Webmail</a>
+
+            <a class="btn btn-success btn-md" href="/account/create" role="button"><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Create demo account</a>
+        </p>
+
+        <p>
+            To test it out create a new account <strong><a href="/account/create">here</a></strong>. This would give you an actual working email address. Next you could try turning on two factor authentication or logging into IMAP with an application specific password.
+        </p>
+
+        <p>
+            This entire webservice is just a front-end to <a href="https://api.wildduck.email/">WildDuck API</a>. The web application does not make any database connections, everything is handled by using REST API calls against the API.
+        </p>
+
+        <h3>
+          Screenshots
+        </h3>
+
+        <div class="row">
+            <div class="col-md-8">
+
+                <div id="carousel-example-generic" class="carousel slide" data-ride="carousel">
+                  <!-- Indicators -->
+                  <ol class="carousel-indicators">
+                    <li data-target="#carousel-example-generic" data-slide-to="0" class="active"></li>
+                    <li data-target="#carousel-example-generic" data-slide-to="1"></li>
+                    <li data-target="#carousel-example-generic" data-slide-to="2"></li>
+                    <li data-target="#carousel-example-generic" data-slide-to="3"></li>
+                    <li data-target="#carousel-example-generic" data-slide-to="4"></li>
+                  </ol>
+
+                  <!-- Wrapper for slides -->
+                  <div class="carousel-inner" role="listbox">
+
+                    <div class="item active">
+                      <img src="/demo/img01.png" alt="...">
+                    </div>
+
+                    <div class="item">
+                      <img src="/demo/img02.png" alt="...">
+                    </div>
+
+                    <div class="item">
+                      <img src="/demo/img03.png" alt="...">
+                    </div>
+
+                    <div class="item">
+                      <img src="/demo/img04.png" alt="...">
+                    </div>
+
+                    <div class="item">
+                      <img src="/demo/img05.png" alt="...">
+                    </div>
+
+                  </div>
+
+                  <!-- Controls -->
+                  <a class="left carousel-control" href="#carousel-example-generic" role="button" data-slide="prev">
+                    <span class="glyphicon glyphicon-chevron-left" aria-hidden="true"></span>
+                    <span class="sr-only">Previous</span>
+                  </a>
+                  <a class="right carousel-control" href="#carousel-example-generic" role="button" data-slide="next">
+                    <span class="glyphicon glyphicon-chevron-right" aria-hidden="true"></span>
+                    <span class="sr-only">Next</span>
+                  </a>
+                </div>
+
+            </div>
+            <div class="col-md-2"></div>
+        </div>
+
+
+        <h3 id="mobileconfig">1. OSX Profile demo</h3>
+        <p>
+            The following video demonstrates:
+        </p>
+        <ul>
+            <li>
+                Creating a new account and logging in
+            </li>
+            <li>
+                Generating a new Application Specific Password
+            </li>
+            <li>
+                Exporting the password as OSX Mobileconfig file to set up OSX/iOS mail applications
+            </li>
+            <li>
+                <a href="https://github.com/nodemailer/wildduck/tree/master/emails">Inserting messages</a> to the INBOX of new users
+            </li>
+        </ul>
+
+        <p>
+            <iframe width="560" height="315" src="https://www.youtube.com/embed/Pld5m9UJ8SE" frameborder="0" allowfullscreen></iframe>
+        </p>
+
+        <h3 id="pgp">2. PGP encryption demo</h3>
+        <p>
+            The following video demonstrates:
+        </p>
+        <ul>
+            <li>
+                Sending and receiving a cleartext message
+            </li>
+            <li>
+                Setting up PGP encryption for cleartext messages
+            </li>
+            <li>
+                Receiving a cleartext message that the server encrypts before storing it to the mail store
+            </li>
+        </ul>
+
+        <pd>
+            <iframe width="560" height="315" src="https://www.youtube.com/embed/nJ4KdXJRi1w" frameborder="0" allowfullscreen></iframe>
+        </p>
+
+        <h3 id="onion">3. Sending to the onion network</h3>
+        <p>
+            The following video demonstrates:
+        </p>
+        <ul>
+            <li>
+                Composing a normal email message and addressing it to an onion email address
+            </li>
+            <li>
+                Sending the message
+            </li>
+            <li>
+                Receiving the message sent from WildDuck Mail Server to an onion email service
+            </li>
+        </ul>
+
+        <p>
+            <iframe width="560" height="315" src="https://www.youtube.com/embed/p2eiyHAPwkQ" frameborder="0" allowfullscreen></iframe>
+        </p>
+
+        <h3>Features</h3>
+        <ul>
+            <li>
+                Generated email address is a real address and can be used with any mail client. IMAP is handled by WildDuck, MX messages are received by Haraka and outgoing messages are delivered by ZoneMTA.
+            </li>
+            <li>
+                All data is stored in a sharded MongoDB database. If there is not enough space then adding a new shard should fix that
+            </li>
+            <li>
+                Mail daemon processes avoid touching the filesystem (WildDuck and ZoneMTA do not touch file system after startup, Haraka writes and reads messages from a queue and spool folder) and do not execute any shell commands. Daemon processes run as unprivileged
+                users. All compiled node dependencies are optional and can be removed to avoid potential buffer overflows and such.
+            </li>
+            <li>
+                Messages sent through SMTP are automatically copied to the <em>Sent Mail</em> folder. This mostly affects POP3 users as IMAP clients usually upload the message by themselves
+            </li>
+            <li>
+                When sending, non-authorized From: address in the message header is replaced. <em>"From: User Name &lt;otheruser@domain&gt;"</em> becomes <em>"From: User Name &lt;username@example.com&gt;"</em>
+            </li>
+            <li>
+                Dots in usernames and addresses are ignored. <em>user.name@example.com</em> is the same as <em>username@example.com</em>
+            </li>
+            <li>
+                Labels in incoming email addresses are ignored. <em>user+label@example.com</em> is the same as <em>user@example.com</em>
+            </li>
+            <li>
+                Moving messages to and out of the Junk Mail folder raises a junk status change event for that message. This is currently not used though
+            </li>
+            <li>
+                Enabling TOTP based 2FA disables account password for IMAP, POP3 and SMTP
+            </li>
+            <li>
+                Application Specific Password comes with automatically generated mobileconfig file for iOS/OSX mail applications
+            </li>
+            <li>
+                Incoming messages are checked against user defined filters. Matching messages can be marked as seen or flagged. Messages can be moved to specific mailbox folder. Messages tagged as spam are moved to Junk Mail folder.
+            </li>
+            <li>
+                Messages can be forwarded to another email address or uploaded to an URL account wide (all incoming messages are forwarded) or filter based (only messages matching specific filter are forwarded)
+            </li>
+            <li>
+                All authentication related events are logged and shown in the account security page. This behavior will change in the future as mail clients generate a lot of noise (re-authenticating after short period of time). Such logins should be joined somehow into
+                single events.
+            </li>
+            <li>
+                This web service also makes use of the built-in GPG encryption feature of WildDuck where all cleartext messages are encrypted with user's public key before stored to disk. The encryption step is applied after filtering step so you could still filter messages by body text.
+            </li>
+            <li>
+                All new users get <a href="https://github.com/nodemailer/wildduck/tree/master/emails">default emails generated</a> and injected to INBOX as flagged messages.
+            </li>
+        </ul>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/layout-new.hbs b/production/haraka-wildduck/webmail/views/layout-new.hbs
new file mode 100644
index 0000000..df1576e
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/layout-new.hbs
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    {{>header}}
+</head>
+
+<body>
+
+    {{>navbar}}
+    <div class="flash-messages">
+        {{flash_messages}}
+    </div>
+
+    <div class="container">
+
+        {{{body}}}
+
+        <iframe src="https://metrics.hatthieves.es/d-solo/CzwakCdZz/zonemta?panelId=2" width="100%" height="300" frameborder="0"></iframe>
+        <iframe src="https://metrics.hatthieves.es/d-solo/koHJWeFZk/nodejs?panelId=2" width="100%" height="300" frameborder="0"></iframe>
+
+    </div>
+
+    <footer class="footer">
+        <div class="container">
+            <p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
+        </div>
+    </footer>
+
+    {{> scripts}}
+</body>
+
+</html>
diff --git a/production/haraka-wildduck/webmail/views/layout-popup.hbs b/production/haraka-wildduck/webmail/views/layout-popup.hbs
new file mode 100644
index 0000000..2028807
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/layout-popup.hbs
@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+
+    <meta name="description" content="{{serviceName}} web client">
+    <meta name="author" content="Andris Reinman">
+
+    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+    <link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png">
+    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+
+    <title>{{serviceName}}
+        {{#if title}} | {{title}}{{/if}}
+    </title>
+
+    <!--<link rel="stylesheet" href="/bootstrap-3.3.7/css/bootstrap.min.css">-->
+    <link rel="stylesheet" href="/bootstrap-3.3.7/css/lumen.css">
+    <link href="/css/wildduck.css" rel="stylesheet">
+    <link href="/css/popup.css" rel="stylesheet">
+</head>
+
+<body>
+
+    <div class="flash-messages">
+        {{flash_messages}}
+    </div>
+
+    <div class="container">
+
+        <div class="form-popup">
+            {{{body}}}
+        </div>
+
+    </div>
+    <!-- /container -->
+
+    <footer class="footer">
+        <div class="container">
+            <p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
+        </div>
+    </footer>
+
+    {{> scripts}}
+</body>
+
+</html>
diff --git a/production/haraka-wildduck/webmail/views/layout-webmail.hbs b/production/haraka-wildduck/webmail/views/layout-webmail.hbs
new file mode 100644
index 0000000..ab47edf
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/layout-webmail.hbs
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    {{>header}}
+</head>
+
+<body>
+
+    {{>navbar}}
+
+    <div class="flash-messages">
+        {{flash_messages}}
+    </div>
+
+    <div class="webmail-container">
+        <div class="sidebar-container">
+            <div class="sidebar">
+                <div class="sidebar-logo">
+                    <a href="/webmail">
+                        <img src="/logo.png">
+                    </a>
+                </div>
+
+                <div style="margin: 10px 0 10px 0;" class="text-center">
+                    <a href="/webmail/send" style="width: 100%" class="btn btn-default"><span class="glyphicon glyphicon-edit" aria-hidden="true"></span> Compose message</a>
+                </div>
+
+                <ul class="nav nav-sidebar">
+                    {{#each mailboxes}}
+                        <li id="mailbox-list-{{id}}" {{#if selected}} class="active" {{/if}}>
+                            <a href="/webmail/{{id}}">
+                                <span class="badge pull-right unseen-counter-{{id}}" {{#if unseen}}style="display: block;"{{else}}style="display: none;"{{/if}}>{{unseen}}</span>
+                                {{{prefix}}}
+                                    {{#if icon}}
+                                        <span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
+                                    {{else}}
+                                        <span class="glyphicon glyphicon-triangle-right" aria-hidden="true"></span>
+                                    {{/if}}
+                                    <span>{{formatted}}</span> {{{suffix}}}
+                            </a>
+                        </li>
+                    {{/each}}
+                    <li style="margin-top: 20px;">
+                        <a href="/webmail/create" class="text-muted"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> Create folder</a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+
+        <div class="webmail-main">
+            {{{body}}}
+
+        </div>
+    </div>
+
+    <footer class="footer">
+        <div class="container">
+            <p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
+        </div>
+    </footer>
+
+    {{> scripts}}
+
+</body>
+
+</html>
diff --git a/production/haraka-wildduck/webmail/views/layout.hbs b/production/haraka-wildduck/webmail/views/layout.hbs
new file mode 100644
index 0000000..9c47371
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/layout.hbs
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    {{>header}}
+</head>
+
+<body>
+
+    {{>navbar}}
+    <div class="flash-messages">
+        {{flash_messages}}
+    </div>
+
+    <div class="container">
+
+        {{{body}}}
+
+    </div>
+
+    <footer class="footer">
+        <div class="container">
+            <p class="text-muted">&copy; 2019 <a href="/">{{serviceName}}</a>. <a href="mailto:info@{{serviceDomain}}">info@{{serviceDomain}}</a>. </p>
+        </div>
+    </footer>
+
+    {{> scripts}}
+</body>
+
+</html>
diff --git a/production/haraka-wildduck/webmail/views/partials/accountmenu.hbs b/production/haraka-wildduck/webmail/views/partials/accountmenu.hbs
new file mode 100644
index 0000000..3485173
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/accountmenu.hbs
@@ -0,0 +1,3 @@
+<li role="presentation" class="{{#if accMenuOverview}}active{{/if}}"><a href="/account/">Overview</a></li>
+<li role="presentation" class="{{#if accMenuProfile}}active{{/if}}"><a href="/account/profile">Profile</a></li>
+<li role="presentation" class="{{#if accMenuIdentities}}active{{/if}}"><a href="/account/identities">Identities</a></li>
diff --git a/production/haraka-wildduck/webmail/views/partials/filter.hbs b/production/haraka-wildduck/webmail/views/partials/filter.hbs
new file mode 100644
index 0000000..1a3035d
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/filter.hbs
@@ -0,0 +1,150 @@
+<div class="row">
+    <div class="col-md-6">
+
+        <div class="panel panel-default">
+            <div class="panel-heading">Search messages by:</div>
+            <div class="panel-body">
+
+                <div class="form-group{{#if errors.query_from}} has-error{{/if}}">
+                    <label for="query_from">From</label>
+                    <input type="text" class="form-control input-sm" name="query_from" id="query_from" value="{{values.query_from}}">
+                    {{#if errors.query_from}}
+                        <span class="help-block">{{errors.query_from}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.query_to}} has-error{{/if}}">
+                    <label for="query_to">To</label>
+                    <input type="text" class="form-control input-sm" name="query_to" id="query_to" value="{{values.query_to}}">
+                    {{#if errors.query_to}}
+                        <span class="help-block">{{errors.query_to}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.query_subject}} has-error{{/if}}">
+                    <label for="query_subject">Subject</label>
+                    <input type="text" class="form-control input-sm" name="query_subject" id="query_subject" value="{{values.query_subject}}">
+                    {{#if errors.query_subject}}
+                        <span class="help-block">{{errors.query_subject}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.query_text}} has-error{{/if}}">
+                    <label for="query_text">Includes the following text</label>
+                    <input type="text" class="form-control input-sm" name="query_text" id="query_text" value="{{values.query_text}}">
+                    {{#if errors.query_text}}
+                        <span class="help-block">{{errors.query_text}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.query_listId}} has-error{{/if}}">
+                    <label for="query_listId">List-ID</label>
+                    <input type="text" class="form-control input-sm" name="query_listId" id="query_listId" value="{{values.query_listId}}">
+                    {{#if errors.query_listId}}
+                        <span class="help-block">{{errors.query_listId}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.query_ha}} has-error{{/if}}">
+                    <label>Attachments</label>
+                    <div>
+                        <label class="checkbox-inline">
+                        <input type="checkbox" name="query_haYes" id="query_haYes" value="true" {{#if values.query_haYes}}checked{{/if}}> Has attachments
+                    </label>
+                        <label class="checkbox-inline">
+                      <input type="checkbox" name="query_haNo" id="query_haNo" value="true" {{#if values.query_haNo}}checked{{/if}}> Doesn't have attachments
+                    </label>
+                    </div>
+                    {{#if errors.query_ha}}
+                        <span class="help-block">{{errors.query_ha}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.query_size}} has-error{{/if}}">
+                    <label for="query_sizeValue">Size</label>
+                    <div class="form-inline">
+                        <div class="form-group">
+                            <span>Message size is</span>
+                            <select class="form-control input-sm" id="query_sizeType" name="query_sizeType">
+                            <option value="1" {{#if values.query_sizeTypeGt}}selected{{/if}}>greater than</option>
+                            <option value="-1" {{#if values.query_sizeTypeLt}}selected{{/if}}>smaller than</option>
+                        </select>
+                        </div>
+                        <div class="form-group">
+                            <input type="number" class="form-control input-sm" id="query_sizeValue" name="query_sizeValue" value="{{values.query_sizeValue}}">
+                        </div>
+                        <div class="form-group">
+                            <select class="form-control input-sm" id="query_sizeUnit" name="query_sizeUnit">
+                            <option value="MB" {{#if values.query_sizeUnitMB}}selected{{/if}}>MB</option>
+                            <option value="kB" {{#if values.query_sizeUnitKB}}selected{{/if}}>kB</option>
+                            <option value="B" {{#if values.query_sizeUnitB}}selected{{/if}}>baiti</option>
+                        </select>
+                        </div>
+                    </div>
+                    {{#if errors.query_size}}
+                        <span class="help-block">{{errors.query_size}}</span>
+                    {{/if}}
+                </div>
+
+            </div>
+        </div>
+    </div>
+    <div class="col-md-6">
+        <div class="panel panel-default">
+            <div class="panel-heading">When a message arrives that matches this search:</div>
+            <div class="panel-body">
+                <div class="checkbox">
+                    <label>
+                      <input type="checkbox" name="action_seenYes" id="action_seenYes" value="true" {{#if values.action_seenYes}}checked{{/if}}> Mark as seen
+                    </label>
+                </div>
+
+                <div class="checkbox">
+                    <label>
+                      <input type="checkbox" name="action_flagYes" id="action_flagYes" value="true" {{#if values.action_flagYes}}checked{{/if}}> Flag it
+                    </label>
+                </div>
+
+                <div class="form-group{{#if errors.action_mailbox}} has-error{{/if}}">
+                    <label for="action_mailbox">Move to mailbox:</label>
+                    <select class="form-control input-sm" id="action_mailbox" name="action_mailbox">
+                        <option value=""></option>
+                        {{#each mailboxes}}
+                            <option value="{{id}}" {{#if selected}}selected{{/if}}>{{path}}</option>
+                        {{/each}}
+                    </select>
+                    {{#if errors.action_mailbox}}
+                        <span class="help-block">{{errors.action_mailbox}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.action_targets}} has-error{{/if}}">
+                    <label for="action_targets">Forward it to address:</label>
+                    <input type="text" class="form-control input-sm" name="action_targets" id="action_targets" value="{{values.action_targets}}" placeholder="user@example.com">
+                    <span class="help-block">Somma separated list of email addresses or URLs</span>
+                    {{#if errors.action_targets}}
+                        <span class="help-block">{{errors.action_targets}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" name="action_spamYes" id="action_spamYes" value="true" {{#if values.action_spamYes}}checked{{/if}}> Mark as spam
+                    </label>
+                </div>
+
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" name="action_spamNo" id="action_spamNo" value="true" {{#if values.action_spamNo}}checked{{/if}}> Don't mark as spam
+                    </label>
+                </div>
+
+                <div class="checkbox">
+                    <label>
+                        <input type="checkbox" name="action_deleteYes" id="action_deleteYes" value="true" {{#if values.action_deleteYes}}checked{{/if}}> Delete it
+                    </label>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/partials/header.hbs b/production/haraka-wildduck/webmail/views/partials/header.hbs
new file mode 100644
index 0000000..a7705e4
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/header.hbs
@@ -0,0 +1,18 @@
+<meta charset="utf-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+
+<meta name="description" content="{{serviceName}} web client">
+<meta name="author" content="Andris Reinman">
+
+<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
+<link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png">
+<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
+
+<title>{{serviceName}}
+    {{#if title}} | {{title}}{{/if}}
+</title>
+
+<!--<link rel="stylesheet" href="/bootstrap-3.3.7/css/bootstrap.min.css">-->
+<link rel="stylesheet" href="/bootstrap-3.3.7/css/lumen.css">
+<link rel="stylesheet" href="/css/wildduck.css">
diff --git a/production/haraka-wildduck/webmail/views/partials/identity.hbs b/production/haraka-wildduck/webmail/views/partials/identity.hbs
new file mode 100644
index 0000000..9bade86
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/identity.hbs
@@ -0,0 +1,68 @@
+<div class="form-group{{#if errors.name}} has-error{{/if}}">
+    <label for="name">Name</label>
+    <input type="text" class="form-control" name="name" id="name" placeholder="eg &quot;John Smith&quot; or &quot;Accounting Department&quot;" value="{{#if values.name}}{{values.name}}{{/if}}" >
+    {{#if errors.name}}
+        <span class="help-block">{{errors.name}}</span>
+    {{else}}
+        <span class="help-block">This name is used as the sender name when using this identity. Keep blank to default to your account name</span>
+    {{/if}}
+</div>
+
+<div class="form-group{{#if errors.address}} has-error{{/if}}">
+    <label for="name">Alias address</label>
+    <div class="input-group">
+        <input type="text" class="form-control" name="address" id="address" placeholder="eg. &quot;username&quot; or &quot;user.name&quot; or &quot;андрис&quot;" value="{{values.address}}" required>
+        <span class="input-group-btn">
+            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                @<span class="selected-domain" style="text-transform: lowercase;">{{values.domain}}</span><span class="caret"></span>
+              </button>
+              <ul class="dropdown-menu dropdown-menu-right">
+                  {{#each domains}}
+                    <li><a href="#" class="change-domain-link" data-domain="{{this}}">{{this}}</a></li>
+                  {{/each}}
+              </ul>
+         </span>
+    </div>
+
+    {{#if errors.address}}
+        <span class="help-block">{{errors.address}}</span>
+    {{else}}
+        <span class="help-block">Unicode characters are allowed in alias addresses.<span>
+    {{/if}}
+</div>
+
+{{#unless isMain}}
+    <div class="form-group">
+        <div class="checkbox">
+            <label>
+                <input type="checkbox" name="main" {{#if values.main}}checked{{/if}}> Set as default
+            </label>
+        </div>
+    </div>
+{{/unless}}
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+
+    var domainElement = document.getElementById('domain');
+
+    var updateDomain = function(e,elm){
+        e.preventDefault();
+        var domain = elm.dataset.domain;
+        if(domain){
+            domainElement.value = domain;
+            document.querySelector('.selected-domain').textContent = domain;
+        }
+    };
+
+    var setupDomainButton = function(elm){
+        elm.addEventListener('click', function(e){updateDomain(e,elm)}, false);
+        elm.addEventListener('touch', function(e){updateDomain(e,elm)}, false);
+    }
+
+    var domainLinks = document.querySelectorAll('.change-domain-link');
+    for(var i=0, len = domainLinks.length; i<len; i++){
+        setupDomainButton(domainLinks[i]);
+    }
+}, false);
+</script>
diff --git a/production/haraka-wildduck/webmail/views/partials/mailbox.hbs b/production/haraka-wildduck/webmail/views/partials/mailbox.hbs
new file mode 100644
index 0000000..cac454f
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/mailbox.hbs
@@ -0,0 +1,44 @@
+<fieldset>
+    <div class="panel panel-default">
+        <div class="panel-heading">
+            <h3 class="panel-title">Mailbox settings</h3>
+        </div>
+        <div class="panel-body">
+
+            {{#if isInbox}}
+
+                <div class="form-group">
+                    <label for="name">Mailbox name</label>
+                    <input type="text" class="form-control" name="name" id="name" placeholder="eg. &quot;Important Stuff&quot;" value="{{values.name}}" disabled>
+                    <span class="help-block">INBOX folder can not be modified</span>
+                </div>
+
+            {{else}}
+
+                <div class="form-group{{#if errors.parent}} has-error{{/if}}">
+                    <label for="parent">Mailbox Parent</label>
+                    <select class="form-control" name="parent" id="parent">
+                        <option value="">[No parent]</option>
+                        {{#each parents}}
+                            <option value="{{path}}" {{#if isParent}} selected {{/if}} >
+                                {{name}}
+                            </option>
+                        {{/each}}
+                    </select>
+
+                    {{#if errors.parent}}
+                        <span class="help-block">{{errors.parent}}</span>
+                    {{/if}}
+                </div>
+
+                <div class="form-group{{#if errors.name}} has-error{{/if}}">
+                    <label for="name">Mailbox name</label>
+                    <input type="text" class="form-control" name="name" id="name" placeholder="eg. &quot;Important Stuff&quot;" value="{{values.name}}" required>
+                    {{#if errors.name}}
+                        <span class="help-block">{{errors.name}}</span>
+                    {{/if}}
+                </div>
+            {{/if}}
+        </div>
+    </div>
+</fieldset>
diff --git a/production/haraka-wildduck/webmail/views/partials/messagerow.hbs b/production/haraka-wildduck/webmail/views/partials/messagerow.hbs
new file mode 100644
index 0000000..d9a7df9
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/messagerow.hbs
@@ -0,0 +1,51 @@
+<tr id="msg_{{id}}" class="messagerow messagerow-{{mailbox}}-{{id}} {{#if seen}}message-seen{{else}}message-unseen{{/if}}">
+    <td class="messagerow-spacer"></td>
+
+    <td class="messagerow-checkbox">
+        <input type="checkbox" data-mailbox="{{mailbox}}" data-message="{{id}}" class="message-checkbox"/>
+    </td>
+
+    <td class="messagerow-star">
+        <a href="#" class="message-star {{#if flagged}}flagged{{else}}unflagged{{/if}}" data-mailbox="{{mailbox}}" data-message="{{id}}"><span class="glyphicon glyphicon-{{#if flagged}}star{{else}}star-empty{{/if}}" aria-hidden="true"></span></a>
+    </td>
+
+    <td class="messagerow-from">
+        <a href="/webmail/{{mailbox}}/message/{{id}}" class="messagerow-link">
+            {{{fromHtml}}}
+        </a>
+    </td>
+
+    <td class="messagerow-subject">
+        <a href="/webmail/{{mailbox}}/message/{{id}}" class="messagerow-link">
+            <span class="messagerow-subject-content">
+                {{#if mailboxName}}
+                    <span class="label label-default">{{mailboxName}}</span>
+                {{/if}}
+
+                {{subject}}{{#if intro}} <span class="text-muted" style="font-weight: normal;">– {{intro}}</span>{{/if}}
+            </span>
+        </a>
+    </td>
+
+    <td class="messagerow-info">
+        <a href="/webmail/{{mailbox}}/message/{{id}}" class="messagerow-link">
+            {{#if encrypted}}
+                <span class="glyphicon glyphicon-lock" aria-hidden="true"></span>
+            {{else}}
+                {{#if attachments}}
+                    <span class="glyphicon glyphicon-paperclip" aria-hidden="true"></span>
+                {{/if}}
+            {{/if}}
+        </a>
+    </td>
+
+    <td class="messagerow-date">
+        <a href="/webmail/{{mailbox}}/message/{{id}}" class="messagerow-link">
+            <span class="datestring-fixed" title="{{date}}">
+                {{date}}
+            </span>
+        </a>
+    </td>
+
+    <td class="messagerow-spacer"></td>
+</tr>
diff --git a/production/haraka-wildduck/webmail/views/partials/navbar.hbs b/production/haraka-wildduck/webmail/views/partials/navbar.hbs
new file mode 100644
index 0000000..6e28cf0
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/navbar.hbs
@@ -0,0 +1,85 @@
+<nav class="navbar navbar-default navbar-static-top">
+    <div class="container">
+        <div class="navbar-header">
+            <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a class="navbar-brand" href="{{#if user}}/webmail{{else}}/{{/if}}">
+              <img alt="{{serviceName}}" src="/favicon-32x32.png" width="20" height="20">
+            </a>
+        </div>
+
+        <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+            <ul class="nav navbar-nav navbar-right">
+
+                {{#if user}}
+                    <li {{#if activeWebmail}} class="active" {{/if}}>
+                        <a href="/webmail/">
+                            <span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> Webmail
+                            <span class="badge pull-right unseen-counter-{{inboxId}}" {{#if inboxUnseen}}style="display: block;"{{else}}style="display: none;"{{/if}}>{{inboxUnseen}}</span>
+                        </a>
+                    </li>
+                    <li {{#if activeFilters}} class="active" {{/if}}>
+                        <a href="/account/filters">
+                            <span class="glyphicon glyphicon-filter" aria-hidden="true"></span> Filters
+                        </a>
+                    </li>
+                    <li {{#if activeAutoreply}} class="active" {{/if}}>
+                        <a href="/account/autoreply">
+                            <span class="glyphicon glyphicon-calendar" aria-hidden="true"></span> Autoreply
+                        </a>
+                    </li>
+                    <li {{#if activeHelp}} class="active" {{/if}}>
+                        <a href="/help">
+                            <span class="glyphicon glyphicon glyphicon-question-sign" aria-hidden="true"></span> Help
+                        </a>
+                    </li>
+                    <li class="dropdown">
+                      <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
+                          <img src="{{user.gravatar}}" class="profile-image img-circle" width="20" height="20">
+
+                            {{#if user.name}}
+                                {{user.name}}
+                            {{else}}
+                                {{user.username}}
+                            {{/if}}
+
+                          <span class="caret"></span></a>
+                      <ul class="dropdown-menu">
+                          <li {{#if activeHome}} class="active" {{/if}}>
+                              <a href="/account/">
+                                  <span class="glyphicon glyphicon-user" aria-hidden="true"></span> Account
+                              </a>
+                          </li>
+                          <li {{#if activeSecurity}} class="active" {{/if}}>
+                              <a href="/account/security">
+                                  <span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security
+                              </a>
+                          </li>
+                          <li role="separator" class="divider"></li>
+                         <li><a href="/account/logout"><span class="glyphicon glyphicon-log-out" aria-hidden="true"></span> Log out</a></li>
+                      </ul>
+                    </li>
+                {{else}}
+                    {{#if allowJoin}}
+                        <li {{#if activeCreate}} class="active" {{/if}}>
+                            <a href="/account/create">
+                                <span class="glyphicon glyphicon-user" aria-hidden="true"></span> Create account
+                            </a>
+                        </li>
+                    {{/if}}
+                    <li {{#if activeLogin}} class="active" {{/if}}>
+                        <a href="/account/login">
+                            <span class="glyphicon glyphicon-log-in" aria-hidden="true"></span> Log in
+                        </a>
+                    </li>
+                {{/if}}
+
+            </ul>
+        </div>
+
+    </div>
+</nav>
diff --git a/production/haraka-wildduck/webmail/views/partials/scripts.hbs b/production/haraka-wildduck/webmail/views/partials/scripts.hbs
new file mode 100644
index 0000000..b018101
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/scripts.hbs
@@ -0,0 +1,71 @@
+<script src="/components/underscore/underscore-min.js"></script>
+<script src="/components/jquery/dist/jquery.min.js"></script>
+<script src="/components/promise-polyfill/dist/promise.min.js"></script>
+
+<script src="/components/moment/min/moment-with-locales.min.js"></script>
+
+<script src="/bootstrap-3.3.7/js/bootstrap.js"></script>
+
+<link href="/components/bootstrap-daterangepicker/daterangepicker.css" rel="stylesheet">
+<script src="/components/bootstrap-daterangepicker/daterangepicker.js"></script>
+
+<link href="/components/summernote/dist/summernote.css" rel="stylesheet">
+<script src="/components/summernote/dist/summernote.min.js"></script>
+
+<script src="/components/fetch/fetch.js"></script>
+<script src="/components/event-source-polyfill/src/eventsource.min.js"></script>
+<script src="/components/handlebars/handlebars.min.js"></script>
+
+<script src="/components/favico.js/favico.js"></script>
+
+<script src="/wd.js"></script>
+<script type="text/javascript">
+    $(function() {
+        $("[rel='tooltip']").tooltip();
+    });
+</script>
+
+{{#if inboxId}}
+    <script>
+        var INBOX_ID = '{{inboxId}}';
+        var INBOX_UNSEEN = {{inboxUnseen}};
+        var FAVICON = new Favico({
+            animation:'slide'
+        });
+
+        if(INBOX_UNSEEN){
+            FAVICON.badge(INBOX_UNSEEN);
+        }
+    </script>
+{{else}}
+    <script>
+        var INBOX_ID = -1;
+        var INBOX_UNSEEN = 0;
+        var FAVICON = false;
+    </script>
+{{/if}}
+
+{{#if successlog}}
+<script src="/login-key-handler.js"></script>
+<script>
+    $(function() {
+        // store token about successful auth in this browser
+        var successlog = {{{successlog}}};
+        loginKeyHandler.set(successlog.username, successlog.value, 'recovery', successlog.days);
+    });
+</script>
+{{/if}}
+
+<script>
+window.setTimeout(function(){
+    var alerts = document.querySelectorAll('.flash-messages');
+    var elm;
+    for(var i=0, len = alerts.length; i<len; i++){
+        elm = alerts[i];
+        if(elm.parentNode){
+            elm.parentNode.removeChild(elm);
+        }
+    }
+}, 10 * 1000);
+
+</script>
diff --git a/production/haraka-wildduck/webmail/views/partials/searchfield.hbs b/production/haraka-wildduck/webmail/views/partials/searchfield.hbs
new file mode 100644
index 0000000..46b1ffc
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/searchfield.hbs
@@ -0,0 +1,8 @@
+<form method="get" action="/webmail/search">
+    <div class="input-group">
+      <input type="text" class="form-control input" name="query" placeholder="from:val to:val subject:val &quot;phrase&quot; word" value="{{query}}" required>
+      <span class="input-group-btn">
+        <button class="btn btn-default btn" type="submit"><span class="glyphicon glyphicon-search" aria-hidden="true"></span></button>
+      </span>
+    </div>
+</form>
diff --git a/production/haraka-wildduck/webmail/views/partials/securitymenu.hbs b/production/haraka-wildduck/webmail/views/partials/securitymenu.hbs
new file mode 100644
index 0000000..abbef6f
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/securitymenu.hbs
@@ -0,0 +1,5 @@
+<li role="presentation" class="{{#if secMenu2fa}}active{{/if}}"><a href="/account/security/2fa">Two factor authentication</a></li>
+<li role="presentation" class="{{#if secMenuPassword}}active{{/if}}"><a href="/account/security/password">Account Password</a></li>
+<li role="presentation" class="{{#if secMenuAsps}}active{{/if}}"><a href="/account/security/asps">Application specific passwords</a></li>
+<li role="presentation" class="{{#if secMenuGpg}}active{{/if}}"><a href="/account/security/gpg">GPG Encryption</a></li>
+<li role="presentation" class="{{#if secMenuEvents}}active{{/if}}"><a href="/account/security/events">Security events</a></li>
diff --git a/production/haraka-wildduck/webmail/views/partials/tos.hbs b/production/haraka-wildduck/webmail/views/partials/tos.hbs
new file mode 100644
index 0000000..d68c041
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/partials/tos.hbs
@@ -0,0 +1,57 @@
+<p>Last updated: January 24, 2018</p>
+
+
+<p>Please read these Terms and Conditions ("Terms", "Terms and Conditions") carefully before using the http://{{serviceDomain}} website (the "Service") operated by {{serviceName}} ("us", "we", or "our").</p>
+
+<p>Your access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service.</p>
+
+<p>By accessing or using the Service you agree to be bound by these Terms. If you disagree with any part of the terms then you may not access the Service. Terms and Conditions  for {{serviceName}} based on the <a href="https://termsfeed.com/blog/sample-terms-and-conditions-template/">T&amp;C example from TermsFeed</a>.</p>
+
+<h2>Accounts</h2>
+
+<p>When you create an account with us, you must provide us information that is accurate, complete, and current at all times. Failure to do so constitutes a breach of the Terms, which may result in immediate termination of your account on our Service.</p>
+
+<p>You are responsible for safeguarding the password that you use to access the Service and for any activities or actions under your password, whether your password is with our Service or a third-party service.</p>
+
+<p>You agree not to disclose your password to any third party. You must notify us immediately upon becoming aware of any breach of security or unauthorized use of your account.</p>
+
+
+<h2>Links To Other Web Sites</h2>
+
+<p>Our Service may contain links to third-party web sites or services that are not owned or controlled by {{serviceName}}.</p>
+
+<p>{{serviceName}} has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree that {{serviceName}} shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such web sites or services.</p>
+
+<p>We strongly advise you to read the terms and conditions and privacy policies of any third-party web sites or services that you visit.</p>
+
+
+<h2>Termination</h2>
+
+<p>We may terminate or suspend access to our Service immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.</p>
+
+<p>All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.</p>
+
+<p>We may terminate or suspend your account immediately, without prior notice or liability, for any reason whatsoever, including without limitation if you breach the Terms.</p>
+
+<p>Upon termination, your right to use the Service will immediately cease. If you wish to terminate your account, you may simply discontinue using the Service.</p>
+
+<p>All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.</p>
+
+
+<h2>Governing Law</h2>
+
+<p>These Terms shall be governed and construed in accordance with the laws of Estonia, without regard to its conflict of law provisions.</p>
+
+<p>Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service, and supersede and replace any prior agreements we might have between us regarding the Service.</p>
+
+
+<h2>Changes</h2>
+
+<p>We reserve the right, at our sole discretion, to modify or replace these Terms at any time. If a revision is material we will try to provide at least 30 days notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.</p>
+
+<p>By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Service.</p>
+
+
+<h2>Contact Us</h2>
+
+<p>If you have any questions about these Terms, please contact us.</p>
diff --git a/production/haraka-wildduck/webmail/views/tos.hbs b/production/haraka-wildduck/webmail/views/tos.hbs
new file mode 100644
index 0000000..936d5ba
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/tos.hbs
@@ -0,0 +1,13 @@
+<div class="row">
+    <div class="col-md-12">
+        <h1><span class="glyphicon glyphicon-user" aria-hidden="true"></span> Terms and Conditions ("Terms")</h1>
+    </div>
+</div>
+
+<div class="panel panel-default">
+    <div class="panel-heading">
+        <h3 class="panel-title">TOS</h3></div>
+    <div class="panel-body">
+        {{>tos}}
+    </div>
+</div>
diff --git a/production/haraka-wildduck/webmail/views/webmail/audit.hbs b/production/haraka-wildduck/webmail/views/webmail/audit.hbs
new file mode 100644
index 0000000..ce03056
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/webmail/audit.hbs
@@ -0,0 +1,134 @@
+<h2 class="sub-header" style="display: flex;">
+    <div style="flex-grow: 1">
+        <table class="limited">
+            <tr class="messagerow-{{message.mailbox}}-{{messageData.id}}">
+                <td class="message-subject-line">
+                    <span>{{messageData.subject}}</span>
+                </td>
+            </tr>
+        </table>
+    </div>
+
+    <div>
+        <a href="/webmail/{{mailbox.id}}/message/{{messageData.id}}" class="btn btn-default"><span class="glyphicon glyphicon-menu-left" aria-hidden="true"></span></a>
+    </div>
+</h2>
+
+<p>
+    Below are displayed timeline events related to the selected message. This includes receive info, forwarding and autoreplies
+</p>
+
+{{#each events}}
+    <dl class="dl-horizontal">
+
+        {{#if actionDescription}}
+            {{#if action}}
+                  <dt>Action</dt>
+                  <dd><strong><span class="text-{{actionLabel}}">{{actionDescription}}</span></strong></dd>
+            {{/if}}
+        {{else}}
+            {{#if action}}
+                  <dt>Action</dt>
+                  <dd><strong>{{action}}</strong></dd>
+            {{/if}}
+        {{/if}}
+
+        <dt>ID</dt>
+        <dd><strong>{{id}}{{#if seq}}.{{seq}}{{/if}}</strong></dd>
+
+        <dt>Time</dt>
+        <dd><span class="datestring-fixed" title="{{time}}">{{time}}</span></dd>
+
+        {{#if messageId}}
+          <dt>Message-ID</dt>
+          <dd>{{messageId}}</dd>
+        {{/if}}
+
+        {{#if from}}
+              <dt>From</dt>
+              <dd>{{from}}</dd>
+        {{/if}}
+
+        {{#if to}}
+              <dt>To</dt>
+              <dd>{{to}}</dd>
+        {{/if}}
+
+        {{#if targetList}}
+            <dt>{{#if toTitle}}{{toTitle}}{{else}}Forwarding{{/if}}</dt>
+            <dd>
+                {{#each targetList}}
+                    <div><strong>{{../id}}.{{seq}}:</strong> {{text}} <code class="response">{{value}}</code></div>
+                {{/each}}
+            </dd>
+        {{/if}}
+
+        {{#if origin}}
+              <dt>Sending host</dt>
+              <dd>{{origin}}</dd>
+        {{/if}}
+
+        {{#if src}}
+              <dt>Local address</dt>
+              <dd>{{src}}</dd>
+        {{/if}}
+
+        {{#if mx}}
+              <dt>Destination</dt>
+              <dd>{{mx}}
+                  {{#if dst}}
+                  [{{dst}}]
+                  {{/if}}
+              </dd>
+        {{/if}}
+
+        {{#if response}}
+              <dt>Server response</dt>
+              <dd><code class="response">{{response}}</code></dd>
+        {{/if}}
+
+        {{#if error}}
+              <dt>Error message</dt>
+              <dd><code class="response">{{error}}</code></dd>
+        {{/if}}
+
+    </dl>
+{{/each}}
+
+<p>
+    &nbsp;
+</p>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    var stream = new EventSource('/api/events');
+    stream.onmessage = function(e) {
+        var data, row, star, redrawTimer;
+        try {
+            data = JSON.parse(e.data);
+        } catch (E) {
+            return;
+        }
+        switch (data.command) {
+            case 'COUNTERS': {
+                if (data.mailbox) {
+                    if(FAVICON && data.mailbox === INBOX_ID){
+                        FAVICON.badge(data.unseen);
+                    }
+
+                    [].slice.call(document.querySelectorAll('.unseen-counter-' + data.mailbox)).forEach(function(row){
+                        if(data.unseen){
+                            row.style.display = 'block';
+                            row.textContent = data.unseen;
+                        }else {
+                            row.style.display = 'none';
+                            row.textContent = 0;
+                        }
+                    });
+                }
+                break;
+            }
+        }
+    };
+});
+</script>
diff --git a/production/haraka-wildduck/webmail/views/webmail/create.hbs b/production/haraka-wildduck/webmail/views/webmail/create.hbs
new file mode 100644
index 0000000..42cdec8
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/webmail/create.hbs
@@ -0,0 +1,46 @@
+
+<h2 class="sub-header"><span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> Create folder</h2>
+
+<form method="post" action="/webmail/create">
+    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+    {{> mailbox}}
+
+    <div class="form-group">
+        <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> Create</button>
+    </div>
+
+</form>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    var stream = new EventSource('/api/events');
+    stream.onmessage = function(e) {
+        var data, row, star, redrawTimer;
+        try {
+            data = JSON.parse(e.data);
+        } catch (E) {
+            return;
+        }
+        switch (data.command) {
+            case 'COUNTERS': {
+                if (data.mailbox) {
+                    if(FAVICON && data.mailbox === INBOX_ID){
+                        FAVICON.badge(data.unseen);
+                    }
+                    [].slice.call(document.querySelectorAll('.unseen-counter-' + data.mailbox)).forEach(function(row){
+                        if(data.unseen){
+                            row.style.display = 'block';
+                            row.textContent = data.unseen;
+                        }else {
+                            row.style.display = 'none';
+                            row.textContent = 0;
+                        }
+                    });
+                }
+                break;
+            }
+        }
+    };
+});
+</script>
diff --git a/production/haraka-wildduck/webmail/views/webmail/index.hbs b/production/haraka-wildduck/webmail/views/webmail/index.hbs
new file mode 100644
index 0000000..d528b78
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/webmail/index.hbs
@@ -0,0 +1,754 @@
+
+<h2 class="sub-header">
+    {{#if mailbox.editable}}
+        <div class="pull-right">
+            <a href="/webmail/{{mailbox.id}}/settings" class="btn btn-default"><span class="glyphicon glyphicon-cog" aria-hidden="true"></span> Settings</a>
+        </div>
+    {{/if}}
+    {{#if mailbox.icon}}
+        <span class="glyphicon glyphicon-{{mailbox.icon}}" aria-hidden="true"></span>
+    {{else}}
+        <span class="glyphicon glyphicon-inbox" aria-hidden="true"></span>
+    {{/if}}
+    {{mailbox.name}}
+</h2>
+
+<div class="toolbar-container">
+
+    <div class="toolbar-main">
+        <div class="pull-left" style="margin-left: 10px; width: 20px;">
+            <input type="checkbox" class="toggle-all" />
+        </div>
+        <fieldset id="action-toolbar" disabled>
+            <div class="form-group">
+
+                <button class="btn btn-default btn-xs bulk-mark-seen">Mark as Seen</button>
+                <button class="btn btn-default btn-xs bulk-mark-unseen">Mark as Unseen</button>
+
+                <span style="display: inline-block; width: 10px;"></span>
+
+                <button class="btn btn-default btn-xs bulk-delete" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
+
+
+                <div class="btn-group">
+                  <button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                    <span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> Move <span class="caret"></span>
+                  </button>
+                  <ul class="dropdown-menu">
+                     {{#each mailboxes}}
+                        {{#if canMoveTo}}
+                            <li><a href="#" class="bulk-move" data-mailbox="{{id}}"  data-mailbox-path="{{path}}" data-toggle="modal" data-target="#moveModal">
+                                {{{prefix}}}
+                                {{#if icon}}
+                                    <span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
+                                {{else}}
+                                    <span class="glyphicon glyphicon-triangle-right" aria-hidden="true"></span>
+                                {{/if}}
+                                {{formatted}}
+                                {{{suffix}}}</a></li>
+                        {{/if}}
+                    {{/each}}
+                  </ul>
+                </div>
+
+            </div>
+        </fieldset>
+    </div>
+
+    <div class="toolbar-search">
+        {{>searchfield}}
+    </div>
+
+</div>
+
+<div class="clearfix"></div>
+
+{{#if isTrash}}
+    <div class="alert alert-info" style="padding: 5px 15px;" role="alert">Messages in Trash folder are deleted permanently after 30 days</div>
+{{/if}}
+
+{{#if isJunk}}
+    <div class="alert alert-info" style="padding: 5px 15px;" role="alert">Messages in Junk Mail folder are deleted permanently after 30 days</div>
+{{/if}}
+
+<div class="table-responsive">
+    <table class="messagelist">
+        <colgroup>
+            <col class="messagerow-spacer-col" />
+            <col class="messagerow-checkbox-col" />
+            <col class="messagerow-star-col" />
+            <col class="messagerow-from-col" />
+            <col class="messagerow-subject-col" />
+            <col class="messagerow-info-col" />
+            <col class="messagerow-date-col" />
+            <col class="messagerow-spacer-col" />
+        </colgroup>
+        <tbody>
+            {{#each messages}}
+                {{>messagerow}}
+            {{/each}}
+        </tbody>
+    </table>
+</div>
+
+<nav aria-label="nav">
+    <ul class="pager">
+        {{#if previousCursor}}
+            <li class="previous"><a href="/webmail/{{mailbox.id}}?previous={{previousCursor}}&amp;page={{previousPage}}&amp;query={{query}}"><span aria-hidden="true">&larr;</span> Newer</a></li>
+        {{else}}
+            <li class="previous disabled"><a href="#"><span aria-hidden="true">&larr;</span> Newer</a></li>
+        {{/if}}
+
+        <li style="display: inline-block; padding-top: 7px;">
+            Page <strong>{{page}}</strong> (<strong>{{startStr}}</strong>–<strong>{{endStr}}</strong> out of <strong>{{resultsStr}}</strong> messages)
+        </li>
+
+        {{#if nextCursor}}
+            <li class="next"><a href="/webmail/{{mailbox.id}}?next={{nextCursor}}&amp;page={{nextPage}}&amp;query={{query}}">Older <span aria-hidden="true">&rarr;</span></a></li>
+        {{else}}
+            <li class="next disabled"><a href="#">Older <span aria-hidden="true">&rarr;</span></a></li>
+        {{/if}}
+    </ul>
+</nav>
+
+<!-- Modal -->
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="deleteModalLabel">Delete messages</h4>
+      </div>
+      <div class="modal-body">
+        {{#if skipTrash}}
+            Are you sure you want to permanently delete selected messages?
+        {{else}}
+            Are you sure you want to move selected messages to Trash folder?
+        {{/if}}
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+        <button type="button" class="btn btn-danger bulk-delete-confirm" data-loading-text="Deleting..." >Yes, delete</button>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div class="modal" id="moveModal" tabindex="-1" role="dialog" aria-labelledby="moveModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="moveModalLabel">Move messages</h4>
+      </div>
+      <div class="modal-body">
+          Are you sure you want to move selected messages to <span class="bulk-move-path">another folder</span>?
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+        <button type="button" class="btn btn-primary bulk-move-confirm" data-loading-text="Moving..." >Yes, move</button>
+      </div>
+    </div>
+  </div>
+</div>
+
+<script id="messagerow-template" type="text/x-handlebars-template">
+    {{{messageRowTemplate}}}
+</script>
+
+<input type="hidden" id="_csrf" value="{{csrfToken}}">
+<input type="hidden" id="mailbox" value="{{mailbox.id}}">
+<input type="hidden" id="cursor-type" value="{{cursorType}}">
+<input type="hidden" id="cursor-value" value="{{cursorValue}}">
+<input type="hidden" id="page" value="{{page}}">
+<input type="hidden" id="mailbox-type" value="{{mailbox.specialUse}}">
+
+<script>
+
+// star toggle
+(function(){
+    var toggleStar = function(e, elm){
+        e.preventDefault();
+        e.stopPropagation();
+
+        if(!elm || elm.dataset.status === 'pending'){
+            return;
+        }
+
+        elm.dataset.status = 'pending';
+        var flagged = elm.classList.contains('flagged');
+
+        var done = function(){
+            elm.dataset.status = 'done';
+        }
+
+        fetch('/api/toggle/flagged', {
+            method: 'post',
+            headers: {
+                Accept: 'application/json, text/plain, */*',
+                'Content-Type': 'application/json'
+            },
+            credentials: 'include',
+            body: JSON.stringify({
+                _csrf: document.getElementById('_csrf').value,
+                mailbox: elm.dataset.mailbox,
+                message: elm.dataset.message,
+                flagged: !flagged // toggle
+            })
+        })
+        .then(function(res) {
+            return res.json();
+        })
+        .then(function(res) {
+            if(res.error){
+                console.error(res.error);
+                return done();
+            }
+
+            if(flagged){
+                elm.classList.remove('flagged');
+                elm.classList.add('unflagged');
+                elm.querySelector('.glyphicon').classList.remove('glyphicon-star');
+                elm.querySelector('.glyphicon').classList.add('glyphicon-star-empty');
+            }else{
+                elm.classList.remove('unflagged');
+                elm.classList.add('flagged');
+                elm.querySelector('.glyphicon').classList.remove('glyphicon-star-empty');
+                elm.querySelector('.glyphicon').classList.add('glyphicon-star');
+            }
+
+            done();
+        }).catch(function(err){
+            console.error(err);
+            done();
+        });
+
+    };
+
+    var setupToggling = function(elm){
+        elm.addEventListener('click', function(e){
+            toggleStar(e, elm);
+        }, false);
+    }
+
+    var starElms = document.querySelectorAll('.message-star');
+    for(var i=0, len = starElms.length; i<len; i++){
+        setupToggling(starElms[i]);
+    }
+})();
+
+// checkboxes
+document.addEventListener('DOMContentLoaded', function() {
+    var checkboxes = document.querySelectorAll('.message-checkbox');
+    var toolbarElm = document.querySelector('#action-toolbar');
+    var mailboxType = document.querySelector('#mailbox-type');
+    var toggleAllElm = document.querySelector('.toggle-all');
+
+    var isInbox = mailboxType === 'INBOX';
+    var isSent = mailboxType === '\\Sent';
+    var isTrash= mailboxType === '\\Trash';
+    var isJunk = mailboxType === '\\Junk';
+    var skipTrash = ['\\Trash', '\\Junk'].includes(mailboxType);
+
+    var getChecked = function(){
+        var result = [];
+        for(var i=0, len = checkboxes.length; i<len; i++){
+            if(checkboxes[i].checked){
+                result.push({
+                    elm: checkboxes[i],
+                    message: checkboxes[i].dataset.message,
+                    mailbox: checkboxes[i].dataset.mailbox
+                });
+            }
+        }
+        return result;
+    }
+
+    var toggleToolbar = function(){
+        var checked = 0;
+        for(var i=0, len = checkboxes.length; i<len; i++){
+            if(checkboxes[i].checked){
+                checked++;
+            }
+        }
+        if(checked){
+            toolbarElm.disabled = false;
+            if(checked === checkboxes.length){
+                toggleAllElm.checked = true;
+            }
+        }else{
+            toolbarElm.disabled = true;
+            toggleAllElm.checked = false;
+        }
+    };
+
+    for(var i=0, len = checkboxes.length; i<len; i++){
+        checkboxes[i].addEventListener('click', toggleToolbar, false);
+        checkboxes[i].addEventListener('change', toggleToolbar, false);
+    }
+
+    var findRow = function(elm, level){
+        level = level || 0;
+        var parent = elm.parentNode;
+        if(!parent || level > 10){
+            return false;
+        }
+        if(parent.classList.contains('messagerow')){
+            return parent;
+        }
+        return findRow(parent, level+1);
+    }
+
+    var removeRow = function(id){
+        var row = document.getElementById('msg_' + id);
+        if(row && row.parentNode){
+            row.parentNode.removeChild(row);
+        }
+    }
+
+    var messagerowSource = document.getElementById('messagerow-template').innerHTML;
+    var messagerowTemplate = Handlebars.compile(messagerowSource);
+
+    // function to redraw email listing
+    var redrawList = function(done){
+        var checkedMessages = {};
+        getChecked().forEach(function(checked){
+            checkedMessages[checked.message] = true;
+        });
+
+        fetch('/api/list', {
+            method: 'post',
+            headers: {
+                Accept: 'application/json, text/plain, */*',
+                'Content-Type': 'application/json'
+            },
+            credentials: 'include',
+            body: JSON.stringify({
+                _csrf: document.getElementById('_csrf').value,
+                mailbox: document.getElementById('mailbox').value,
+                cursorType: document.getElementById('cursor-type').value,
+                cursorValue: document.getElementById('cursor-value').value,
+                page: document.getElementById('page').value
+            })
+        })
+        .then(function(res) {
+            return res.json();
+        })
+        .then(function(res) {
+            if(res.error){
+                console.error(res.error);
+                return done();
+            }
+
+            var html = res.results.map(function(message){
+                return messagerowTemplate(message);
+            }).join('\n');
+
+            document.querySelector('.messagelist tbody').innerHTML = html;
+
+            // reset page load handlers
+            checkboxes = document.querySelectorAll('.message-checkbox');
+            for(var i=0, len = checkboxes.length; i<len; i++){
+                if(checkedMessages[checkboxes[i].dataset.message]){
+                    checkboxes[i].checked = true;
+                }
+                checkboxes[i].addEventListener('click', toggleToolbar, false);
+                checkboxes[i].addEventListener('change', toggleToolbar, false);
+            }
+            toggleToolbar();
+            $("[rel='tooltip']").tooltip();
+            updateFixedDatestrings()
+
+            done();
+        }).catch(function(err){
+            console.error(err);
+            done();
+        });
+    };
+
+    var pendingSeen = false;
+    var toggleSeen = function(seen){
+        if(pendingSeen){
+            return false;
+        }
+
+        var checked = getChecked();
+        if(!checked.length){
+            return false;
+        }
+
+        pendingSeen = true;
+
+        var groupkeys= [];
+        var groups = {};
+        checked.forEach(function(entry){
+            if(!groups[entry.mailbox]){
+                groups[entry.mailbox] = [];
+                groupkeys.push(entry.mailbox);
+            }
+            groups[entry.mailbox].push(entry.message);
+        })
+
+        var done = function(){
+            pendingSeen = false;
+        }
+
+        var batchPos = 0;
+        var processBatch = function(){
+            if(batchPos >= groupkeys.length){
+                return done();
+            }
+            var mailbox = groupkeys[batchPos++];
+            var messages = groups[mailbox];
+
+            fetch('/api/toggle/seen', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: mailbox,
+                    message: messages.join(','),
+                    seen: !!seen
+                })
+            })
+            .then(function(res) {
+                return res.json();
+            })
+            .then(function(res) {
+                if(res.error){
+                    console.error(res.error);
+                    return done();
+                }
+
+                checked.forEach(function(checkbox){
+                    var row = findRow(checkbox.elm);
+                    if(row){
+                        row.classList.remove(seen ? 'message-unseen' : 'message-seen');
+                        row.classList.add(seen ? 'message-seen' : 'message-unseen');
+                    }
+                })
+
+                // continue processing
+                processBatch();
+            }).catch(function(err){
+                console.error(err);
+                done();
+            });
+        }
+
+        processBatch();
+    }
+
+    var setUnseen = function(){
+        toggleSeen(false);
+    };
+
+    var setSeen = function(){
+        toggleSeen(true);
+    };
+
+    document.querySelector('.bulk-mark-unseen').addEventListener('click', setUnseen, false);
+    document.querySelector('.bulk-mark-unseen').addEventListener('touch', setUnseen, false);
+    document.querySelector('.bulk-mark-seen').addEventListener('click', setSeen, false);
+    document.querySelector('.bulk-mark-seen').addEventListener('touch', setSeen, false);
+
+    var toggleAll = function(){
+        var checked = toggleAllElm.checked;
+
+        for(var i=0, len = checkboxes.length; i<len; i++){
+            checkboxes[i].checked = checked;
+        }
+
+        if(checked && checkboxes.length){
+            toolbarElm.disabled = false;
+        }
+    }
+
+    document.querySelector('.toggle-all').addEventListener('click', toggleAll, false);
+    document.querySelector('.toggle-all').addEventListener('change', toggleAll, false);
+
+    var pendingDeleted = false;
+    var deleteMessage = function(){
+        if(pendingDeleted){
+            return false;
+        }
+
+        var checked = getChecked();
+        if(!checked.length){
+            return false;
+        }
+
+        pendingDeleted = true;
+        $('#deleteModal .bulk-delete-confirm').button('loading');
+
+        var done = function(){
+            pendingDeleted = false;
+            $('#deleteModal .bulk-delete-confirm').button('reset');
+            $('#deleteModal').modal('hide');
+        }
+
+        var groupkeys= [];
+        var groups = {};
+        checked.forEach(function(entry){
+            if(!groups[entry.mailbox]){
+                groups[entry.mailbox] = [];
+                groupkeys.push(entry.mailbox);
+            }
+            groups[entry.mailbox].push(entry.message);
+        })
+
+        var deleted = 0;
+        var batchPos = 0;
+        var processBatch = function(){
+            if(batchPos >= groupkeys.length){
+                if(deleted){
+                    return redrawList(done);
+                }
+                return done();
+            }
+            var mailbox = groupkeys[batchPos++];
+            var messages = groups[mailbox];
+
+            fetch('/api/delete', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: mailbox,
+                    message: messages.join(',')
+                })
+            })
+            .then(function(res) {
+                return res.json();
+            })
+            .then(function(res) {
+                if(res.error){
+                    console.error(res.error);
+                    return done();
+                }
+
+                var removeRow = function(id){
+                    var row = document.getElementById('msg_' + id);
+                    if(row && row.parentNode){
+                        row.parentNode.removeChild(row);
+                    }
+                }
+
+                if(res.id && res.id.length){
+                    for(var i=0, len = res.id.length; i<len; i++){
+                        if(res.id[i] && res.id[i][0] && res.id[i][1]){
+                            removeRow(res.id[i][0]);
+                            deleted++;
+                        }
+                    }
+                }
+
+                processBatch();
+            }).catch(function(err){
+                console.error(err);
+                done();
+            });
+        }
+        processBatch();
+    };
+
+    document.querySelector('.bulk-delete-confirm').addEventListener('click', deleteMessage, false);
+    document.querySelector('.bulk-delete-confirm').addEventListener('touch', deleteMessage, false);
+
+    var pendingMove = false;
+    var moveMessage = function(target){
+        if(pendingMove){
+            return false;
+        }
+
+        var checked = getChecked();
+        if(!checked.length){
+            return false;
+        }
+
+        pendingMove = true;
+        $('#moveModal .bulk-move-confirm').button('loading');
+
+        var done = function(){
+            pendingMove = false;
+            $('#moveModal .bulk-move-confirm').button('reset');
+            $('#moveModal').modal('hide');
+        }
+
+        var targetMailbox = document.querySelector('.bulk-move-confirm').dataset.mailbox;
+        var groupkeys= [];
+        var groups = {};
+        checked.forEach(function(entry){
+            if(targetMailbox === entry.mailbox){
+                // skip
+                return;
+            }
+            if(!groups[entry.mailbox]){
+                groups[entry.mailbox] = [];
+                groupkeys.push(entry.mailbox);
+            }
+            groups[entry.mailbox].push(entry.message);
+        })
+
+        var moved = 0;
+        var batchPos = 0;
+        var processBatch = function(){
+            if(batchPos >= groupkeys.length){
+                if(moved){
+                    return redrawList(done);
+                }
+                return done();
+            }
+            var mailbox = groupkeys[batchPos++];
+            var messages = groups[mailbox];
+
+            fetch('/api/move', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: mailbox,
+                    message: messages.join(','),
+                    target: targetMailbox
+                })
+            })
+            .then(function(res) {
+                return res.json();
+            })
+            .then(function(res) {
+                if(res.error){
+                    console.error(res.error);
+                    return done();
+                }
+
+                if(res.id && res.id.length){
+                    for(var i=0, len = res.id.length; i<len; i++){
+                        if(res.id[i] && res.id[i][0] && res.id[i][1]){
+                            removeRow(res.id[i][0]);
+                            moved++;
+                        }
+                    }
+                }
+
+                processBatch();
+            }).catch(function(err){
+                console.error(err);
+                done();
+            });
+        }
+        processBatch();
+    };
+
+    $('#moveModal').on('show.bs.modal', function (event) {
+        var button = $(event.relatedTarget); // Button that triggered the modal
+        var mailbox = button.data('mailbox'); // Extract info from data-* attributes
+        var path = button.data('mailbox-path');
+        $('.bulk-move-path').text(path);
+        document.querySelector('.bulk-move-confirm').dataset.mailbox = mailbox;
+    });
+
+    document.querySelector('.bulk-move-confirm').addEventListener('click', moveMessage, false);
+    document.querySelector('.bulk-move-confirm').addEventListener('touch', moveMessage, false);
+
+    let checkNewMessages = document.getElementById('page').value === '1' && document.getElementById('mailbox').value;
+
+    var stream = new EventSource('/api/events');
+    stream.onmessage = function(e) {
+        var data, row, star, redrawTimer;
+        try {
+            data = JSON.parse(e.data);
+        } catch (E) {
+            return;
+        }
+
+        switch (data.command) {
+            case 'EXISTS':
+                if(checkNewMessages === data.mailbox){
+                    clearTimeout(redrawTimer);
+                    redrawTimer = setTimeout(function(){
+                        clearTimeout(redrawTimer);
+                        redrawList(function(){});
+                    }, 200);
+                }
+                break;
+
+            case 'FETCH': {
+                row = document.querySelector('.messagerow-'+data.mailbox+'-'+data.uid);
+                if(!row){
+                    return;
+                }
+                if (data.flags) {
+                    star = row.querySelector('.message-star');
+
+                    if (data.flags.indexOf('\\Flagged')>=0) {
+                        star.classList.remove('unflagged');
+                        star.classList.add('flagged');
+                        star.querySelector('.glyphicon').classList.remove('glyphicon-star-empty');
+                        star.querySelector('.glyphicon').classList.add('glyphicon-star');
+                    } else {
+                        star.classList.remove('flagged');
+                        star.classList.add('unflagged');
+                        star.querySelector('.glyphicon').classList.remove('glyphicon-star');
+                        star.querySelector('.glyphicon').classList.add('glyphicon-star-empty');
+                    }
+
+                    if (data.flags.indexOf('\\Seen')>=0) {
+                        row.classList.remove('message-unseen');
+                        row.classList.add('message-seen');
+                    } else {
+                        row.classList.remove('message-seen');
+                        row.classList.add('message-unseen');
+                    }
+                }
+                break;
+            }
+            case 'EXPUNGE': {
+                row = document.querySelector('.messagerow-'+data.mailbox+'-'+data.uid);
+                if(!row){
+                    return;
+                }
+                if(row.parentNode){
+                    row.parentNode.removeChild(row);
+                    clearTimeout(redrawTimer);
+                    redrawTimer = setTimeout(function(){
+                        clearTimeout(redrawTimer);
+                        redrawList(function(){});
+                    }, 200);
+                }
+            }
+            case 'COUNTERS': {
+                if (data.mailbox) {
+                    if(FAVICON && data.mailbox === INBOX_ID){
+                        FAVICON.badge(data.unseen);
+                    }
+                    [].slice.call(document.querySelectorAll('.unseen-counter-' + data.mailbox)).forEach(function(row){
+                        if(data.unseen){
+                            row.style.display = 'block';
+                            row.textContent = data.unseen;
+                        }else {
+                            row.style.display = 'none';
+                            row.textContent = 0;
+                        }
+                    });
+                }
+                break;
+            }
+        }
+    };
+
+    toggleToolbar();
+}, false);
+
+</script>
diff --git a/production/haraka-wildduck/webmail/views/webmail/mailbox.hbs b/production/haraka-wildduck/webmail/views/webmail/mailbox.hbs
new file mode 100644
index 0000000..881ecd9
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/webmail/mailbox.hbs
@@ -0,0 +1,75 @@
+
+<h2 class="sub-header"><span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> {{mailbox.name}}</h2>
+
+<form method="post" action="/webmail/{{mailbox.id}}/settings">
+    <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+    {{> mailbox}}
+
+    {{#unless isInbox}}
+        <div class="form-group">
+            {{#unless isSpecial}}
+                <div class="pull-right">
+                    <button type="button" class="btn btn-danger" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
+                </div>
+            {{/unless}}
+            <button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Update</button>
+        </div>
+    {{/unless}}
+
+</form>
+
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+        <h4 class="modal-title" id="deleteModalLabel">Delete folder</h4>
+      </div>
+      <div class="modal-body">
+            Are you sure you want to permanently delete <strong>{{mailbox.name}}</strong> and all its contents?
+      </div>
+      <div class="modal-footer">
+        <form method="post" action="/webmail/{{mailbox.id}}/delete">
+            <input type="hidden" name="_csrf" value="{{csrfToken}}">
+
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" class="btn btn-danger">Yes, delete</button>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    var stream = new EventSource('/api/events');
+    stream.onmessage = function(e) {
+        var data, row, star, redrawTimer;
+        try {
+            data = JSON.parse(e.data);
+        } catch (E) {
+            return;
+        }
+        switch (data.command) {
+            case 'COUNTERS': {
+                if (data.mailbox) {
+                    if(FAVICON && data.mailbox === INBOX_ID){
+                        FAVICON.badge(data.unseen);
+                    }
+                    [].slice.call(document.querySelectorAll('.unseen-counter-' + data.mailbox)).forEach(function(row){
+                        if(data.unseen){
+                            row.style.display = 'block';
+                            row.textContent = data.unseen;
+                        }else {
+                            row.style.display = 'none';
+                            row.textContent = 0;
+                        }
+                    });
+                }
+                break;
+            }
+        }
+    };
+});
+</script>
diff --git a/production/haraka-wildduck/webmail/views/webmail/message.hbs b/production/haraka-wildduck/webmail/views/webmail/message.hbs
new file mode 100644
index 0000000..b55c1bf
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/webmail/message.hbs
@@ -0,0 +1,630 @@
+<input type="hidden" id="mailbox" value="{{mailbox.id}}" />
+<input type="hidden" id="message" value="{{message.id}}" />
+<input type="hidden" id="_csrf" value="{{csrfToken}}">
+
+<h2 class="sub-header" style="display: flex;">
+    <div style="flex-grow: 1">
+        <table class="limited">
+            <tr class="messagerow-{{message.mailbox}}-{{message.id}}">
+                <td class="message-subject-line">
+                    <a href="#" class="message-star {{#if message.flagged}}flagged{{else}}unflagged{{/if}}"
+                        data-mailbox="{{mailbox.id}}" data-message="{{message.id}}"><span
+                            class="glyphicon glyphicon-{{#if message.flagged}}star{{else}}star-empty{{/if}}"
+                            aria-hidden="true"></span></a>
+
+                    <span>{{message.subject}}</span>
+                </td>
+            </tr>
+        </table>
+    </div>
+
+    <div>
+        <div class="btn-group">
+            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" aria-haspopup="true"
+                aria-expanded="false">
+                <span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> Details <span
+                    class="caret"></span>
+            </button>
+            <ul class="dropdown-menu dropdown-menu-right">
+                <li><a href="/webmail/{{mailbox.id}}/raw/{{message.id}}.eml"><span
+                            class="glyphicon glyphicon-download-alt" aria-hidden="true"></span> Original message</a>
+                </li>
+                {{#if message.attachments}}
+                <li role="separator" class="divider"></li>
+                {{#each message.attachments}}
+                <li><a href="/webmail/{{../mailbox.id}}/attachment/{{../message.id}}/{{id}}"
+                        download="{{filename}}"><span class="glyphicon glyphicon-paperclip" aria-hidden="true"></span>
+                        {{filename}} [{{sizeKb}}kB]</a></li>
+                {{/each}}
+                {{/if}}
+            </ul>
+        </div>
+    </div>
+</h2>
+
+<div class="toolbar-container">
+    <div class="toolbar-main">
+
+        <fieldset id="action-toolbar">
+            <div class="form-group">
+
+                <a href="/webmail/send?action=reply&amp;refMailbox={{mailbox.id}}&amp;refMessage={{message.id}}"
+                    class="btn btn-default btn-xs"><span class="glyphicon glyphicon-send" aria-hidden="true"></span>
+                    Reply</a>
+                <a href="/webmail/send?action=replyAll&amp;refMailbox={{mailbox.id}}&amp;refMessage={{message.id}}"
+                    class="btn btn-default btn-xs"><span class="glyphicon glyphicon-send" aria-hidden="true"></span>
+                    Reply to all</a>
+                <a href="/webmail/send?action=forward&amp;refMailbox={{mailbox.id}}&amp;refMessage={{message.id}}"
+                    class="btn btn-default btn-xs"><span class="glyphicon glyphicon-share" aria-hidden="true"></span>
+                    Forward</a>
+
+                <span style="display: inline-block; width: 10px;"></span>
+
+                <button class="btn btn-default btn-xs bulk-mark-unseen">Mark as Unseen</button>
+
+                <span style="display: inline-block; width: 10px;"></span>
+
+                <button class="btn btn-default btn-xs bulk-delete" data-toggle="modal" data-target="#deleteModal"><span
+                        class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
+
+                <div class="btn-group">
+                    <button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown"
+                        aria-haspopup="true" aria-expanded="false">
+                        <span class="glyphicon glyphicon-inbox" aria-hidden="true"></span> Move <span
+                            class="caret"></span>
+                    </button>
+                    <ul class="dropdown-menu">
+                        {{#each mailboxes}}
+                        {{#if canMoveTo}}
+                        <li><a href="#" class="bulk-move" data-mailbox="{{id}}" data-mailbox-path="{{path}}"
+                                data-toggle="modal" data-target="#moveModal">
+                                {{{prefix}}}
+                                {{#if icon}}
+                                <span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
+                                {{else}}
+                                <span class="glyphicon glyphicon-triangle-right" aria-hidden="true"></span>
+                                {{/if}}
+                                {{formatted}}
+                                {{{suffix}}}</a></li>
+                        {{/if}}
+                        {{/each}}
+                    </ul>
+                </div>
+
+            </div>
+        </fieldset>
+    </div>
+
+    <div class="toolbar-search">
+        {{>searchfield}}
+    </div>
+
+</div>
+
+<div class="clearfix"></div>
+
+{{#each message.info}}
+<div>
+    <strong>{{key}}:</strong>
+    {{#if icon}}
+    <span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
+    {{/if}}
+    <span {{#if isDate}} class="datestring" title="{{value}}" {{/if}}>
+        {{#if isHtml}}{{{value}}}{{else}}{{value}}{{/if}}
+    </span>
+
+    {{#if @first}}
+    {{#if ../message.securityInfo}}
+    <a id="extraDetails" tabindex="0" role="button" data-toggle="popover" data-trigger="focus"
+        title="Delivery details"><span class="glyphicon glyphicon-info-sign" aria-hidden="true"></span></a>
+    <div id="extraDetailsContent" style="display: none">
+        {{#each ../message.securityInfo}}
+        <div {{#if textClass}} class="{{textClass}}" {{/if}}>
+            <strong>{{key}}:</strong>
+            {{#if icon}}
+            <span class="glyphicon glyphicon-{{icon}}" aria-hidden="true"></span>
+            {{/if}}
+            <span {{#if isDate}} class="datestring" title="{{value}}" {{/if}}>
+                {{#if isHtml}}{{{value}}}{{else}}{{value}}{{/if}}
+            </span>
+        </div>
+        {{/each}}
+    </div>
+    {{/if}}
+    {{/if}}
+
+</div>
+{{/each}}
+{{#if expires}}
+<div class="text-muted">
+    <strong>Message expires:</strong>
+    <span class="datestring" title="{{expires}}">
+        {{expires}}
+    </span>
+</div>
+{{/if}}
+
+<div style="margin-bottom: 5px;"></div>
+
+{{#if message.encrypted}}
+<div id="encrypted-warning" class="alert alert-warning" role="alert">
+    <span class="glyphicon glyphicon-lock" aria-hidden="true"></span>
+    This message is encrypted and can not be displayed. Download the original message <a
+        href="/webmail/{{mailbox.id}}/raw/{{message.id}}.eml" download="{{message.id}}.eml" class="alert-link">from here
+    </a> to open it in an e-mail client that is able to read encrypted messages.
+    Alternatively you can install <a href="https://www.mailvelope.com/" class="alert-link">Mailvelope browser
+        extension</a> to allow decrypting and displaying messages by {{serviceName}}.
+</div>
+
+<div id="mailvelope-loading" class="alert alert-info" role="alert" style="display:none">
+    <span class="glyphicon glyphicon-lock" aria-hidden="true"></span>
+    Mailvelope detected. Trying to decrpyt encrypted message...
+</div>
+
+<div id="message-content" class="mailvelope"></div>
+
+<script>
+
+    document.addEventListener('DOMContentLoaded', function () {
+
+        if (typeof mailvelope !== 'undefined') {
+            mailvelopeLoaded();
+        } else {
+            window.addEventListener('mailvelope', mailvelopeLoaded, false);
+        }
+
+        var identifier = 'wildduck';
+
+        function getKeyring(callback) {
+            mailvelope.getKeyring(identifier).then(function (keyring) {
+                return callback(null, keyring);
+            }).catch(function (err) {
+                mailvelope.createKeyring(identifier).then(function (keyring) {
+                    return callback(null, keyring);
+                }).catch(function (err) {
+                    return callback(err);
+                });
+            });
+        }
+
+        function mailvelopeLoaded() {
+
+            document.getElementById('encrypted-warning').style.display = 'none';
+            document.getElementById('mailvelope-loading').style.display = 'block';
+
+            var selector = '#message-content';
+
+            getKeyring(function (err, keyring) {
+                if (err) {
+                    document.getElementById('encrypted-warning').style.display = 'block';
+                    document.getElementById('mailvelope-loading').style.display = 'none';
+                    alert('Failed to create keyring. ' + err.message);
+                    return;
+                }
+
+                fetch('/webmail/{{mailbox.id}}/raw/{{message.id}}.eml', {
+                    method: 'get',
+                    headers: {
+                        Accept: 'application/json, text/plain, */*',
+                        'Content-Type': 'application/json'
+                    },
+                    credentials: 'include'
+                })
+                    .then(function (res) {
+                        return res.text();
+                    })
+                    .then(function (text) {
+                        mailvelope.createDisplayContainer(selector, text, keyring, { showExternalContent: true }).then(function () {
+                            //$(selector).addClass('mailvelope').find('.message-part, .part-notice').hide();
+                            //setTimeout(function() { $(window).resize(); }, 10);
+                            document.getElementById('mailvelope-loading').style.display = 'none';
+                        }).catch(function (err) {
+                            document.getElementById('encrypted-warning').style.display = 'block';
+                            document.getElementById('mailvelope-loading').style.display = 'none';
+                            console.error(err);
+                            alert('Message decryption failed: ' + err.message, 'error')
+                        });
+                    }).catch(function (err) {
+                        document.getElementById('encrypted-warning').style.display = 'block';
+                        document.getElementById('mailvelope-loading').style.display = 'none';
+                        console.error(err);
+                        alert('Message decryption failed: ' + err.message)
+                    });
+            });
+        }
+    });
+
+</script>
+
+
+{{else}}
+
+<div id="message-content" class="iframe-box"></div>
+
+{{#if message.attachments}}
+<div class="well">
+    {{#each message.attachments}}
+    <a class="btn btn-success btn-sm" href="/webmail/{{../mailbox.id}}/attachment/{{../message.id}}/{{id}}"
+        role="button" download="{{filename}}"><span class="glyphicon glyphicon-cloud-download"
+            aria-hidden="true"></span> {{filename}}</a>
+    {{/each}}
+</div>
+{{/if}}
+
+<p>
+    &nbsp;
+</p>
+
+
+<script type="text/javascript" src="/components/DOMPurify/dist/purify.min.js"></script>
+<script>
+    var message = {{{ messageJson }}};
+
+    document.addEventListener("DOMContentLoaded", function (event) {
+        if (message.html) {
+            var clean = DOMPurify.sanitize(message.html.join('\n'), {
+                ALLOW_UNKNOWN_PROTOCOLS: true,
+                WHOLE_DOCUMENT: true,
+                FORBID_TAGS: ['form']
+            });
+
+            clean = clean.replace(/head>/, 'head><link rel="stylesheet" href="/css/mail.css" /><base target="_parent"><script>function resizeIframe(obj) {obj.style.height = obj.contentWindow.document.body.scrollHeight + "px";}</' + 'script>');
+
+            var iframe = document.createElement('iframe');
+
+            document.getElementById('message-content').appendChild(iframe);
+            iframe.contentWindow.document.open();
+            iframe.contentWindow.document.write(clean);
+            iframe.contentWindow.document.close();
+            iframe.contentWindow.addEventListener('load', function () {
+                iframe.contentWindow.resizeIframe(iframe);
+            });
+            iframe.contentWindow.document.addEventListener('DOMContentLoaded', function () {
+                iframe.contentWindow.resizeIframe(iframe);
+            });
+        }
+    }, false);
+</script>
+
+{{/if}}
+
+
+<!-- Modal -->
+<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+    <div class="modal-dialog" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
+                        aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="deleteModalLabel">Delete message</h4>
+            </div>
+            <div class="modal-body">
+                {{#if isTrash}}
+                Are you sure you want to permanently delete this message?
+                {{else}}
+                Are you sure you want to move this message to Trash folder?
+                {{/if}}
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+                <button type="button" class="btn btn-danger bulk-delete-confirm" data-loading-text="Deleting...">Yes,
+                    delete</button>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div class="modal" id="moveModal" tabindex="-1" role="dialog" aria-labelledby="moveModalLabel">
+    <div class="modal-dialog" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
+                        aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="moveModalLabel">Move message</h4>
+            </div>
+            <div class="modal-body">
+                Are you sure you want to move this message to <span class="bulk-move-path">another folder</span>?
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+                <button type="button" class="btn btn-primary bulk-move-confirm" data-loading-text="Moving...">Yes,
+                    move</button>
+            </div>
+        </div>
+    </div>
+</div>
+
+<script>
+    // star toggle
+    (function () {
+        var toggleStar = function (e, elm) {
+            e.preventDefault();
+            e.stopPropagation();
+
+            if (!elm || elm.dataset.status === 'pending') {
+                return;
+            }
+
+            elm.dataset.status = 'pending';
+            var flagged = elm.classList.contains('flagged');
+
+            var done = function () {
+                elm.dataset.status = 'done';
+            }
+
+            fetch('/api/toggle/flagged', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: elm.dataset.mailbox,
+                    message: elm.dataset.message,
+                    flagged: !flagged // toggle
+                })
+            })
+                .then(function (res) {
+                    return res.json();
+                })
+                .then(function (res) {
+                    if (res.error) {
+                        console.error(res.error);
+                        return done();
+                    }
+
+                    if (flagged) {
+                        elm.classList.remove('flagged');
+                        elm.classList.add('unflagged');
+                        elm.querySelector('.glyphicon').classList.remove('glyphicon-star');
+                        elm.querySelector('.glyphicon').classList.add('glyphicon-star-empty');
+                    } else {
+                        elm.classList.remove('unflagged');
+                        elm.classList.add('flagged');
+                        elm.querySelector('.glyphicon').classList.remove('glyphicon-star-empty');
+                        elm.querySelector('.glyphicon').classList.add('glyphicon-star');
+                    }
+
+                    done();
+                }).catch(function (err) {
+                    console.error(err);
+                    done();
+                });
+
+        };
+
+        var setupToggling = function (elm) {
+            elm.addEventListener('click', function (e) {
+                toggleStar(e, elm);
+            }, false);
+        }
+
+        var starElms = document.querySelectorAll('.message-star');
+        for (var i = 0, len = starElms.length; i < len; i++) {
+            setupToggling(starElms[i]);
+        }
+    })();
+
+    // checkboxes
+    document.addEventListener('DOMContentLoaded', function () {
+        var toolbarElm = document.querySelector('#action-toolbar');
+        var mailbox = document.getElementById('mailbox').value;
+        var message = document.getElementById('message').value;
+
+        var pendingSeen = false;
+        var toggleSeen = function (seen) {
+            if (pendingSeen) {
+                return false;
+            }
+
+            var done = function () {
+                pendingSeen = false;
+            }
+
+            fetch('/api/toggle/seen', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: mailbox,
+                    message: message,
+                    seen: !!seen
+                })
+            })
+                .then(function (res) {
+                    return res.json();
+                })
+                .then(function (res) {
+                    if (res.error) {
+                        console.error(res.error);
+                        return done();
+                    }
+
+                    window.location.href = '/webmail/' + mailbox;
+                }).catch(function (err) {
+                    console.error(err);
+                    done();
+                });
+        }
+
+        var setUnseen = function () {
+            toggleSeen(false);
+        };
+
+        var setSeen = function () {
+            toggleSeen(true);
+        };
+
+        document.querySelector('.bulk-mark-unseen').addEventListener('click', setUnseen, false);
+        document.querySelector('.bulk-mark-unseen').addEventListener('touch', setUnseen, false);
+
+        var pendingDeleted = false;
+        var deleteMessage = function () {
+            if (pendingDeleted) {
+                return false;
+            }
+
+            pendingDeleted = true;
+            $('#deleteModal .bulk-delete-confirm').button('loading');
+
+            var done = function () {
+                pendingDeleted = false;
+                $('#deleteModal .bulk-delete-confirm').button('reset');
+                $('#deleteModal').modal('hide');
+            }
+
+            fetch('/api/delete', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: mailbox,
+                    message: message
+                })
+            })
+                .then(function (res) {
+                    return res.json();
+                })
+                .then(function (res) {
+                    if (res.error) {
+                        console.error(res.error);
+                        return done();
+                    }
+
+                    window.location.href = '/webmail/' + mailbox;
+                }).catch(function (err) {
+                    console.error(err);
+                    done();
+                });
+        };
+
+        document.querySelector('.bulk-delete-confirm').addEventListener('click', deleteMessage, false);
+        document.querySelector('.bulk-delete-confirm').addEventListener('touch', deleteMessage, false);
+
+        var pendingMove = false;
+        var moveMessage = function (target) {
+            if (pendingMove) {
+                return false;
+            }
+
+            pendingMove = true;
+            $('#moveModal .bulk-move-confirm').button('loading');
+
+            var done = function () {
+                pendingMove = false;
+                $('#moveModal .bulk-move-confirm').button('reset');
+                $('#moveModal').modal('hide');
+            }
+
+            var targetMailbox = document.querySelector('.bulk-move-confirm').dataset.mailbox;
+
+            fetch('/api/move', {
+                method: 'post',
+                headers: {
+                    Accept: 'application/json, text/plain, */*',
+                    'Content-Type': 'application/json'
+                },
+                credentials: 'include',
+                body: JSON.stringify({
+                    _csrf: document.getElementById('_csrf').value,
+                    mailbox: mailbox,
+                    message: message,
+                    target: targetMailbox
+                })
+            })
+                .then(function (res) {
+                    return res.json();
+                })
+                .then(function (res) {
+                    if (res.error) {
+                        console.error(res.error);
+                        return done();
+                    }
+
+                    window.location.href = '/webmail/' + targetMailbox;
+                }).catch(function (err) {
+                    console.error(err);
+                    done();
+                });
+        };
+
+        $('#moveModal').on('show.bs.modal', function (event) {
+            var button = $(event.relatedTarget); // Button that triggered the modal
+            var mailbox = button.data('mailbox'); // Extract info from data-* attributes
+            var path = button.data('mailbox-path');
+            $('.bulk-move-path').text(path);
+            document.querySelector('.bulk-move-confirm').dataset.mailbox = mailbox;
+        });
+
+        document.querySelector('.bulk-move-confirm').addEventListener('click', moveMessage, false);
+        document.querySelector('.bulk-move-confirm').addEventListener('touch', moveMessage, false);
+
+        var stream = new EventSource('/api/events');
+        stream.onmessage = function (e) {
+            var data, row, star, redrawTimer;
+            try {
+                data = JSON.parse(e.data);
+            } catch (E) {
+                return;
+            }
+            switch (data.command) {
+                case 'FETCH': {
+                    row = document.querySelector('.messagerow-' + data.mailbox + '-' + data.uid);
+                    if (!row) {
+                        return;
+                    }
+                    if (data.flags) {
+                        star = row.querySelector('.message-star');
+
+                        if (data.flags.indexOf('\\Flagged') >= 0) {
+                            star.classList.remove('unflagged');
+                            star.classList.add('flagged');
+                            star.querySelector('.glyphicon').classList.remove('glyphicon-star-empty');
+                            star.querySelector('.glyphicon').classList.add('glyphicon-star');
+                        } else {
+                            star.classList.remove('flagged');
+                            star.classList.add('unflagged');
+                            star.querySelector('.glyphicon').classList.remove('glyphicon-star');
+                            star.querySelector('.glyphicon').classList.add('glyphicon-star-empty');
+                        }
+
+                    }
+                    break;
+                }
+                case 'COUNTERS': {
+                    if (data.mailbox) {
+                        if (FAVICON && data.mailbox === INBOX_ID) {
+                            FAVICON.badge(data.unseen);
+                        }
+                        [].slice.call(document.querySelectorAll('.unseen-counter-' + data.mailbox)).forEach(function (row) {
+                            if (data.unseen) {
+                                row.style.display = 'block';
+                                row.textContent = data.unseen;
+                            } else {
+                                row.style.display = 'none';
+                                row.textContent = 0;
+                            }
+                        });
+                    }
+                    break;
+                }
+            }
+        };
+
+        $('#extraDetails').popover({
+            content: document.getElementById('extraDetailsContent').innerHTML,
+            html: true
+        })
+    }, false);
+
+</script>
\ No newline at end of file
diff --git a/production/haraka-wildduck/webmail/views/webmail/send.hbs b/production/haraka-wildduck/webmail/views/webmail/send.hbs
new file mode 100644
index 0000000..9cb041d
--- /dev/null
+++ b/production/haraka-wildduck/webmail/views/webmail/send.hbs
@@ -0,0 +1,382 @@
+
+
+<form method="post" id="send-form" class="form-horizontal" action="/webmail/send" enctype="multipart/form-data">
+    <input type="hidden" id="_csrf" name="_csrf" value="{{csrfToken}}">
+    <input type="hidden" name="action" value="{{values.action}}">
+    <input type="hidden" name="refMailbox" value="{{values.refMailbox}}">
+    <input type="hidden" name="refMessage" value="{{values.refMessage}}">
+    <input type="hidden" id="mailbox" name="draftMailbox" value="{{values.draftMailbox}}">
+    <input type="hidden" id="message" name="draftMessage" value="{{values.draftMessage}}">
+    <input type="hidden" name="draft" value="{{values.draft}}">
+
+    <div class="toolbar-container">
+        <div class="toolbar-main">
+            <fieldset id="action-toolbar">
+                <div class="form-group">
+                    <div class="col-sm-offset-1 col-sm-11" style="margin-top: 20px;">
+                        <button class="btn btn-primary btn-xs" type="button" data-toggle="modal" data-target="#sendModal"><span class="glyphicon glyphicon-send" aria-hidden="true"></span> Send message</button>
+
+                        <button class="btn btn-default btn-xs" type="submit" name="userAction" value="save"><span class="glyphicon glyphicon-floppy-disk" aria-hidden="true"></span> Save draft</button>
+
+                        {{#if values.draft}}
+                            <button class="btn btn-default btn-xs" type="button" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Discard Draft</button>
+                        {{/if}}
+                    </div>
+                </div>
+            </fieldset>
+        </div>
+    </div>
+
+    <div id="from-field" class="form-group{{#if errors.from}} has-error{{/if}}" {{#unless fromAddress}}style="display:none"{{/unless}}>
+        <label for="inputFrom" class="col-sm-1 control-label">From</label>
+        <div class="col-sm-11">
+            <select class="form-control" name="from" id="inputFrom">
+                {{#each addresses}}
+                    <option value="{{id}}" {{#if selected}}selected{{/if}}>
+                        {{#if name}}{{name}} – {{/if}} {{address}}
+                    </option>
+                {{/each}}
+            </select>
+            {{#if errors.from}}
+                <span class="help-block">{{errors.from}}</span>
+            {{/if}}
+        </div>
+    </div>
+
+    <div class="form-group{{#if errors.to}} has-error{{/if}}">
+        <label for="inputTo" class="col-sm-1 control-label">To</label>
+        <div class="col-sm-11">
+            <input type="text" class="form-control" name="to" id="inputTo" value="{{values.to}}" placeholder="Recipient">
+            {{#if errors.to}}
+                <span class="help-block">{{errors.to}}</span>
+            {{/if}}
+        </div>
+    </div>
+
+    <div id="cc-field" class="form-group{{#if errors.cc}} has-error{{/if}}" {{#unless values.cc}}style="display:none"{{/unless}}>
+        <label for="inputCc" class="col-sm-1 control-label">Cc</label>
+        <div class="col-sm-11">
+            <input type="text" class="form-control" name="cc" id="inputCc" value="{{values.cc}}" placeholder="Cc">
+            {{#if errors.cc}}
+                <span class="help-block">{{errors.cc}}</span>
+            {{/if}}
+        </div>
+    </div>
+
+    <div id="bcc-field" class="form-group{{#if errors.bcc}} has-error{{/if}}" {{#unless values.bcc}}style="display:none"{{/unless}}>
+        <label for="inputBcc" class="col-sm-1 control-label">Bcc</label>
+        <div class="col-sm-11">
+            <input type="text" class="form-control" name="bcc" id="inputBcc" value="{{values.bcc}}" placeholder="Bcc">
+            {{#if errors.bcc}}
+                <span class="help-block">{{errors.bcc}}</span>
+            {{/if}}
+        </div>
+    </div>
+
+    <div class="text-right" style="margin-top: -10px; margin-bottom: 10px;">
+        <a href="#" id="link-add-from" {{#if fromAddress}}style="display:none"{{/if}}>From</a>
+        <a href="#" id="link-add-cc" {{#if values.cc}}style="display:none"{{/if}}>Cc</a>
+        <a href="#" id="link-add-bcc" {{#if values.bcc}}style="display:none"{{/if}}>Bcc</a>
+    </div>
+
+    <div class="form-group{{#if errors.subject}} has-error{{/if}}">
+        <label for="inputSubject" class="col-sm-1 control-label">Subject</label>
+        <div class="col-sm-11">
+            <input type="text" class="form-control" id="inputSubject" name="subject" value="{{values.subject}}" placeholder="Message subject">
+            {{#if errors.subject}}
+                <span class="help-block">{{errors.subject}}</span>
+            {{/if}}
+        </div>
+    </div>
+
+    <div class="form-group{{#if errors.editordata}} has-error{{/if}}">
+        <div class="col-sm-12">
+            <textarea id="summernote" name="editordata"></textarea>
+            {{#if errors.editordata}}
+                <span class="help-block">{{errors.editordata}}</span>
+            {{/if}}
+        </div>
+    </div>
+
+    <div id="attachment-field" class="form-group{{#if errors.attachment}} has-error{{/if}}">
+        <div class="col-sm-12">
+
+
+        <label for="inputAttachment">Attachments</label>
+        <input id="input-attachment" name="attachment" class="form-control file" type="file" multiple>
+        {{#if errors.attachment}}
+            <span class="help-block">{{errors.attachment}}</span>
+        {{/if}}
+        </div>
+    </div>
+
+    <!-- Modal -->
+    <div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
+      <div class="modal-dialog" role="document">
+        <div class="modal-content">
+          <div class="modal-header">
+            <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+            <h4 class="modal-title" id="deleteModalLabel">Delete draft</h4>
+          </div>
+          <div class="modal-body">
+            Are you sure you want to permanently delete this draft?
+          </div>
+          <div class="modal-footer">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="button" class="btn btn-danger bulk-delete-confirm" data-loading-text="Deleting..." >Yes, delete</button>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <div class="modal" id="sendModal" tabindex="-1" role="dialog" aria-labelledby="sendModalLabel">
+      <div class="modal-dialog" role="document">
+        <div class="modal-content">
+          <div class="modal-header">
+            <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+            <h4 class="modal-title" id="sendModalLabel">Send message</h4>
+          </div>
+          <div class="modal-body">
+              Are you sure you want to send this message?
+          </div>
+          <div class="modal-footer">
+            <button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
+            <button type="submit" name="userAction" value="send" class="btn btn-primary bulk-send-confirm" data-loading-text="Sending..." >Yes, send</button>
+          </div>
+        </div>
+      </div>
+    </div>
+
+</form>
+
+<script type="text/javascript" src="/components/DOMPurify/dist/purify.min.js"></script>
+
+<script>
+    document.addEventListener("DOMContentLoaded", function(event) {
+        var messageHtml = {{{messageHtml}}};
+
+        if (messageHtml && messageHtml.length && /^\s*$/.test(document.getElementById('summernote').value)) {
+            // make sure that server timestamps get converted to browser time strings
+            // {%DATE ... %}
+            messageHtml = messageHtml.map(function(html){
+                return html.replace(/\{&DATE ([^&]+)&\}/g, function(m, d){
+                    return moment(d.trim()).format('LLLL');
+                });
+            });
+
+            var clean = DOMPurify.sanitize(messageHtml.join('\n'), {
+                ALLOW_UNKNOWN_PROTOCOLS: true,
+                WHOLE_DOCUMENT: false,
+                FORBID_TAGS: ['form', 'style']
+            });
+
+            {{#unless keepHtmlAsIs}}
+                clean = '<br/><br/>\n<blockquote>' + clean + '</blockquote>';
+            {{/unless}}
+
+            document.getElementById('summernote').value = clean;
+        }
+
+        $('#summernote').summernote({
+            toolbar: [
+                // [groupName, [list of button]]
+                ['style', ['bold', 'italic', 'underline', 'clear']],
+                ['fontsize', ['fontsize']],
+                ['color', ['color']],
+                ['para', ['ul', 'ol', 'paragraph']]
+            ],
+            height: 300
+        });
+
+        var linkAddFrom = document.getElementById('link-add-from');
+        var linkAddCc = document.getElementById('link-add-cc');
+        var linkAddBcc = document.getElementById('link-add-bcc');
+
+        var showFrom = function(){
+            document.getElementById('from-field').style.display = 'block';
+            linkAddFrom.style.display = 'none';
+            document.getElementById('inputFrom').focus();
+        };
+
+        var showCc = function(){
+            document.getElementById('cc-field').style.display = 'block';
+            linkAddCc.style.display = 'none';
+            document.getElementById('inputCc').focus();
+        };
+
+        var showBcc = function(){
+            document.getElementById('bcc-field').style.display = 'block';
+            linkAddBcc.style.display = 'none';
+            document.getElementById('inputBcc').focus();
+        };
+
+        linkAddFrom.addEventListener('click', showFrom, false);
+        linkAddFrom.addEventListener('touch', showFrom, false);
+        linkAddCc.addEventListener('click', showCc, false);
+        linkAddCc.addEventListener('touch', showCc, false);
+        linkAddBcc.addEventListener('click', showBcc, false);
+        linkAddBcc.addEventListener('touch', showBcc, false);
+
+    }, false);
+</script>
+
+<script>
+document.addEventListener('DOMContentLoaded', function() {
+    var stream = new EventSource('/api/events');
+    stream.onmessage = function(e) {
+        var data, row, star, redrawTimer;
+        try {
+            data = JSON.parse(e.data);
+        } catch (E) {
+            return;
+        }
+        switch (data.command) {
+            case 'COUNTERS': {
+                if (data.mailbox) {
+                    if(FAVICON && data.mailbox === INBOX_ID){
+                        FAVICON.badge(data.unseen);
+                    }
+                    [].slice.call(document.querySelectorAll('.unseen-counter-' + data.mailbox)).forEach(function(row){
+                        if(data.unseen){
+                            row.style.display = 'block';
+                            row.textContent = data.unseen;
+                        }else {
+                            row.style.display = 'none';
+                            row.textContent = 0;
+                        }
+                    });
+                }
+                break;
+            }
+        }
+    };
+});
+</script>
+
+<script>
+// star toggle
+(function(){
+    var toggleStar = function(e, elm){
+        e.preventDefault();
+        e.stopPropagation();
+
+        if(!elm || elm.dataset.status === 'pending'){
+            return;
+        }
+
+        elm.dataset.status = 'pending';
+        var flagged = elm.classList.contains('flagged');
+
+        var done = function(){
+            elm.dataset.status = 'done';
+        }
+
+        fetch('/api/toggle/flagged', {
+            method: 'post',
+            headers: {
+                Accept: 'application/json, text/plain, */*',
+                'Content-Type': 'application/json'
+            },
+            credentials: 'include',
+            body: JSON.stringify({
+                _csrf: document.getElementById('_csrf').value,
+                mailbox: elm.dataset.mailbox,
+                message: elm.dataset.message,
+                flagged: !flagged // toggle
+            })
+        })
+        .then(function(res) {
+            return res.json();
+        })
+        .then(function(res) {
+            if(res.error){
+                console.error(res.error);
+                return done();
+            }
+
+            if(flagged){
+                elm.classList.remove('flagged');
+                elm.classList.add('unflagged');
+                elm.querySelector('.glyphicon').classList.remove('glyphicon-star');
+                elm.querySelector('.glyphicon').classList.add('glyphicon-star-empty');
+            }else{
+                elm.classList.remove('unflagged');
+                elm.classList.add('flagged');
+                elm.querySelector('.glyphicon').classList.remove('glyphicon-star-empty');
+                elm.querySelector('.glyphicon').classList.add('glyphicon-star');
+            }
+
+            done();
+        }).catch(function(err){
+            console.error(err);
+            done();
+        });
+
+    };
+
+    var setupToggling = function(elm){
+        elm.addEventListener('click', function(e){
+            toggleStar(e, elm);
+        }, false);
+    }
+
+    var starElms = document.querySelectorAll('.message-star');
+    for(var i=0, len = starElms.length; i<len; i++){
+        setupToggling(starElms[i]);
+    }
+})();
+
+// toolbar buttons
+document.addEventListener('DOMContentLoaded', function() {
+    var mailbox = document.getElementById('mailbox').value;
+    var message = document.getElementById('message').value;
+
+    var pendingDeleted = false;
+    var deleteMessage = function(){
+        if(pendingDeleted){
+            return false;
+        }
+
+        pendingDeleted = true;
+        $('#deleteModal .bulk-delete-confirm').button('loading');
+
+        var done = function(){
+            pendingDeleted = false;
+            $('#deleteModal .bulk-delete-confirm').button('reset');
+            $('#deleteModal').modal('hide');
+        }
+
+        fetch('/api/delete', {
+            method: 'post',
+            headers: {
+                Accept: 'application/json, text/plain, */*',
+                'Content-Type': 'application/json'
+            },
+            credentials: 'include',
+            body: JSON.stringify({
+                _csrf: document.getElementById('_csrf').value,
+                mailbox: mailbox,
+                message: message
+            })
+        })
+        .then(function(res) {
+            return res.json();
+        })
+        .then(function(res) {
+            if(res.error){
+                console.error(res.error);
+                return done();
+            }
+
+            window.location.href = '/webmail/' + mailbox;
+        }).catch(function(err){
+            console.error(err);
+            done();
+        });
+    };
+
+    document.querySelector('.bulk-delete-confirm').addEventListener('click', deleteMessage, false);
+    document.querySelector('.bulk-delete-confirm').addEventListener('touch', deleteMessage, false);
+}, false);
+
+</script>
diff --git a/production/haraka-wildduck/wildduck-mta/config/dbs-development.toml b/production/haraka-wildduck/wildduck-mta/config/dbs-development.toml
new file mode 100644
index 0000000..18bae96
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/dbs-development.toml
@@ -0,0 +1,13 @@
+# Database configuration
+
+## MongoDB connection string
+#mongo="mongodb://127.0.0.1:27017/wildduck"
+#
+## Database name for ZoneMTA data in MongoDB. In most cases it should be the same as in the connection string
+#sender="zone-mta"
+#
+## Redis connection information
+#[redis]
+#host = "localhost"
+#port = 6379
+#db = 2
diff --git a/production/haraka-wildduck/wildduck-mta/config/dbs-production.toml b/production/haraka-wildduck/wildduck-mta/config/dbs-production.toml
new file mode 100644
index 0000000..99e494e
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/dbs-production.toml
@@ -0,0 +1,11 @@
+# Database configuration
+# this file is loaded when NODE_ENV=production
+
+# MongoDB connection string
+mongo="mongodb://172.200.0.103:27017/zone-mta"
+
+# Redis connection string
+redis="redis://172.200.0.102:6379/2"
+
+# Database name for ZoneMTA data in MongoDB. In most cases it should be the same as in the connection string
+sender="zone-mta"
diff --git a/production/haraka-wildduck/wildduck-mta/config/dns.toml b/production/haraka-wildduck/wildduck-mta/config/dns.toml
new file mode 100644
index 0000000..8af3d8c
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/dns.toml
@@ -0,0 +1,14 @@
+# If true then caches DNS results to Redis
+caching=true
+cacheTTL=600 # TTL of cached dns keys in seconds
+
+# Define nameservers to use (IP addresses only). If using a local DNS cache server, then set caching=false
+nameservers=[]
+
+#caching=false
+#nameservers=["127.0.0.1"]
+
+blockDomains=[]
+
+# If true then messages to local interfaces are blocked (eg. you can not send to username@localhost)
+blockLocalAddresses=false
diff --git a/production/haraka-wildduck/wildduck-mta/config/domains.toml b/production/haraka-wildduck/wildduck-mta/config/domains.toml
new file mode 100644
index 0000000..be06b4b
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/domains.toml
@@ -0,0 +1,7 @@
+# Add domain specific settings here
+
+[default]
+maxConnections=5
+
+["gmail.com"]
+maxConnections=10
diff --git a/production/haraka-wildduck/wildduck-mta/config/interfaces/feeder.toml b/production/haraka-wildduck/wildduck-mta/config/interfaces/feeder.toml
new file mode 100644
index 0000000..fe2dead
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/interfaces/feeder.toml
@@ -0,0 +1,38 @@
+# Default SMTP interface for accepting mail for delivery
+
+[feeder]
+enabled=true
+
+# How many worker processes to spawn
+processes=4
+
+# Maximum allowed message size 30MB
+maxSize=31457280
+
+# Local IP and port to bind to
+host="0.0.0.0"
+port=587
+
+# Set to true to require authentication
+# If authentication is enabled then you need to use a plugin with an authentication hook
+authentication=true
+
+# How many recipients to allow per message
+maxRecipients=1000
+
+# Set to true to enable STARTTLS. Do not forget to change default TLS keys
+starttls=false
+
+# set to true to start in TLS mode if using port 465
+# this probably does not work as TLS support with 465 in ZoneMTA is a bit buggy
+secure=true
+
+# define keys for STARTTLS/TLS. These paths are relative to CWD
+#key="./keys/example.com-key.pem"
+#cert="./keys/example.com-cert.pem"
+
+#key="/usr/local/etc/nginx/privkey.pem"
+#cert="/usr/local/etc/nginx/fullchain.pem"
+key = "/secure/privkey.pem"
+cert = "/secure/fullchain.pem"
+
diff --git a/production/haraka-wildduck/wildduck-mta/config/log.toml b/production/haraka-wildduck/wildduck-mta/config/log.toml
new file mode 100644
index 0000000..9062f27
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/log.toml
@@ -0,0 +1,8 @@
+level="info" # "silly" "info" "error"
+
+[remote]
+    # Make sure you have ZMTA Webadmin listening on this port
+    # See: https://github.com/zone-eu/zmta-webadmin/blob/4aa7a06ac5b64d12a409b67a2f9475d1670445d2/config/default.toml#L27-L32
+    protocol="udp4"
+    host="127.0.0.1"
+    port=31239
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/avast.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/avast.toml
new file mode 100644
index 0000000..dd2622e
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/avast.toml
@@ -0,0 +1,5 @@
+["modules/zonemta-avast"]
+enabled=false # not enabled by default
+#enabled=["receiver", "main", "sender"]
+interfaces=['*']
+socket="/var/run/avast/scan.sock"
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/default-headers.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/default-headers.toml
new file mode 100644
index 0000000..2879b1b
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/default-headers.toml
@@ -0,0 +1,8 @@
+["core/default-headers"]
+enabled=["receiver", "main", "sender"]
+# Which missing headers to add
+addMissing=["message-id", "date"]
+# If true then delays messages with future Date: headers until that time has arrived
+futureDate=false
+# Add X-Originating-IP header
+xOriginatingIP=true
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/delivery-counters.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/delivery-counters.toml
new file mode 100644
index 0000000..eaa04d1
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/delivery-counters.toml
@@ -0,0 +1,3 @@
+["modules/zonemta-delivery-counters"]
+enabled="main"
+prefix="zmta"
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/dkim.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/dkim.toml
new file mode 100644
index 0000000..9d1e090
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/dkim.toml
@@ -0,0 +1,14 @@
+["core/dkim"]
+enabled="sender"
+
+# Domain name in the dkim signature. Leave blank to use the domain of From: address
+domain="hatthieves.es"
+
+# If true then uses the same key to add a signature for the hostname of the outbound IP address
+signTransportDomain=true
+
+# Selector value in the dkim signature
+selector="dkim"
+
+# Key location. Relative to working directory
+path="/secure/dkim_private.key"
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/email-bounce.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/email-bounce.toml
new file mode 100644
index 0000000..44046e3
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/email-bounce.toml
@@ -0,0 +1,16 @@
+["core/email-bounce"]
+enabled="main"
+sendingZone="bounces"
+
+# email bounces are not generated for messages from the following interfaces
+disableInterfaces=["forwarder"]
+
+["core/email-bounce".mailerDaemon]
+# From: header for bounce emails
+name="Mail Delivery Subsystem"
+address="mailer-daemon@[HOSTNAME]"
+
+# configure zone specific bounce options for zone "myzone"
+["core/email-bounce".zoneConfig.myzone]
+disabled=true # if true then skip this block, revert to default
+sendingZone="default" # use a specific zone
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/example-auth.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/example-auth.toml
new file mode 100644
index 0000000..532b193
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/example-auth.toml
@@ -0,0 +1,5 @@
+["example-auth"]
+enabled=false
+#enabled="receiver"
+# only check authentication for interfaces with following names
+interfaces=["feeder"]
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/example.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/example.toml
new file mode 100644
index 0000000..07fe566
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/example.toml
@@ -0,0 +1,3 @@
+[example]
+enabled=false
+#enabled="receiver"
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/image-hashes.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/image-hashes.toml
new file mode 100644
index 0000000..776d65c
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/image-hashes.toml
@@ -0,0 +1,2 @@
+["core/image-hashes"]
+enabled="receiver"
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/loop-breaker.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/loop-breaker.toml
new file mode 100644
index 0000000..c401c51
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/loop-breaker.toml
@@ -0,0 +1,4 @@
+["modules/zonemta-loop-breaker"]
+enabled="sender"
+secret="super secret value"
+algo="md5"
diff --git a/production/haraka-wildduck/wildduck-mta/config/plugins/zonemta-limiter.toml b/production/haraka-wildduck/wildduck-mta/config/plugins/zonemta-limiter.toml
new file mode 100644
index 0000000..cf3b316
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/plugins/zonemta-limiter.toml
@@ -0,0 +1,10 @@
+# plugins/zonemta-limiter.toml
+["modules/zonemta-limiter"]
+enabled = ["sender"]
+prefix = "zl:"
+
+debug = false # if true, then errors are only logged but messages are not dropped
+
+# max 250 messages in half an hour
+limit = 250
+windowSize = 1800
diff --git a/production/haraka-wildduck/wildduck-mta/config/pools.toml b/production/haraka-wildduck/wildduck-mta/config/pools.toml
new file mode 100644
index 0000000..0a5f93e
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/pools.toml
@@ -0,0 +1,15 @@
+
+# List local IP addresses that can be used for outbound tcp connections
+# Server process must be able to locally bind to these addresses
+default=["0.0.0.0", "::"]
+
+# or alternatively, to provide hostnames as well:
+#
+#[[default]]
+#address="1.2.3.4"
+#name="ip-1.hostname"
+#
+#[[default]]
+#address="1.2.3.5"
+#name="ip-2.hostname"
+#
diff --git a/production/haraka-wildduck/wildduck-mta/config/queue.toml b/production/haraka-wildduck/wildduck-mta/config/queue.toml
new file mode 100644
index 0000000..c5c78fd
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/queue.toml
@@ -0,0 +1,15 @@
+
+# Every instance of ZoneMTA that uses the same database backend
+# must have its own unique instance id set. If you never plan to
+# run more than a single ZoneMTA instance then you do not need to
+# change this value
+instanceId="default"
+
+# Collection name for message queue
+collection="zone-queue"
+
+# Bucket name for the GridStore storage
+gfs="mail"
+
+# Set to true if you do not care about cleaning up the remains of broken transactions
+disableGC=false
diff --git a/production/haraka-wildduck/wildduck-mta/config/zonemta.toml b/production/haraka-wildduck/wildduck-mta/config/zonemta.toml
new file mode 100644
index 0000000..7a4db63
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/zonemta.toml
@@ -0,0 +1,42 @@
+# This is the main config file
+
+name="ZoneMTA"
+
+# Process identifier
+ident="zone-mta"
+
+# Run as the following user. Only use this if the application starts up as root
+#user="zonemta"
+#group="zonemta"
+
+[log]
+# Logging options
+# @include "log.toml"
+
+[dbs]
+# MongoDB and Redis connection options
+# @include "dbs-{env}.toml"
+
+[queue]
+# @include "queue.toml"
+
+[dns]
+# @include "dns.toml"
+
+[api]
+port=12080
+
+[smtpInterfaces]
+# @include "interfaces/*.toml"
+
+[plugins]
+# @include "plugins/*.toml"
+
+[pools]
+# @include "pools.toml"
+
+[zones]
+# @include "zones/*.toml"
+
+[domainConfig]
+# @include "domains.toml"
diff --git a/production/haraka-wildduck/wildduck-mta/config/zones/bounces.toml b/production/haraka-wildduck/wildduck-mta/config/zones/bounces.toml
new file mode 100644
index 0000000..7c0375d
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/zones/bounces.toml
@@ -0,0 +1,6 @@
+[bounces]
+preferIPv6=false
+ignoreIPv6=true
+processes=1
+connections=2
+pool="default"
diff --git a/production/haraka-wildduck/wildduck-mta/config/zones/default.toml b/production/haraka-wildduck/wildduck-mta/config/zones/default.toml
new file mode 100644
index 0000000..ee75303
--- /dev/null
+++ b/production/haraka-wildduck/wildduck-mta/config/zones/default.toml
@@ -0,0 +1,14 @@
+[default]
+preferIPv6=false
+ignoreIPv6=true
+processes=1
+connections=5
+pool="default"
+
+# If you want to send messages for this zone to next MTA instead of actual MX, then
+# uncomment following lines and change values
+#host = "smtp.ethereal.email"
+#port = 587
+#[default.auth]
+#user = "gsblpjxjdvhnqkgr@ethereal.email"
+#pass = "zDZpDnSsFf11Zfvtv5"
diff --git a/production/haraka-wildduck/wildduck/Dockerfile b/production/haraka-wildduck/wildduck/Dockerfile
new file mode 100644
index 0000000..776f5ee
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/Dockerfile
@@ -0,0 +1,24 @@
+FROM node:10-slim
+RUN npm i -g npm
+RUN apt update && apt -y install git python make g++ libcap2-bin wget dirmngr sudo && apt clean
+RUN wget -O- https://rspamd.com/apt-stable/gpg.key | apt-key add -
+RUN echo "deb [arch=amd64] http://rspamd.com/apt-stable/ stretch main" > /etc/apt/sources.list.d/rspamd.list
+RUN echo "deb-src [arch=amd64] http://rspamd.com/apt-stable/ stretch main" >> /etc/apt/sources.list.d/rspamd.list
+RUN apt update
+RUN apt --no-install-recommends install -y rspamd
+RUN setcap 'cap_net_bind_service=+ep' /usr/local/bin/node
+RUN git clone https://github.com/nodemailer/wildduck /wildduck
+RUN git clone https://github.com/zone-eu/zone-mta-template /wildduck-mta
+RUN git clone https://github.com/haraka/Haraka /haraka
+RUN chown -R node.node /wildduck /wildduck-mta /haraka
+RUN adduser node sudo
+RUN echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/sudo
+USER node
+WORKDIR /wildduck
+RUN npm i --production
+WORKDIR /wildduck-mta
+RUN npm i --production
+RUN npm i -S zonemta-wildduck zonemta-limiter
+WORKDIR /haraka
+RUN npm i
+RUN npm i -S haraka-plugin-wildduck haraka-plugin-rspamd haraka-plugin-limit haraka-plugin-karma haraka-plugin-redis
diff --git a/production/haraka-wildduck/wildduck/config/api.toml b/production/haraka-wildduck/wildduck/config/api.toml
new file mode 100644
index 0000000..cef6670
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/api.toml
@@ -0,0 +1,52 @@
+enabled = true
+port = 80
+# by default bind to localhost only
+host = "0.0.0.0"
+
+# Use `true` (HTTPS) for port 443 and `false` (HTTP) for 80
+secure = false
+
+# If set requires all API calls to have accessToken query argument with that value
+accessToken = "nohaytoken"
+# http://localhost:8080/users?accessToken=somesecretvalue
+#accessToken="somesecretvalue"
+
+[accessControl]
+# If true then require a valid access token to perform API calls
+enabled = false
+# Secret for HMAC
+# Changing this value invalidates all tokens
+#secret = "sAiHB6XcSWJgsMrMl_vJzcfVlhhenJLi"
+
+[roles]
+# @include "roles.json"
+
+[tls]
+# If certificate path is not defined, use global or built-in self-signed certs
+#key="/path/to/server/key.pem"
+#cert="/path/to/server/cert.pem"
+
+[mobileconfig]
+# plist configuration for OSX/iOS profile files that are generated with Application Specific Passwords
+# Use {email} in the description strings to replace it with account email address
+
+# A reverse-DNS style identifier (com.example.myprofile, for example) that identifies the profile.
+# This string is used to determine whether a new profile should replace an existing one or should be added. Username is prepended to this value.
+identifier = "es.hatthieves"
+
+# A human-readable name for the profile. This value is displayed on the Detail screen. It does not have to be unique.
+displayName = "Wildduck Mail"
+
+# A human-readable string containing the name of the organization that provided the profile.
+organization = "Unknown"
+
+# A description of the profile, shown on the Detail screen for the profile. This should be descriptive enough to help the user decide whether to install the profile.
+displayDescription = "Install this profile to setup {email}"
+
+# A user-visible description of the email account, shown in the Mail and Settings applications.
+accountDescription = "{email}"
+
+[mobileconfig.tls]
+# If certificate path is not defined, use global or built-in self-signed certs
+#key="/path/to/server/key.pem"
+#cert="/path/to/server/cert.pem"
diff --git a/production/haraka-wildduck/wildduck/config/attachments.toml b/production/haraka-wildduck/wildduck/config/attachments.toml
new file mode 100644
index 0000000..b5b046d
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/attachments.toml
@@ -0,0 +1,9 @@
+# Attachment storage options
+
+# For now there's only a single option for attachment storage
+type="gridstore"
+bucket="attachments"
+
+# If true then decodes base64 encoded attachments to binary before storing to DB.
+# Decoding base64 attachments expects consistent line length and default base64 alphabet
+decodeBase64=true
diff --git a/production/haraka-wildduck/wildduck/config/dbs.toml b/production/haraka-wildduck/wildduck/config/dbs.toml
new file mode 100644
index 0000000..9515fbd
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/dbs.toml
@@ -0,0 +1,47 @@
+# mongodb connection string for the main database
+mongo = "mongodb://172.200.0.103:27017/wildduck"
+
+# redis connection string to connect to a single master (see below for Sentinel example)
+#redis="redis://127.0.0.1:6379/3"
+
+# WildDuck allows using different kind of data in different databases
+# If you do not provide a database config value, then main database connection
+# is used for everything
+# You can either use a database name (uses shared connection) or a configutaion
+# url (creates a separate connection) for each databases
+
+# Optional database name or connection url for GridFS if you do not want to
+# use the main db for storing attachments. Useful if you want
+# to use a different mount folder or storage engine
+#gridfs="wildduck"
+
+# Optional database name or connection url for users collection if you do not want to
+# use the main db for storing user/address data. Useful if you want
+# to use a different mount folder or storage engine
+#users="wildduck"
+
+# Optional database name or connection url for ZoneMTA queue database. This is
+# used to push outbound emails to the sending queue
+sender="zone-mta"
+
+#queued="mail"
+
+[redis]
+host = "172.200.0.102"
+port = 6379
+db = 3
+
+## Connect to Redis Sentinel instead of single master
+# [redis]
+# name="mymaster"
+# password=""
+# db=3
+# [[redis.sentinels]]
+#   host="54.36.85.113"
+#   port=26379
+# [[redis.sentinels]]
+#   host="54.36.85.114"
+#   port=26379
+# [[redis.sentinels]]
+#   host="54.36.85.115"
+#   port=26379
diff --git a/production/haraka-wildduck/wildduck/config/default.toml b/production/haraka-wildduck/wildduck/config/default.toml
new file mode 100644
index 0000000..49cc8be
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/default.toml
@@ -0,0 +1,97 @@
+# Uncomment if you start the app as root and want to downgrade
+# once all privileged actions are completed
+# If you do not use privileged ports then you can start the app already under required user account
+#user="wildduck"
+#group="wildduck"
+
+# process title
+ident="wildduck"
+
+# how many processes to start
+processes = "2"
+
+# default quota storage in MB (can be overriden per user)
+maxStorage=1024
+
+# default smtp recipients for 24h (can be overriden per user)
+maxRecipients=2000
+emailDomain = "hatthieves.es"
+
+# default forwarded messages for 24h (can be overriden per user)
+maxForwards=2000
+
+# If usernames are not email addresses then use this domain as hostname part
+#emailDomain="mydomain.info"
+
+[dbs]
+# @include "dbs.toml"
+
+[totp]
+    # If enabled then encrypt TOTP seed tokens with the secret password. By default TOTP seeds
+    # are not encrypted and stored as cleartext. Once set up do not change these values,
+    # otherwise decrypting totp seeds is going to fail
+    #cipher="aes192"
+    secret="a secret cat"
+
+cipher = "aes192"
+#secret = "E2jYD-p2u68-qUEOJ1KkC3xmzySyTGRY"
+[u2f]
+    # Fully qualified URL of your website (must use HTTPS!)
+    appId = "http://172.200.0.101"
+
+[attachments]
+# @include "attachments.toml"
+
+[log]
+    level="silly"
+
+    skipFetchLog=false # if true, then does not output individual * FETCH responses to log
+
+    # delete authentication log entries after 30 days
+    # changing this value only affects new entries
+    # set to false to not log authentication events
+    # set to 0 to keep the logs infinitely
+    authlogExpireDays=30
+
+    [log.gelf]
+        enabled = false
+        hostname = "hatthieves.es" # defaults to os.hostname()
+        component="wildduck"
+        [log.gelf.options]
+            graylogPort = 1
+            graylogHostname = ""
+            connection="lan"
+
+[imap]
+# @include "imap.toml"
+
+[tls]
+# @include "tls.toml"
+
+[lmtp]
+# @include "lmtp.toml"
+
+[pop3]
+# @include "pop3.toml"
+
+[api]
+# @include "api.toml"
+
+[sender]
+# @include "sender.toml"
+
+[dkim]
+# @include "dkim.toml"
+
+[plugins]
+# @include "plugins/*.toml"
+
+[tasks]
+# if enabled then process jobs like deleting expired messages etc
+enabled=true
+
+[smtp.setup]
+# Public configuration for SMTP MDA, needed for mobileconfig files
+hostname = "0.0.0.0"
+secure = true
+port = 587
diff --git a/production/haraka-wildduck/wildduck/config/dkim.toml b/production/haraka-wildduck/wildduck/config/dkim.toml
new file mode 100644
index 0000000..8888895
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/dkim.toml
@@ -0,0 +1,30 @@
+# If enabled then encrypt DKIM keys with the secret password. By default DKIM keys
+# are not encrypted and stored as cleartext. Once set up do not change these values,
+# otherwise decrypting DKIM keys is going to fail
+#cipher="aes192"
+#secret="a secret cat"
+
+# If true then spwans openssl command line executable for generating DKIM keys
+# Otherwise forge library is used which is cross-environment but slower
+useOpenSSL=true
+# Define path to openssl if not in default path
+#pathOpenSSL="/usr/local/bin/openssl"
+
+# If true then also adds a signature for the outbound domain
+# Affects WildDuck ZoneMTA plugin only
+signTransportDomain=true
+
+# do not change this
+hashAlgo="sha256"
+
+enabled="sender"
+
+# Domain name in the dkim signature. Leave blank to use the domain of From: address
+domain="hatthieves.es"
+
+# Selector value in the dkim signature
+selector="dkim"
+
+# Key location. Relative to working directory
+path="/secure/dkim_private.key"
+
diff --git a/production/haraka-wildduck/wildduck/config/imap.toml b/production/haraka-wildduck/wildduck/config/imap.toml
new file mode 100644
index 0000000..87b28ba
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/imap.toml
@@ -0,0 +1,83 @@
+# If enabled then WildDuck exposes an IMAP interface for listing and fetching emails
+enabled = true
+port = 993
+host = "0.0.0.0"
+
+# Use `true` for port 993 and `false` for 143. If connection is not secured
+# on connection then WildDuck enables STARTTLS extension
+secure = true
+#secured = true
+
+# Max size for messages uploaded via APPEND
+maxMB=25
+
+# delete messages from \Trash and \Junk after retention days
+retention = 4
+
+# Default max donwload bandwith per day in megabytes
+maxDownloadMB=10000
+
+# Default max upload bandwith per day in  megabytes
+maxUploadMB=10000
+
+# Default max concurrent connections per service per client
+maxConnections=15
+
+# if `true` then do not autodelete expired messages
+disableRetention=false
+
+# If true, then disables STARTTLS support
+disableSTARTTLS = true
+
+# If true, then advertises COMPRESS=DEFLATE capability
+enableCompression=false
+
+# If true, then expect HAProxy PROXY header as the first line of data
+useProxy=false
+# useProxy=true # expect PROXY from all conections
+# useProxy=['*'] # expect PROXY from all conections
+# useProxy=['1.2.3.4', '1.2.3.5'] # expect PROXY only from connections from listed IP addresses
+
+# an array of IP addresses to ignore (not logged)
+ignoredHosts=[]
+
+#name="WildDuck IMAP"
+#version="1.0.0"
+#vendor="WildDuck"
+
+# Add extra IMAP interfaces
+#[[interface]]
+#enabled=true
+#port=9143
+#host="0.0.0.0"
+#secure=false
+#ignoreSTARTTLS=true
+
+# If true then EXPUNGE is called after a message gets a \Deleted flag set
+autoExpunge=true
+name = "Wildduck Mail IMAP"
+
+[setup]
+# Public configuration for IMAP
+hostname = "imap.hatthieves.es"
+secure = true
+# port defaults to imap.port
+# port=9993
+
+[tls]
+## If certificate path is not defined, use global or built-in self-signed certs
+#key="/path/to/server/key.pem"
+#cert="/path/to/server/cert.pem"
+
+## You can also define extra options for specific TLS settings:
+
+#ciphers="ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"
+
+ciphers = "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"
+secureProtocol = "SSLv23_server_method"
+secureOptions = 100663296
+#secureProtocol="SSLv23_server_method"
+
+## constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_TLSv1 => 100663296
+#secureOptions=100663296
+
diff --git a/production/haraka-wildduck/wildduck/config/lmtp.toml b/production/haraka-wildduck/wildduck/config/lmtp.toml
new file mode 100644
index 0000000..068e3ad
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/lmtp.toml
@@ -0,0 +1,24 @@
+# If enabled then WildDuck exposes a LMTP interface for pushing messages to mail store
+# NB! If you are using WildDuck plugin for Haraka then LMTP is not needed
+enabled=true
+port=2424
+
+# by default bind to localhost only
+host="127.0.0.1"
+
+# Max accepted size for messages pushed via LMTP
+maxMB=25
+
+# If true then disables STARTTLS usage
+disableSTARTTLS=true
+
+# Greeting message for connecting client
+banner="Welcome to WildDuck Mail Server"
+
+# Server hostname. Defaults to os.hostname() if false
+name="hatthieves.es"
+
+[tls]
+# If certificate path is not defined, use global or built-in self-signed certs for STARTTLS
+#key="/path/to/server/key.pem"
+#cert="/path/to/server/cert.pem"
diff --git a/production/haraka-wildduck/wildduck/config/plugins/example.toml b/production/haraka-wildduck/wildduck/config/plugins/example.toml
new file mode 100644
index 0000000..9da04c6
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/plugins/example.toml
@@ -0,0 +1,10 @@
+[example]
+
+enabled = false
+
+# $WD: path of wildduck module root
+# $CONFIG: path of config root
+path = "$WD/plugins/example.js"
+
+# Additional config options
+value1 = "Example config option"
diff --git a/production/haraka-wildduck/wildduck/config/pop3.toml b/production/haraka-wildduck/wildduck/config/pop3.toml
new file mode 100644
index 0000000..4e6eebc
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/pop3.toml
@@ -0,0 +1,39 @@
+# If enabled then WildDuck exposes a limited POP3 interface for listing and fetching emails
+enabled = false
+port=9995
+# by default bind to localhost only
+host="0.0.0.0"
+
+# Use `true` for port 995 and `false` for 110
+secure=true
+
+# If true, then do not show server info in CAPA response
+disableVersionString=false
+
+# How many latest messages to list for LIST and UIDL
+# POP3 server never lists all messages but only a limited length list
+maxMessages=250
+
+# Max donwload bandwith per day in megabytes
+maxDownloadMB=10000
+
+# If true, then expect HAProxy PROXY header as the first line of data
+useProxy=false
+
+# an array of IP addresses to ignore (not logged)
+ignoredHosts=[]
+
+#name="WildDuck POP3"
+#version="1.0.0"
+
+[tls]
+# If certificate path is not defined, use global or built-in self-signed certs
+#key="/path/to/server/key.pem"
+#cert="/path/to/server/cert.pem"
+
+[setup]
+# Public configuration for POP3
+hostname="pop.hatthieves.es"
+secure=true
+# port defaults to pop3.port
+#port=9995
diff --git a/production/haraka-wildduck/wildduck/config/roles.json b/production/haraka-wildduck/wildduck/config/roles.json
new file mode 100644
index 0000000..6b342be
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/roles.json
@@ -0,0 +1,269 @@
+{
+    "root": {
+        "addresslisting": {
+            "read:any": ["*"]
+        },
+
+        "addresses": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "authentication": {
+            "create:any": ["*"],
+            "read:any": ["*"]
+        },
+
+        "userlisting": {
+            "read:any": ["*", "!audit"]
+        },
+
+        "users": {
+            "create:any": ["*", "!audit"],
+            "read:any": ["*", "!audit"],
+            "update:any": ["*", "!audit"],
+            "delete:any": ["*"]
+        },
+
+        "asps": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "messages": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "mailboxes": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "autoreplies": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "filters": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "dkim": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "domainaliases": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        }
+    },
+
+    "manager": {
+        "addresslisting": {
+            "read:any": ["*"]
+        },
+
+        "addresses": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "authentication": {
+            "create:any": ["*"],
+            "read:any": ["*"]
+        },
+
+        "userlisting": {
+            "read:any": ["*", "!audit"]
+        },
+
+        "users": {
+            "create:any": ["*", "!audit"],
+            "read:any": ["*", "!audit"],
+            "update:any": ["*", "!audit"],
+            "delete:any": ["*"]
+        },
+
+        "asps": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "autoreplies": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "filters": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "dkim": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "domainaliases": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        }
+    },
+
+    "webmail": {
+        "addresses": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "authentication": {
+            "create:any": ["*"],
+            "read:any": ["*"]
+        },
+
+        "users": {
+            "read:any": ["*", "!audit"],
+            "update:any": ["*", "!audit"]
+        },
+
+        "asps": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "messages": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "mailboxes": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "autoreplies": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        },
+
+        "filters": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        }
+    },
+
+    "user": {
+        "addresslisting": {
+            "read:own": ["*"]
+        },
+
+        "addresses": {
+            "create:own": ["*"],
+            "read:own": ["*"],
+            "update:own": ["*"],
+            "delete:own": ["*"]
+        },
+
+        "authentication": {
+            "read:own": ["*"]
+        },
+
+        "userlisting": {
+            "read:own": ["*", "!audit"]
+        },
+
+        "users": {
+            "read:own": ["*", "!audit"],
+            "update:own": ["*", "!audit"]
+        },
+
+        "asps": {
+            "create:own": ["*"],
+            "read:own": ["*"],
+            "delete:own": ["*"]
+        },
+
+        "messages": {
+            "create:own": ["*"],
+            "read:own": ["*"],
+            "update:own": ["*"],
+            "delete:own": ["*"]
+        },
+
+        "mailboxes": {
+            "create:own": ["*"],
+            "read:own": ["*"],
+            "update:own": ["*"],
+            "delete:own": ["*"]
+        },
+
+        "autoreplies": {
+            "create:own": ["*"],
+            "read:own": ["*"],
+            "update:own": ["*"],
+            "delete:own": ["*"]
+        },
+
+        "filters": {
+            "create:own": ["*"],
+            "read:own": ["*"],
+            "update:own": ["*"],
+            "delete:own": ["*"]
+        }
+    },
+
+    "auth": {
+        "authentication": {
+            "create:any": ["*"]
+        }
+    },
+
+    "audit": {
+        "users": {
+            "create:any": ["*"],
+            "read:any": ["*"],
+            "update:any": ["*"],
+            "delete:any": ["*"]
+        }
+    }
+}
diff --git a/production/haraka-wildduck/wildduck/config/sender.toml b/production/haraka-wildduck/wildduck/config/sender.toml
new file mode 100644
index 0000000..990a343
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/sender.toml
@@ -0,0 +1,10 @@
+# which ZoneMTA queue to use by default
+zone="zone-mta"
+
+# Collection name for GridFS storage
+gfs="mail"
+
+# Collection name for the queue
+# see [dbs].sender option for choosing correct database to use for ZoneMTA queues
+# by default the main wildduck database is used
+collection="zone-queue"
diff --git a/production/haraka-wildduck/wildduck/config/test.toml b/production/haraka-wildduck/wildduck/config/test.toml
new file mode 100644
index 0000000..4d0f1d3
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/test.toml
@@ -0,0 +1,14 @@
+[log]
+    level="error"
+
+[dbs]
+#    # mongodb connection string for the main database
+#    mongo="mongodb://127.0.0.1:27017/wildduck-test"
+#
+#    # redis connection string
+#    redis="redis://127.0.0.1:6379/13"
+#
+#    dbname="wildduck-test"
+
+[imap]
+    autoExpunge=false
diff --git a/production/haraka-wildduck/wildduck/config/tls.toml b/production/haraka-wildduck/wildduck/config/tls.toml
new file mode 100644
index 0000000..4450239
--- /dev/null
+++ b/production/haraka-wildduck/wildduck/config/tls.toml
@@ -0,0 +1,6 @@
+# Default TLS keys (can be overriden by individual services)
+#key="/path/to/server/key.pem"
+#ca=["/path/to/server/ca1.pem", "/path/to/server/ca2.pem"]
+#cert="/path/to/server/cert.pem"
+key = "/secure/privkey.pem"
+cert = "/secure/fullchain.pem"