iredmail-doc/html/upgrade.iredmail.0.9.2-0.9.3.html

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Upgrade iRedMail from 0.9.2 to 0.9.3</title>
        <link rel="stylesheet" type="text/css" href="./css/markdown.css" />
    </head>
    <body>
    
    <div id="navigation">
        <a href="http://www.iredmail.org" target="_blank">iRedMail web site</a>
    
        // <a href="./index.html">Document Index</a>
    </div><h1 id="upgrade-iredmail-from-092-to-093">Upgrade iRedMail from 0.9.2 to 0.9.3</h1>
<div class="toc">
<ul>
<li><a href="#upgrade-iredmail-from-092-to-093">Upgrade iRedMail from 0.9.2 to 0.9.3</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</a><ul>
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-170">Upgrade iRedAPD (Postfix policy server) to the latest 1.7.0</a></li>
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
<li><a href="#amavisd-fix-incorrect-setting-which-signs-dkim-on-inbound-messages">Amavisd: Fix incorrect setting which signs DKIM on inbound messages</a></li>
<li><a href="#dovecot-fix-incorrect-quota-warning-priorities">Dovecot: Fix incorrect quota warning priorities</a></li>
<li><a href="#dovecot-22-add-more-special-folders-as-alias-folders">Dovecot-2.2: Add more special folders as alias folders</a></li>
<li><a href="#sogo-the-dovecot-master-user-used-by-sogo-doesnt-work-due-to-incorrect-username">SOGo: The Dovecot Master User used by SOGo doesn't work due to incorrect username.</a></li>
<li><a href="#optional-fixed-not-preserve-the-case-of-extension-while-delivering-message-to-mailbox">[OPTIONAL] Fixed: Not preserve the case of ${extension} while delivering message to mailbox</a></li>
</ul>
</li>
<li><a href="#openldap-backend-special">OpenLDAP backend special</a><ul>
<li><a href="#fixed-dovecot-master-user-doesnt-work-with-acl-plugin">Fixed: Dovecot Master User doesn't work with ACL plugin</a></li>
<li><a href="#add-new-sql-table-outbound_wblist-in-amavisd-database">Add new SQL table outbound_wblist in amavisd database</a></li>
</ul>
</li>
<li><a href="#mysqlmariadb-backend-special">MySQL/MariaDB backend special</a><ul>
<li><a href="#add-new-sql-table-outbound_wblist-in-amavisd-database_1">Add new SQL table outbound_wblist in amavisd database</a></li>
</ul>
</li>
<li><a href="#postgresql-backend-special">PostgreSQL backend special</a><ul>
<li><a href="#add-new-sql-table-outbound_wblist-in-amavisd-database_2">Add new SQL table outbound_wblist in amavisd database</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<p><strong>This is still a DRAFT document, do NOT apply it.</strong></p>
<h2 id="changelog">ChangeLog</h2>
<blockquote>
<p>We provide remote upgrade service, check <a href="../support.html">the price</a> and <a href="../contact.html">contact us</a>.</p>
</blockquote>
<ul>
<li>TODO [SQL backends] New SQL column <code>alias.isuseralias</code>.</li>
<li>2015-07-31: SOGo: The Dovecot Master User used by SOGo doesn't work due to incorrect username.</li>
<li>2015-07-31: [LDAP] Fixed: Dovecot Master User doesn't work with ACL plugin.</li>
<li>2015-07-06: Add new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database.</li>
<li>2015-07-06: Amavisd: Fix incorrect setting which signs DKIM on inbound messages.</li>
<li>2015-07-03: Dovecot: Fix incorrect quota warning priorities.</li>
<li>2015-06-30: Dovecot-2.2: Add more special folders as alias folders.</li>
<li>2015-06-09: [OPTIONAL] Fixed: Not preserve the case of <code>${extension}</code> while delivering message to mailbox.</li>
</ul>
<h2 id="general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</h2>
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<pre><code># File: /etc/iredmail-release

0.9.3
</code></pre>

<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-170">Upgrade iRedAPD (Postfix policy server) to the latest 1.7.0</h3>
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
<a href="./upgrade.iredapd.html">How to upgrade iRedAPD-1.4.0 or later versions to the latest stable release</a></p>
<p>Detailed release notes are available here: <a href="./iredapd.releases.html">iRedAPD release notes</a>.</p>
<h3 id="upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</h3>
<p>Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
latest stable release immediately: <a href="http://trac.roundcube.net/wiki/Howto_Upgrade">How to upgrade Roundcube</a></p>
<h3 id="amavisd-fix-incorrect-setting-which-signs-dkim-on-inbound-messages">Amavisd: Fix incorrect setting which signs DKIM on inbound messages</h3>
<p>In iRedMail-0.9.2 and earlier releases, Amavisd will signing DKIM on inbound
message, this is wrong. Please follow steps below to fix it.</p>
<p>With below changes, Amavisd will aply policy bank 'ORIGINATING' to emails
submitted through submission (port 587) by smtp authenticated user. This way
we clearly separate emails submitted by authenticated users and inbound message
sent by others, and Amavisd won't sign DKIM on inbound message anymore.</p>
<ul>
<li>
<p>Open Amavisd config file, make sure you have below settings. If they don't
  exist, please add them or update them.</p>
<ul>
<li>on RHEL/CentOS: it's <code>/etc/amavisd/amavisd.conf</code>.</li>
<li>on Debian/Ubuntu: it's <code>/etc/amavis/conf.d/50-user</code>.</li>
<li>on FreeBSD: it's <code>/usr/local/etc/amavisd.conf</code>.</li>
<li>on OpenBSD: it's <code>/etc/amavisd.conf</code>.</li>
</ul>
</li>
</ul>
<pre><code>$inet_socket_port = [10024, 10026, 9998];
$interface_policy{'10026'} = 'ORIGINATING';
</code></pre>

<p>We will configure Postfix to pipe email submitted by authenticated user through
port 10026, others through port 10024. And port 9998 is used to manage
quarantined mails.</p>
<ul>
<li>Find <code>$policy_bank{'ORIGINATING'} = {</code> block, comment out <code>forward_method</code>
  line in the block:</li>
</ul>
<pre><code>  #forward_method =&gt; 'smtp:[127.0.0.1]:10027',
</code></pre>

<ul>
<li>
<p>Comment out below line in Amavisd config file:</p>
<p><strong>WARNING: Do NOT remove <code>originating =&gt; 1,</code> in other <code>$policy_bank</code> blocks.</strong></p>
</li>
</ul>
<pre><code>$originating = 1;
</code></pre>

<ul>
<li>Comment out the whole <code>$policy_bank{'MYUSERS'}</code> block:</li>
</ul>
<pre><code>#$policy_blank{'MYUSERS'} = {
#   ...
#}
</code></pre>

<ul>
<li>
<p>Restart Amavisd service.</p>
</li>
<li>
<p>Open Postfix config file <code>/etc/postfix/master.cf</code> (Linux/OpenBSD) or
  <code>/usr/local/etc/postfix/master.cf</code> (FreeBSD), update transport <code>submission</code>
  to use <code>content_filter=smtp-amavis:[127.0.0.1]:10026</code> as content filter like
  below:</p>
</li>
</ul>
<pre><code>submission inet n       -       n       -       -       smtpd
  ... [omit other settings here] ...
  -o content_filter=smtp-amavis:[127.0.0.1]:10026
</code></pre>

<ul>
<li>Restart Postfix service.</li>
</ul>
<h3 id="dovecot-fix-incorrect-quota-warning-priorities">Dovecot: Fix incorrect quota warning priorities</h3>
<p>iRedMail configures Dovecot to send warning message to local user when the
mailbox quota is 85%, 90% or 95% full, but the priorities is wrong. Please
fix it with steps below.</p>
<ul>
<li>Find below setting in Dovecot config file <code>/etc/dovecot/dovecot.conf</code>
  (Linux/OpenBSD) or <code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD):</li>
</ul>
<pre><code>    quota_warning = storage=85%% quota-warning 85 %u
    quota_warning2 = storage=90%% quota-warning 90 %u
    quota_warning3 = storage=95%% quota-warning 95 %u
</code></pre>

<p><code>quota_warning</code> has the highest priority, <code>quota_warning3</code> has the lowest
priority. Only the command for the first exceeded limit is executed, so we must
configure the highest limit first.</p>
<p>With above setting, when the mailbox quota goes from 70% to 98% directly, it
sends warning message to notify user that the quota is 85% full, this is wrong,
it's expected to be warned as 95% full instead.</p>
<ul>
<li>Update them to below ones to fix it. Please pay close attention to the percent
  numbers:</li>
</ul>
<pre><code>    quota_warning = storage=95%% quota-warning 95 %u
    quota_warning2 = storage=90%% quota-warning 90 %u
    quota_warning3 = storage=85%% quota-warning 85 %u
</code></pre>

<p>Restart Dovecot service is required.</p>
<p>For more details, please read Dovecot document:
<a href="http://wiki2.dovecot.org/Quota/Configuration">Quota Configuration</a></p>
<h3 id="dovecot-22-add-more-special-folders-as-alias-folders">Dovecot-2.2: Add more special folders as alias folders</h3>
<p>Note: This is applicable to Dovecot-2.2.x. if you're running Dovecot-2.1.x or
earlier versions, please skip this step.</p>
<p>Check Dovecot version number with below command first:</p>
<pre><code class="bash"># dovecot --version
</code></pre>

<p>Open Dovecot config file <code>/etc/dovecot/dovecot.conf</code> (Linux/OpenBSD) or
<code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD), find below setting:</p>
<pre><code>namespace {
    type = private
    ...
    inbox = yes
    ...
}
</code></pre>

<p>Add below alias folders inside the same <code>namespace {}</code> block:</p>
<pre><code>    mailbox &quot;Sent Items&quot; {
        auto = no
        special_use = \Sent
    }

    mailbox &quot;Deleted Messages&quot; {
        auto = no
        special_use = \Trash
    }

    mailbox &quot;Deleted Messages&quot; {
        auto = no
        special_use = \Trash
    }

    # Archive
    mailbox Archive {
        auto = subscribe
        special_use = \Archive
    }
    mailbox Archives {
        auto = no
        special_use = \Archive
    }
</code></pre>

<p>Restart Dovecot service is required.</p>
<h3 id="sogo-the-dovecot-master-user-used-by-sogo-doesnt-work-due-to-incorrect-username">SOGo: The Dovecot Master User used by SOGo doesn't work due to incorrect username.</h3>
<p>Note: you can skip this step if you don't run SOGo groupware, and iRedMail
doesn't install SOGo on FreeBSD due to missing required ports in official ports
tree.</p>
<p>The Dovecot Master User created by iRedMail and used by SOGo doesn't contain
a mail domain name, this will cause login failure.</p>
<p>If you don't append a (non-exist) mail domain name in Dovecot Master User
account, Dovecot will use the domain name of your login username. For example,
if your real user is <code>myuser@mydomain.com</code>, when you try to access this user's
mailbox as Dovecot Master User <code>myuser@mydomain.com*my_master_user</code>, it will
trigger Dovecot to verify user <code>my_master_user@mydomain.com</code> which doesn't
exist on your server, then this login attempt fails.</p>
<p>Please follow steps below to fix it.</p>
<ul>
<li>Open file <code>/etc/dovecot/dovecot-master-users</code> (Linux/OpenBSD),
  find the account used by SOGo:</li>
</ul>
<pre><code>sogo_sieve_master:...
</code></pre>

<ul>
<li>Append any mail domain name which is not hosted on your server to this
  account, save your change. for example:</li>
</ul>
<pre><code>sogo_sieve_master@not-exist.com:...
</code></pre>

<ul>
<li>Open file <code>/etc/sogo/sieve.cred</code>, append the same mail domain name for the
  sieve account:</li>
</ul>
<pre><code>sogo_sieve_master@not-exist.com:...
</code></pre>

<p>That's all.</p>
<h3 id="optional-fixed-not-preserve-the-case-of-extension-while-delivering-message-to-mailbox">[OPTIONAL] Fixed: Not preserve the case of <code>${extension}</code> while delivering message to mailbox</h3>
<p>With iRedMail-0.9.2 and earlier releases, email sent to user
<code>username+Ext@domain.com</code> (upper case <code>E</code>) will be delivered to folder
<code>ext</code> (lower case <code>e</code>) of <code>username@domain.com</code>'s mailbox. This fix will
preserve the case of address extension.</p>
<ul>
<li>Open file <code>/etc/postfix/master.cf</code> (Linux/OpenBSD) or
  <code>/usr/local/etc/postfix/master.cf</code> (FreeBSD), find below lines:</li>
</ul>
<pre><code># Use dovecot deliver program as LDA.
dovecot unix    -       n       n       -       -      pipe
    flags=DRhu ...
</code></pre>

<ul>
<li>Replace <code>flags=DRhu</code> by <code>flags=DRh</code> (remove <code>u</code>) in the third line:</li>
</ul>
<pre><code>    flags=DRh ...
</code></pre>

<ul>
<li>Save your change and restart Postfix service.</li>
</ul>
<h2 id="openldap-backend-special">OpenLDAP backend special</h2>
<h3 id="fixed-dovecot-master-user-doesnt-work-with-acl-plugin">Fixed: Dovecot Master User doesn't work with ACL plugin</h3>
<p>iRedMail has both Dovecot Master User and Dovecot <code>acl</code> plugin enabled by
default, if <code>acl</code> plugin is enabled, the Master User is still subject to ACLs
just like any other user, which means that by default the Master User has no
access to any mailboxes of the user. Please fix this issue by following steps
below.</p>
<ul>
<li>Open file <code>/etc/dovecot/dovecot-ldap.conf</code> (Linux/OpenBSD) or
  <code>/usr/local/etc/dovecot/dovecot-ldap.conf</code> (FreeBSD), find below line:</li>
</ul>
<pre><code>user_attrs      = mail=user, ...
</code></pre>

<ul>
<li>Add new setting <code>mail=master_user</code> in <code>user_attrs</code> like below:</li>
</ul>
<pre><code>user_attrs      = mail=master_user,mail=user, ...
</code></pre>

<ul>
<li>Restart Dovecot service.</li>
</ul>
<h3 id="add-new-sql-table-outbound_wblist-in-amavisd-database">Add new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database</h3>
<p>We need a new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database, it's used
to store white/blacklists for outbound message, required by iRedAPD plugin
<code>amavisd_wblist</code>.</p>
<p>Please connect to MySQL server as MySQL root user, create new table:</p>
<pre><code>$ mysql -uroot -p
mysql&gt; USE amavisd;
mysql&gt; CREATE TABLE outbound_wblist (rid integer unsigned NOT NULL, sid integer unsigned NOT NULL, wb varchar(10) NOT NULL, PRIMARY KEY (rid,sid));
</code></pre>

<p>After table created, please restart iRedAPD service.</p>
<h2 id="mysqlmariadb-backend-special">MySQL/MariaDB backend special</h2>
<h3 id="add-new-sql-table-outbound_wblist-in-amavisd-database_1">Add new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database</h3>
<p>We need a new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database, it's used
to store white/blacklists for outbound message, required by iRedAPD plugin
<code>amavisd_wblist</code>.</p>
<p>Please connect to MySQL server as MySQL root user, create new table:</p>
<pre><code>$ mysql -uroot -p
mysql&gt; USE amavisd;
mysql&gt; CREATE TABLE outbound_wblist (rid integer unsigned NOT NULL, sid integer unsigned NOT NULL, wb varchar(10) NOT NULL, PRIMARY KEY (rid,sid));
</code></pre>

<p>After table created, please restart iRedAPD service.</p>
<h2 id="postgresql-backend-special">PostgreSQL backend special</h2>
<h3 id="add-new-sql-table-outbound_wblist-in-amavisd-database_2">Add new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database</h3>
<p>We need a new SQL table <code>outbound_wblist</code> in <code>amavisd</code> database, it's used
to store white/blacklists for outbound message, required by iRedAPD plugin
<code>amavisd_wblist</code>.</p>
<p>Please switch to PostgreSQL daemon user, then execute SQL commands to import it:</p>
<pre><code>* On Linux, PostgreSQL daemon user is `postgres`.
* On FreeBSD, PostgreSQL daemon user is `pgsql`.
* On OpenBSD, PostgreSQL daemon user is `_postgresql`.
</code></pre>
<pre><code># su - postgres
$ psql -d cluebringer -d amavisd
sql&gt; CREATE TABLE outbound_wblist (rid integer NOT NULL CHECK (rid &gt;= 0), sid integer NOT NULL CHECK (sid &gt;= 0), wb varchar(10) NOT NULL, PRIMARY KEY (rid,sid));
</code></pre>

<p>After table created, please restart iRedAPD service.</p><p style="text-align: center; color: grey;">Document published under a <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">CC BY-ND 3.0</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<script>
  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','//www.google-analytics.com/analytics.js','ga');

  ga('create', 'UA-3293801-21', 'auto');
  ga('send', 'pageview');
</script>
</body></html>