diff --git a/plugins/kolab_chat/config.inc.php.dist b/plugins/kolab_chat/config.inc.php.dist
index d355d83b..b5709309 100644
--- a/plugins/kolab_chat/config.inc.php.dist
+++ b/plugins/kolab_chat/config.inc.php.dist
@@ -8,7 +8,6 @@
     as in the Kolab server. Thanks to this we can auto-login users.
   1. It has to use the same domain, if it's using different we have to use a proxy:
     Following Apache config worked for me with kolab_chat_url=https://kolab.example.com/mattermost
-    Note: This should be simpler with Mattermost 5.1 (to be released soon).
 
     ProxyPreserveHost Off
     RewriteEngine On
@@ -17,11 +16,12 @@
     RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
     RewriteRule (/mattermost)?(/api/v[0-9]+/(users/)?websocket) ws://mattermost.example.com:8065$2 [P,QSA,L]
     ProxyPass         /mattermost http://mattermost.example.com:8065
-    ProxyPass         /static http://mattermost.example.com:8065/static
-    ProxyPass         /help http://mattermost.example.com:8065/help
-    ProxyPass         /api http://mattermost.example.com:8065/api
 
-  2. Enabling CORS connections in Mattermost config: AllowCorsFrom:"*"
+    // replace Mattermost security headers allowing the webmail domain
+    Header set X-Frame-Options "allow-from https://webmail.example.com";
+    Header set Content-Security-Policy "frame-ancestors https://webmail.example.com";
+
+  2. Enabling CORS connections in Mattermost config: AllowCorsFrom:"webmail.example.com" (or "*")
 */
 
 // Chat application name. For now only 'mattermost' is supported.
@@ -30,6 +30,9 @@ $config['kolab_chat_driver'] = 'mattermost';
 // Chat application URL
 $config['kolab_chat_url'] = 'https://mattermost.example.com';
 
+// Optional chat application domain (for session cookies)
+$config['kolab_chat_session_domain'] = null;
+
 // Enables opening chat in a new window (or tab)
 $config['kolab_chat_extwin'] = false;
 
diff --git a/plugins/kolab_chat/drivers/mattermost.php b/plugins/kolab_chat/drivers/mattermost.php
index 0b492634..342d585c 100644
--- a/plugins/kolab_chat/drivers/mattermost.php
+++ b/plugins/kolab_chat/drivers/mattermost.php
@@ -85,8 +85,8 @@ class kolab_chat_mattermost
             $this->plugin->add_label('openchat', 'directmessage', 'mentionmessage');
         }
         else if ($this->get_token()) {
-            rcube_utils::setcookie('MMUSERID', $_SESSION['mattermost'][0], 0, false);
-            rcube_utils::setcookie('MMAUTHTOKEN', $_SESSION['mattermost'][1], 0, false);
+            $this->setcookie('MMUSERID', $_SESSION['mattermost'][0]);
+            $this->setcookie('MMAUTHTOKEN', $_SESSION['mattermost'][1]);
         }
     }
 
@@ -336,4 +336,23 @@ class kolab_chat_mattermost
             }
         }
     }
+
+    /**
+     * Set mattermost session cookies
+     */
+    protected function setcookie($name, $value)
+    {
+        if (headers_sent()) {
+            return;
+        }
+
+        $cookie = session_get_cookie_params();
+        $secure = $cookie['secure'] || self::https_check();
+
+        if ($domain = $this->rc->config->get('kolab_chat_session_domain')) {
+            $cookie['domain'] = $domain;
+        }
+
+        setcookie($name, $value, 0, $cookie['path'], $cookie['domain'], $secure, false);
+    }
 }