diff --git a/.env.dist b/.env.dist
index add937bd..d365eb75 100644
--- a/.env.dist
+++ b/.env.dist
@@ -73,6 +73,10 @@ RELAYHOST=
 # Fetchmail delay
 FETCHMAIL_DELAY=600
 
+# Recipient delimiter, character used to delimiter localpart from custom address part
+# e.g. localpart+custom@domain;tld
+RECIPIENT_DELIMITER=+
+
 ###################################
 # Nginx settings
 ###################################
diff --git a/admin/mailu/__init__.py b/admin/mailu/__init__.py
index ff98ece0..aeb4d89e 100644
--- a/admin/mailu/__init__.py
+++ b/admin/mailu/__init__.py
@@ -46,7 +46,9 @@ login_manager = flask_login.LoginManager()
 login_manager.init_app(app)
 babel = flask_babel.Babel(app)
 translations = list(map(str, babel.list_translations()))
-scheduler = background.BackgroundScheduler()
+scheduler = background.BackgroundScheduler({
+    'apscheduler.timezone': 'UTC'
+})
 
 # Manager commnad
 manager = flask_script.Manager(app)
diff --git a/admin/mailu/admin/views/managers.py b/admin/mailu/admin/views/managers.py
index fea2e930..98b1def8 100644
--- a/admin/mailu/admin/views/managers.py
+++ b/admin/mailu/admin/views/managers.py
@@ -23,7 +23,7 @@ def manager_create(domain_name):
     ]
     if form.validate_on_submit():
         user = models.User.query.get(form.manager.data)
-        if user not in available_users:
+        if user.email not in [user.email for user in available_users]:
             flask.abort(403)
         elif user in domain.managers:
             flask.flash('User %s is already manager' % user, 'error')
diff --git a/admin/mailu/certbot.py b/admin/mailu/certbot.py
index 036809bb..71e0309c 100644
--- a/admin/mailu/certbot.py
+++ b/admin/mailu/certbot.py
@@ -44,7 +44,7 @@ def certbot_install(domain):
 
 
 @scheduler.scheduled_job('date')
-@scheduler.scheduled_job('cron', hour=96, minute=0)
+@scheduler.scheduled_job('cron', day='*/4', hour=0, minute=0)
 def generate_cert():
     print("Generating TLS certificates using Certbot")
     hostname = app.config["HOSTNAME"]
diff --git a/dovecot/conf/dovecot.conf b/dovecot/conf/dovecot.conf
index 0f4b04d8..928b4d3e 100644
--- a/dovecot/conf/dovecot.conf
+++ b/dovecot/conf/dovecot.conf
@@ -127,7 +127,7 @@ service imap-login {
 
 protocol lmtp {
   mail_plugins = $mail_plugins sieve
-  recipient_delimiter = +
+  recipient_delimiter = {{ RECIPIENT_DELIMITER }}
 }
 
 service lmtp {
diff --git a/nginx-no-https/nginx.conf.default b/nginx-no-https/nginx.conf.default
index 4062f7b0..f2480ad1 100644
--- a/nginx-no-https/nginx.conf.default
+++ b/nginx-no-https/nginx.conf.default
@@ -23,6 +23,7 @@ http {
     sendfile on;
     keepalive_timeout  65;
     server_tokens off;
+    client_max_body_size 25m;
 
     server {
       listen 80;
diff --git a/nginx/nginx.conf.default b/nginx/nginx.conf.default
index 1e2fb4ae..69ccc90b 100644
--- a/nginx/nginx.conf.default
+++ b/nginx/nginx.conf.default
@@ -23,6 +23,7 @@ http {
     sendfile on;
     keepalive_timeout  65;
     server_tokens off;
+    client_max_body_size 25m;
 
     server {
       listen 80;
diff --git a/nginx/nginx.conf.fallback b/nginx/nginx.conf.fallback
index a6dc68f5..9b3e1e95 100644
--- a/nginx/nginx.conf.fallback
+++ b/nginx/nginx.conf.fallback
@@ -18,6 +18,7 @@ http {
     sendfile on;
     keepalive_timeout  65;
     server_tokens off;
+    client_max_body_size 25m;
 
     server {
       listen 80;
diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf
index 6cd514e8..b806a46f 100644
--- a/postfix/conf/main.cf
+++ b/postfix/conf/main.cf
@@ -28,6 +28,9 @@ mydestination =
 # Relayhost if any is configured
 relayhost = {{ RELAYHOST }}
 
+# Recipient delimiter for extended addresses
+recipient_delimiter = {{ RECIPIENT_DELIMITER }}
+
 ###############
 # TLS
 ###############
diff --git a/postfix/conf/sqlite-virtual_alias_maps.cf b/postfix/conf/sqlite-virtual_alias_maps.cf
index 0a4896b1..a96fb034 100644
--- a/postfix/conf/sqlite-virtual_alias_maps.cf
+++ b/postfix/conf/sqlite-virtual_alias_maps.cf
@@ -4,7 +4,7 @@ query =
    FROM
      (SELECT destination, email, wildcard, localpart FROM alias
       UNION
-      SELECT email||(CASE WHEN forward_enabled=1 THEN ','||forward_destination ELSE '' END) AS destination, email, 0 as wildcard, localpart FROM user)
+      SELECT (CASE WHEN forward_enabled=1 THEN (CASE WHEN forward_keep=1 THEN email||',' ELSE '' END)||forward_destination ELSE email END) AS destination, email, 0 as wildcard, localpart FROM user)
    WHERE
      (
       wildcard = 0
diff --git a/postfix/start.sh b/postfix/start.sh
index 57660bee..e34543a5 100755
--- a/postfix/start.sh
+++ b/postfix/start.sh
@@ -5,7 +5,7 @@ for VARIABLE in `env | cut -f1 -d=`; do
   sed -i "s={{ $VARIABLE }}=${!VARIABLE}=g" /etc/postfix/*.cf
 done
 
-# Override Postfix configuration
+# Override Postfix main configuration
 if [ -f /overrides/postfix.cf ]; then
   while read line; do
     postconf -e "$line"
@@ -15,6 +15,16 @@ else
   echo "No extra postfix settings loaded because optional '/overrides/postfix.cf' not provided."
 fi
 
+# Override Postfix master configuration
+if [ -f /overrides/postfix.master ]; then
+  while read line; do
+    postconf -Me "$line"
+  done < /overrides/postfix.master
+  echo "Loaded '/overrides/postfix.master'"
+else
+  echo "No extra postfix settings loaded because optional '/overrides/postfix.master' not provided."
+fi
+
 # Include table-map files
 if ls -A /overrides/*.map 1> /dev/null 2>&1; then
   cp /overrides/*.map /etc/postfix/