iredmail-doc/html/upgrade.iredmail.0.9.1-0.9....

98 lines
4.6 KiB
HTML
Raw Normal View History

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Upgrade iRedMail from 0.9.1 to 0.9.2</title>
<link href="./css/markdown.css" rel="stylesheet"></head>
</head>
<body>
<div id="navigation">
<a href="http://www.iredmail.org" target="_blank">iRedMail web site</a>
// <a href="./index.html">Document Index</a>
</div><h1 id="upgrade-iredmail-from-091-to-092">Upgrade iRedMail from 0.9.1 to 0.9.2</h1>
<div class="toc">
<ul>
<li><a href="#upgrade-iredmail-from-091-to-092">Upgrade iRedMail from 0.9.1 to 0.9.2</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</a><ul>
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
<li><a href="#dont-ban-applicationoctet-stream-dat-files-in-amavisd">Don't ban 'application/octet-stream, dat' files in Amavisd</a></li>
<li><a href="#optional-update-one-fail2ban-filter-regular-expressio-to-help-catch-dos-attacks-to-smtp-service">[OPTIONAL] Update one Fail2ban filter regular expressio to help catch DoS attacks to SMTP service</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<h2 id="changelog">ChangeLog</h2>
2015-05-16 20:56:21 -05:00
<blockquote>
<p>We provide remote upgrade service, check <a href="../support.html">the price</a> and <a href="../contact.html">contact us</a>.</p>
</blockquote>
<ul>
<li>2015-05-16: [All backends][RHEL/CentOS] Don't ban 'application/octet-stream,
dat' files in Amavisd. It catches too many normal file types.</li>
<li>2015-05-16: [OPTIONAL][All backends] Update one Fail2ban filter regular
expressio to help catch DoS attacks to SMTP service</li>
</ul>
<h2 id="general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</h2>
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<pre><code># File: /etc/iredmail-release
0.9.2
</code></pre>
<h3 id="dont-ban-applicationoctet-stream-dat-files-in-amavisd">Don't ban 'application/octet-stream, dat' files in Amavisd</h3>
<p>Note: This is only applicable to RHEL/CentOS.</p>
<ul>
<li>Find below lines in Amavisd config file <code>/etc/amavisd/amavisd.conf</code>:</li>
</ul>
<pre><code>$banned_namepath_re = new_RE(
# Unknown binary files.
[qr'M=application/(zip|rar|arc|arj|zoo|gz|bz2|octet-stream)(,|\t).*T=dat(,|\t)'xmi =&gt; 'DISCARD'],
...
);
</code></pre>
<ul>
<li>Remove <code>|octet-stream</code> in 3rd line. After modified, it's:</li>
</ul>
<pre><code>$banned_namepath_re = new_RE(
# Unknown binary files.
[qr'M=application/(zip|rar|arc|arj|zoo|gz|bz2)(,|\t).*T=dat(,|\t)'xmi =&gt; 'DISCARD'],
...
);
</code></pre>
<ul>
<li>Restart Amavisd service.</li>
</ul>
<pre><code># service amavisd restart
</code></pre>
<h3 id="optional-update-one-fail2ban-filter-regular-expressio-to-help-catch-dos-attacks-to-smtp-service">[OPTIONAL] Update one Fail2ban filter regular expressio to help catch DoS attacks to SMTP service</h3>
<ol>
<li>Open file <code>/etc/fail2ban/filters.d/postfix.iredmail.conf</code> or
<code>/usr/local/etc/fail2ban/filters.d/postfix.iredmail.conf</code> (on FreeBSD), find
below line under <code>[Definition]</code> section:</li>
</ol>
<pre><code> lost connection after AUTH from (.*)\[&lt;HOST&gt;\]
</code></pre>
<p>Update above line to below one:</p>
<pre><code> lost connection after (AUTH|UNKNOWN|EHLO) from (.*)\[&lt;HOST&gt;\]
</code></pre>
<p>Restarting Fail2ban service is required.</p><p style="text-align: center; color: grey;">Document published under a <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">CC BY-ND 3.0</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-3293801-21', 'auto');
ga('send', 'pageview');
</script>
</body></html>