iredmail-doc/html/migrate.to.new.iredmail.server.html

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Migrate old iRedMail server to the latest stable release</title>
        <link rel="stylesheet" type="text/css" href="./css/markdown.css" />
    </head>
    <body>
    
    <div id="navigation">
    <a href="/index.html" target="_blank">
        <img alt="iRedMail web site"
             src="./images/logo-iredmail.png"
             style="vertical-align: middle; height: 30px;"
             />&nbsp;
        <span>iRedMail</span>
    </a>
    &nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><h1 id="migrate-old-iredmail-server-to-the-latest-stable-release">Migrate old iRedMail server to the latest stable release</h1>
<div class="toc">
<ul>
<li><a href="#migrate-old-iredmail-server-to-the-latest-stable-release">Migrate old iRedMail server to the latest stable release</a><ul>
<li><a href="#client-settings-outlook-thunderbird">Client settings (Outlook, Thunderbird)</a></li>
<li><a href="#ldap-migrate-mail-accounts">LDAP: migrate mail accounts</a></li>
<li><a href="#mysqlpostgresql-migrate-mail-accounts">MySQL/PostgreSQL: Migrate mail accounts</a></li>
<li><a href="#migrate-mailboxes-maildir-format">Migrate mailboxes (Maildir format)</a></li>
<li><a href="#migrate-roundcube-webmail-data">Migrate Roundcube webmail data</a></li>
<li><a href="#migrate-dkim-keys">Migrate DKIM keys</a></li>
</ul>
</li>
<li><a href="#references">References</a></li>
</ul>
</div>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>Please practise the migration on a test server first, make sure you understand
the whole procedure and migrate all required data.</p>
</div>
<p>Since new iRedMail server will install same components as old server, you can choose what data you want to migrate.</p>
<p>Most important data are:</p>
<ul>
<li>email accounts stored in SQL/LDAP.</li>
<li>user mailboxes. Stored under /var/vmail by default.</li>
<li>SQL database of Roundcube webmail. It stores per-user webmail preferences, and address book.</li>
<li><strike>Policyd/Cluebringer database. It stores white/blacklists records, greylisting records, etc.</strike> Note: Policyd/Cluebringer were removed since iRedMail-0.9.3.</li>
<li>Amavisd database.<ul>
<li>It stores per-recipient white/blacklists in SQL tables: <code>mailaddr</code>, <code>policy</code>, <code>users</code>, <code>wblist</code>.</li>
<li>Basic info of in/out emails are stored in SQL tables: <code>maddr</code>, <code>msgs</code>, <code>msgrcpt</code>. Quarantined emails are stored in <code>quarantine</code>, it requires other 3 tables. If you don't have any quarantined emails, it's safe to delete all records in these 4 tables.</li>
</ul>
</li>
</ul>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>Do not restore database <code>mysql</code> exported from old server, it contains SQL
usernames/passwords for Roundcube/Amavisd/iRedAPD/iRedAdmin/... used on
old server. New iRedMail server has the same SQL usernames, but different
passwords. So please do not restore it.</p>
</div>
<h2 id="client-settings-outlook-thunderbird">Client settings (Outlook, Thunderbird)</h2>
<p>Since iRedMail-0.8.7, iRedMail enforces secure POP3/IMAP/SMTP connections,
please update your mail client applications to use TLS connection.</p>
<ul>
<li>For SMTP service, use port <code>587</code> with <code>STARTTLS</code> (or <code>TLS</code>).</li>
<li>For IMAP service, use port <code>143</code> with <code>STARTTLS</code> (or <code>TLS</code>), or port <code>993</code> with <code>SSL</code>.</li>
<li>For POP3 service, use port <code>110</code> with <code>STARTTLS</code> (or <code>TLS</code>), or port <code>995</code> with <code>SSL</code>.</li>
</ul>
<div class="admonition note">
<p class="admonition-title">Note</p>
<ul>
<li>
<p>If you want to enable smtp authentication on port <code>25</code> (again, not
  recommended), please comment out Postfix parameter <code>smtpd_tls_auth_only = yes</code>
  in its config file <code>/etc/postfix/main.cf</code>.</p>
</li>
<li>
<p>if you want to enable SMTPS (SMTP over SSL, port <code>465</code>) to support
  legency mail clients, please follow this tutorial:
  <a href="./enable.smtps.html">How to enable SMTPS service</a>.</p>
</li>
</ul>
</div>
<h2 id="ldap-migrate-mail-accounts">LDAP: migrate mail accounts</h2>
<p>Steps to migrate LDAP mail accounts:</p>
<ul>
<li>Setup a new server with the latest iRedMail, and make iRedAdmin-Pro-LDAP work as expected.</li>
<li>Export mail accounts from LDAP on OLD mail server.</li>
</ul>
<p>Normally, LDAP data can be exported into LDIF format. Here's backup/restore procedure: <a href="./backup.restore.html">Backup and Restore</a>.</p>
<p>Notes:</p>
<ul>
<li>There might be some changes in LDAP schema, please find scripts <a href="https://bitbucket.org/zhb/iredmail/src/default/extra/update/">here</a> to apply all required changes.</li>
<li>Here are all <a href="http://www.iredmail.org/docs/iredmail.releases.html">upgrade tutorials for iRedMail</a>.</li>
</ul>
<h2 id="mysqlpostgresql-migrate-mail-accounts">MySQL/PostgreSQL: Migrate mail accounts</h2>
<p>All mail accounts are stored in database <code>vmail</code> by default, to migrate mail
accounts, you can simply export this database on old server, then import it
on new server.</p>
<p><strong>IMPORTANT NOTE</strong>: iRedMail-0.8.7 drops several SQL columns, so before you
import backup SQL database, please add them first. It's safe to drop them
after you imported old database on new server.</p>
<pre><code class="mysql">mysql&gt; USE vmail;

mysql&gt; ALTER TABLE mailbox ADD COLUMN bytes BIGINT(20) NOT NULL DEFAULT 0;
mysql&gt; ALTER TABLE mailbox ADD COLUMN messages BIGINT(20) NOT NULL DEFAULT 0;

mysql&gt; ALTER TABLE domain ADD COLUMN defaultlanguage VARCHAR(5) NOT NULL DEFAULT 'en_US';
mysql&gt; ALTER TABLE domain ADD COLUMN defaultuserquota BIGINT(20) NOT NULL DEFAULT '1024';
mysql&gt; ALTER TABLE domain ADD COLUMN defaultuseraliases TEXT;
mysql&gt; ALTER TABLE domain ADD COLUMN disableddomainprofiles VARCHAR(255) NOT NULL DEFAULT '';
mysql&gt; ALTER TABLE domain ADD COLUMN disableduserprofiles VARCHAR(255) NOT NULL DEFAULT '';
mysql&gt; ALTER TABLE domain ADD COLUMN defaultpasswordscheme VARCHAR(10) NOT NULL DEFAULT '';
mysql&gt; ALTER TABLE domain ADD COLUMN minpasswordlength INT(10) NOT NULL DEFAULT 0;
mysql&gt; ALTER TABLE domain ADD COLUMN maxpasswordlength INT(10) NOT NULL DEFAULT 0;

mysql&gt; ALTER TABLE alias ADD COLUMN islist TINYINT(1) NOT NULL DEFAULT 0;
</code></pre>

<p>After imported backup SQL databases, please execute below commands to mark
mail alias accounts and drop above newly created columns:</p>
<pre><code class="mysql">mysql&gt; USE vmail;
mysql&gt; UPDATE alias SET islist=1 WHERE address NOT IN (SELECT username FROM mailbox);
mysql&gt; UPDATE alias SET islist=0 WHERE address=domain;    -- domain catch-all account

-- Store values into new column: domain.settings and drop them
mysql&gt; UPDATE domain SET settings='';
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(defaultlanguage IS NULL OR defaultlanguage='', '', CONCAT('default_language:', defaultlanguage, ';')));
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(defaultuserquota IS NULL OR defaultuserquota=0, '', CONCAT('default_user_quota:', defaultuserquota, ';')));
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(defaultuseraliases IS NULL OR defaultuseraliases='', '', CONCAT('default_groups:', defaultuseraliases, ';')));
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(minpasswordlength IS NULL OR minpasswordlength=0, '', CONCAT('min_passwd_length:', minpasswordlength, ';')));
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(maxpasswordlength IS NULL OR maxpasswordlength=0, '', CONCAT('max_passwd_length:', maxpasswordlength, ';')));
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(disableddomainprofiles IS NULL OR disableddomainprofiles='', '', CONCAT('disabled_domain_profiles:', disableddomainprofiles, ';')));
mysql&gt; UPDATE domain SET settings=CONCAT(settings, IF(disableduserprofiles IS NULL OR disableduserprofiles='', '', CONCAT('disabled_user_profiles:', disableduserprofiles, ';')));

mysql&gt; ALTER TABLE domain DROP defaultlanguage;
mysql&gt; ALTER TABLE domain DROP defaultuserquota;
mysql&gt; ALTER TABLE domain DROP defaultuseraliases;
mysql&gt; ALTER TABLE domain DROP minpasswordlength;
mysql&gt; ALTER TABLE domain DROP maxpasswordlength;
mysql&gt; ALTER TABLE domain DROP disableddomainprofiles;
mysql&gt; ALTER TABLE domain DROP disableduserprofiles;
</code></pre>

<p><strong>IMPORTANT NOTE</strong>: There might be some changes in SQL structure, please read
all upgrade tutorials for your current iRedMail release, then apply SQL
structure related changes. Check <a href="./iredmail.releases.html">upgrade tutorials for iRedMail</a>.</p>
<h2 id="migrate-mailboxes-maildir-format">Migrate mailboxes (Maildir format)</h2>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<ul>
<li>Make sure the maildir path stored in SQL/LDAP matches the mailbox
  path on file system, so that mail clients can find migrated mail messages.</li>
<li>After migrated mailboxes, you may want to recalculate mailbox quota by
  following our tutorial:
  <a href="./recalculate.mailbox.quota.html">Force Dovecot to recalculate mailbox quota</a></li>
</ul>
</div>
<ul>
<li>Copy all mailboxes (in Maildir format) to new iRedMail server with tools like <code>rsync</code>.</li>
<li>
<p>Set correct file owner and permission of mailboxes. Default owner is <code>vmail</code>,
  group is <code>vmail</code>, permission is <code>0700</code>.</p>
</li>
<li>
<p>With SQL backends, you can get full maildir path of user with below SQL command:</p>
</li>
</ul>
<pre><code>mysql&gt; USE vmail;
mysql&gt; SELECT CONCAT(storagebasedirectory, '/', storagenode, '/', maildir) FROM mailbox WHERE username='user@domain.com';
</code></pre>

<ul>
<li>With OpenLDAP backend, full maildir path is stored in LDAP attribute
  <code>homeDirectory</code> of mail user object. You can query with <code>ldapsearch</code> command:</li>
</ul>
<pre><code>$ ldapsearch -x -D 'cn=Manager,dc=xx,dc=xx' -b 'o=domains,dc=xx,dc=xx' -W &quot;(mail=user@domain.com)&quot; homeDirectory
</code></pre>

<h2 id="migrate-roundcube-webmail-data">Migrate Roundcube webmail data</h2>
<ul>
<li>Export/import roundcube webmail database, and upgrade database to work with new version of Roundcube.
<a href="http://trac.roundcube.net/wiki/Howto_Upgrade">http://trac.roundcube.net/wiki/Howto_Upgrade</a></li>
</ul>
<h2 id="migrate-dkim-keys">Migrate DKIM keys</h2>
<p>Amavisd will read DKIM keys and sign outgoing emails. DKIM keys are stored
under <code>/var/lib/dkim</code> by default, you can copy all keys under this directory to
new server, and make sure they have correct file owner <code>amavis:amavis</code> and
permission <code>0600</code>.</p>
<p>If you prefer generating new DKIM keys on new server, don't forget to update
DNS records for mail domain names.</p>
<h1 id="references">References</h1>
<ul>
<li><a href="./password.hashes.html">Password hashes</a></li>
<li><a href="./reset.user.password.html">Reset user password</a></li>
<li><a href="./why.append.timestamp.in.maildir.path.html">Why append timestamp in maildir path</a></li>
</ul><p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<script>
  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','//www.google-analytics.com/analytics.js','ga');

  ga('create', 'UA-3293801-21', 'auto');
  ga('send', 'pageview');
</script>
</body></html>