use type config.Account in sherpa api for better typing, and update to latest sherpa lib

typescript now knows the full types, not just "any" for account config. inline structs previously in config.Account are given their own type definition so sherpa can generate types. also update to latest sherpa lib that knows about time.Duration, to be used soon.
2025-07-12 17:44:35 +03:00 · 2024-04-14 17:18:20 +02:00
parent b7d6540d51
commit 4012b72d96
16 changed files with 911 additions and 123 deletions
--- a/webaccount/account.go
+++ b/webaccount/account.go
@ -27,7 +27,6 @@ import (
 	"github.com/mjl-/sherpaprom"

 	"github.com/mjl-/mox/config"
-	"github.com/mjl-/mox/dns"
 	"github.com/mjl-/mox/mlog"
 	"github.com/mjl-/mox/mox-"
 	"github.com/mjl-/mox/moxvar"
@ -412,13 +411,10 @@ func (Account) SetPassword(ctx context.Context, password string) {
 	xcheckf(ctx, err, "restoring session after password reset")
 }

-// Account returns information about the account: full name, the default domain,
-// and the destinations (keys are email addresses, or localparts to the default
-// domain). todo: replace with a function that returns the whole account, when
-// sherpadoc understands unnamed struct fields.
+// Account returns information about the account.
 // StorageUsed is the sum of the sizes of all messages, in bytes.
 // StorageLimit is the maximum storage that can be used, or 0 if there is no limit.
-func (Account) Account(ctx context.Context) (fullName string, defaultDomain dns.Domain, destinations map[string]config.Destination, storageUsed, storageLimit int64) {
+func (Account) Account(ctx context.Context) (account config.Account, storageUsed, storageLimit int64) {
 	log := pkglog.WithContext(ctx)
 	reqInfo := ctx.Value(requestInfoCtxKey).(requestInfo)

@ -443,7 +439,7 @@ func (Account) Account(ctx context.Context) (fullName string, defaultDomain dns.
 		xcheckf(ctx, err, "get disk usage")
 	})

-	return accConf.FullName, accConf.DNSDomain, accConf.Destinations, storageUsed, storageLimit
+	return accConf, storageUsed, storageLimit
 }

 func (Account) AccountSaveFullName(ctx context.Context, fullName string) {
--- a/webaccount/account.js
+++ b/webaccount/account.js
@ -228,20 +228,30 @@ const [dom, style, attr, prop] = (function () {
 // NOTE: GENERATED by github.com/mjl-/sherpats, DO NOT MODIFY
 var api;
 (function (api) {
-	api.structTypes = { "Destination": true, "Domain": true, "ImportProgress": true, "Ruleset": true };
+	api.structTypes = { "Account": true, "AutomaticJunkFlags": true, "Destination": true, "Domain": true, "ImportProgress": true, "JunkFilter": true, "Route": true, "Ruleset": true, "SubjectPass": true };
 	api.stringsTypes = { "CSRFToken": true };
 	api.intsTypes = {};
 	api.types = {
-		"Domain": { "Name": "Domain", "Docs": "", "Fields": [{ "Name": "ASCII", "Docs": "", "Typewords": ["string"] }, { "Name": "Unicode", "Docs": "", "Typewords": ["string"] }] },
+		"Account": { "Name": "Account", "Docs": "", "Fields": [{ "Name": "Domain", "Docs": "", "Typewords": ["string"] }, { "Name": "Description", "Docs": "", "Typewords": ["string"] }, { "Name": "FullName", "Docs": "", "Typewords": ["string"] }, { "Name": "Destinations", "Docs": "", "Typewords": ["{}", "Destination"] }, { "Name": "SubjectPass", "Docs": "", "Typewords": ["SubjectPass"] }, { "Name": "QuotaMessageSize", "Docs": "", "Typewords": ["int64"] }, { "Name": "RejectsMailbox", "Docs": "", "Typewords": ["string"] }, { "Name": "KeepRejects", "Docs": "", "Typewords": ["bool"] }, { "Name": "AutomaticJunkFlags", "Docs": "", "Typewords": ["AutomaticJunkFlags"] }, { "Name": "JunkFilter", "Docs": "", "Typewords": ["nullable", "JunkFilter"] }, { "Name": "MaxOutgoingMessagesPerDay", "Docs": "", "Typewords": ["int32"] }, { "Name": "MaxFirstTimeRecipientsPerDay", "Docs": "", "Typewords": ["int32"] }, { "Name": "NoFirstTimeSenderDelay", "Docs": "", "Typewords": ["bool"] }, { "Name": "Routes", "Docs": "", "Typewords": ["[]", "Route"] }, { "Name": "DNSDomain", "Docs": "", "Typewords": ["Domain"] }] },
 		"Destination": { "Name": "Destination", "Docs": "", "Fields": [{ "Name": "Mailbox", "Docs": "", "Typewords": ["string"] }, { "Name": "Rulesets", "Docs": "", "Typewords": ["[]", "Ruleset"] }, { "Name": "FullName", "Docs": "", "Typewords": ["string"] }] },
 		"Ruleset": { "Name": "Ruleset", "Docs": "", "Fields": [{ "Name": "SMTPMailFromRegexp", "Docs": "", "Typewords": ["string"] }, { "Name": "VerifiedDomain", "Docs": "", "Typewords": ["string"] }, { "Name": "HeadersRegexp", "Docs": "", "Typewords": ["{}", "string"] }, { "Name": "IsForward", "Docs": "", "Typewords": ["bool"] }, { "Name": "ListAllowDomain", "Docs": "", "Typewords": ["string"] }, { "Name": "AcceptRejectsToMailbox", "Docs": "", "Typewords": ["string"] }, { "Name": "Mailbox", "Docs": "", "Typewords": ["string"] }, { "Name": "VerifiedDNSDomain", "Docs": "", "Typewords": ["Domain"] }, { "Name": "ListAllowDNSDomain", "Docs": "", "Typewords": ["Domain"] }] },
+		"Domain": { "Name": "Domain", "Docs": "", "Fields": [{ "Name": "ASCII", "Docs": "", "Typewords": ["string"] }, { "Name": "Unicode", "Docs": "", "Typewords": ["string"] }] },
+		"SubjectPass": { "Name": "SubjectPass", "Docs": "", "Fields": [{ "Name": "Period", "Docs": "", "Typewords": ["int64"] }] },
+		"AutomaticJunkFlags": { "Name": "AutomaticJunkFlags", "Docs": "", "Fields": [{ "Name": "Enabled", "Docs": "", "Typewords": ["bool"] }, { "Name": "JunkMailboxRegexp", "Docs": "", "Typewords": ["string"] }, { "Name": "NeutralMailboxRegexp", "Docs": "", "Typewords": ["string"] }, { "Name": "NotJunkMailboxRegexp", "Docs": "", "Typewords": ["string"] }] },
+		"JunkFilter": { "Name": "JunkFilter", "Docs": "", "Fields": [{ "Name": "Threshold", "Docs": "", "Typewords": ["float64"] }, { "Name": "Onegrams", "Docs": "", "Typewords": ["bool"] }, { "Name": "Twograms", "Docs": "", "Typewords": ["bool"] }, { "Name": "Threegrams", "Docs": "", "Typewords": ["bool"] }, { "Name": "MaxPower", "Docs": "", "Typewords": ["float64"] }, { "Name": "TopWords", "Docs": "", "Typewords": ["int32"] }, { "Name": "IgnoreWords", "Docs": "", "Typewords": ["float64"] }, { "Name": "RareWords", "Docs": "", "Typewords": ["int32"] }] },
+		"Route": { "Name": "Route", "Docs": "", "Fields": [{ "Name": "FromDomain", "Docs": "", "Typewords": ["[]", "string"] }, { "Name": "ToDomain", "Docs": "", "Typewords": ["[]", "string"] }, { "Name": "MinimumAttempts", "Docs": "", "Typewords": ["int32"] }, { "Name": "Transport", "Docs": "", "Typewords": ["string"] }, { "Name": "FromDomainASCII", "Docs": "", "Typewords": ["[]", "string"] }, { "Name": "ToDomainASCII", "Docs": "", "Typewords": ["[]", "string"] }] },
 		"ImportProgress": { "Name": "ImportProgress", "Docs": "", "Fields": [{ "Name": "Token", "Docs": "", "Typewords": ["string"] }] },
 		"CSRFToken": { "Name": "CSRFToken", "Docs": "", "Values": null },
 	};
 	api.parser = {
-		Domain: (v) => api.parse("Domain", v),
+		Account: (v) => api.parse("Account", v),
 		Destination: (v) => api.parse("Destination", v),
 		Ruleset: (v) => api.parse("Ruleset", v),
+		Domain: (v) => api.parse("Domain", v),
+		SubjectPass: (v) => api.parse("SubjectPass", v),
+		AutomaticJunkFlags: (v) => api.parse("AutomaticJunkFlags", v),
+		JunkFilter: (v) => api.parse("JunkFilter", v),
+		Route: (v) => api.parse("Route", v),
 		ImportProgress: (v) => api.parse("ImportProgress", v),
 		CSRFToken: (v) => api.parse("CSRFToken", v),
 	};
@ -306,16 +316,13 @@ var api;
 			const params = [password];
 			return await _sherpaCall(this.baseURL, this.authState, { ...this.options }, paramTypes, returnTypes, fn, params);
 		}
-		// Account returns information about the account: full name, the default domain,
-		// and the destinations (keys are email addresses, or localparts to the default
-		// domain). todo: replace with a function that returns the whole account, when
-		// sherpadoc understands unnamed struct fields.
+		// Account returns information about the account.
 		// StorageUsed is the sum of the sizes of all messages, in bytes.
 		// StorageLimit is the maximum storage that can be used, or 0 if there is no limit.
 		async Account() {
 			const fn = "Account";
 			const paramTypes = [];
-			const returnTypes = [["string"], ["Domain"], ["{}", "Destination"], ["int64"], ["int64"]];
+			const returnTypes = [["Account"], ["int64"], ["int64"]];
 			const params = [];
 			return await _sherpaCall(this.baseURL, this.authState, { ...this.options }, paramTypes, returnTypes, fn, params);
 		}
@ -854,7 +861,7 @@ const formatQuotaSize = (v) => {
 	return '' + v;
 };
 const index = async () => {
-	const [accountFullName, domain, destinations, storageUsed, storageLimit] = await client.Account();
+	const [acc, storageUsed, storageLimit] = await client.Account();
 	let fullNameForm;
 	let fullNameFieldset;
 	let fullName;
@ -945,12 +952,12 @@ const index = async () => {
 	const exportForm = (filename) => {
 		return dom.form(attr.target('_blank'), attr.method('POST'), attr.action('export/' + filename), dom.input(attr.type('hidden'), attr.name('csrf'), attr.value(localStorageGet('webaccountcsrftoken') || '')), dom.submitbutton('Export'));
 	};
-	dom._kids(page, crumbs('Mox Account'), dom.p('NOTE: Not all account settings can be configured through these pages yet. See the configuration file for more options.'), dom.div('Default domain: ', domain.ASCII ? domainString(domain) : '(none)'), dom.br(), fullNameForm = dom.form(fullNameFieldset = dom.fieldset(dom.label(style({ display: 'inline-block' }), 'Full name', dom.br(), fullName = dom.input(attr.value(accountFullName), attr.title('Name to use in From header when composing messages. Can be overridden per configured address.'))), ' ', dom.submitbutton('Save')), async function submit(e) {
+	dom._kids(page, crumbs('Mox Account'), dom.p('NOTE: Not all account settings can be configured through these pages yet. See the configuration file for more options.'), dom.div('Default domain: ', acc.DNSDomain.ASCII ? domainString(acc.DNSDomain) : '(none)'), dom.br(), fullNameForm = dom.form(fullNameFieldset = dom.fieldset(dom.label(style({ display: 'inline-block' }), 'Full name', dom.br(), fullName = dom.input(attr.value(acc.FullName), attr.title('Name to use in From header when composing messages. Can be overridden per configured address.'))), ' ', dom.submitbutton('Save')), async function submit(e) {
 		e.preventDefault();
 		await check(fullNameFieldset, client.AccountSaveFullName(fullName.value));
 		fullName.setAttribute('value', fullName.value);
 		fullNameForm.reset();
-	}), dom.br(), dom.h2('Addresses'), dom.ul(Object.entries(destinations || {}).length === 0 ? dom.li('(None, login disabled)') : [], Object.entries(destinations || {}).sort().map(t => dom.li(dom.a(t[0], attr.href('#destinations/' + t[0])), t[0].startsWith('@') ? ' (catchall)' : []))), dom.br(), dom.h2('Change password'), passwordForm = dom.form(passwordFieldset = dom.fieldset(dom.label(style({ display: 'inline-block' }), 'New password', dom.br(), password1 = dom.input(attr.type('password'), attr.autocomplete('new-password'), attr.required(''), function focus() {
+	}), dom.br(), dom.h2('Addresses'), dom.ul(Object.entries(acc.Destinations || {}).length === 0 ? dom.li('(None, login disabled)') : [], Object.entries(acc.Destinations || {}).sort().map(t => dom.li(dom.a(t[0], attr.href('#destinations/' + t[0])), t[0].startsWith('@') ? ' (catchall)' : []))), dom.br(), dom.h2('Change password'), passwordForm = dom.form(passwordFieldset = dom.fieldset(dom.label(style({ display: 'inline-block' }), 'New password', dom.br(), password1 = dom.input(attr.type('password'), attr.autocomplete('new-password'), attr.required(''), function focus() {
 		passwordHint.style.display = '';
 	})), ' ', dom.label(style({ display: 'inline-block' }), 'New password repeat', dom.br(), password2 = dom.input(attr.type('password'), attr.autocomplete('new-password'), attr.required(''))), ' ', dom.submitbutton('Change password')), passwordHint = dom.div(style({ display: 'none', marginTop: '.5ex' }), dom.clickbutton('Generate random password', function click(e) {
 		e.preventDefault();
@ -1077,8 +1084,8 @@ const index = async () => {
 	});
 };
 const destination = async (name) => {
-	const [_, domain, destinations] = await client.Account();
-	let dest = destinations[name];
+	const [acc] = await client.Account();
+	let dest = (acc.Destinations || {})[name];
 	if (!dest) {
 		throw new Error('destination not found');
 	}
@ -1145,7 +1152,7 @@ const destination = async (name) => {
 	let defaultMailbox;
 	let fullName;
 	let saveButton;
-	const addresses = [name, ...Object.keys(destinations || {}).filter(a => !a.startsWith('@') && a !== name)];
+	const addresses = [name, ...Object.keys(acc.Destinations || {}).filter(a => !a.startsWith('@') && a !== name)];
 	dom._kids(page, crumbs(crumblink('Mox Account', '#'), 'Destination ' + name), dom.div(dom.span('Default mailbox', attr.title('Default mailbox where email for this recipient is delivered to if it does not match any ruleset. Default is Inbox.')), dom.br(), defaultMailbox = dom.input(attr.value(dest.Mailbox), attr.placeholder('Inbox'))), dom.br(), dom.div(dom.span('Full name', attr.title('Name to use in From header when composing messages. If not set, the account default full name is used.')), dom.br(), fullName = dom.input(attr.value(dest.FullName))), dom.br(), dom.h2('Rulesets'), dom.p('Incoming messages are checked against the rulesets. If a ruleset matches, the message is delivered to the mailbox configured for the ruleset instead of to the default mailbox.'), dom.p('"Is Forward" does not affect matching, but changes prevents the sending mail server from being included in future junk classifications by clearing fields related to the forwarding email server (IP address, EHLO domain, MAIL FROM domain and a matching DKIM domain), and prevents DMARC rejects for forwarded messages.'), dom.p('"List allow domain" does not affect matching, but skips the regular spam checks if one of the verified domains is a (sub)domain of the domain mentioned here.'), dom.p('"Accept rejects to mailbox" does not affect matching, but causes messages classified as junk to be accepted and delivered to this mailbox, instead of being rejected during the SMTP transaction. Useful for incoming forwarded messages where rejecting incoming messages may cause the forwarding server to stop forwarding.'), dom.table(dom.thead(dom.tr(dom.th('SMTP "MAIL FROM" regexp', attr.title('Matches if this regular expression matches (a substring of) the SMTP MAIL FROM address (not the message From-header). E.g. user@example.org.')), dom.th('Verified domain', attr.title('Matches if this domain matches an SPF- and/or DKIM-verified (sub)domain.')), dom.th('Headers regexp', attr.title('Matches if these header field/value regular expressions all match (substrings of) the message headers. Header fields and valuees are converted to lower case before matching. Whitespace is trimmed from the value before matching. A header field can occur multiple times in a message, only one instance has to match. For mailing lists, you could match on ^list-id$ with the value typically the mailing list address in angled brackets with @ replaced with a dot, e.g. <name\\.lists\\.example\\.org>.')), dom.th('Is Forward', attr.title("Influences spam filtering only, this option does not change whether a message matches this ruleset. Can only be used together with SMTPMailFromRegexp and VerifiedDomain. SMTPMailFromRegexp must be set to the address used to deliver the forwarded message, e.g. '^user(|\\+.*)@forward\\.example$'. Changes to junk analysis: 1. Messages are not rejected for failing a DMARC policy, because a legitimate forwarded message without valid/intact/aligned DKIM signature would be rejected because any verified SPF domain will be 'unaligned', of the forwarding mail server. 2. The sending mail server IP address, and sending EHLO and MAIL FROM domains and matching DKIM domain aren't used in future reputation-based spam classifications (but other verified DKIM domains are) because the forwarding server is not a useful spam signal for future messages.")), dom.th('List allow domain', attr.title("Influences spam filtering only, this option does not change whether a message matches this ruleset. If this domain matches an SPF- and/or DKIM-verified (sub)domain, the message is accepted without further spam checks, such as a junk filter or DMARC reject evaluation. DMARC rejects should not apply for mailing lists that are not configured to rewrite the From-header of messages that don't have a passing DKIM signature of the From-domain. Otherwise, by rejecting messages, you may be automatically unsubscribed from the mailing list. The assumption is that mailing lists do their own spam filtering/moderation.")), dom.th('Allow rejects to mailbox', attr.title("Influences spam filtering only, this option does not change whether a message matches this ruleset. If a message is classified as spam, it isn't rejected during the SMTP transaction (the normal behaviour), but accepted during the SMTP transaction and delivered to the specified mailbox. The specified mailbox is not automatically cleaned up like the account global Rejects mailbox, unless set to that Rejects mailbox.")), dom.th('Mailbox', attr.title('Mailbox to deliver to if this ruleset matches.')), dom.th('Action'))), rulesetsTbody, dom.tfoot(dom.tr(dom.td(attr.colspan('7')), dom.td(dom.clickbutton('Add ruleset', function click() {
 		addRulesetsRow({
 			SMTPMailFromRegexp: '',
@ -1178,7 +1185,7 @@ const destination = async (name) => {
 		};
 		await check(saveButton, client.DestinationSave(name, dest, newDest));
 		window.location.reload(); // todo: only refresh part of ui
-	}), dom.br(), dom.br(), dom.br(), dom.p("Apple's mail applications don't do account autoconfiguration, and when adding an account it can choose defaults that don't work with modern email servers. Adding an account through a \"mobileconfig\" profile file can be more convenient: It contains the IMAP/SMTP settings such as host name, port, TLS, authentication mechanism and user name. This profile does not contain a login password. Opening the profile adds it under Profiles in System Preferences (macOS) or Settings (iOS), where you can install it. These profiles are not signed, so users will have to ignore the warnings about them being unsigned. ", dom.br(), dom.a(attr.href('https://autoconfig.' + domainName(domain) + '/profile.mobileconfig?addresses=' + encodeURIComponent(addresses.join(',')) + '&name=' + encodeURIComponent(dest.FullName)), attr.download(''), 'Download .mobileconfig email account profile'), dom.br(), dom.a(attr.href('https://autoconfig.' + domainName(domain) + '/profile.mobileconfig.qrcode.png?addresses=' + encodeURIComponent(addresses.join(',')) + '&name=' + encodeURIComponent(dest.FullName)), attr.download(''), 'Open QR-code with link to .mobileconfig profile')));
+	}), dom.br(), dom.br(), dom.br(), dom.p("Apple's mail applications don't do account autoconfiguration, and when adding an account it can choose defaults that don't work with modern email servers. Adding an account through a \"mobileconfig\" profile file can be more convenient: It contains the IMAP/SMTP settings such as host name, port, TLS, authentication mechanism and user name. This profile does not contain a login password. Opening the profile adds it under Profiles in System Preferences (macOS) or Settings (iOS), where you can install it. These profiles are not signed, so users will have to ignore the warnings about them being unsigned. ", dom.br(), dom.a(attr.href('https://autoconfig.' + domainName(acc.DNSDomain) + '/profile.mobileconfig?addresses=' + encodeURIComponent(addresses.join(',')) + '&name=' + encodeURIComponent(dest.FullName)), attr.download(''), 'Download .mobileconfig email account profile'), dom.br(), dom.a(attr.href('https://autoconfig.' + domainName(acc.DNSDomain) + '/profile.mobileconfig.qrcode.png?addresses=' + encodeURIComponent(addresses.join(',')) + '&name=' + encodeURIComponent(dest.FullName)), attr.download(''), 'Open QR-code with link to .mobileconfig profile')));
 };
 const init = async () => {
 	let curhash;
--- a/webaccount/account.ts
+++ b/webaccount/account.ts
@ -213,7 +213,7 @@ const formatQuotaSize = (v: number) => {
 }

 const index = async () => {
-	const [accountFullName, domain, destinations, storageUsed, storageLimit] = await client.Account()
+	const [acc, storageUsed, storageLimit] = await client.Account()

 	let fullNameForm: HTMLFormElement
 	let fullNameFieldset: HTMLFieldSetElement
@ -350,7 +350,7 @@ const index = async () => {
 		dom.p('NOTE: Not all account settings can be configured through these pages yet. See the configuration file for more options.'),
 		dom.div(
 			'Default domain: ',
-			domain.ASCII ? domainString(domain) : '(none)',
+			acc.DNSDomain.ASCII ? domainString(acc.DNSDomain) : '(none)',
 		),
 		dom.br(),

@ -360,7 +360,7 @@ const index = async () => {
 					style({display: 'inline-block'}),
 					'Full name',
 					dom.br(),
-					fullName=dom.input(attr.value(accountFullName), attr.title('Name to use in From header when composing messages. Can be overridden per configured address.')),
+					fullName=dom.input(attr.value(acc.FullName), attr.title('Name to use in From header when composing messages. Can be overridden per configured address.')),

 				),
 				' ',
@ -377,8 +377,8 @@ const index = async () => {

 		dom.h2('Addresses'),
 		dom.ul(
-			Object.entries(destinations || {}).length === 0 ? dom.li('(None, login disabled)') : [],
-			Object.entries(destinations || {}).sort().map(t =>
+			Object.entries(acc.Destinations || {}).length === 0 ? dom.li('(None, login disabled)') : [],
+			Object.entries(acc.Destinations || {}).sort().map(t =>
 				dom.li(
 					dom.a(t[0], attr.href('#destinations/'+t[0])),
 					t[0].startsWith('@') ? ' (catchall)' : [],
@ -606,8 +606,8 @@ const index = async () => {
 }

 const destination = async (name: string) => {
-	const [_, domain, destinations] = await client.Account()
-	let dest = destinations[name]
+	const [acc] = await client.Account()
+	let dest = (acc.Destinations || {})[name]
 	if (!dest) {
 		throw new Error('destination not found')
 	}
@ -725,7 +725,7 @@ const destination = async (name: string) => {
 	let fullName: HTMLInputElement
 	let saveButton: HTMLButtonElement

-	const addresses = [name, ...Object.keys(destinations || {}).filter(a => !a.startsWith('@') && a !== name)]
+	const addresses = [name, ...Object.keys(acc.Destinations || {}).filter(a => !a.startsWith('@') && a !== name)]

 	dom._kids(page,
 		crumbs(
@ -811,9 +811,9 @@ const destination = async (name: string) => {
 		dom.br(),
 		dom.p("Apple's mail applications don't do account autoconfiguration, and when adding an account it can choose defaults that don't work with modern email servers. Adding an account through a \"mobileconfig\" profile file can be more convenient: It contains the IMAP/SMTP settings such as host name, port, TLS, authentication mechanism and user name. This profile does not contain a login password. Opening the profile adds it under Profiles in System Preferences (macOS) or Settings (iOS), where you can install it. These profiles are not signed, so users will have to ignore the warnings about them being unsigned. ",
 			dom.br(),
-			dom.a(attr.href('https://autoconfig.'+domainName(domain)+'/profile.mobileconfig?addresses='+encodeURIComponent(addresses.join(','))+'&name='+encodeURIComponent(dest.FullName)), attr.download(''), 'Download .mobileconfig email account profile'),
+			dom.a(attr.href('https://autoconfig.'+domainName(acc.DNSDomain)+'/profile.mobileconfig?addresses='+encodeURIComponent(addresses.join(','))+'&name='+encodeURIComponent(dest.FullName)), attr.download(''), 'Download .mobileconfig email account profile'),
 			dom.br(),
-			dom.a(attr.href('https://autoconfig.'+domainName(domain)+'/profile.mobileconfig.qrcode.png?addresses='+encodeURIComponent(addresses.join(','))+'&name='+encodeURIComponent(dest.FullName)), attr.download(''), 'Open QR-code with link to .mobileconfig profile'),
+			dom.a(attr.href('https://autoconfig.'+domainName(acc.DNSDomain)+'/profile.mobileconfig.qrcode.png?addresses='+encodeURIComponent(addresses.join(','))+'&name='+encodeURIComponent(dest.FullName)), attr.download(''), 'Open QR-code with link to .mobileconfig profile'),
 		),
 	)
 }
--- a/webaccount/account_test.go
+++ b/webaccount/account_test.go
@ -216,11 +216,11 @@ func TestAccount(t *testing.T) {

 	api.SetPassword(ctx, "test1234")

-	fullName, _, dests, _, _ := api.Account(ctx)
-	api.DestinationSave(ctx, "mjl☺@mox.example", dests["mjl☺@mox.example"], dests["mjl☺@mox.example"]) // todo: save modified value and compare it afterwards
+	account, _, _ := api.Account(ctx)
+	api.DestinationSave(ctx, "mjl☺@mox.example", account.Destinations["mjl☺@mox.example"], account.Destinations["mjl☺@mox.example"]) // todo: save modified value and compare it afterwards

-	api.AccountSaveFullName(ctx, fullName+" changed") // todo: check if value was changed
-	api.AccountSaveFullName(ctx, fullName)
+	api.AccountSaveFullName(ctx, account.FullName+" changed") // todo: check if value was changed
+	api.AccountSaveFullName(ctx, account.FullName)

 	go ImportManage()

--- a/webaccount/api.json
+++ b/webaccount/api.json
@ -68,26 +68,13 @@
 		},
 		{
 			"Name": "Account",
-			"Docs": "Account returns information about the account: full name, the default domain,\nand the destinations (keys are email addresses, or localparts to the default\ndomain). todo: replace with a function that returns the whole account, when\nsherpadoc understands unnamed struct fields.\nStorageUsed is the sum of the sizes of all messages, in bytes.\nStorageLimit is the maximum storage that can be used, or 0 if there is no limit.",
+			"Docs": "Account returns information about the account.\nStorageUsed is the sum of the sizes of all messages, in bytes.\nStorageLimit is the maximum storage that can be used, or 0 if there is no limit.",
 			"Params": [],
 			"Returns": [
 				{
-					"Name": "fullName",
+					"Name": "account",
 					"Typewords": [
-						"string"
-					]
-				},
-				{
-					"Name": "defaultDomain",
-					"Typewords": [
-						"Domain"
-					]
-				},
-				{
-					"Name": "destinations",
-					"Typewords": [
-						"{}",
-						"Destination"
+						"Account"
 					]
 				},
 				{
@ -172,22 +159,116 @@
 	"Sections": [],
 	"Structs": [
 		{
-			"Name": "Domain",
-			"Docs": "Domain is a domain name, with one or more labels, with at least an ASCII\nrepresentation, and for IDNA non-ASCII domains a unicode representation.\nThe ASCII string must be used for DNS lookups. The strings do not have a\ntrailing dot. When using with StrictResolver, add the trailing dot.",
+			"Name": "Account",
+			"Docs": "",
 			"Fields": [
 				{
-					"Name": "ASCII",
-					"Docs": "A non-unicode domain, e.g. with A-labels (xn--...) or NR-LDH (non-reserved letters/digits/hyphens) labels. Always in lower case. No trailing dot.",
+					"Name": "Domain",
+					"Docs": "",
 					"Typewords": [
 						"string"
 					]
 				},
 				{
-					"Name": "Unicode",
-					"Docs": "Name as U-labels, in Unicode NFC. Empty if this is an ASCII-only domain. No trailing dot.",
+					"Name": "Description",
+					"Docs": "",
 					"Typewords": [
 						"string"
 					]
+				},
+				{
+					"Name": "FullName",
+					"Docs": "",
+					"Typewords": [
+						"string"
+					]
+				},
+				{
+					"Name": "Destinations",
+					"Docs": "",
+					"Typewords": [
+						"{}",
+						"Destination"
+					]
+				},
+				{
+					"Name": "SubjectPass",
+					"Docs": "",
+					"Typewords": [
+						"SubjectPass"
+					]
+				},
+				{
+					"Name": "QuotaMessageSize",
+					"Docs": "",
+					"Typewords": [
+						"int64"
+					]
+				},
+				{
+					"Name": "RejectsMailbox",
+					"Docs": "",
+					"Typewords": [
+						"string"
+					]
+				},
+				{
+					"Name": "KeepRejects",
+					"Docs": "",
+					"Typewords": [
+						"bool"
+					]
+				},
+				{
+					"Name": "AutomaticJunkFlags",
+					"Docs": "",
+					"Typewords": [
+						"AutomaticJunkFlags"
+					]
+				},
+				{
+					"Name": "JunkFilter",
+					"Docs": "todo: sane defaults for junkfilter",
+					"Typewords": [
+						"nullable",
+						"JunkFilter"
+					]
+				},
+				{
+					"Name": "MaxOutgoingMessagesPerDay",
+					"Docs": "",
+					"Typewords": [
+						"int32"
+					]
+				},
+				{
+					"Name": "MaxFirstTimeRecipientsPerDay",
+					"Docs": "",
+					"Typewords": [
+						"int32"
+					]
+				},
+				{
+					"Name": "NoFirstTimeSenderDelay",
+					"Docs": "",
+					"Typewords": [
+						"bool"
+					]
+				},
+				{
+					"Name": "Routes",
+					"Docs": "",
+					"Typewords": [
+						"[]",
+						"Route"
+					]
+				},
+				{
+					"Name": "DNSDomain",
+					"Docs": "Parsed form of Domain.",
+					"Typewords": [
+						"Domain"
+					]
 				}
 			]
 		},
@ -289,6 +370,187 @@
 				}
 			]
 		},
+		{
+			"Name": "Domain",
+			"Docs": "Domain is a domain name, with one or more labels, with at least an ASCII\nrepresentation, and for IDNA non-ASCII domains a unicode representation.\nThe ASCII string must be used for DNS lookups. The strings do not have a\ntrailing dot. When using with StrictResolver, add the trailing dot.",
+			"Fields": [
+				{
+					"Name": "ASCII",
+					"Docs": "A non-unicode domain, e.g. with A-labels (xn--...) or NR-LDH (non-reserved letters/digits/hyphens) labels. Always in lower case. No trailing dot.",
+					"Typewords": [
+						"string"
+					]
+				},
+				{
+					"Name": "Unicode",
+					"Docs": "Name as U-labels, in Unicode NFC. Empty if this is an ASCII-only domain. No trailing dot.",
+					"Typewords": [
+						"string"
+					]
+				}
+			]
+		},
+		{
+			"Name": "SubjectPass",
+			"Docs": "",
+			"Fields": [
+				{
+					"Name": "Period",
+					"Docs": "todo: have a reasonable default for this?",
+					"Typewords": [
+						"int64"
+					]
+				}
+			]
+		},
+		{
+			"Name": "AutomaticJunkFlags",
+			"Docs": "",
+			"Fields": [
+				{
+					"Name": "Enabled",
+					"Docs": "",
+					"Typewords": [
+						"bool"
+					]
+				},
+				{
+					"Name": "JunkMailboxRegexp",
+					"Docs": "",
+					"Typewords": [
+						"string"
+					]
+				},
+				{
+					"Name": "NeutralMailboxRegexp",
+					"Docs": "",
+					"Typewords": [
+						"string"
+					]
+				},
+				{
+					"Name": "NotJunkMailboxRegexp",
+					"Docs": "",
+					"Typewords": [
+						"string"
+					]
+				}
+			]
+		},
+		{
+			"Name": "JunkFilter",
+			"Docs": "",
+			"Fields": [
+				{
+					"Name": "Threshold",
+					"Docs": "",
+					"Typewords": [
+						"float64"
+					]
+				},
+				{
+					"Name": "Onegrams",
+					"Docs": "",
+					"Typewords": [
+						"bool"
+					]
+				},
+				{
+					"Name": "Twograms",
+					"Docs": "",
+					"Typewords": [
+						"bool"
+					]
+				},
+				{
+					"Name": "Threegrams",
+					"Docs": "",
+					"Typewords": [
+						"bool"
+					]
+				},
+				{
+					"Name": "MaxPower",
+					"Docs": "",
+					"Typewords": [
+						"float64"
+					]
+				},
+				{
+					"Name": "TopWords",
+					"Docs": "",
+					"Typewords": [
+						"int32"
+					]
+				},
+				{
+					"Name": "IgnoreWords",
+					"Docs": "",
+					"Typewords": [
+						"float64"
+					]
+				},
+				{
+					"Name": "RareWords",
+					"Docs": "",
+					"Typewords": [
+						"int32"
+					]
+				}
+			]
+		},
+		{
+			"Name": "Route",
+			"Docs": "",
+			"Fields": [
+				{
+					"Name": "FromDomain",
+					"Docs": "",
+					"Typewords": [
+						"[]",
+						"string"
+					]
+				},
+				{
+					"Name": "ToDomain",
+					"Docs": "",
+					"Typewords": [
+						"[]",
+						"string"
+					]
+				},
+				{
+					"Name": "MinimumAttempts",
+					"Docs": "",
+					"Typewords": [
+						"int32"
+					]
+				},
+				{
+					"Name": "Transport",
+					"Docs": "",
+					"Typewords": [
+						"string"
+					]
+				},
+				{
+					"Name": "FromDomainASCII",
+					"Docs": "",
+					"Typewords": [
+						"[]",
+						"string"
+					]
+				},
+				{
+					"Name": "ToDomainASCII",
+					"Docs": "",
+					"Typewords": [
+						"[]",
+						"string"
+					]
+				}
+			]
+		},
 		{
 			"Name": "ImportProgress",
 			"Docs": "ImportProgress is returned after uploading a file to import.",
--- a/webaccount/api.ts
+++ b/webaccount/api.ts
@ -2,13 +2,22 @@

 namespace api {

-// Domain is a domain name, with one or more labels, with at least an ASCII
-// representation, and for IDNA non-ASCII domains a unicode representation.
-// The ASCII string must be used for DNS lookups. The strings do not have a
-// trailing dot. When using with StrictResolver, add the trailing dot.
-export interface Domain {
-	ASCII: string  // A non-unicode domain, e.g. with A-labels (xn--...) or NR-LDH (non-reserved letters/digits/hyphens) labels. Always in lower case. No trailing dot.
-	Unicode: string  // Name as U-labels, in Unicode NFC. Empty if this is an ASCII-only domain. No trailing dot.
+export interface Account {
+	Domain: string
+	Description: string
+	FullName: string
+	Destinations?: { [key: string]: Destination }
+	SubjectPass: SubjectPass
+	QuotaMessageSize: number
+	RejectsMailbox: string
+	KeepRejects: boolean
+	AutomaticJunkFlags: AutomaticJunkFlags
+	JunkFilter?: JunkFilter | null  // todo: sane defaults for junkfilter
+	MaxOutgoingMessagesPerDay: number
+	MaxFirstTimeRecipientsPerDay: number
+	NoFirstTimeSenderDelay: boolean
+	Routes?: Route[] | null
+	DNSDomain: Domain  // Parsed form of Domain.
 }

 export interface Destination {
@ -29,6 +38,46 @@ export interface Ruleset {
 	ListAllowDNSDomain: Domain
 }

+// Domain is a domain name, with one or more labels, with at least an ASCII
+// representation, and for IDNA non-ASCII domains a unicode representation.
+// The ASCII string must be used for DNS lookups. The strings do not have a
+// trailing dot. When using with StrictResolver, add the trailing dot.
+export interface Domain {
+	ASCII: string  // A non-unicode domain, e.g. with A-labels (xn--...) or NR-LDH (non-reserved letters/digits/hyphens) labels. Always in lower case. No trailing dot.
+	Unicode: string  // Name as U-labels, in Unicode NFC. Empty if this is an ASCII-only domain. No trailing dot.
+}
+
+export interface SubjectPass {
+	Period: number  // todo: have a reasonable default for this?
+}
+
+export interface AutomaticJunkFlags {
+	Enabled: boolean
+	JunkMailboxRegexp: string
+	NeutralMailboxRegexp: string
+	NotJunkMailboxRegexp: string
+}
+
+export interface JunkFilter {
+	Threshold: number
+	Onegrams: boolean
+	Twograms: boolean
+	Threegrams: boolean
+	MaxPower: number
+	TopWords: number
+	IgnoreWords: number
+	RareWords: number
+}
+
+export interface Route {
+	FromDomain?: string[] | null
+	ToDomain?: string[] | null
+	MinimumAttempts: number
+	Transport: string
+	FromDomainASCII?: string[] | null
+	ToDomainASCII?: string[] | null
+}
+
 // ImportProgress is returned after uploading a file to import.
 export interface ImportProgress {
 	Token: string  // For fetching progress, or cancelling an import.
@ -36,21 +85,31 @@ export interface ImportProgress {

 export type CSRFToken = string

-export const structTypes: {[typename: string]: boolean} = {"Destination":true,"Domain":true,"ImportProgress":true,"Ruleset":true}
+export const structTypes: {[typename: string]: boolean} = {"Account":true,"AutomaticJunkFlags":true,"Destination":true,"Domain":true,"ImportProgress":true,"JunkFilter":true,"Route":true,"Ruleset":true,"SubjectPass":true}
 export const stringsTypes: {[typename: string]: boolean} = {"CSRFToken":true}
 export const intsTypes: {[typename: string]: boolean} = {}
 export const types: TypenameMap = {
-	"Domain": {"Name":"Domain","Docs":"","Fields":[{"Name":"ASCII","Docs":"","Typewords":["string"]},{"Name":"Unicode","Docs":"","Typewords":["string"]}]},
+	"Account": {"Name":"Account","Docs":"","Fields":[{"Name":"Domain","Docs":"","Typewords":["string"]},{"Name":"Description","Docs":"","Typewords":["string"]},{"Name":"FullName","Docs":"","Typewords":["string"]},{"Name":"Destinations","Docs":"","Typewords":["{}","Destination"]},{"Name":"SubjectPass","Docs":"","Typewords":["SubjectPass"]},{"Name":"QuotaMessageSize","Docs":"","Typewords":["int64"]},{"Name":"RejectsMailbox","Docs":"","Typewords":["string"]},{"Name":"KeepRejects","Docs":"","Typewords":["bool"]},{"Name":"AutomaticJunkFlags","Docs":"","Typewords":["AutomaticJunkFlags"]},{"Name":"JunkFilter","Docs":"","Typewords":["nullable","JunkFilter"]},{"Name":"MaxOutgoingMessagesPerDay","Docs":"","Typewords":["int32"]},{"Name":"MaxFirstTimeRecipientsPerDay","Docs":"","Typewords":["int32"]},{"Name":"NoFirstTimeSenderDelay","Docs":"","Typewords":["bool"]},{"Name":"Routes","Docs":"","Typewords":["[]","Route"]},{"Name":"DNSDomain","Docs":"","Typewords":["Domain"]}]},
 	"Destination": {"Name":"Destination","Docs":"","Fields":[{"Name":"Mailbox","Docs":"","Typewords":["string"]},{"Name":"Rulesets","Docs":"","Typewords":["[]","Ruleset"]},{"Name":"FullName","Docs":"","Typewords":["string"]}]},
 	"Ruleset": {"Name":"Ruleset","Docs":"","Fields":[{"Name":"SMTPMailFromRegexp","Docs":"","Typewords":["string"]},{"Name":"VerifiedDomain","Docs":"","Typewords":["string"]},{"Name":"HeadersRegexp","Docs":"","Typewords":["{}","string"]},{"Name":"IsForward","Docs":"","Typewords":["bool"]},{"Name":"ListAllowDomain","Docs":"","Typewords":["string"]},{"Name":"AcceptRejectsToMailbox","Docs":"","Typewords":["string"]},{"Name":"Mailbox","Docs":"","Typewords":["string"]},{"Name":"VerifiedDNSDomain","Docs":"","Typewords":["Domain"]},{"Name":"ListAllowDNSDomain","Docs":"","Typewords":["Domain"]}]},
+	"Domain": {"Name":"Domain","Docs":"","Fields":[{"Name":"ASCII","Docs":"","Typewords":["string"]},{"Name":"Unicode","Docs":"","Typewords":["string"]}]},
+	"SubjectPass": {"Name":"SubjectPass","Docs":"","Fields":[{"Name":"Period","Docs":"","Typewords":["int64"]}]},
+	"AutomaticJunkFlags": {"Name":"AutomaticJunkFlags","Docs":"","Fields":[{"Name":"Enabled","Docs":"","Typewords":["bool"]},{"Name":"JunkMailboxRegexp","Docs":"","Typewords":["string"]},{"Name":"NeutralMailboxRegexp","Docs":"","Typewords":["string"]},{"Name":"NotJunkMailboxRegexp","Docs":"","Typewords":["string"]}]},
+	"JunkFilter": {"Name":"JunkFilter","Docs":"","Fields":[{"Name":"Threshold","Docs":"","Typewords":["float64"]},{"Name":"Onegrams","Docs":"","Typewords":["bool"]},{"Name":"Twograms","Docs":"","Typewords":["bool"]},{"Name":"Threegrams","Docs":"","Typewords":["bool"]},{"Name":"MaxPower","Docs":"","Typewords":["float64"]},{"Name":"TopWords","Docs":"","Typewords":["int32"]},{"Name":"IgnoreWords","Docs":"","Typewords":["float64"]},{"Name":"RareWords","Docs":"","Typewords":["int32"]}]},
+	"Route": {"Name":"Route","Docs":"","Fields":[{"Name":"FromDomain","Docs":"","Typewords":["[]","string"]},{"Name":"ToDomain","Docs":"","Typewords":["[]","string"]},{"Name":"MinimumAttempts","Docs":"","Typewords":["int32"]},{"Name":"Transport","Docs":"","Typewords":["string"]},{"Name":"FromDomainASCII","Docs":"","Typewords":["[]","string"]},{"Name":"ToDomainASCII","Docs":"","Typewords":["[]","string"]}]},
 	"ImportProgress": {"Name":"ImportProgress","Docs":"","Fields":[{"Name":"Token","Docs":"","Typewords":["string"]}]},
 	"CSRFToken": {"Name":"CSRFToken","Docs":"","Values":null},
 }

 export const parser = {
-	Domain: (v: any) => parse("Domain", v) as Domain,
+	Account: (v: any) => parse("Account", v) as Account,
 	Destination: (v: any) => parse("Destination", v) as Destination,
 	Ruleset: (v: any) => parse("Ruleset", v) as Ruleset,
+	Domain: (v: any) => parse("Domain", v) as Domain,
+	SubjectPass: (v: any) => parse("SubjectPass", v) as SubjectPass,
+	AutomaticJunkFlags: (v: any) => parse("AutomaticJunkFlags", v) as AutomaticJunkFlags,
+	JunkFilter: (v: any) => parse("JunkFilter", v) as JunkFilter,
+	Route: (v: any) => parse("Route", v) as Route,
 	ImportProgress: (v: any) => parse("ImportProgress", v) as ImportProgress,
 	CSRFToken: (v: any) => parse("CSRFToken", v) as CSRFToken,
 }
@ -125,18 +184,15 @@ export class Client {
 		return await _sherpaCall(this.baseURL, this.authState, { ...this.options }, paramTypes, returnTypes, fn, params) as void
 	}

-	// Account returns information about the account: full name, the default domain,
-	// and the destinations (keys are email addresses, or localparts to the default
-	// domain). todo: replace with a function that returns the whole account, when
-	// sherpadoc understands unnamed struct fields.
+	// Account returns information about the account.
 	// StorageUsed is the sum of the sizes of all messages, in bytes.
 	// StorageLimit is the maximum storage that can be used, or 0 if there is no limit.
-	async Account(): Promise<[string, Domain, { [key: string]: Destination }, number, number]> {
+	async Account(): Promise<[Account, number, number]> {
 		const fn: string = "Account"
 		const paramTypes: string[][] = []
-		const returnTypes: string[][] = [["string"],["Domain"],["{}","Destination"],["int64"],["int64"]]
+		const returnTypes: string[][] = [["Account"],["int64"],["int64"]]
 		const params: any[] = []
-		return await _sherpaCall(this.baseURL, this.authState, { ...this.options }, paramTypes, returnTypes, fn, params) as [string, Domain, { [key: string]: Destination }, number, number]
+		return await _sherpaCall(this.baseURL, this.authState, { ...this.options }, paramTypes, returnTypes, fn, params) as [Account, number, number]
 	}

 	async AccountSaveFullName(fullName: string): Promise<void> {