2016-05-19 06:51:20 -05:00
<!DOCTYPE html>
2015-01-12 06:06:43 -06:00
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
< title > Upgrade iRedMail from 0.9.0 to 0.9.1< / title >
2015-07-31 23:14:52 -05:00
< link rel = "stylesheet" type = "text/css" href = "./css/markdown.css" / >
2015-01-12 06:06:43 -06:00
< / head >
< body >
< div id = "navigation" >
2016-04-19 12:48:51 -05:00
< a href = "/index.html" target = "_blank" >
< img alt = "iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>
< span > iRedMail< / span >
< / a >
2016-02-29 02:15:19 -06:00
// < a href = "./index.html" > Document Index< / a > < / div > < h1 id = "upgrade-iredmail-from-090-to-091" > Upgrade iRedMail from 0.9.0 to 0.9.1< / h1 >
2015-01-12 06:06:43 -06:00
< div class = "toc" >
< ul >
< li > < a href = "#upgrade-iredmail-from-090-to-091" > Upgrade iRedMail from 0.9.0 to 0.9.1< / a > < ul >
< li > < a href = "#changelog" > ChangeLog< / a > < / li >
2015-01-13 07:28:36 -06:00
< li > < a href = "#general-all-backends-should-apply-these-steps" > General (All backends should apply these steps)< / a > < ul >
2015-05-21 11:36:31 -05:00
< li > < a href = "#update-etciredmail-release-with-new-iredmail-version-number" > Update /etc/iredmail-release with new iRedMail version number< / a > < / li >
2015-02-16 11:15:29 -06:00
< li > < a href = "#upgrade-roundcube-webmail-to-the-latest-stable-release" > Upgrade Roundcube webmail to the latest stable release< / a > < / li >
2015-05-14 22:51:10 -05:00
< li > < a href = "#upgrade-iredapd-postfix-policy-server-to-the-latest-150" > Upgrade iRedAPD (Postfix policy server) to the latest 1.5.0< / a > < / li >
2015-02-18 03:37:41 -06:00
< li > < a href = "#fixed-return-receipt-response-rejected-by-iredapd-plugin-reject_null_sender" > Fixed: return receipt response rejected by iRedAPD plugin reject_null_sender< / a > < / li >
2015-05-03 09:25:37 -05:00
< li > < a href = "#fixed-amavisd-cannot-ban-zipped-exe-attachment-file" > Fixed: Amavisd cannot ban zipped .exe attachment file.< / a > < / li >
2015-04-21 22:01:36 -05:00
< li > < a href = "#fixed-amavisd-cannot-detect-exe-file-in-rar-compressed-attachment" > Fixed: Amavisd cannot detect .exe file in rar compressed attachment.< / a > < / li >
2015-02-11 04:07:26 -06:00
< li > < a href = "#fixed-cannot-run-php-script-under-web-document-root-with-nginx" > Fixed: Cannot run PHP script under web document root with Nginx.< / a > < / li >
2015-04-19 03:31:45 -05:00
< li > < a href = "#fixed-incorrect-log-file-and-ownergroup-in-logrotate-config-file-etclogrotatedpolicyd" > Fixed: Incorrect log file and owner/group in logrotate config file: /etc/logrotate.d/policyd< / a > < / li >
2015-02-02 04:24:01 -06:00
< li > < a href = "#fixed-incorrect-path-of-command-sogo-tool-on-openbsd" > Fixed: Incorrect path of command sogo-tool on OpenBSD< / a > < / li >
2015-04-05 21:50:01 -05:00
< li > < a href = "#optional-make-dovecot-subscribe-newly-created-folder-automatically" > [OPTIONAL] Make Dovecot subscribe newly created folder automatically< / a > < / li >
2015-02-18 03:37:41 -06:00
< li > < a href = "#optional-setup-fail2ban-to-monitor-password-failures-in-sogo-log-file" > [OPTIONAL] Setup Fail2ban to monitor password failures in SOGo log file< / a > < / li >
2015-02-24 21:31:14 -06:00
< li > < a href = "#optional-add-two-more-fail2ban-filter-regular-expressios-to-help-catch-spam" > [OPTIONAL] Add two more Fail2ban filter regular expressios to help catch spam< / a > < / li >
2015-02-02 04:24:01 -06:00
< / ul >
< / li >
< li > < a href = "#openldap-backend-special" > OpenLDAP backend special< / a > < ul >
2015-03-25 06:36:46 -06:00
< li > < a href = "#use-the-latest-ldap-schema-file-provided-by-iredmail" > Use the latest LDAP schema file provided by iRedMail< / a > < / li >
< li > < a href = "#restrict-mail-user-to-login-from-specified-ip-addresses-or-networks" > Restrict mail user to login from specified IP addresses or networks< / a > < / li >
2015-02-02 04:24:01 -06:00
< li > < a href = "#fixed-not-backup-sogo-database" > Fixed: not backup SOGo database< / a > < / li >
2015-03-28 04:25:12 -06:00
< li > < a href = "#fixed-drop-retired-column-in-amavisd-database-policyspam_modifies_subj" > Fixed: drop retired column in Amavisd database: policy.spam_modifies_subj< / a > < / li >
2015-02-24 21:31:14 -06:00
< li > < a href = "#optional-bypass-greylisting-for-some-big-isps" > [OPTIONAL] Bypass greylisting for some big ISPs< / a > < / li >
2015-01-13 07:28:36 -06:00
< / ul >
< / li >
2015-01-12 06:06:43 -06:00
< li > < a href = "#mysqlmariadb-backend-special" > MySQL/MariaDB backend special< / a > < ul >
2015-03-25 06:36:46 -06:00
< li > < a href = "#add-new-sql-column-in-vmail-database" > Add new SQL column in vmail database< / a > < / li >
< li > < a href = "#restrict-mail-user-to-login-from-specified-ip-addresses-or-networks-and-apply-service-restriction-while-acting-as-sasl-server" > Restrict mail user to login from specified IP addresses or networks, and apply service restriction while acting as SASL server< / a > < / li >
2015-04-03 17:55:59 -06:00
< li > < a href = "#fixed-userextensiondomaincom-doesnt-work-with-per-domain-catch-all" > Fixed: user+extension@domain.com doesn't work with per-domain catch-all< / a > < / li >
2015-02-02 04:24:01 -06:00
< li > < a href = "#fixed-not-backup-sogo-database_1" > Fixed: not backup SOGo database< / a > < / li >
2015-03-28 04:25:12 -06:00
< li > < a href = "#fixed-drop-retired-column-in-amavisd-database-policyspam_modifies_subj_1" > Fixed: drop retired column in Amavisd database: policy.spam_modifies_subj< / a > < / li >
2015-02-24 21:31:14 -06:00
< li > < a href = "#optional-bypass-greylisting-for-some-big-isps_1" > [OPTIONAL] Bypass greylisting for some big ISPs< / a > < / li >
2015-01-12 06:06:43 -06:00
< / ul >
< / li >
< li > < a href = "#postgresql-backend-special" > PostgreSQL backend special< / a > < ul >
2015-03-25 06:36:46 -06:00
< li > < a href = "#add-new-sql-column-in-vmail-database_1" > Add new SQL column in vmail database< / a > < / li >
< li > < a href = "#restrict-mail-user-to-login-from-specified-ip-addresses-or-networks-and-apply-service-restriction-while-acting-as-sasl-server_1" > Restrict mail user to login from specified IP addresses or networks, and apply service restriction while acting as SASL server< / a > < / li >
2015-04-03 17:55:59 -06:00
< li > < a href = "#fixed-userextensiondomaincom-doesnt-work-with-per-domain-catch-all_1" > Fixed: user+extension@domain.com doesn't work with per-domain catch-all< / a > < / li >
2015-02-02 04:24:01 -06:00
< li > < a href = "#fixed-not-backup-sogo-database_2" > Fixed: not backup SOGo database< / a > < / li >
2015-03-28 04:25:12 -06:00
< li > < a href = "#fixed-drop-retired-column-in-amavisd-database-policyspam_modifies_subj_2" > Fixed: drop retired column in Amavisd database: policy.spam_modifies_subj< / a > < / li >
2015-02-24 21:31:14 -06:00
< li > < a href = "#optional-bypass-greylisting-for-some-big-isps_2" > [OPTIONAL] Bypass greylisting for some big ISPs< / a > < / li >
2015-01-12 06:06:43 -06:00
< / ul >
< / li >
< / ul >
< / li >
< / ul >
< / div >
2016-03-30 04:57:49 -06:00
< div class = "admonition note" >
< p class = "admonition-title" > Paid Remote Upgrade Support< / p >
< p > We offer remote upgrade support if you don't want to get your hands dirty,
check < a href = "../support.html" > the details< / a > and < a href = "../contact.html" > contact us< / a > .< / p >
< / div >
2015-01-12 06:06:43 -06:00
< h2 id = "changelog" > ChangeLog< / h2 >
< ul >
2015-05-14 20:54:55 -05:00
< li > 2015-05-15: Initial public.< / li >
2015-01-12 06:06:43 -06:00
< / ul >
2015-01-13 07:28:36 -06:00
< h2 id = "general-all-backends-should-apply-these-steps" > General (All backends should apply these steps)< / h2 >
2015-05-21 11:36:31 -05:00
< h3 id = "update-etciredmail-release-with-new-iredmail-version-number" > Update < code > /etc/iredmail-release< / code > with new iRedMail version number< / h3 >
< p > iRedMail stores the release version in < code > /etc/iredmail-release< / code > after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:< / p >
< pre > < code > # File: /etc/iredmail-release
0.9.1
< / code > < / pre >
2015-02-16 11:15:29 -06:00
< h3 id = "upgrade-roundcube-webmail-to-the-latest-stable-release" > Upgrade Roundcube webmail to the latest stable release< / h3 >
< p > Additional notes before upgrading Roundcube webmail 1.1.0 (or later releases):< / p >
< ul >
< li > for Debian/Ubuntu users, please install package < code > php-pear< / code > and < code > php5-intl< / code > ,
enable < code > intl< / code > module for PHP, then restart Apache service or < code > php5_fpm< / code >
service (if you're running Nginx):< / li >
< / ul >
< pre > < code > # apt-get install php-pear php5-intl
# php5enmod intl
2015-05-16 20:38:00 -05:00
# service apache2 restart # < - OR: `service php5_fpm restart` if you're running Nginx
2015-02-16 11:15:29 -06:00
< / code > < / pre >
< ul >
< li > for OpenBSD users, please install package < code > php-intl< / code > , then
restart < code > php_fpm< / code > service:< / li >
< / ul >
< pre > < code > # pkg_add -r php-intl
# /etc/rc.d/php_fpm restart
< / code > < / pre >
2015-05-02 09:24:42 -05:00
< p > Please download the < code > Complete< / code > edition (e.g. < code > roundcubemail-1.1.1-complete.tar.gz< / code > )
instead of < code > Dependent< / code > edition (e.g. < code > roundcubemail-1.1.1.tar.gz< / code > ).< / p >
2015-02-16 11:15:29 -06:00
< p > After you have additional packages installed, please follow Roundcube official
tutorial to upgrade Roundcube webmail to the latest stable release:
2016-05-08 03:25:42 -05:00
< a href = "https://github.com/roundcube/roundcubemail/wiki/Upgrade" > How to upgrade Roundcube< / a > .< / p >
2015-03-27 18:48:51 -06:00
< p > Notes:< / p >
< ul >
< li > If you're going to update PHP to 5.6, you should add below settings in
2015-05-02 09:24:42 -05:00
Roundcube config file (< code > config/config.inc.php< / code > ) to avoid ssl certificate issue.
If you don't know the location of this config file, check our tutorial here:
2016-02-10 06:05:52 -06:00
< a href = "./file.locations.html#roundcube-webmail" > Locations of configuration and log files of major components< / a > .< / li >
2015-03-27 18:48:51 -06:00
< / ul >
< pre > < code > // Required if you're running PHP 5.6
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
< / code > < / pre >
2015-05-14 22:51:10 -05:00
< h3 id = "upgrade-iredapd-postfix-policy-server-to-the-latest-150" > Upgrade iRedAPD (Postfix policy server) to the latest 1.5.0< / h3 >
2015-03-13 09:17:14 -06:00
< p > Please follow below tutorial to upgrade iRedAPD to the latest stable release:
2015-09-20 20:22:31 -05:00
< a href = "./upgrade.iredapd.html" > Upgrade iRedAPD to the latest stable release< / a > < / p >
2015-04-19 03:22:17 -05:00
< p > Detailed release notes are available here: < a href = "./iredapd.releases.html" > iRedAPD release notes< / a > .< / p >
< p > Note:< / p >
2015-05-14 22:51:10 -05:00
< p > iRedAPD-1.5.0 is able to log rejection and other non-DUNNO actions in iRedAdmin
2015-03-13 09:17:14 -06:00
database, admin can view the log under menu < code > System -> Admin Log< / code > of iRedAdmin.
If you want to log these actions, please add below new parameters in iRedAPD
config file < code > /opt/iredapd/settings.py< / code > :< / p >
< pre > < code > # Log reject (and other non-DUNNO) action in iRedAdmin SQL database
log_action_in_db = True
2015-05-06 18:00:40 -05:00
iredadmin_db_server = '127.0.0.1'
iredadmin_db_port = '3306'
iredadmin_db_name = 'iredadmin'
iredadmin_db_user = 'iredadmin'
iredadmin_db_password = 'password'
2015-03-13 09:17:14 -06:00
< / code > < / pre >
< p > You can find SQL username/password of iRedAdmin database in iRedAdmin config
file.< / p >
2015-02-18 03:37:41 -06:00
< h3 id = "fixed-return-receipt-response-rejected-by-iredapd-plugin-reject_null_sender" > Fixed: return receipt response rejected by iRedAPD plugin < code > reject_null_sender< / code > < / h3 >
2015-02-03 23:19:12 -06:00
< p > Note: this is applicable if you want to keep iRedAPD plugin < code > reject_null_sender< / code >
but still able to send return receipt with Roundcube webmail.< / p >
< p > According to RFC2298, return receipt envelope sender address must be empty. If
you have iRedAPD plugin < code > reject_null_sender< / code > enabled, it will reject return
receipt response. To particularly solve this issue, you can set below setting
in Roundcube config file < code > config/config.inc.php< / code > :< / p >
< ul >
< li > on RHEL/CentOS/OpenBSD, it's < code > /var/www/roundcubemail/config/config.inc.php< / code > .< / li >
< li > on Debian/Ubuntu, it's < code > /usr/share/apache2/roundcubemail/config/config.inc.php< / code > .< / li >
< li > on FreeBSD, it's < code > /usr/local/www/roundcube/config/config.inc.php< / code > .< / li >
< / ul >
< pre > < code > $config['mdn_use_from'] = true;
< / code > < / pre >
< p > Note: if other mail client applications don't set smtp authentication user as
2015-02-05 07:02:53 -06:00
envelope sender of return receipt, same issue will occurs. You must disable
2015-02-03 23:19:12 -06:00
iRedAPD plugin < code > reject_null_sender< / code > in < code > /opt/iredapd/settings.py< / code > to make all
mail clients work.< / p >
< p > iRedAPD plugin < code > reject_null_sender< / code > rejects message submitted by sasl
authenticated user but with null sender in < code > From:< / code > header (< code > from=< > < / code > in Postfix
log). If your user's password was cracked by spammer, spammer can use this
account to bypass smtp authentication, but with a null sender in < code > From:< / code >
header, throttling won't be triggered.< / p >
2015-05-03 09:25:37 -05:00
< h3 id = "fixed-amavisd-cannot-ban-zipped-exe-attachment-file" > Fixed: Amavisd cannot ban zipped < code > .exe< / code > attachment file.< / h3 >
2015-05-05 21:31:45 -05:00
< p > Note: this is applicable to only RHEL/CentOS.< / p >
2015-05-03 09:25:37 -05:00
< p > Amavisd on some Linux/BSD distribution uses < code > $banned_namepath_re< / code >
instead of < code > $banned_filename_re< / code > to check banned file types, but it
2015-05-03 09:19:17 -05:00
(< code > $banned_namepath_re< / code > ) was not defined, so we define some blocked file
types here.< / p >
2015-05-16 08:32:28 -05:00
< p > Please append below settings in Amavisd config file < code > /etc/amavisd/amavisd.conf< / code > ,
before the last line (< code > 1; # insure a defined return< / code > ) in the same file:< / p >
2015-05-03 09:19:17 -05:00
< pre > < code > # Amavisd on some Linux/BSD distribution use \$banned_namepath_re
# instead of \$banned_filename_re, so we define some blocked file
# types here.
#
# Sample input for $banned_namepath_re:
#
# P=p003\tL=1\tM=multipart/mixed\nP=p002\tL=1/2\tM=application/octet-stream\tT=dat\tN=my_docum.zip
#
# What it means:
# - T: type. e.g. zip archive.
# - M: MIME type. e.g. application/octet-stream.
# - N: suggested (MIME) name. e.g. my_docum.zip.
$banned_namepath_re = new_RE(
2015-05-06 19:16:06 -05:00
# Unknown binary files.
2015-05-30 02:57:31 -05:00
[qr'M=application/(zip|rar|arc|arj|zoo|gz|bz2)(,|\t).*T=dat(,|\t)'xmi => 'DISCARD'],
2015-05-06 19:16:06 -05:00
[qr'T=(exe|exe-ms|lha|cab|dll)(,|\t)'xmi => 'DISCARD'], # banned file(1) types
[qr'T=(pif|scr)(,|\t)'xmi => 'DISCARD'], # banned extensions - rudimentary
[qr'T=ani(,|\t)'xmi => 'DISCARD'], # banned animated cursor file(1) type
[qr'T=(mim|b64|bhx|hqx|xxe|uu|uue)(,|\t)'xmi => 'DISCARD'], # banned extension - WinZip vulnerab.
[qr'M=application/x-msdownload(,|\t)'xmi => 'DISCARD'], # block these MIME types
[qr'M=application/x-msdos-program(,|\t)'xmi => 'DISCARD'],
[qr'M=application/hta(,|\t)'xmi => 'DISCARD'],
[qr'M=(application/x-msmetafile|image/x-wmf)(,|\t)'xmi => 'DISCARD'], # Windows Metafile MIME type
2015-05-03 09:19:17 -05:00
);
< / code > < / pre >
< p > Restarting Amavisd service is required.< / p >
2015-04-21 22:01:36 -05:00
< h3 id = "fixed-amavisd-cannot-detect-exe-file-in-rar-compressed-attachment" > Fixed: Amavisd cannot detect < code > .exe< / code > file in rar compressed attachment.< / h3 >
2015-05-16 08:46:12 -05:00
< p > Note: This fix is applicable to RHEL/CentOS, Debian and Ubuntu.< / p >
2015-04-21 22:01:36 -05:00
< ul >
< li > On RHEL/CentOS, iRedMail doesn't install < code > unrar< / code > .< / li >
< li > On Debian/Ubuntu, iRedMail installs package < code > unrar-free< / code > as unarchiver to
uncompress < code > .rar< / code > attachment, but Amavisd cannot correctly detect < code > .exe< / code > file
in rar compressed file.< / li >
< / ul >
< p > Steps to fix this issue on RHEL/CentOS:< / p >
< pre > < code > # yum clean metadata
# yum install unrar
# service amavisd restart
< / code > < / pre >
2015-05-16 08:46:12 -05:00
< hr / >
< p > Steps to fix this issue on Debian:< / p >
< ul >
< li > Install package < code > unrar-free< / code > , restart Amavisd service.< / li >
< / ul >
< pre > < code > # apt-get install unrar-free
# service amavis restart
< / code > < / pre >
2015-05-16 08:42:11 -05:00
< hr / >
< p > Steps to fix this issue on Ubuntu:< / p >
2015-05-16 08:46:12 -05:00
< ul >
< li > Make sure you have < code > multiverse< / code > section enabled in < code > /etc/apt/sources.list< / code > .
for example:< / li >
< / ul >
< pre > < code > # For Ubuntu 14.04 LTS
deb http://[ubuntu_mirror_site]/ubuntu/ trusty main restricted universe multiverse
deb http://[ubuntu_mirror_site]/ubuntu/ trusty-updates main restricted universe multiverse
# For Ubuntu 15.04
deb http://[ubuntu_mirror_site]/ubuntu/ vivid main restricted universe multiverse
deb http://[ubuntu_mirror_site]/ubuntu/ vivid-updates main restricted universe multiverse
< / code > < / pre >
2015-04-21 22:01:36 -05:00
< ul >
2015-05-16 08:42:11 -05:00
< li > Delete package < code > unrar-free< / code > , install package < code > unrar< / code > .< / li >
2015-04-21 22:01:36 -05:00
< / ul >
< pre > < code > # apt-get remove --purge unrar-free
# apt-get install unrar
< / code > < / pre >
< ul >
< li > Add below setting in Amavisd config file < code > /etc/amavis/conf.d/50-user< / code > to ask
Amavisd to use < code > unrar-nonfree< / code > as unarchiver:< / li >
< / ul >
< pre > < code > $unrar = ['unrar-nonfree'];
< / code > < / pre >
< ul >
< li > Restart Amavisd service:< / li >
< / ul >
< pre > < code > # service amavis restart
< / code > < / pre >
2015-02-11 04:07:26 -06:00
< h3 id = "fixed-cannot-run-php-script-under-web-document-root-with-nginx" > Fixed: Cannot run PHP script under web document root with Nginx.< / h3 >
< p > With previous release of iRedMail, Nginx won't run PHP scripts under
sub-directories of web document root, this step will fix it.< / p >
< ul >
< li > Open Nginx config file < code > /etc/nginx/conf.d/default.conf< / code > (on Linux/OpenBSD)
or < code > /usr/local/etc/nginx/conf.d/default.conf< / code > , add one more setting in
configuration block < code > location ~ \.php$ {}< / code > like below:< / li >
< / ul >
< pre > < code > ...
root /var/www/html;
...
location ~ \.php$ {
...
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name; # < - Add this line
}
< / code > < / pre >
< ul >
< li > Save your changes and restart Nginx service.< / li >
< / ul >
< p > Notes:< / p >
< ul >
< li > There're two < code > location ~ \.php$ {}< / code > blocks, please update both of them.< / li >
< li >
< p > You must replace < code > /var/www/html< / code > in above sample code to the value of < code > root< / code >
setting defined in same config file.< / p >
< ul >
< li > on RHEL/CentOS, it's < code > /var/www/html< / code > .< / li >
< li > on Debian/Ubuntu, it's < code > /var/www< / code > .< / li >
< li > on FreeBSD, it's < code > /usr/local/www/apache22/data< / code > .
Note: if you're running Apache-2.4, the directory name should be
< code > apache24< / code > , not < code > apache22< / code > .< / li >
< li > on OpenBSD, it's < code > /var/www/htdocs< / code > .< / li >
< / ul >
< / li >
< / ul >
2015-04-19 03:31:45 -05:00
< h3 id = "fixed-incorrect-log-file-and-ownergroup-in-logrotate-config-file-etclogrotatedpolicyd" > Fixed: Incorrect log file and owner/group in logrotate config file: < code > /etc/logrotate.d/policyd< / code > < / h3 >
2015-05-16 20:38:00 -05:00
< p > Note: This is applicable to Linux and FreeBSD, we don't have Cluebringer
2015-04-19 03:31:45 -05:00
installed on OpenBSD.< / p >
< p > iRedMail-0.9.0 generates logrotate config file < code > /etc/logrotate.d/policyd< / code > with
incorrect log file name and owner/group.< / p >
< p > The original setting looks like below:< / p >
< pre > < code > /var/log/amavisd.log {
...
create 0600 amavis amavis
...
}
< / code > < / pre >
< p > Please change the log file name and owner/group to below settings:< / p >
< pre > < code > /var/log/cbpolicyd.log {
...
create 0600 cluebringer cluebringer
...
}
< / code > < / pre >
< p > Note: on FreeBSD, the owner/group name is < code > policyd< / code > , not < code > cluebringer< / code > .< / p >
2015-02-02 04:24:01 -06:00
< h3 id = "fixed-incorrect-path-of-command-sogo-tool-on-openbsd" > Fixed: Incorrect path of command < code > sogo-tool< / code > on OpenBSD< / h3 >
2015-01-13 07:28:36 -06:00
< p > Note: this step is applicable to only OpenBSD.< / p >
< p > Please check user < code > _sogo< / code > 's cron job, make sure path to < code > sogo-tool< / code > command is
< code > /usr/local/sbin/sogo-tool< / code > :< / p >
< pre > < code > # crontab -l -u _sogo
< / code > < / pre >
2015-01-13 07:39:21 -06:00
< p > If it's not < code > /usr/local/sbin/sogo-tool< / code > , please edit its cron job with below
command and fix it:< / p >
< pre > < code > # crontab -e -u _sogo
< / code > < / pre >
2015-04-05 21:50:01 -05:00
< h3 id = "optional-make-dovecot-subscribe-newly-created-folder-automatically" > [< strong > OPTIONAL< / strong > ] Make Dovecot subscribe newly created folder automatically< / h3 >
< p > With default iRedMail setting, Dovecot will create folder automatically (for
example, send email to < code > user+extension@domain.com< / code > will create folder
< code > extension< / code > in < code > user@domain.com< / code > 's mailbox), but not subscribe it. Below change
will make it subscribe to new folder automatically.< / p >
< ul >
< li > Open Dovecot config file < code > /etc/dovecot/dovecot.conf< / code > (Linux/OpenBSD) or
< code > /usr/local/etc/dovecot/dovecot.conf< / code > (FreeBSD), find block < code > protocol lda {}< / code >
like below:< / li >
< / ul >
< pre > < code > protocol lda {
...
}
< / code > < / pre >
< ul >
< li > Add one more setting in this block:< / li >
< / ul >
< pre > < code > protocol lda {
...
lda_mailbox_autosubscribe = yes
}
< / code > < / pre >
< ul >
< li > Restarting Dovecot service.< / li >
< / ul >
2015-02-18 03:37:41 -06:00
< h3 id = "optional-setup-fail2ban-to-monitor-password-failures-in-sogo-log-file" > [< strong > OPTIONAL< / strong > ] Setup Fail2ban to monitor password failures in SOGo log file< / h3 >
< p > To improve server security, we'd better block clients which have too many
failed login attempts from SOGo.< / p >
< p > Please append below lines in Fail2ban main config file < code > /etc/fail2ban/jail.local< / code > :< / p >
< pre > < code > [SOGo]
enabled = true
filter = sogo-auth
port = http, https
# without proxy this would be:
# port = 20000
action = iptables-multiport[name=SOGo, port=" http,https" , protocol=tcp]
logpath = /var/log/sogo/sogo.log
< / code > < / pre >
< p > Restarting Fail2ban service is required.< / p >
2015-02-24 21:31:14 -06:00
< h3 id = "optional-add-two-more-fail2ban-filter-regular-expressios-to-help-catch-spam" > [OPTIONAL] Add two more Fail2ban filter regular expressios to help catch spam< / h3 >
< p > We have two new Fail2ban filters to help catch spam:< / p >
< ol >
< li > first one will scan HELO rejections in Postfix log file.< / li >
< li > second one will scan aborded pop3/imap login in Dovecot log file.< / li >
< / ol >
< p > Steps:< / p >
< ol >
2015-05-16 20:38:00 -05:00
< li > Open file < code > /etc/fail2ban/filter.d/postfix.iredmail.conf< / code > or
< code > /usr/local/etc/fail2ban/filter.d/postfix.iredmail.conf< / code > (on FreeBSD), append
2015-02-24 21:31:14 -06:00
below line under < code > [Definition]< / code > section:< / li >
< / ol >
2015-02-18 03:37:41 -06:00
< pre > < code > reject: RCPT from (.*)\[< HOST> \]: 504 5.5.2 (.*) Helo command rejected: need fully-qualified hostname
< / code > < / pre >
< p > After modification, the whole content is:< / p >
< pre > < code > [Definition]
failregex = \[< HOST> \]: SASL (PLAIN|LOGIN) authentication failed
lost connection after AUTH from (.*)\[< HOST> \]
reject: RCPT from (.*)\[< HOST> \]: 550 5.1.1
reject: RCPT from (.*)\[< HOST> \]: 450 4.7.1
reject: RCPT from (.*)\[< HOST> \]: 554 5.7.1
reject: RCPT from (.*)\[< HOST> \]: 504 5.5.2 (.*) Helo command rejected: need fully-qualified hostname
ignoreregex =
< / code > < / pre >
2015-02-24 21:31:14 -06:00
< ol >
2015-05-16 20:38:00 -05:00
< li > Open file < code > /etc/fail2ban/filter.d/dovecot.iredmail.conf< / code > or
2015-06-11 07:17:20 -05:00
< code > /usr/local/etc/fail2ban/filter.d/dovecot.iredmail.conf< / code > (on FreeBSD), replace
its content by below text:< / li >
2015-02-24 21:31:14 -06:00
< / ol >
< pre > < code > [Definition]
2015-06-11 07:17:20 -05:00
failregex = Authentication failure.* rip=< HOST>
2015-02-24 21:31:14 -06:00
Aborted login \(no auth attempts in .* rip=< HOST>
2015-06-11 07:17:20 -05:00
Aborted login \(auth failed.* rip=< HOST>
Aborted login \(tried to use disallowed .* rip=< HOST>
Aborted login \(tried to use disabled .* rip=< HOST>
2015-02-24 21:31:14 -06:00
ignoreregex =
< / code > < / pre >
2015-02-18 03:37:41 -06:00
< p > Restarting Fail2ban service is required.< / p >
2015-02-02 04:24:01 -06:00
< h2 id = "openldap-backend-special" > OpenLDAP backend special< / h2 >
2015-03-25 06:36:46 -06:00
< h3 id = "use-the-latest-ldap-schema-file-provided-by-iredmail" > Use the latest LDAP schema file provided by iRedMail< / h3 >
< p > We have a new attribute < code > allowNets< / code > for mail user in the latest LDAP schema
file. With this new attribute, you can restrict mail users to login from
specified IP addresses or networks, multiple IP/nets must be separated by
comma.< / p >
< p > Steps to use the latest LDAP schema file are:< / p >
< ul >
< li > Download the newest iRedMail ldap schema file< / li >
< li > Copy old ldap schema file as a backup copy< / li >
< li > Replace the old one< / li >
< li > Restart OpenLDAP service.< / li >
< / ul >
< p > Here we go:< / p >
< ul >
< li > On RHEL/CentOS, OpenBSD:< / li >
< / ul >
< pre > < code > # cd /tmp
2016-06-03 03:17:34 -05:00
# wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/iredmail/iredmail.schema
2015-03-25 06:36:46 -06:00
# cd /etc/openldap/schema/
# cp iredmail.schema iredmail.schema.bak
# cp -f /tmp/iredmail.schema /etc/openldap/schema/
# /etc/init.d/slapd restart
< / code > < / pre >
< ul >
< li > On Debian/Ubuntu:< / li >
< / ul >
< pre > < code > # cd /tmp
2016-06-03 03:17:34 -05:00
# wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/iredmail/iredmail.schema
2015-03-25 06:36:46 -06:00
# cd /etc/ldap/schema/
# cp iredmail.schema iredmail.schema.bak
# cp -f /tmp/iredmail.schema /etc/ldap/schema/
# /etc/init.d/slapd restart
< / code > < / pre >
< ul >
< li > On FreeBSD:< / li >
< / ul >
< pre > < code > # cd /tmp
2016-06-03 03:17:34 -05:00
# wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/iredmail/iredmail.schema
2015-03-25 06:36:46 -06:00
2016-10-14 08:46:40 -05:00
# cd /usr/local/etc/openldap/schema/
2015-03-25 06:36:46 -06:00
# cp iredmail.schema iredmail.schema.bak
# cp -f /tmp/iredmail.schema /usr/local/etc/openldap/schema/
2016-10-14 08:46:40 -05:00
# service slapd restart
2015-03-25 06:36:46 -06:00
< / code > < / pre >
< h3 id = "restrict-mail-user-to-login-from-specified-ip-addresses-or-networks" > Restrict mail user to login from specified IP addresses or networks< / h3 >
< p > With the latest LDAP schema file, it's able to restrict mail users to login
from specified IP/networks.< / p >
< p > Open Dovecot config file < code > /etc/dovecot/dovecot-ldap.conf< / code > (Linux/OpenBSD) or
< code > /usr/local/etc/dovecot/dovecot-ldap.conf< / code > (FreeBSD), append
< code > allowNets=allow_nets< / code > in parameter < code > pass_attrs< / code > . The final setting should be:< / p >
< pre > < code > pass_attrs = mail=user,userPassword=password,allowNets=allow_nets
< / code > < / pre >
< p > Restarting Dovecot service is required.< / p >
2015-10-06 00:21:24 -05:00
< blockquote >
< p > Sample usage: allow user < code > user@domain.com< / code > to login from IP < code > 172.16.244.1< / code >
2016-04-24 09:21:04 -05:00
and network < code > 192.168.1.0/24< / code > :
< / p >
2015-10-06 00:21:24 -05:00
< / blockquote >
2015-03-25 06:36:46 -06:00
< pre > < code > dn: mail=user@domain.com,ou=Users,domainName=domain.com,o=domains,dc=xx,dc=xx
objectClass: mailUser
mail: user@domain.com
allowNets: 192.168.1.10,192.168.1.0/24
...
< / code > < / pre >
2015-10-06 00:21:24 -05:00
< blockquote >
2015-03-25 06:36:46 -06:00
< p > To remove this restriction, just remove attribute < code > allowNets< / code > for this user.< / p >
2015-10-06 00:21:24 -05:00
< / blockquote >
2015-02-02 04:24:01 -06:00
< h3 id = "fixed-not-backup-sogo-database" > Fixed: not backup SOGo database< / h3 >
< p > Note: this step is not applicable if you don't use SOGo groupware.< / p >
< p > Open backup script < code > /var/vmail/backup/backup_mysql.sh< / code > , append SOGo SQL
database name in variable < code > DATABASES=< / code > . For example:< / p >
< pre > < code > DATABASES='... sogo'
< / code > < / pre >
< p > Save your change and that's all.< / p >
2015-03-28 04:25:12 -06:00
< h3 id = "fixed-drop-retired-column-in-amavisd-database-policyspam_modifies_subj" > Fixed: drop retired column in Amavisd database: < code > policy.spam_modifies_subj< / code > < / h3 >
< p > Note: This is applicable to Amavisd-new-2.7.0 and later releases.< / p >
< p > Amavisd drops column < code > policy.spam_modifies_subj< / code > since amavisd-new-2.7.0
release, we'd better remove this column.< / p >
< p > Login to MySQL server as root user, then execute below SQL commands to drop it:< / p >
< pre > < code > mysql> USE amavisd;
mysql> ALTER TABLE policy DROP COLUMN spam_modifies_subj;
< / code > < / pre >
2015-02-24 21:31:14 -06:00
< h3 id = "optional-bypass-greylisting-for-some-big-isps" > [< strong > OPTIONAL< / strong > ] Bypass greylisting for some big ISPs< / h3 >
< p > ISPs' mail servers send out spams, but also normal business mails. Applying
greylisting on them is helpless.< / p >
< ul >
< li > Download SQL template file:< / li >
< / ul >
< pre > < code > # cd /tmp
2015-09-29 21:23:42 -05:00
# wget https://bitbucket.org/zhb/iredmail/raw/40b98d7dde0178d54498e170c8b5165c0316dc96/iRedMail/samples/cluebringer/greylisting-whitelist.sql
2015-02-24 21:31:14 -06:00
< / code > < / pre >
< ul >
< li > Login to MySQL database and import this file:< / li >
< / ul >
< pre > < code > $ mysql -uroot -p
mysql> USE cluebringer;
mysql> SOURCE /tmp/greylisting-whitelist.sql;
< / code > < / pre >
< p > That's all.< / p >
2015-01-12 06:06:43 -06:00
< h2 id = "mysqlmariadb-backend-special" > MySQL/MariaDB backend special< / h2 >
2015-03-25 06:36:46 -06:00
< h3 id = "add-new-sql-column-in-vmail-database" > Add new SQL column in < code > vmail< / code > database< / h3 >
< p > We have a new SQL column < code > mailbox.allow_nets< / code > in < code > vmail< / code > database, it's used
to restrict mail users to login from specified IP addresses or networks,
multiple IP/nets must be separated by comma.< / p >
< p > Connect to SQL server as MySQL root user, create new column:< / p >
< pre > < code > $ mysql -uroot -p
mysql> USE vmail;
mysql> ALTER TABLE mailbox ADD COLUMN `allow_nets` TEXT DEFAULT NULL;
2015-01-12 06:06:43 -06:00
< / code > < / pre >
2015-03-25 06:36:46 -06:00
< h3 id = "restrict-mail-user-to-login-from-specified-ip-addresses-or-networks-and-apply-service-restriction-while-acting-as-sasl-server" > Restrict mail user to login from specified IP addresses or networks, and apply service restriction while acting as SASL server< / h3 >
< ul >
< li >
< p > With new SQL column < code > mailbox.allow_nets< / code > , it's able to restrict mail users to
login from specified IP/networks. We have sample usage below.< / p >
< / li >
< li >
< p > With new service restriction, it's able to enable or disable smtp service for
mail users.< / p >
< / li >
< / ul >
< p > Open Dovecot config file < code > /etc/dovecot/dovecot-mysql.conf< / code > (Linux/OpenBSD) or
< code > /usr/local/etc/dovecot/dovecot-mysql.conf< / code > (FreeBSD), then:< / p >
< ul >
< li > append < code > allow_nets< / code > in parameter < code > password_query< / code > < / li >
< li > append < code > AND enable%Ls%Lc=1< / code > in < code > WHERE< / code > statement< / li >
< / ul >
< p > The final setting should be:< / p >
< pre > < code > password_query = SELECT password, allow_nets FROM mailbox WHERE username='%u' AND enable%Ls%Lc=1 AND active='1'
< / code > < / pre >
2015-01-12 06:06:43 -06:00
2015-03-25 06:36:46 -06:00
< p > Restarting Dovecot service is required.< / p >
2015-10-06 00:21:24 -05:00
< blockquote >
< p > Sample usage: allow user < code > user@domain.com< / code > to login from IP < code > 172.16.244.1< / code >
2016-04-24 09:21:04 -05:00
and network < code > 192.168.1.0/24< / code > :
< / p >
2015-10-06 00:21:24 -05:00
< / blockquote >
2015-03-25 06:36:46 -06:00
< pre > < code > sql> USE vmail;
2015-04-07 07:13:48 -05:00
sql> UPDATE mailbox SET allow_nets='172.16.244.1,192.168.1.0/24' WHERE username='user@domain.com`;
2015-01-12 06:06:43 -06:00
< / code > < / pre >
2015-10-06 00:21:24 -05:00
< blockquote >
2015-03-25 06:36:46 -06:00
< p > To remove this restriction, just set < code > mailbox.allow_nets< / code > to < code > NULL< / code > , not empty string.< / p >
2015-10-06 00:21:24 -05:00
< / blockquote >
2015-04-03 17:55:59 -06:00
< h3 id = "fixed-userextensiondomaincom-doesnt-work-with-per-domain-catch-all" > Fixed: user+extension@domain.com doesn't work with per-domain catch-all< / h3 >
< p > With iRedMail-0.9.0 and earlier versions, if you have per-domain catch-all
enabled, email sent to < code > user+extension@domain.com< / code > will be delivered to
catch-all address instead of < code > user@domain.com< / code > . Below steps fix this issue.< / p >
< ul >
< li > Open file < code > /etc/postfix/mysql/catchall_maps.cf< / code > (Linux/OpenBSD) or
< code > /usr/local/etc/postfix/mysql/catchall_maps.cf< / code > (FreeBSD), find below line:< / li >
< / ul >
< pre > < code > query = ... WHERE alias.address='%d' AND alias.address=domain.domain ...
< / code > < / pre >
< ul >
< li > Append one more statement after < code > alias.address='%d'< / code > , the final setting
should be:< / li >
< / ul >
< pre > < code > query = ... WHERE alias.address='%d' AND '%u' NOT LIKE '%%+%%' AND alias.address=domain.domain ...
< / code > < / pre >
< ul >
< li > Save your change and restart Postfix service.< / li >
< / ul >
2015-02-02 04:24:01 -06:00
< h3 id = "fixed-not-backup-sogo-database_1" > Fixed: not backup SOGo database< / h3 >
< p > Note: this step is not applicable if you don't use SOGo groupware.< / p >
< p > Open backup script < code > /var/vmail/backup/backup_mysql.sh< / code > , append SOGo SQL
database name in variable < code > DATABASES=< / code > . For example:< / p >
< pre > < code > DATABASES='... sogo'
< / code > < / pre >
< p > Save your change and that's all.< / p >
2015-03-28 04:25:12 -06:00
< h3 id = "fixed-drop-retired-column-in-amavisd-database-policyspam_modifies_subj_1" > Fixed: drop retired column in Amavisd database: < code > policy.spam_modifies_subj< / code > < / h3 >
< p > Note: This is applicable to Amavisd-new-2.7.0 and later releases.< / p >
< p > Amavisd drops column < code > policy.spam_modifies_subj< / code > since amavisd-new-2.7.0
release, we'd better remove this column.< / p >
< p > Login to MySQL server as root user, then execute below SQL commands to drop it:< / p >
< pre > < code > mysql> USE amavisd;
mysql> ALTER TABLE policy DROP COLUMN spam_modifies_subj;
< / code > < / pre >
2015-02-24 21:31:14 -06:00
< h3 id = "optional-bypass-greylisting-for-some-big-isps_1" > [< strong > OPTIONAL< / strong > ] Bypass greylisting for some big ISPs< / h3 >
< p > ISPs' mail servers send out spams, but also normal business mails. Applying
greylisting on them is helpless.< / p >
< ul >
< li > Download SQL template file:< / li >
< / ul >
< pre > < code > # cd /tmp
2015-09-29 21:23:42 -05:00
# wget https://bitbucket.org/zhb/iredmail/raw/40b98d7dde0178d54498e170c8b5165c0316dc96/iRedMail/samples/cluebringer/greylisting-whitelist.sql
2015-02-24 21:31:14 -06:00
< / code > < / pre >
< ul >
< li > Login to MySQL database and import this file:< / li >
< / ul >
< pre > < code > $ mysql -uroot -p
mysql> USE cluebringer;
mysql> SOURCE /tmp/greylisting-whitelist.sql;
< / code > < / pre >
< p > That's all.< / p >
2015-01-12 06:06:43 -06:00
< h2 id = "postgresql-backend-special" > PostgreSQL backend special< / h2 >
2015-03-25 06:36:46 -06:00
< h3 id = "add-new-sql-column-in-vmail-database_1" > Add new SQL column in < code > vmail< / code > database< / h3 >
< p > We have a new SQL column < code > mailbox.allow_nets< / code > in < code > vmail< / code > database, it's used
to restrict mail users to login from specified IP addresses or networks,
multiple IP/nets must be separated by comma.< / p >
< p > Now connect to PostgreSQL server as admin user, create new column:< / p >
< pre > < code > # su - postgres
$ psql -d vmail
sql> ALTER TABLE mailbox ADD COLUMN allow_nets TEXT DEFAULT NULL;
2015-01-12 06:06:43 -06:00
< / code > < / pre >
2015-03-25 06:36:46 -06:00
< h3 id = "restrict-mail-user-to-login-from-specified-ip-addresses-or-networks-and-apply-service-restriction-while-acting-as-sasl-server_1" > Restrict mail user to login from specified IP addresses or networks, and apply service restriction while acting as SASL server< / h3 >
< ul >
< li >
< p > With new SQL column < code > mailbox.allow_nets< / code > , it's able to restrict mail users to
login from specified IP/networks. We have sample usage below.< / p >
< / li >
< li >
< p > With new service restriction, it's able to enable or disable smtp service for
mail users.< / p >
< / li >
< / ul >
< p > Open Dovecot config file < code > /etc/dovecot/dovecot-pgsql.conf< / code > (Linux/OpenBSD) or
< code > /usr/local/etc/dovecot/dovecot-pgsql.conf< / code > (FreeBSD), then:< / p >
< ul >
< li > append < code > allow_nets< / code > in parameter < code > password_query< / code > < / li >
< li > append < code > AND enable%Ls%Lc=1< / code > in < code > WHERE< / code > statement< / li >
< / ul >
< p > The final setting should be:< / p >
< pre > < code > password_query = SELECT password, allow_nets FROM mailbox WHERE username='%u' AND enable%Ls%Lc=1 AND active='1'
< / code > < / pre >
2015-01-12 06:06:43 -06:00
2015-03-25 06:36:46 -06:00
< p > Restarting Dovecot service is required.< / p >
2015-10-06 00:21:24 -05:00
< blockquote >
< p > Sample usage: allow user < code > user@domain.com< / code > to login from IP < code > 172.16.244.1< / code >
2016-04-24 09:21:04 -05:00
and network < code > 192.168.1.0/24< / code > :
< / p >
2015-10-06 00:21:24 -05:00
< / blockquote >
2015-03-25 06:36:46 -06:00
< pre > < code > sql> \c vmail;
2015-04-07 07:13:48 -05:00
sql> UPDATE mailbox SET allow_nets='172.16.244.1,192.168.1.0/24' WHERE username='user@domain.com`;
2015-01-12 06:06:43 -06:00
< / code > < / pre >
2015-10-06 00:21:24 -05:00
< blockquote >
2015-03-25 06:36:46 -06:00
< p > To remove this restriction, just set < code > mailbox.allow_nets< / code > to < code > NULL< / code > , not empty string.< / p >
2015-10-06 00:21:24 -05:00
< / blockquote >
2015-04-03 17:55:59 -06:00
< h3 id = "fixed-userextensiondomaincom-doesnt-work-with-per-domain-catch-all_1" > Fixed: user+extension@domain.com doesn't work with per-domain catch-all< / h3 >
< p > With iRedMail-0.9.0 and earlier versions, if you have per-domain catch-all
enabled, email sent to < code > user+extension@domain.com< / code > will be delivered to
catch-all address instead of < code > user@domain.com< / code > . Below steps fix this issue.< / p >
< ul >
< li > Open file < code > /etc/postfix/pgsql/catchall_maps.cf< / code > (Linux/OpenBSD) or
< code > /usr/local/etc/postfix/pgsql/catchall_maps.cf< / code > (FreeBSD), find below line:< / li >
< / ul >
< pre > < code > query = ... WHERE alias.address='%d' AND alias.address=domain.domain ...
< / code > < / pre >
< ul >
< li > Append one more statement after < code > alias.address='%d'< / code > , the final setting
should be:< / li >
< / ul >
< pre > < code > query = ... WHERE alias.address='%d' AND '%u' NOT LIKE '%%+%%' AND alias.address=domain.domain ...
< / code > < / pre >
< ul >
< li > Save your change and restart Postfix service.< / li >
< / ul >
2015-02-02 04:24:01 -06:00
< h3 id = "fixed-not-backup-sogo-database_2" > Fixed: not backup SOGo database< / h3 >
< p > Note: this step is not applicable if you don't use SOGo groupware.< / p >
< p > Open backup script < code > /var/vmail/backup/backup_mysql.sh< / code > , append SOGo SQL
database name in variable < code > DATABASES=< / code > . For example:< / p >
< pre > < code > DATABASES='... sogo'
< / code > < / pre >
2015-02-24 21:31:14 -06:00
< p > Save your change and that's all.< / p >
2015-03-28 04:25:12 -06:00
< h3 id = "fixed-drop-retired-column-in-amavisd-database-policyspam_modifies_subj_2" > Fixed: drop retired column in Amavisd database: < code > policy.spam_modifies_subj< / code > < / h3 >
< p > Note: This is applicable to Amavisd-new-2.7.0 and later releases.< / p >
< p > Amavisd drops column < code > policy.spam_modifies_subj< / code > since amavisd-new-2.7.0
release, we'd better remove this column.< / p >
< p > Login to PostgreSQL server as admin user, then execute below SQL commands to drop it:< / p >
< pre > < code > sql> \c amavisd;
sql> ALTER TABLE policy DROP COLUMN spam_modifies_subj;
< / code > < / pre >
2015-02-24 21:31:14 -06:00
< h3 id = "optional-bypass-greylisting-for-some-big-isps_2" > [< strong > OPTIONAL< / strong > ] Bypass greylisting for some big ISPs< / h3 >
< p > ISPs' mail servers send out spams, but also normal business mails. Applying
greylisting on them is helpless.< / p >
< ul >
< li > Download SQL template file:< / li >
< / ul >
< pre > < code > # cd /tmp
2015-09-29 21:23:42 -05:00
# wget https://bitbucket.org/zhb/iredmail/raw/40b98d7dde0178d54498e170c8b5165c0316dc96/iRedMail/samples/cluebringer/greylisting-whitelist.sql
2015-02-24 21:31:14 -06:00
< / code > < / pre >
< ul >
< li >
< p > Switch to PostgreSQL daemon user, then execute SQL commands to import it:< / p >
< ul >
< li > On Linux, PostgreSQL daemon user is < code > postgres< / code > .< / li >
< li > On FreeBSD, PostgreSQL daemon user is < code > pgsql< / code > .< / li >
< li > On OpenBSD, PostgreSQL daemon user is < code > _postgresql< / code > .< / li >
< / ul >
< / li >
< / ul >
< pre > < code > # su - postgres
$ psql -d cluebringer
sql> \i /tmp/greylisting-whitelist.sql;
< / code > < / pre >
2016-05-19 06:51:20 -05:00
< p > That's all.< / p > < div class = "footer" >
< p style = "text-align: center; color: grey;" > All documents are available in < a href = "https://bitbucket.org/zhb/iredmail-docs/src" > BitBucket repository< / a > , and published under < a href = "http://creativecommons.org/licenses/by-nd/3.0/us/" target = "_blank" > Creative Commons< / a > license. You can < a href = "https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2" > download the latest version< / a > for offline reading. If you found something wrong, please do < a href = "http://www.iredmail.org/contact.html" > contact us< / a > to fix it.< / p >
< / div >
< script type = "text/javascript" >
2015-02-05 07:02:53 -06:00
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-3293801-21', 'auto');
ga('send', 'pageview');
2015-01-12 06:06:43 -06:00
< / script >
< / body > < / html >