2021-07-22 23:06:41 -05:00
|
|
|
# Upgrade iRedMail from 1.4.0 to 1.4.1
|
|
|
|
|
|
|
|
[TOC]
|
|
|
|
|
|
|
|
!!! note "Paid Remote Upgrade Support"
|
|
|
|
|
|
|
|
We offer remote upgrade support if you don't want to get your hands dirty,
|
|
|
|
check [the details](https://www.iredmail.org/support.html) and
|
|
|
|
[contact us](https://www.iredmail.org/contact.html).
|
|
|
|
|
|
|
|
## ChangeLog
|
|
|
|
|
2021-09-12 21:38:07 -05:00
|
|
|
* Sep 13, 2021: Fix incorrect PostgreSQL column type for new columns introduced
|
|
|
|
in table `vmail.mailbox`.
|
2021-09-08 01:55:24 -05:00
|
|
|
* Sep 08, 2021: initial release.
|
2021-07-22 23:06:41 -05:00
|
|
|
|
|
|
|
## General (All backends should apply these changes)
|
|
|
|
|
|
|
|
### Update `/etc/iredmail-release` with new iRedMail version number
|
|
|
|
|
|
|
|
iRedMail stores the release version in `/etc/iredmail-release` after
|
|
|
|
installation, it's recommended to update this file after you upgraded iRedMail,
|
|
|
|
so that you can know which version of iRedMail you're running. For example:
|
|
|
|
|
|
|
|
```
|
|
|
|
1.4.1
|
|
|
|
```
|
|
|
|
|
2021-09-08 01:55:24 -05:00
|
|
|
### Upgrade iRedAPD (Postfix policy server) to the latest stable release (5.0.3)
|
|
|
|
|
|
|
|
!!! attention
|
|
|
|
|
|
|
|
iRedAPD has been migrated to Python 3 and doesn't support Python 2 anymore.
|
|
|
|
|
|
|
|
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
|
|
|
|
[Upgrade iRedAPD to the latest stable release](./upgrade.iredapd.html)
|
|
|
|
|
|
|
|
### Upgrade iRedAdmin (open source edition) to the latest stable release (1.5)
|
|
|
|
|
|
|
|
!!! attention
|
|
|
|
|
|
|
|
iRedAdmin has been migrated to Python 3 and doesn't support Python 2 anymore.
|
|
|
|
|
|
|
|
Please follow below tutorial to upgrade iRedAdmin to the latest stable release:
|
|
|
|
[Upgrade iRedAdmin to the latest stable release](./migrate.or.upgrade.iredadmin.html).
|
|
|
|
|
|
|
|
### Upgrade mlmmjadmin to the latest stable release (3.1.2)
|
|
|
|
|
|
|
|
Please follow below tutorial to upgrade mlmmjadmin to the latest stable release:
|
|
|
|
[Upgrade mlmmjadmin to the latest stable release](./upgrade.mlmmjadmin.html)
|
|
|
|
|
2021-07-22 23:06:41 -05:00
|
|
|
### Amavisd: Add some useful ban rules
|
|
|
|
|
|
|
|
Microsoft Office documents are banned with iRedMail default settings, but it's
|
|
|
|
common that some mailbox may need to receive such documents.
|
|
|
|
|
|
|
|
Here we define some ban rules to allow these Office document types, iRedMail
|
|
|
|
server admin can update per-user spam policy to allow receiving such documents.
|
|
|
|
|
|
|
|
- Update Amavisd config file and append these lines before the last line (`1;`):
|
|
|
|
- on RHEL/CentOS/Rocky Linux, it's `/etc/amavisd/amavisd.conf`.
|
|
|
|
- on Debian/Ubuntu, it's `/etc/amavis/conf.d/50-user`.
|
|
|
|
- on FreeBSD, it's `/usr/local/etc/amavisd.conf`.
|
|
|
|
- on OpenBSD, it's `/etc/amavisd/amavisd.conf`.
|
|
|
|
|
|
|
|
```
|
|
|
|
# Define some useful rules.
|
|
|
|
%banned_rules = (
|
|
|
|
# Allow all Microsoft Office documents.
|
|
|
|
'ALLOW_MS_OFFICE' => new_RE([qr'.\.(doc|docx|xls|xlsx|ppt|pptx)$'i => 0]),
|
|
|
|
|
|
|
|
# Allow Microsoft Word, Excel, PowerPoint documents separately.
|
|
|
|
'ALLOW_MS_WORD' => new_RE([qr'.\.(doc|docx)$'i => 0]),
|
|
|
|
'ALLOW_MS_EXCEL' => new_RE([qr'.\.(xls|xlsx)$'i => 0]),
|
|
|
|
'ALLOW_MS_PPT' => new_RE([qr'.\.(ppt|pptx)$'i => 0]),
|
|
|
|
|
|
|
|
# Default rule.
|
|
|
|
'DEFAULT' => $banned_filename_re,
|
|
|
|
);
|
|
|
|
```
|
|
|
|
|
|
|
|
- Restarting Amavisd service is required.
|
|
|
|
|
|
|
|
Here we defines 5 ban rules:
|
|
|
|
|
2021-07-22 23:21:27 -05:00
|
|
|
- `ALLOW_MS_OFFICE`: Allow all Microsoft Office documents.
|
|
|
|
- `ALLOW_MS_WORD`: Allow Microsoft Word documents (`.doc`, `.docx`).
|
|
|
|
- `ALLOW_MS_EXCEL`: Allow Microsoft Excel documents (`.xls`, `.xlsx`).
|
|
|
|
- `ALLOW_MS_PPT`: Allow Microsoft PowerPoint documents (`.ppt`, `.pptx`).
|
2021-07-22 23:06:41 -05:00
|
|
|
- `DEFAULT`: use the default ban rule defined in `$banned_filename_re`.
|
|
|
|
|
|
|
|
You're free to define more ban rules to fit your own needs.
|
|
|
|
|
|
|
|
!!! attention
|
|
|
|
|
|
|
|
#### Example: How to use these ban rules
|
|
|
|
|
|
|
|
If you already define per-user, per-domain, or global spam policy with
|
|
|
|
iRedAdmin-Pro or manually, you can now assign these ban rules to them.
|
|
|
|
|
|
|
|
For example, if you have spam policy for user `user@domain.com`, to allow
|
|
|
|
this user to accept Microsoft Word and Excel documents, you can run SQL
|
|
|
|
commands below to achieve it (Note: we use MySQL for example):
|
|
|
|
|
|
|
|
USE amavisd;
|
|
|
|
UPDATE policy SET banned_rulenames="ALLOW_MS_WORD,ALLOW_MS_EXCEL" WHERE policy_name="user@domain.com";
|
2021-08-31 22:06:30 -05:00
|
|
|
|
|
|
|
## For OpenLDAP backend
|
|
|
|
|
|
|
|
### Add new attribute/value pairs for per-user SOGo webmail / calendar / activesync service control
|
|
|
|
|
|
|
|
iRedMail-1.4.1 improves SOGo config file and it's able to enable or disable
|
|
|
|
per-user SOGo webmail, calendar, activesync services with 3 new LDAP
|
|
|
|
attribute/value pairs:
|
|
|
|
|
|
|
|
- `enabledService=sogowebmail`
|
|
|
|
- `enabledService=sogocalendar`
|
|
|
|
- `enabledService=sogoactivesync`
|
|
|
|
|
|
|
|
The old `enabledService=sogo` is still used to enable or disable whole SOGo
|
|
|
|
access.
|
|
|
|
|
|
|
|
* Download script used to update existing mail accounts:
|
|
|
|
|
|
|
|
```
|
|
|
|
cd /root/
|
|
|
|
wget https://github.com/iredmail/iRedMail/raw/1.4.1/update/1.4.1/update-ldap.py
|
|
|
|
```
|
|
|
|
|
|
|
|
* Open downloaded file `update-ldap.py`, set LDAP server related settings in
|
|
|
|
this file:
|
|
|
|
|
|
|
|
You can find required LDAP credential in iRedAdmin config file
|
|
|
|
(`/opt/www/iredadmin/settings.py`), using either
|
|
|
|
`cn=Manager,dc=xx,dc=xx` or `cn=vmailadmin,dc=xx,dc=xx` as bind dn is ok.
|
|
|
|
|
|
|
|
```
|
|
|
|
# Part of file: updateLDAPValues_099_to_1.py
|
|
|
|
|
|
|
|
uri = 'ldap://127.0.0.1:389'
|
|
|
|
basedn = 'o=domains,dc=example,dc=com'
|
|
|
|
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
|
|
|
|
bind_pw = 'passwd'
|
|
|
|
```
|
|
|
|
|
|
|
|
* Execute this script with Python-3 to update LDAP data:
|
|
|
|
|
|
|
|
```
|
|
|
|
# python3 update-ldap.py
|
|
|
|
```
|
|
|
|
|
2021-09-05 20:10:52 -05:00
|
|
|
### SOGo: Update config file
|
|
|
|
|
|
|
|
Open SOGo main config file `/etc/sogo/sogo.conf` (Linux/OpenBSD) or
|
|
|
|
`/usr/local/etc/sogo/sogo.conf` (FreeBSD), find the `SOGoUserSources` block
|
|
|
|
like below:
|
|
|
|
|
|
|
|
```
|
|
|
|
// Authentication using LDAP
|
|
|
|
SOGoUserSources = (
|
|
|
|
{
|
|
|
|
// Used for user authentication
|
|
|
|
type = ldap;
|
|
|
|
id = users;
|
|
|
|
canAuthenticate = YES;
|
|
|
|
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
}
|
|
|
|
)
|
|
|
|
```
|
|
|
|
|
|
|
|
Add new parameter `ModulesConstraints` right after `canAuthenticate = YES;`
|
|
|
|
line like below:
|
|
|
|
|
|
|
|
```
|
|
|
|
SOGoUserSources = (
|
|
|
|
{
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
canAuthenticate = YES;
|
|
|
|
|
|
|
|
ModulesConstraints = {
|
|
|
|
Mail = { enabledService = sogowebmail; };
|
|
|
|
Calendar = { enabledService = sogocalendar; };
|
|
|
|
ActiveSync = { enabledService = sogoactivesync; };
|
|
|
|
};
|
|
|
|
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
}
|
|
|
|
)
|
|
|
|
```
|
|
|
|
|
2021-08-31 22:06:30 -05:00
|
|
|
## For MySQL and MariaDB backends
|
|
|
|
|
2021-09-05 19:55:40 -05:00
|
|
|
### Add new SQL columns in `vmail.mailbox` table for per-user SOGo webmail / calendar / activesync service control
|
2021-08-31 22:06:30 -05:00
|
|
|
|
|
|
|
iRedMail-1.4.1 introduces 3 new columns used to enable or disable per-user
|
|
|
|
SOGo webmail, calendar and activesync services:
|
|
|
|
|
|
|
|
- `enablesogowebmail`
|
|
|
|
- `enablesogocalendar`
|
|
|
|
- `enablesogoactivesync`
|
|
|
|
|
|
|
|
Download plain SQL file used to update SQL table, then import it as
|
|
|
|
MySQL root user (Please run commands below as `root` user):
|
|
|
|
|
|
|
|
```
|
|
|
|
wget -O /tmp/iredmail.mysql https://github.com/iredmail/iRedMail/raw/1.4.1/update/1.4.1/iredmail.mysql
|
|
|
|
mysql vmail < /tmp/iredmail.mysql
|
|
|
|
rm -f /tmp/iredmail.mysql
|
|
|
|
```
|
|
|
|
|
2021-09-05 20:10:52 -05:00
|
|
|
### SOGo: Re-create SQL VIEW and update config file
|
2021-09-05 19:55:40 -05:00
|
|
|
|
|
|
|
Download plain SQL file used to update SQL table, then import it as
|
|
|
|
MySQL root user (Please run commands below as `root` user):
|
|
|
|
|
|
|
|
```
|
|
|
|
wget -O /tmp/sogo.mysql https://github.com/iredmail/iRedMail/raw/1.4.1/update/1.4.1/sogo.mysql
|
|
|
|
mysql sogo < /tmp/sogo.mysql
|
|
|
|
rm -f /tmp/sogo.mysql
|
|
|
|
```
|
|
|
|
|
2021-09-05 20:10:52 -05:00
|
|
|
Now open SOGo main config file `/etc/sogo/sogo.conf` (Linux/OpenBSD) or
|
|
|
|
`/usr/local/etc/sogo/sogo.conf` (FreeBSD), find the `SOGoUserSources` block
|
|
|
|
like below:
|
|
|
|
|
|
|
|
```
|
|
|
|
// Authentication using SQL
|
|
|
|
SOGoUserSources = (
|
|
|
|
{
|
|
|
|
type = sql;
|
|
|
|
id = users;
|
|
|
|
viewURL = ...
|
|
|
|
canAuthenticate = YES;
|
|
|
|
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
}
|
|
|
|
)
|
|
|
|
```
|
|
|
|
|
|
|
|
Add new parameter `ModulesConstraints` right after `canAuthenticate = YES;`
|
|
|
|
line like below:
|
|
|
|
|
|
|
|
```
|
|
|
|
SOGoUserSources = (
|
|
|
|
{
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
canAuthenticate = YES;
|
|
|
|
|
|
|
|
ModulesConstraints = {
|
|
|
|
Mail = { c_webmail = y; };
|
|
|
|
Calendar = { c_calendar = y; };
|
|
|
|
ActiveSync = { c_activesync = y; };
|
|
|
|
};
|
|
|
|
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
}
|
|
|
|
)
|
|
|
|
```
|
|
|
|
|
|
|
|
Restarting SOGo service is requried.
|
|
|
|
|
2021-08-31 22:06:30 -05:00
|
|
|
## For PostgreSQL backend
|
|
|
|
|
2021-09-05 19:55:40 -05:00
|
|
|
### Add new SQL columns in `vmail.mailbox` table for per-user SOGo webmail / calendar / activesync service control
|
2021-08-31 22:06:30 -05:00
|
|
|
|
|
|
|
iRedMail-1.4.1 introduces 3 new columns used to enable or disable per-user
|
|
|
|
SOGo webmail, calendar and activesync services:
|
|
|
|
|
|
|
|
- `enablesogowebmail`
|
|
|
|
- `enablesogocalendar`
|
|
|
|
- `enablesogoactivesync`
|
|
|
|
|
|
|
|
Download plain SQL file used to update SQL table:
|
|
|
|
|
|
|
|
```
|
|
|
|
wget -O /tmp/iredmail.pgsql https://github.com/iredmail/iRedMail/raw/1.4.1/update/1.4.1/iredmail.pgsql
|
|
|
|
chmod +r /tmp/iredmail.pgsql
|
|
|
|
```
|
|
|
|
|
|
|
|
* Connect to PostgreSQL server as `postgres` user and import the SQL file:
|
|
|
|
* on Linux, it's `postgres` user
|
|
|
|
* on FreeBSD, it's `pgsql` user
|
|
|
|
* on OpenBSD, it's `_postgresql` user
|
|
|
|
|
|
|
|
```
|
|
|
|
su - postgres
|
|
|
|
psql -d vmail < /tmp/iredmail.pgsql
|
|
|
|
```
|
|
|
|
|
|
|
|
* Remove downloaded file:
|
|
|
|
|
|
|
|
```
|
|
|
|
rm -f /tmp/iredmail.pgsql
|
|
|
|
```
|
2021-09-05 19:55:40 -05:00
|
|
|
|
2021-09-05 20:10:52 -05:00
|
|
|
### SOGo: Re-create SQL VIEW and update config file
|
2021-09-05 19:55:40 -05:00
|
|
|
|
|
|
|
Download plain SQL file used to update SQL table:
|
|
|
|
|
|
|
|
```
|
|
|
|
wget -O /tmp/sogo.pgsql https://github.com/iredmail/iRedMail/raw/1.4.1/update/1.4.1/sogo.pgsql
|
|
|
|
chmod +r /tmp/sogo.pgsql
|
|
|
|
```
|
|
|
|
|
|
|
|
Please open file `/tmp/sogo.pgsql`, replace string `VMAIL_DB_BIND_PASSWD` by
|
|
|
|
the real password of SQL user `vmail`. You can find the password in any file
|
|
|
|
under `/etc/postfix/pgsql/`.
|
|
|
|
|
|
|
|
After updated `/tmp/sogo.pgsql`, please connect to PostgreSQL server as
|
|
|
|
`postgres` user and import the SQL file:
|
|
|
|
* on Linux, it's `postgres` user
|
|
|
|
* on FreeBSD, it's `pgsql` user
|
|
|
|
* on OpenBSD, it's `_postgresql` user
|
|
|
|
|
|
|
|
```
|
|
|
|
su - postgres
|
|
|
|
psql -d sogo < /tmp/sogo.pgsql
|
|
|
|
```
|
|
|
|
|
|
|
|
* Remove downloaded file:
|
|
|
|
|
|
|
|
```
|
|
|
|
rm -f /tmp/sogo.pgsql
|
|
|
|
```
|
|
|
|
|
2021-09-05 20:10:52 -05:00
|
|
|
Now open SOGo main config file `/etc/sogo/sogo.conf` (Linux/OpenBSD) or
|
|
|
|
`/usr/local/etc/sogo/sogo.conf` (FreeBSD), find the `SOGoUserSources` block
|
|
|
|
like below:
|
|
|
|
|
|
|
|
```
|
|
|
|
// Authentication using SQL
|
|
|
|
SOGoUserSources = (
|
|
|
|
{
|
|
|
|
type = sql;
|
|
|
|
id = users;
|
|
|
|
viewURL = ...
|
|
|
|
canAuthenticate = YES;
|
|
|
|
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
}
|
|
|
|
)
|
|
|
|
```
|
|
|
|
|
|
|
|
Add new parameter `ModulesConstraints` right after `canAuthenticate = YES;`
|
|
|
|
line like below:
|
|
|
|
|
|
|
|
```
|
|
|
|
SOGoUserSources = (
|
|
|
|
{
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
canAuthenticate = YES;
|
|
|
|
|
|
|
|
ModulesConstraints = {
|
|
|
|
Mail = { c_webmail = y; };
|
|
|
|
Calendar = { c_calendar = y; };
|
|
|
|
ActiveSync = { c_activesync = y; };
|
|
|
|
};
|
|
|
|
|
|
|
|
// ... we omit other config lines here ...
|
|
|
|
}
|
|
|
|
)
|
|
|
|
```
|
|
|
|
|
|
|
|
Restarting SOGo service is requried.
|