diff --git a/docker/imap/Dockerfile b/docker/imap/Dockerfile
new file mode 100644
index 00000000..375feaa1
--- /dev/null
+++ b/docker/imap/Dockerfile
@@ -0,0 +1,84 @@
+FROM almalinux:8
+
+LABEL maintainer="contact@apheleia-it.ch"
+LABEL dist=centos8
+LABEL tier=${TIER}
+
+ENV DISTRO=centos8
+# ENV LANG=en_US.utf8
+# ENV LC_ALL=en_US.utf8
+
+# Add EPEL.
+RUN dnf -y install dnf-plugin-config-manager && \
+    dnf config-manager --set-enabled powertools && \
+    dnf -y install epel-release && \
+    dnf -y install iputils vim-enhanced bind-utils && \
+    dnf clean all
+RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8
+
+# Install kolab
+RUN rpm --import https://mirror.apheleia-it.ch/repos/Kolab:/16/key.asc && \
+    rpm -Uvh https://mirror.apheleia-it.ch/repos/Kolab:/16/kolab-16-for-el8.rpm
+RUN sed -i -e '/^ssl/d' /etc/yum.repos.d/kolab*.repo && \
+    dnf config-manager --enable kolab-16-testing &&\
+    dnf -y --setopt tsflags= install patch &&\
+    dnf clean all
+
+RUN sed -i -r -e 's/^SELINUX=.*$/SELINUX=permissive/g' /etc/selinux/config 2>/dev/null || :
+
+WORKDIR /root/
+
+RUN dnf -y group install "Development Tools"
+RUN dnf -y builddep cyrus-imapd
+RUN dnf -y install git perl-devel cyrus-sasl cyrus-sasl-plain procps-ng iputils bind-utils sudo rsyslog
+
+RUN git clone --branch dev/mollekopf https://git.kolab.org/source/cyrus-imapd && \
+    cd cyrus-imapd && \
+    autoreconf -i && \
+    ./configure CFLAGS="-W -Wno-unused-parameter -g -O0 -Wall -Wextra -Werror -fPIC" --enable-murder --enable-http --enable-calalarmd --enable-autocreate --enable-idled --with-openssl=yes --enable-replication --prefix=/usr && \
+    make -j6 && \
+    make install
+
+COPY cyrus.conf /etc/cyrus.conf
+COPY imapd.conf /etc/imapd.conf
+COPY imapd.annotations.conf /etc/imapd.annotations.conf
+COPY saslauthd.conf /etc/saslauthd.conf
+COPY rsyslog.conf /etc/rsyslog.conf
+
+ADD kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.cert
+ADD kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.chain.pem
+ADD kolab.hosted.com.key /etc/pki/tls/certs/kolab.hosted.com.key
+ADD init.sh /init.sh
+
+RUN mkdir -p /etc/pki/cyrus-imapd/ && cat /etc/pki/tls/certs/kolab.hosted.com.cert /etc/pki/tls/certs/kolab.hosted.com.chain.pem /etc/pki/tls/certs/kolab.hosted.com.key > /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem && \
+    chown 1001:0 /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+
+# RUN chgrp -R 0 /opt/app-root/src && \
+#     chmod -R g=u /opt/app-root/src
+
+RUN mkdir -p /run/saslauthd && \
+    chmod 777 /run/saslauthd &&  \
+    chmod -R 777 /run && \
+    mkdir -p /var/run && \
+    chmod -R 777 /var/run && \
+    mkdir -p /var/lib/imap && \
+    chmod 777 /var/lib/imap && \
+    mkdir -p /var/spool/imap && \
+    chmod 777 /var/spool/imap
+
+VOLUME [ "/var/spool/imap" ]
+VOLUME [ "/var/lib/imap" ]
+
+RUN chown -R 1001:0 /etc /var/lib/imap /var/spool/imap /var/run /run && \
+    chmod -R g=u /etc /var/lib/imap /var/spool/imap /var/run /run
+
+RUN echo 'default ALL=NOPASSWD: ALL' >> /etc/sudoers && \
+    chown root:root /etc/sudoers /etc/sudo.conf /etc/sudoers.d
+
+RUN id default || (groupadd -g 1001 default && useradd -d /opt/app-root/ -u 1001 -g 1001 default)
+USER 1001
+
+
+CMD ["/init.sh"]
+
+EXPOSE 11143/tcp 11993/tcp 11080/tcp 11443/tcp 11024/tcp
diff --git a/docker/imap/cyrus.conf b/docker/imap/cyrus.conf
new file mode 100644
index 00000000..a5137fbc
--- /dev/null
+++ b/docker/imap/cyrus.conf
@@ -0,0 +1,39 @@
+START {
+    # do not delete this entry!
+    recover     cmd="ctl_cyrusdb -r"
+
+    #mupdatepush     cmd="ctl_mboxlist -m"
+}
+
+SERVICES {
+
+    http        cmd="httpd"          listen=0.0.0.0:11080                     proto="tcp"          prefork=5
+    imap        cmd="imapd"          listen=0.0.0.0:11143                     proto="tcp"          prefork=5
+    https       cmd="httpd -s"       listen=0.0.0.0:11443                     proto="tcp"          prefork=5
+    imaps       cmd="imapd -s"       listen=0.0.0.0:11993                     proto="tcp"          prefork=1
+    sieve       cmd="timsieved"      listen=0.0.0.0:4190                      proto="tcp"          prefork=0
+    lmtp        cmd="lmtpd"          listen=0.0.0.0:11024                     proto="tcp"          prefork=1
+}
+
+EVENTS {
+    # this is required
+    checkpoint   cmd="ctl_cyrusdb -c" period="39"
+
+    # Expire deleted folders older than 28 days.
+    deleteprune  cmd="cyr_expire -E 4 -D 28" at="0400"
+
+    # Expire deleted messages older than 28 days.
+    expungeprune cmd="cyr_expire -E 4 -X 28" at="0132"
+
+    # this is only necessary if caching TLS sessions
+    tlsprune     cmd="tls_prune"      at="0400"
+
+    # this is only necessary if using duplicate delivery suppression
+    delprune     cmd="cyr_expire -E 3" at="0400"
+
+}
+
+DAEMON {
+    # this is only necessary if using idled for IMAP IDLE
+    idled       cmd="idled"
+}
diff --git a/docker/imap/imapd.annotations.conf b/docker/imap/imapd.annotations.conf
new file mode 100644
index 00000000..3b03bfad
--- /dev/null
+++ b/docker/imap/imapd.annotations.conf
@@ -0,0 +1,11 @@
+/vendor/kolab/activesync,mailbox,string,backend,value.priv,r
+/vendor/kolab/color,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/displayname,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/folder-test,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/folder-type,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/incidences-for,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/pxfb-readable-for,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/uniqueid,mailbox,string,backend,value.shared value.priv,a
+/vendor/kolab/h-share-attr-desc,mailbox,string,backend,value.shared value.priv,a
+/vendor/horde/share-params,mailbox,string,backend,value.shared value.priv,a
+/vendor/x-toltec/test,mailbox,string,backend,value.shared value.priv,a
diff --git a/docker/imap/imapd.conf b/docker/imap/imapd.conf
new file mode 100644
index 00000000..051c4298
--- /dev/null
+++ b/docker/imap/imapd.conf
@@ -0,0 +1,109 @@
+servername: imap-backend
+configdirectory: /var/lib/imap
+defaultpartition: default
+metapartition_files: annotations cache expunge header index
+partition-default: /var/spool/imap/
+sievedir: /var/lib/imap/sieve
+annotation_definitions: /etc/imapd.annotations.conf
+
+autocreate_quota: 5242880
+autocreate_inbox_folders: Drafts | Trash | Sent
+autocreate_subscribe_folders: Drafts | Trash | Sent
+# Set specialuse flags
+xlist-drafts: Drafts
+xlist-sent: Sent
+xlist-trash: Trash
+
+idlesocket: /var/lib/imap/socket/idle
+disable_shared_namespace: 1
+disable_user_namespace: 1
+duplicate_db_path: /run/cyrus/db/deliver.db
+mboxname_lockpath: /run/cyrus/lock
+proc_path: /run/cyrus/proc
+# Apparently does not work
+##ptscache_db_path: /var/tmp/cyrus-imapd/ptscache.db
+statuscache_db_path: /run/cyrus/db/statuscache.db
+temp_path: /tmp
+tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
+
+sendmail: /usr/sbin/sendmail
+admins: IMAP_ADMIN_LOGIN
+sasl_pwcheck_method: saslauthd
+sasl_mech_list: PLAIN LOGIN
+sasl_saslauthd_path: /run/saslauthd/mux
+allowplaintext: yes
+
+lmtp_over_quota_perm_failure: 1
+
+#tls_server_cert: /etc/pki/tls/private/aphy.app.pem
+#tls_server_key: /etc/pki/tls/private/aphy.app.pem
+#tls_server_ca_file: /etc/pki/tls/certs/zrh1.infra.aphy.app.ca.cert
+
+tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd.bundle.pem
+
+tls_client_certs: off
+
+tls_ciphers: kEECDH:+kEECDH+SHA:kEDH:+kEDH+SHA:kECDH:+kECDH+SHA:kRSA:+kRSA+SHA:!aNULL:!eNULL:!SSLv2:!RC4:!MD5:!DES:!EXP:!SEED:!IDEA:!3DES
+
+tls_prefer_server_ciphers: 1
+tls_versions: tls1_3
+maxlogins_per_user: 50
+proxyd_disable_mailbox_referrals: 0
+
+
+httpmodules: caldav carddav domainkey freebusy ischedule rss webdav
+
+
+
+unixhierarchysep: 1
+virtdomains: userid
+sieve_extensions: fileinto reject envelope body vacation imap4flags include regex subaddress relational copy date
+allowallsubscribe: 0
+anyoneuseracl: 0
+allowusermoves: 1
+altnamespace: 1
+disconnect_on_vanished_mailbox: 1
+hashimapspool: 1
+anysievefolder: 1
+fulldirhash: 0
+sieve_maxscripts: 150
+sieve_maxscriptsize: 128
+sieveusehomedir: 0
+sieve_allowreferrals: 0
+sieve_utf8fileinto: 1
+lmtp_downcase_rcpt: 1
+lmtp_fuzzy_mailbox_match: 1
+username_tolower: 1
+deletedprefix: DELETED
+delete_mode: delayed
+expunge_mode: delayed
+postuser: shared
+tcp_keepalive: 1
+
+syslog_prefix: cyrus-imapd
+
+calendar_default_displayname: test
+addressbook_default_displayname: test
+
+# mupdate is enabled
+# mupdate_config: standard
+# mupdate_server: imap-mupdate
+# mupdate_port: 3905
+# mupdate_authname: IMAP_ADMIN_LOGIN
+# mupdate_username: IMAP_ADMIN_LOGIN
+# mupdate_password: IMAP_ADMIN_PASSWORD
+
+# proxy authentication for these users
+# proxyservers: IMAP_ADMIN_LOGIN
+
+# sync is enabled
+#sync_try_imap: 0
+#sync_log_chain: false
+#sync_authname: cyrus
+#sync_password: simple123
+#sync_log: 1
+#sync_repeat_interval: 10
+#sync_shutdown_file: /var/lib/imap/sync_shutdown
+debug: 1
+chatty: 1
diff --git a/docker/imap/init.sh b/docker/imap/init.sh
new file mode 100755
index 00000000..aa6522bb
--- /dev/null
+++ b/docker/imap/init.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+
+sed -i -r \
+    -e "s|IMAP_ADMIN_LOGIN|$IMAP_ADMIN_LOGIN|g" \
+    -e "s|IMAP_ADMIN_PASSWORD|$IMAP_ADMIN_PASSWORD|g" \
+    /etc/imapd.conf
+
+sed -i -r \
+    -e "s|APP_DOMAIN|$APP_DOMAIN|g" \
+    /etc/saslauthd.conf
+
+
+/usr/sbin/saslauthd -m /run/saslauthd -a httpform -d &
+# Can't run as user because of /dev/ permissions so far.
+# Cyrus imap only logs to /dev/log, no way around it it seems.
+# sudo rsyslogd
+
+
+# Cyrus needs an entry in /etc/passwd. THe alternative would be perhaps the nss_wrapper
+# https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html#openshift-specific-guidelines
+# FIXME: This probably currently just works because we make /etc/ writable, which I suppose we shouldn't.
+ID=$(id -u)
+GID=$(id -g)
+echo "$ID:x:$ID:$GID::/opt/app-root/:/bin/bash" > /etc/passwd
+
+exec env CYRUS_VERBOSE=9 CYRUS_USER="$ID" /usr/libexec/master -D -p /var/run/master.pid -M /etc/cyrus.conf -C /etc/imapd.conf
+
+
diff --git a/docker/imap/kolab.hosted.com.cert b/docker/imap/kolab.hosted.com.cert
new file mode 100644
index 00000000..8f8a52a2
--- /dev/null
+++ b/docker/imap/kolab.hosted.com.cert
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIE8jCCAtqgAwIBAgIUPetq90+aimhTrG2eRliFXaWLW14wDQYJKoZIhvcNAQEL
+BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMjA5MzAxNTA2MzRaFw0yMjEw
+MjgxNTA2MzRaMDAxEzARBgNVBAoMCkV4YW1wbGUgQ0ExGTAXBgNVBAMMEGtvbGFi
+Lmhvc3RlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxL844
+iQMUTX43YWQ+U/eDgc5z0kMIFfPayhkL5UFgmefZ8zwii5EwK7KuLd0NK4qFKJOF
+RRkphLWAYuhEem7jfbRqrxcKuZdyY67pEWIlVe/9ha9RaAa2ET9utyredFk5MwgQ
+ujQA37cpeKRFZQ96YFhZtGGH17x+sbeZQfUQ6Qwoxdc4ZDFj1tQ4WCghTHSlRII4
+VKEA6PRyBBjUyYLrCjyBVijiqV6zb+/5biHxb5ChtDceD+gtAWrGRpQHs2WsSH1M
+s7FbT8S2sXT5bg1BNZZRSrcLmLaD62GOmbxiG1V3qU+iJ311FwsUVo6xMfuKmcPI
+5X5BC2atQe1zWRzfyM076z+6vBsUjie9skz81CY841PKgx/6VPeCpETYv2kaYqdS
+6ASdVVKv/UFU2TAbwUppo2rD10gPaVH4thTDOH68Z5wV5yTeWSJzn7Kqj8ILLQ6c
+EPWr1vXqXDnir0bFDhpprqwMkDxbZ2NkVI9gIOsZcEIyvJV5/9pjTdbKWPCUrBDX
+iJAlyTx95M/B9UK9h98ZixnpOcDGY2gNhGiWSGANlXnhfIrpra03ov2GXmFnzSez
+3mH5vqvufRZvEcBmDW/VUdVADh2bm6UVHAfrjSrlrnSIEPRMplyWJ0VwyG7UUsjp
+k81Q1PU/WSmkMyo5an/pwvxXYTjAOm+CVhR1kwIDAQABox8wHTAbBgNVHREEFDAS
+ghBrb2xhYi5ob3N0ZWQuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBSA4QSLZMaDq0f
+rnc/nEAKZrHz0UTMqZLY+dlKn6TRqIlNrSa1VV3koPnyF1VxU/3JVJsoqiDJ4f5B
+jSPoURUUGLc5/fpUuZfXyOrpjlSAmLFhEZMZi98XSJeB4kt7/s+Fs851OteKQZq2
+8TQPlfTc69FIpgypUYI7Nf6fQY2mf92RoFVRlBu0NR41wt0xrfTVU29tv4EDFQNA
+Z+1yPfQt6NjwzILPnHBivyUFG8JIxsuXWUiPQ04qv34iq16jyquhK3EQ7ylCnmrO
+6Yd+bROj5VwblcF+hBl28Jcpr2q8/pSv1GtkU+Yw0yFjqYqXAmtZoJYapITY0CDs
+kP+XEbHNMkxz0SC7ua2BMRtbPRjAqNkU9V8tZJla+HiVUL1bJHHPtrrJ27e6Nbv+
+2QpW8zqD/EmIAjMBFr0v/VlE4mlm7G6bOOiIppkpe9ZSvBoKCpCPoIyYgflOzkr5
+Myl8p7mAN8CeXgyzOwVFVaYjhGVDBxArcFAwhwdj7RJLHnIholbWEUGGak8yJjGj
+RayqSQZxUa1fTqsQwtjOnhFpnl4wsKIDq/6BavUxrcKJdJOz44KDS61l7i5YAYbl
+FRr9kUFaw9sZqx0EQI+cbeDdBrdh7XsMTNQ17SZrb6Ck5KqUZ7SYUIKHWvudQlpd
+GYjxjUbNtebeeSMAdS7C3FtwBFIxhw==
+-----END CERTIFICATE-----
diff --git a/docker/imap/kolab.hosted.com.chain.pem b/docker/imap/kolab.hosted.com.chain.pem
new file mode 100644
index 00000000..13e8193d
--- /dev/null
+++ b/docker/imap/kolab.hosted.com.chain.pem
@@ -0,0 +1,58 @@
+-----BEGIN CERTIFICATE-----
+MIIE8jCCAtqgAwIBAgIUPetq90+aimhTrG2eRliFXaWLW14wDQYJKoZIhvcNAQEL
+BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMjA5MzAxNTA2MzRaFw0yMjEw
+MjgxNTA2MzRaMDAxEzARBgNVBAoMCkV4YW1wbGUgQ0ExGTAXBgNVBAMMEGtvbGFi
+Lmhvc3RlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxL844
+iQMUTX43YWQ+U/eDgc5z0kMIFfPayhkL5UFgmefZ8zwii5EwK7KuLd0NK4qFKJOF
+RRkphLWAYuhEem7jfbRqrxcKuZdyY67pEWIlVe/9ha9RaAa2ET9utyredFk5MwgQ
+ujQA37cpeKRFZQ96YFhZtGGH17x+sbeZQfUQ6Qwoxdc4ZDFj1tQ4WCghTHSlRII4
+VKEA6PRyBBjUyYLrCjyBVijiqV6zb+/5biHxb5ChtDceD+gtAWrGRpQHs2WsSH1M
+s7FbT8S2sXT5bg1BNZZRSrcLmLaD62GOmbxiG1V3qU+iJ311FwsUVo6xMfuKmcPI
+5X5BC2atQe1zWRzfyM076z+6vBsUjie9skz81CY841PKgx/6VPeCpETYv2kaYqdS
+6ASdVVKv/UFU2TAbwUppo2rD10gPaVH4thTDOH68Z5wV5yTeWSJzn7Kqj8ILLQ6c
+EPWr1vXqXDnir0bFDhpprqwMkDxbZ2NkVI9gIOsZcEIyvJV5/9pjTdbKWPCUrBDX
+iJAlyTx95M/B9UK9h98ZixnpOcDGY2gNhGiWSGANlXnhfIrpra03ov2GXmFnzSez
+3mH5vqvufRZvEcBmDW/VUdVADh2bm6UVHAfrjSrlrnSIEPRMplyWJ0VwyG7UUsjp
+k81Q1PU/WSmkMyo5an/pwvxXYTjAOm+CVhR1kwIDAQABox8wHTAbBgNVHREEFDAS
+ghBrb2xhYi5ob3N0ZWQuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBSA4QSLZMaDq0f
+rnc/nEAKZrHz0UTMqZLY+dlKn6TRqIlNrSa1VV3koPnyF1VxU/3JVJsoqiDJ4f5B
+jSPoURUUGLc5/fpUuZfXyOrpjlSAmLFhEZMZi98XSJeB4kt7/s+Fs851OteKQZq2
+8TQPlfTc69FIpgypUYI7Nf6fQY2mf92RoFVRlBu0NR41wt0xrfTVU29tv4EDFQNA
+Z+1yPfQt6NjwzILPnHBivyUFG8JIxsuXWUiPQ04qv34iq16jyquhK3EQ7ylCnmrO
+6Yd+bROj5VwblcF+hBl28Jcpr2q8/pSv1GtkU+Yw0yFjqYqXAmtZoJYapITY0CDs
+kP+XEbHNMkxz0SC7ua2BMRtbPRjAqNkU9V8tZJla+HiVUL1bJHHPtrrJ27e6Nbv+
+2QpW8zqD/EmIAjMBFr0v/VlE4mlm7G6bOOiIppkpe9ZSvBoKCpCPoIyYgflOzkr5
+Myl8p7mAN8CeXgyzOwVFVaYjhGVDBxArcFAwhwdj7RJLHnIholbWEUGGak8yJjGj
+RayqSQZxUa1fTqsQwtjOnhFpnl4wsKIDq/6BavUxrcKJdJOz44KDS61l7i5YAYbl
+FRr9kUFaw9sZqx0EQI+cbeDdBrdh7XsMTNQ17SZrb6Ck5KqUZ7SYUIKHWvudQlpd
+GYjxjUbNtebeeSMAdS7C3FtwBFIxhw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCzCCAvOgAwIBAgIUEvYwMxnGZGbpNdlgadZ/BTZhQaswDQYJKoZIhvcNAQEL
+BQAwFTETMBEGA1UECgwKRXhhbXBsZSBDQTAeFw0yMDEyMjkxODU0MDdaFw0zMDEy
+MjcxODU0MDdaMBUxEzARBgNVBAoMCkV4YW1wbGUgQ0EwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDHK/c0eG4e1/cAIHmfPKQkt3p+P2+nsXypGEKTNoHj
+77vUZzuyafnO+dSW3pHVw1UV1T28a+SWdpC2DCSxD/2JQ0upybilZVRWTuL6AZjC
+iIV2yyd662H39/IJz3aQuHMwbgRM4ISzoODqUMWcAUhIYEJcXwG8FYDAhgNbW1sq
+DTnnpJmeD87F8mZS4cOz+dZ1bcAkaqGNye4oLjlnkvRmsUMnHeLMhS0I7R0aeca1
+xq/8CnZApnUrHHYiVPhEZqz78/lUlNIb2Gu5U0buhGoQDpeLHpeJmTdFOxtHXic4
+pGczJiEPgpPMECCiPQu6kmerm6/85v10jQNwcQZOvYbpKrow26RRyPV92QfLY5uS
+Cnxq51cjefXcRNAs47rBSsJ3ZnLJcTF1BpD69ckPUDobg7vNGwtpMtmi+xyCOxYb
+M03v4GyCvEXIQHm6oafcu6yoGPRGH9eR7qrrYA9+laMZFuKhdXxcXPXUgQufL6U6
+cnGIG+31wFYMn2wKufYy+3or73zE45Hzo/lBStI/U6Mkn5jBEsOErNZlAD0zt8Pa
+Jw6szEK2r9IXeuv++S4ASxduOZJVQo0NIwjt3AvP/J7TenJ52FawBKM5Qx8UsC/s
+cqk0SlLYRCK98dFRc5GEYVXH9WgFeJqVz/Syc73WDzrspF0G0xKIyCst80pQvAlH
+wwIDAQABo1MwUTAdBgNVHQ4EFgQUDKT/J+566qUX9mufxvdWiG6o24IwHwYDVR0j
+BBgwFoAUDKT/J+566qUX9mufxvdWiG6o24IwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+hkiG9w0BAQsFAAOCAgEAaJ+oOp8rHoIEt5qCuoNKb/VlR8sX7YpzfqLb+6W0QoKP
+KQjHMVi2z+uwMPjCjJSSm0AYVVVAWcWI/kIW7WJ9vaFQVuutWLF00xL/yYgFcG25
+3qML8BBncHanD6EXanRXoPE/aLXnEgOHYNhg/z94hQ2JNn97UpECbzzQBqPHTC8C
+CcmZXM6slYYqoylZIOqU28d7Xo6ElJEQ7AxObwMaCUXid5rUceDwZSi+9OG49kmE
+Q9MNZ+d4WSnarZLHAEQh/4bdBVUln5h4l2fqQrQLDMUj2oXPwRxXk57AW+zLFtrS
+lC552wbWza6IIf8SJZDy8q47/WfKD1YDmy0NfFZxEf+ZG/7zh5fjm1qlKVoAjxI9
+quG+wK27rhMn6Ddo/DDpQ7+VaszZP+TZol5Hifda3cOPoTpoA/n77L/iVynGXtD8
+dhfAfVqRWhR3JgrQWmOyJ2SAc6Z1Ao68qBG+q9HXdIPjKS3Pj/EexMMVL0Qfbtfz
+y26ZSlgQPSc9qmKcAYb9babzdf8ioq0f0UheM4QW0g4u5/TNpa+QcSCmdp5GfqMb
+eeCXzExsrvcCUp0bPiXwLYCLYTZNgYW2wMsQVJDmlZuTTWikEcPG6QJYgMUPGyCH
+UsAua3te00Dj9ikR8bMaXJc9ZEFPZzLyz1IbDyiRfBLVCKX+dH3VXQ7l0BnBmB8=
+-----END CERTIFICATE-----
diff --git a/docker/imap/kolab.hosted.com.key b/docker/imap/kolab.hosted.com.key
new file mode 100644
index 00000000..3dcac097
--- /dev/null
+++ b/docker/imap/kolab.hosted.com.key
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKAIBAAKCAgEAsS/OOIkDFE1+N2FkPlP3g4HOc9JDCBXz2soZC+VBYJnn2fM8
+IouRMCuyri3dDSuKhSiThUUZKYS1gGLoRHpu4320aq8XCrmXcmOu6RFiJVXv/YWv
+UWgGthE/brcq3nRZOTMIELo0AN+3KXikRWUPemBYWbRhh9e8frG3mUH1EOkMKMXX
+OGQxY9bUOFgoIUx0pUSCOFShAOj0cgQY1MmC6wo8gVYo4qles2/v+W4h8W+QobQ3
+Hg/oLQFqxkaUB7NlrEh9TLOxW0/EtrF0+W4NQTWWUUq3C5i2g+thjpm8YhtVd6lP
+oid9dRcLFFaOsTH7ipnDyOV+QQtmrUHtc1kc38jNO+s/urwbFI4nvbJM/NQmPONT
+yoMf+lT3gqRE2L9pGmKnUugEnVVSr/1BVNkwG8FKaaNqw9dID2lR+LYUwzh+vGec
+Feck3lkic5+yqo/CCy0OnBD1q9b16lw54q9GxQ4aaa6sDJA8W2djZFSPYCDrGXBC
+MryVef/aY03WyljwlKwQ14iQJck8feTPwfVCvYffGYsZ6TnAxmNoDYRolkhgDZV5
+4XyK6a2tN6L9hl5hZ80ns95h+b6r7n0WbxHAZg1v1VHVQA4dm5ulFRwH640q5a50
+iBD0TKZclidFcMhu1FLI6ZPNUNT1P1kppDMqOWp/6cL8V2E4wDpvglYUdZMCAwEA
+AQKCAgACxLx0Ja/moU9Xji4Cy00SwPR42tAxUCZ/RKkfhnV/DOiSfzpxT7z1A7nG
+/vB1RDjl27xyWKIMBAbR+rmmWENjSpOHFzVE9aFoKCaTfbIK40zcqToUC4wPTDWx
+hSsmTqsWObXmjQJDATvbagcnDm0vfFHlFOxxMu2/DQfRXTZ3DS0jdfPm7anX5YNr
+XfVCj+9Cpc9jEe9yFDG9llLNAFkLUx2e57m70Omp5BXbz9y36QZZgHdcAOOf0GXa
+sz+c3zC3gGp0yFn9E0H/mMY7H30Vh8DRhFlX1QsFBKiBkeVfow2y0PJtljBfo/yI
+VNHl8uH7SGvGt89BNOxlyKHtK3dIASx3z2E+hJMHIVrxReJS1ySf+cnhfONkCx6g
+R+HcvD9dMyJtpyrTQmFsVaYBXWoJMYoRuEbXtYT7JwA2PWPcSr66J8S3WrkbbrWW
+pI8gHofJrz63AJ7l3Da/90hNCrqd6AzlLmaK3q2Ev2Fd0sLrQ6a3fnZDyyLZwUyv
+0IHwR1lnzLUHGh4QevMTOmU3aqUYt+dCXSG8uD9U3N0SFTpAE5q/AcQJciqxcdqW
+J0kWfwVHA7OQIgGFdCk9ZbL/uOrUQ+3yPBJwbYaHk9GXkEekolEmbg2ZcUJ1fql+
+vX2prJkb7Zy4F5CiI5hBaI/VS5Fb3ysCqT+lExsMJXsbN+BgAQKCAQEA6QnAWhfT
+gHMgoaPlDweDMKf3mNxhKXgACEopOo/yfZhCoSF1rwGA3c/1m4afFZzVT94m0XUt
+/pJkQVCFmGapBVqfUUQZ15VVA6D0pOTs6LoryIUgkRm3H+wQl/IRWXm4iZU/Jx8z
+5WSf6EX2l/DAv8SMGUOC3+HeIrJB5Vlew0JTBjeFTNNVkS7pJHDh3g68RsVn3OhA
+k0koDZiZqsDiE3/m9c2CQ9rrSM2o9g2w2zsr5Zbn5JW1xYqdttJFnAdoj8E+SCaK
+2uzvQ4JlIbMLT+QZxF/fjfcPZ0BxeAmQ74Y3tCrVjwE1zd/o0p8H6/IfNAPxCrUg
+PvtqApI7kslNdwKCAQEAwqU8muRtx0UG0/8wbl9LRaB9sACXqG++rAJ/ySu+usp7
+IZ2q0uSBKlcMnST06LmfjJtyO9GWwYmAKSojtyeujGLjdqA0M3H/YUAocVySPQ3R
+om/rqmJV7+LOQja8k+Lj2dHbtJ6HXL7gRZYgtG8dvKfEC44fgwpi04vaHA05Q0J4
+HqRecnIp9yoJYkJsIBMqARsglSsyJ3RXSVO3RpJgvit/fumRq6cXQd2ONSBjfDS5
+qOvWlWJmjXTtCirOexWxzSEMiIOVNXNlwdfXgoelv9ScHRLIzAOM91zK8CIVSDZ6
+8HSm8p2t+HwWUjslbY4+FMODp7OicjWGFg0aBGUvxQKCAQB5EoDmDdTrumSsthru
+mQeWwt2HhI/SXK8fn3AWJe1lRTLwxhJ/TvelxkKjf+is8ON+cDuYvRmdVm9R48TU
+7hlIV9HIBeqrL8GQdhJEjU9shjTzI/9Mg6C5rAre9nv/EZdHm8vIxpROzN2rbpX0
+ULfDqhjjk0iuiom/Wv+TacArEA1UgIn35SBioo2sSh1/Iga9ehhBFEVggDSYA71q
+knWijePvtsrD+DwfggITe/9zlyVyTdnCz+k1bZQNBOf3bX3smgiCscuYfFq+p0Nl
+o8Dvy+F7PhhGiKJvEXMiW036s6/DIjH77zQF9xveOZODCTMe8iFMX9gWAMcN+O2M
+kJt3AoIBAQCxPPz+ndpIhVY+XDShjCxibk2EokV2nqokvvHVIPw/4nhUl9kgx+nF
+wBZAUZKhB8V8p19RkPuRp78HvNNgx8VtF+6/6gkef0NoLp+k+gI/jgHBw9/3+ir+
+kKv4Jxd4IjYP9cP1qBTiIvzc4GNPaY7OZoVhcDzJef+bWdF1kaT+1dvDKzDFTadg
+5Oo+ivUiD9FDyIvWyMqWmp2Qq6ZLoKZvA/TIf66hezj2RORlA+UTCH+2jWmMBVoU
+nM/rXic+dPa+LsXW2NpZHYcfB4e52ALZtqOg5aXp/6Gw7NHt71spslIn+lC6w1HS
+3ksE/c6K/+cPyShs4GmfTZWXJr72GZ1xAoIBAAK7gQb3/WCQpTiPh/v7Qnl6hQZD
+y+T8fprWBXskU5A7NbIE44DdltPe4LLsVMHpNlqRpYCz+3bHTmPDHd+IHJHZm9Ik
+4gUXjPMzzkF9qQ2lyNWvnH2bHlSeHUg/3ZCXpmc8l0pmAeRxhOxzBaFgjt8N3Z5n
+FIc25xJ9ki3stySf6baWmTWFscCFn8eBJrQ8mNLXpBM2iXM1e5D8Bu2VZK6nJGtz
+QCChvsHspsTmRsGvemBk27gkvKAG0K8u84T5XBRwog7MWx8XThVqNcns6kejeYQs
+CNRvuLj7gEQwMPzW2p/tLbSU82oDKQTICeyPwfS/fMl/6NYRaTdABc6KIME=
+-----END RSA PRIVATE KEY-----
diff --git a/docker/imap/rsyslog.conf b/docker/imap/rsyslog.conf
new file mode 100644
index 00000000..679e8445
--- /dev/null
+++ b/docker/imap/rsyslog.conf
@@ -0,0 +1,20 @@
+module(load="imuxsock"    # provides support for local system logging (e.g. via logger command)
+       SysSock.Use="on"
+       ) # Turn off message reception via local log socket;
+module(load="omstdout")
+action(type="omstdout")
+# action(type="omfwd" Target="127.0.0.1" Port="5140" Protocol="tcp")
+                          # local messages are retrieved through imjournal now.
+# Where to place auxiliary files
+global(workDirectory="/var/lib/rsyslog")
+
+# Use default timestamp format
+module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")
+
+# Include all config files in /etc/rsyslog.d/
+include(file="/etc/rsyslog.d/*.conf" mode="optional")
+
+# Log anything (except mail) of level info or higher.
+# Don't log private authentication messages!
+*.info;mail.none;authpriv.none;cron.none                /var/log/messages
+
diff --git a/docker/imap/saslauthd.conf b/docker/imap/saslauthd.conf
new file mode 100644
index 00000000..1d1d3be0
--- /dev/null
+++ b/docker/imap/saslauthd.conf
@@ -0,0 +1,4 @@
+httpform_host: services.APP_DOMAIN
+httpform_port: 8000
+httpform_uri: /api/webhooks/cyrus-sasl/
+httpform_data: %u %r %p