
207 lines
10 KiB
Raw Normal View History

<!DOCTYPE html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Upgrade iRedMail from 0.9.7 to 0.9.8</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
<div id="navigation">
2017-10-26 09:32:04 -05:00
<a href="" target="_blank">
<img alt="iRedMail web site"
style="vertical-align: middle; height: 30px;"
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><h1 id="upgrade-iredmail-from-097-to-098">Upgrade iRedMail from 0.9.7 to 0.9.8</h1>
<div class="toc">
<li><a href="#upgrade-iredmail-from-097-to-098">Upgrade iRedMail from 0.9.7 to 0.9.8</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</a><ul>
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release-22">Upgrade iRedAPD (Postfix policy server) to the latest stable release (2.2)</a></li>
2017-10-18 09:23:43 -05:00
<li><a href="#fixed-sogo-backup-script-contains-3-issues">Fixed: SOGo backup script contains 3 issues</a></li>
2017-10-05 19:05:42 -05:00
<li><a href="#optional-fix-improper-expected-dnsbl-filter-for-site-bbarracudacentralorg">[OPTIONAL] Fix improper expected DNSBL filter for site</a></li>
<li><a href="#optional-log-mail-subject-sender-size-in-mail-deliver-log">[OPTIONAL] Log mail subject, sender, size in mail deliver log</a></li>
<li><a href="#mysqlmariadb-backends">MySQL/MariaDB backends</a><ul>
<li><a href="#fixed-user-under-disabled-domain-is-able-to-send-email-with-smtp-protocol">Fixed: User under disabled domain is able to send email with smtp protocol</a></li>
<li><a href="#postgresql-backend">PostgreSQL backend</a><ul>
<li><a href="#fixed-user-under-disabled-domain-is-able-to-send-email-with-smtp-protocol_1">Fixed: User under disabled domain is able to send email with smtp protocol</a></li>
<div class="admonition warning">
<p class="admonition-title">DO NOT APPLY THIS UPGRADE TUTORIAL</p>
<p>This document is still a <strong>DRAFT</strong>, do NOT apply it.</p>
<div class="admonition note">
<p class="admonition-title">Paid Remote Upgrade Support</p>
<p>We offer remote upgrade support if you don't want to get your hands dirty,
check <a href="../support.html">the details</a> and <a href="../contact.html">contact us</a>.</p>
<h2 id="changelog">ChangeLog</h2>
<li>TODO [LDAP backends] Update LDAP schema and slapd.conf<ul>
<li>add new index for <code>member</code> and <code>uniqueMember</code></li>
<li>TODO [SQL backends] Update SQL structure:<ul>
<li>New column: <code>domain.maillists</code></li>
<li>New column: <code>forwardings.is_maillist</code></li>
<li>New table: <code>vmail.maillists</code></li>
<li>New doc: how to add a standalone (mlmmj) mailing list account</li>
<li>New doc: how to deploy mlmmj + mlmmj-admin</li>
2017-10-18 09:23:43 -05:00
<li>Oct 6, 2017: Fixed: SOGo backup script contains 3 issues</li>
2017-10-05 19:05:42 -05:00
<li>Oct 6, 2017: [OPTIONAL] Fix improper expected DNSBL filter for site <code></code></li>
<li>Oct 6, 2017: [OPTIONAL] Log mail subject, sender, size in mail deliver log.</li>
<h2 id="general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</h2>
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release-22">Upgrade iRedAPD (Postfix policy server) to the latest stable release (2.2)</h3>
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
<a href="./upgrade.iredapd.html">Upgrade iRedAPD to the latest stable release</a></p>
2017-10-18 09:23:43 -05:00
<h3 id="fixed-sogo-backup-script-contains-3-issues">Fixed: SOGo backup script contains 3 issues</h3>
2017-10-05 19:05:42 -05:00
<p>SOGo backup script <code>/var/vmail/backup/</code> shipped in iRedMail-0.9.7
2017-10-18 21:44:14 -05:00
and earlier releases contains 3 issues:</p>
<li>it cannot remove old backup files</li>
<li>it doesn't set correct owner and permission on backup files</li>
<li>it cannot find command <code>sogo-tool</code> on FreeBSD. This issue causes our script
didn't backup any sogo data at all.</li>
2017-10-05 19:05:42 -05:00
<p>To fix them, please download the latest version and override the one on your
<div class="admonition attention">
<p class="admonition-title">Attention</p>
<p>Script <code></code> uses <code>/var/vmail/backup</code> to store backup files by
default, if you use a different directory, please edit this file and modify
parameter <code>BACKUP_ROOTDIR=</code> to use the correct one.</p>
2017-10-05 19:05:42 -05:00
<pre><code>cd /var/vmail/backup/
chown root
chmod 0400
<h3 id="optional-fix-improper-expected-dnsbl-filter-for-site-bbarracudacentralorg">[OPTIONAL] Fix improper expected DNSBL filter for site <code></code></h3>
<p>Postfix config file generated by iRedMail enables DNSBL service for postscreen
service like below:</p>
<pre><code>postscreen_dnsbl_sites =[2..11]*3[2..11]*2
<p>but site <code></code> returns only domain <code></code> (instead of
a range from <code></code> to <code></code>), so we should change the
<code>[2..11]*2</code> line to:</p>
<pre><code>postscreen_dnsbl_sites =[2..11]*3*2
<p>Reloading or restarting Postfix is required.</p>
<h3 id="optional-log-mail-subject-sender-size-in-mail-deliver-log">[OPTIONAL] Log mail subject, sender, size in mail deliver log</h3>
<p>If you may need to get more info of (locally) delivered mail messages,
Dovecot setting <code>deliver_log_format</code> can log extra mail subject, sender, and
message size in mail deliver log. Please append this setting in Dovecot config
file <code>dovecot.conf</code>, then restart or reload Dovecot service.
<em> On Linux/OpenBSD, it's <code>/etc/dovecot/dovecot.conf</code>
</em> On FreeBSD, it's <code>/usr/local/etc/dovecot/dovecot.conf</code></p>
<pre><code>deliver_log_format = from=%{from}, envelope_sender=%{from_envelope}, subject=%{subject}, msgid=%m, size=%{size}, %$
<h2 id="mysqlmariadb-backends">MySQL/MariaDB backends</h2>
<h3 id="fixed-user-under-disabled-domain-is-able-to-send-email-with-smtp-protocol">Fixed: User under disabled domain is able to send email with smtp protocol</h3>
<p>Dovecot is IMAP/POP3/Managesieve server, also a SASL auth server for Postfix.
If mail domain is disabled, users under this domain are not able to use
IMAP/POP3/Managesieve services, but there's a bug in Dovecot SQL query, it
doesn't check domain status while performing smtp sasl auth.
Please follow steps below to fix it.</p>
<li>Open file <code>/etc/dovecot/dovecot-mysql.conf</code> (Linux/OpenBSD) or
<code>/usr/local/etc/dovecot/dovecot-mysql.conf</code> (FreeBSD), find the
<code>password_query</code> line like below:</li>
<pre><code>password_query = SELECT password, allow_nets FROM mailbox WHERE username='%u' AND enable%Ls%Lc=1 AND active=1
<li>Replace it by lines below:</li>
<pre><code>password_query = SELECT mailbox.password, mailbox.allow_nets \
FROM mailbox,domain \
WHERE mailbox.username='%u' \
AND mailbox.`enable%Ls%Lc`=1 \
AND mailbox.domain=domain.domain \
AND domain.backupmx=0 \
<li>Save your change and restart Dovecot service.</li>
<h2 id="postgresql-backend">PostgreSQL backend</h2>
<h3 id="fixed-user-under-disabled-domain-is-able-to-send-email-with-smtp-protocol_1">Fixed: User under disabled domain is able to send email with smtp protocol</h3>
<p>Dovecot is IMAP/POP3/Managesieve server, also a SASL auth server for Postfix.
If mail domain is disabled, users under this domain are not able to use
IMAP/POP3/Managesieve services, but there's a bug in Dovecot SQL query, it
doesn't check domain status while performing smtp sasl auth.
Please follow steps below to fix it.</p>
<li>Open file <code>/etc/dovecot/dovecot-pgsql.conf</code> (Linux/OpenBSD) or
<code>/usr/local/etc/dovecot/dovecot-pgsql.conf</code> (FreeBSD), find the
<code>password_query</code> line like below:</li>
<pre><code>password_query = SELECT password, allow_nets FROM mailbox WHERE username='%u' AND enable%Ls%Lc=1 AND active=1
<li>Replace it by lines below:</li>
<pre><code>password_query = SELECT mailbox.password, mailbox.allow_nets \
FROM mailbox,domain \
WHERE mailbox.username='%u' \
AND mailbox.&quot;enable%Ls%Lc&quot;=1 \
AND mailbox.domain=domain.domain \
AND domain.backupmx=0 \
<li>Save your change and restart Dovecot service.</li>
</ul><div class="footer">
<p style="text-align: center; color: grey;">All documents are available in <a href="">BitBucket repository</a>, and published under <a href="" target="_blank">Creative Commons</a> license. You can <a href="">download the latest version</a> for offline reading. If you found something wrong, please do <a href="">contact us</a> to fix it.</p>
2017-11-05 02:33:58 -06:00
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src=""></script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
2017-11-05 02:33:58 -06:00
gtag('config', 'UA-3293801-21');