New: upgrade/0-upgrade.iredmail.0.7.4-0.8.0.md.
This commit is contained in:
parent
62222fc50f
commit
0374297fab
|
@ -41,7 +41,7 @@
|
|||
<li><a href="http://www.iredmail.org/forum/topic4016-news-announcements-bug-fixes-iredmail083-has-been-released.html">0.8.3</a>, Oct 13, 2012. <a href="./upgrade.iredmail.0.8.2-0.8.3.html">Upgrade from iRedMail-0.8.2</a></li>
|
||||
<li><a href="http://www.iredmail.org/forum/topic3913-news-announcements-bug-fixes-iredmail082-has-been-released.html">0.8.2</a>, Sep 19, 2012. <a href="./upgrade.iredmail.0.8.1-0.8.2.html">Upgrade from iRedMail-0.8.1</a></li>
|
||||
<li><a href="http://www.iredmail.org/forum/topic3499-news-announcements-bug-fixes-iredmail081-has-been-released.html">0.8.1</a>, Jun 8, 2012. <a href="./upgrade.iredmail.0.8.0-0.8.1.html">Upgrade from iRedMail-0.8.0</a></li>
|
||||
<li><a href="http://www.iredmail.org/forum/topic3345.html">0.8.0</a>, May 10, 2012. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.4-0.8.0">Upgrade from iRedMail-0.7.4</a></li>
|
||||
<li><a href="http://www.iredmail.org/forum/topic3345.html">0.8.0</a>, May 10, 2012. <a href="./upgrade.iredmail.0.7.4-0.8.0.html">Upgrade from iRedMail-0.7.4</a></li>
|
||||
<li><a href="http://www.iredmail.org/forum/topic2816-iredmail074-has-been-released.html">0.7.4</a>, Jan 9, 2012. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.3-0.7.4">Upgrade from iRedMail-0.7.3</a></li>
|
||||
<li><a href="http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.3">0.7.3</a>, Aug 17, 2011. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.2-0.7.3">Upgrade from iRedMail-0.7.2</a></li>
|
||||
<li><a href="http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.2">0.7.2</a>, Jun 10, 2011. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.1-0.7.2">Upgrade from iRedMail-0.7.1</a></li>
|
||||
|
|
|
@ -0,0 +1,277 @@
|
|||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||||
<title>Upgrade iRedMail from 0.7.4 to 0.8.0</title>
|
||||
<link href="./css/markdown.css" rel="stylesheet"></head>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<div id="navigation">
|
||||
<a href="http://www.iredmail.org" target="_blank">iRedMail web site</a>
|
||||
|
||||
// <a href="./index.html">Document Index</a>
|
||||
</div><h1 id="upgrade-iredmail-from-074-to-080">Upgrade iRedMail from 0.7.4 to 0.8.0</h1>
|
||||
<div class="toc">
|
||||
<ul>
|
||||
<li><a href="#upgrade-iredmail-from-074-to-080">Upgrade iRedMail from 0.7.4 to 0.8.0</a><ul>
|
||||
<li><a href="#changelog">ChangeLog</a></li>
|
||||
<li><a href="#general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</a><ul>
|
||||
<li><a href="#update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</a></li>
|
||||
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
|
||||
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</a></li>
|
||||
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</a></li>
|
||||
<li><a href="#set-strict-file-permission-for-dovecot-config-files">Set strict file permission for Dovecot config files</a></li>
|
||||
<li><a href="#enable-greylist-opt-in-and-opt-out-in-policyd">Enable greylist opt in and opt out in Policyd</a></li>
|
||||
<li><a href="#enable-case-insensitive-user-authentication-in-roundcube-webmail">Enable case insensitive user authentication in Roundcube webmail</a></li>
|
||||
<li><a href="#fix-logrotate-setting-of-dovecot-log-files">Fix logrotate setting of Dovecot log files</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
<li><a href="#part-of-file-etclogrotateddovecot-etclogrotatedsieve">Part of file: /etc/logrotate.d/dovecot, /etc/logrotate.d/sieve</a></li>
|
||||
<li><a href="#part-of-file-roundcubemailconfigmainincphp">Part of file: roundcubemail/config/main.inc.php</a></li>
|
||||
<li><a href="#part-of-file-dovecotconf">Part of file: dovecot.conf</a></li>
|
||||
<li><a href="#cd-root">cd /root/</a></li>
|
||||
<li><a href="#wget-httpsbitbucketorgzhbiredmailrawf0e7e84c4b8aextraupdateupdateldapvalues_074_to_080py">wget https://bitbucket.org/zhb/iredmail/raw/f0e7e84c4b8a/extra/update/updateLDAPValues_074_to_080.py</a></li>
|
||||
<li><a href="#part-of-file-updateldapvalues_074_to_080py">Part of file: updateLDAPValues_074_to_080.py</a></li>
|
||||
<li><a href="#python-updateldapvalues_074_to_080py">python updateLDAPValues_074_to_080.py</a></li>
|
||||
<li><a href="#part-of-file-dovecot-ldapconf">Part of file: dovecot-ldap.conf</a></li>
|
||||
<li><a href="#mysql-uroot-p">mysql -uroot -p</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
<h2 id="changelog">ChangeLog</h2>
|
||||
<ul>
|
||||
<li>2012-07-12: [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail</li>
|
||||
<li>2012-07-12: [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot</li>
|
||||
<li>2012-05-10: Initial release.</li>
|
||||
</ul>
|
||||
<h2 id="general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</h2>
|
||||
<h3 id="update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</h3>
|
||||
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
|
||||
installation, it's recommended to update this file after you upgraded iRedMail,
|
||||
so that you can know which version of iRedMail you're running. For example:</p>
|
||||
<pre><code># File: /etc/iredmail-release
|
||||
|
||||
0.8.0
|
||||
</code></pre>
|
||||
|
||||
<h3 id="upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</h3>
|
||||
<p>Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
|
||||
latest stable release immediately: <a href="http://trac.roundcube.net/wiki/Howto_Upgrade">How to upgrade Roundcube</a></p>
|
||||
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</h3>
|
||||
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
|
||||
<a href="http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD">How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release</a></p>
|
||||
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</h3>
|
||||
<p>Please follow this tutorial to upgrade iRedAdmin open source edition to the
|
||||
latest stable release: <a href="./migrate.or.upgrade.iredadmin.html">Upgrade iRedAdmin to the latest stable release</a></p>
|
||||
<h3 id="set-strict-file-permission-for-dovecot-config-files">Set strict file permission for Dovecot config files</h3>
|
||||
<p>There's one world-readable Dovecot config file, we should set strict file
|
||||
owner and permission on it so that it won't leak SQL server infomation.</p>
|
||||
<p>Please execute below command to fix it, then restart Dovecot service:</p>
|
||||
<p><strong>NOTE</strong>: The file name on different Linux/BSD distributions may be different,
|
||||
it should be <code>dovecot-used-quota.conf</code> or <code>used-quota.conf</code>.</p>
|
||||
<ul>
|
||||
<li>On RHEL/CentOS/Scientific Linux 5.x:</li>
|
||||
</ul>
|
||||
<pre><code># chown dovecot:dovecot /etc/dovecot-used-quota.conf
|
||||
# chmod 0500 /etc/dovecot-used-quota.conf
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>On RHEL/CentOS/Scientific Linux 6.x, Debian, Ubuntu, openSUSE:</li>
|
||||
</ul>
|
||||
<pre><code># chown dovecot:dovecot /etc/dovecot/used-quota.conf
|
||||
# chmod 0500 /etc/dovecot/used-quota.conf
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>On FreeBSD:</li>
|
||||
</ul>
|
||||
<pre><code># chown dovecot:dovecot /usr/local/etc/dovecot-used-quota.conf
|
||||
# chmod 0500 /usr/local/etc/dovecot-used-quota.conf
|
||||
</code></pre>
|
||||
|
||||
<h3 id="enable-greylist-opt-in-and-opt-out-in-policyd">Enable greylist opt in and opt out in Policyd</h3>
|
||||
<p>Note: If you're running Ubuntu 11.10 or later releases, there's no Policyd
|
||||
(v1.8) installed at all, it's replaced by Cluebringer, a.k.a. Policyd v2. So
|
||||
it's safe to skip this step.</p>
|
||||
<p>Some people are fairly irate when it comes to mail and
|
||||
refuse wanting to have any type of delay. this feature
|
||||
enables each and every person the ability to not subject
|
||||
themselves to greylisting. this feature is also VERY
|
||||
usefull when you dont want to subject EVERY person to
|
||||
greylisting at once but instead allows you to enable
|
||||
it in batches/groups of users so you get a feel on the
|
||||
type of complaints or praise from your users.</p>
|
||||
<p>Please update Policyd setting <code>OPTINOUT</code> and <code>OPTINOUTALL=1</code> to 1 to enable
|
||||
greylist opt-in/opt-out:</p>
|
||||
<pre><code>* On RHEL/CentOS/Scientific Linux, it's set in file `/etc/policyd.conf`.
|
||||
* On Debian/Ubuntu, it's set in file `/etc/postfix-policyd.conf`.
|
||||
* On openSUSE, it's set in file `/etc/policyd.conf`.
|
||||
* On FreeBSD, it's set in file `/usr/local/etc/postfix-policyd-sf.conf`.
|
||||
</code></pre>
|
||||
<pre><code># Part of file: policyd.conf
|
||||
|
||||
OPTINOUT=1
|
||||
OPTINOUTALL=1
|
||||
</code></pre>
|
||||
|
||||
<p>Restarting Policyd service is required to make it work.</p>
|
||||
<p><strong>Notes</strong>:</p>
|
||||
<ul>
|
||||
<li>iRedAdmin-Pro customers can manage greylist opt-in with one lick with the
|
||||
latest iRedAdmin-Pro releases, in domain profile page or user profile page,
|
||||
under tab <code>Advanced</code>.</li>
|
||||
<li>For more details about how to set greylist opt-in manually with MySQL command
|
||||
line or phpMyAdmin, please refer to Policyd official document:
|
||||
http://policyd.sourceforge.net/readme.html (Section "Greylist Opt-in / Opt-out")</li>
|
||||
</ul>
|
||||
<h3 id="enable-case-insensitive-user-authentication-in-roundcube-webmail">Enable case insensitive user authentication in Roundcube webmail</h3>
|
||||
<p>Please change below setting to <code>true</code> in Roundcube webmail config file
|
||||
'config/main.inc.php' to enable case insensitive user authentication. The
|
||||
config file should be:</p>
|
||||
<pre><code>* `/var/www/roundcubemail/config/main.inc.php` on RHEL/CentOS/Scientific Linux
|
||||
* `/usr/share/apache2/roundcubemail/config.inc.php` on Debian/Ubuntu
|
||||
* `/srv/www/roundcubemail/config/main.inc.php` on openSUSE
|
||||
* `/usr/local/www/roundcubemail/config/main.inc.php` on FreeBSD
|
||||
</code></pre>
|
||||
<pre><code># Part of file: config/main.inc.php
|
||||
|
||||
$rcmail_config['login_lc'] = false;
|
||||
</code></pre>
|
||||
|
||||
<h3 id="fix-logrotate-setting-of-dovecot-log-files">Fix logrotate setting of Dovecot log files</h3>
|
||||
<p>Open <code>/etc/logrotate.d/dovecot</code> and <code>/etc/logrotate.d/sieve</code>, update postrotate commands:</p>
|
||||
<ul>
|
||||
<li>If you're running Dovecot-1.x, please update postrotate command with below
|
||||
value:</li>
|
||||
</ul>
|
||||
<pre><code># Part of file: /etc/logrotate.d/dovecot and /etc/logrotate.d/sieve
|
||||
|
||||
postrotate
|
||||
/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
|
||||
endscript
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>If you're running Dovecot-2.x, please update postrotate command with below value:</li>
|
||||
</ul>
|
||||
<h1 id="part-of-file-etclogrotateddovecot-etclogrotatedsieve">Part of file: /etc/logrotate.d/dovecot, /etc/logrotate.d/sieve</h1>
|
||||
<p>postrotate
|
||||
doveadm log reopen
|
||||
endscript</p>
|
||||
<pre><code>
|
||||
### [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail
|
||||
|
||||
This step is optional but highly recommended for better security.
|
||||
|
||||
Please update below parameter in Roundcube config file
|
||||
`roundcubemail/config/main.inc.php` to enforce connections over https for
|
||||
better security. With this option enabled, all non-secure connections will be
|
||||
redirected to httpS://.
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux, Gentoo, OpenBSD, it's `/var/www/roundcubemail/config/main.inc.php`.
|
||||
* On Debian/Ubuntu, it's `/usr/share/apache2/roundcubemail/config/main.inc.php`.
|
||||
* On openSUSE, it's `/srv/www/roundcubemail/config/main.inc.php`.
|
||||
* On FreeBSD, it's `/usr/local/www/roundcubemail/config/main.inc.php`.
|
||||
|
||||
</code></pre>
|
||||
|
||||
<h1 id="part-of-file-roundcubemailconfigmainincphp">Part of file: roundcubemail/config/main.inc.php</h1>
|
||||
<p>$rcmail_config['force_https'] = true;</p>
|
||||
<pre><code>
|
||||
Restarting Apache web server is required.
|
||||
|
||||
### [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot
|
||||
|
||||
This step is OPTIONAL but highly recommended for better security. Since it may
|
||||
requires update on your mail users' MUA (e.g. Thunderbird, Outlook), please
|
||||
notify your mail users before this change.
|
||||
|
||||
Since iRedMail-0.8.0, all clients are forced to use IMAPS and POPS (via
|
||||
STARTTLS) for better security by default. To enable this feature, please update
|
||||
below parameters in your Dovecot config file, `dovecot.conf`.
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux 5.x, it's `/etc/dovecot.conf`.
|
||||
* On RHEL/CentOS/Scientific Linux 6.x, it's `/etc/dovecot/dovecot.conf`.
|
||||
* On Debian/Ubuntu, it's `/etc/dovecot/dovecot.conf`.
|
||||
* On openSUSE, it's `/etc/dovecot/dovecot.conf`.
|
||||
* On FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`.
|
||||
|
||||
</code></pre>
|
||||
|
||||
<h1 id="part-of-file-dovecotconf">Part of file: dovecot.conf</h1>
|
||||
<p>ssl = required
|
||||
disable_plaintext_auth = yes</p>
|
||||
<pre><code>
|
||||
Restarting Dovecot service is required.
|
||||
|
||||
## OpenLDAP backend special
|
||||
|
||||
### Add internal service required by Doveadm
|
||||
|
||||
__NOTE__: This step is applicable to both Dovecot-1.x and Dovecot-2.x.
|
||||
|
||||
To use `doveadm` command provided by Dovecot-2, please add one more value of
|
||||
attribute 'enabledService' for mail user.
|
||||
|
||||
* Download python script used to adding missing values.
|
||||
</code></pre>
|
||||
|
||||
<h1 id="cd-root">cd /root/</h1>
|
||||
<h1 id="wget-httpsbitbucketorgzhbiredmailrawf0e7e84c4b8aextraupdateupdateldapvalues_074_to_080py">wget https://bitbucket.org/zhb/iredmail/raw/f0e7e84c4b8a/extra/update/updateLDAPValues_074_to_080.py</h1>
|
||||
<pre><code>
|
||||
* Open `updateLDAPValues_074_to_080.py`, config LDAP server related settings in
|
||||
file head. e.g.
|
||||
|
||||
</code></pre>
|
||||
|
||||
<h1 id="part-of-file-updateldapvalues_074_to_080py">Part of file: updateLDAPValues_074_to_080.py</h1>
|
||||
<p>uri = 'ldap://127.0.0.1:389'
|
||||
basedn = 'o=domains,dc=example,dc=com'
|
||||
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
|
||||
bind_pw = 'passwd'</p>
|
||||
<pre><code>
|
||||
You can find required LDAP credential in iRedAdmin config file or `iRedMail.tips`
|
||||
file under your iRedMail installation directory. Using either
|
||||
`cn=Manager,dc=xx,dc=xx` or `cn=vmailadmin,dc=xx,dc=xx` as bind dn is ok.
|
||||
|
||||
* Execute this script, it will add missing values for mail accounts:
|
||||
</code></pre>
|
||||
|
||||
<h1 id="python-updateldapvalues_074_to_080py">python updateLDAPValues_074_to_080.py</h1>
|
||||
<pre><code>
|
||||
It will print progress message in the terminal, just be patient.
|
||||
|
||||
If you're running Dovecot-2, please add below lines in `dovecot-ldap.conf` to
|
||||
make command `doveadm mailbox` work as expected:
|
||||
|
||||
</code></pre>
|
||||
|
||||
<h1 id="part-of-file-dovecot-ldapconf">Part of file: dovecot-ldap.conf</h1>
|
||||
<p>iterate_attrs = mail=user
|
||||
iterate_filter = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail))</p>
|
||||
<pre><code>
|
||||
## MySQL backend special
|
||||
|
||||
### Add internal service required by Doveadm
|
||||
|
||||
To use doveadm command provided by Dovecot-2, please add one more column in
|
||||
MySQL table `vmail.mailbox` with below command:
|
||||
</code></pre>
|
||||
|
||||
<h1 id="mysql-uroot-p">mysql -uroot -p</h1>
|
||||
<p>mysql> USE vmail;
|
||||
mysql> ALTER TABLE mailbox ADD COLUMN enabledoveadm TINYINT(1) NOT NULL DEFAULT 1;
|
||||
```</p><p style="text-align: center; color: grey;">Document published under a <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">CC BY-ND 3.0</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<!-- Google Analytics -->
|
||||
<script type="text/javascript">
|
||||
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
|
||||
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
|
||||
</script>
|
||||
<script type="text/javascript">
|
||||
try {
|
||||
var pageTracker = _gat._getTracker("UA-3293801-14");
|
||||
pageTracker._trackPageview();
|
||||
} catch(err) {}
|
||||
</script>
|
||||
</body></html>
|
|
@ -16,6 +16,10 @@
|
|||
<li><a href="#upgrade-iredmail-from-080-to-081">Upgrade iRedMail from 0.8.0 to 0.8.1</a><ul>
|
||||
<li><a href="#changelog">ChangeLog</a></li>
|
||||
<li><a href="#general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</a><ul>
|
||||
<li><a href="#update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</a></li>
|
||||
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
|
||||
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</a></li>
|
||||
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</a></li>
|
||||
<li><a href="#add-missing-auth-service-in-dovecot-for-dovecot-2">Add missing auth service in Dovecot for Dovecot-2</a></li>
|
||||
<li><a href="#add-missing-config-for-imap-share-folder-in-dovecot">Add missing config for IMAP share folder in Dovecot</a></li>
|
||||
<li><a href="#rotate-iredapd-log-file-on-freebsd-and-openbsd">Rotate iRedAPD log file on FreeBSD and OpenBSD</a></li>
|
||||
|
@ -56,6 +60,24 @@
|
|||
<li>2012-05-20: Add Dovecot share folder: anyone_shares.</li>
|
||||
</ul>
|
||||
<h2 id="general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</h2>
|
||||
<h3 id="update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</h3>
|
||||
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
|
||||
installation, it's recommended to update this file after you upgraded iRedMail,
|
||||
so that you can know which version of iRedMail you're running. For example:</p>
|
||||
<pre><code># File: /etc/iredmail-release
|
||||
|
||||
0.8.1
|
||||
</code></pre>
|
||||
|
||||
<h3 id="upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</h3>
|
||||
<p>Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
|
||||
latest stable release immediately: <a href="http://trac.roundcube.net/wiki/Howto_Upgrade">How to upgrade Roundcube</a></p>
|
||||
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</h3>
|
||||
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
|
||||
<a href="http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD">How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release</a></p>
|
||||
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</h3>
|
||||
<p>Please follow this tutorial to upgrade iRedAdmin open source edition to the
|
||||
latest stable release: <a href="./migrate.or.upgrade.iredadmin.html">Upgrade iRedAdmin to the latest stable release</a></p>
|
||||
<h3 id="add-missing-auth-service-in-dovecot-for-dovecot-2">Add missing auth service in Dovecot for Dovecot-2</h3>
|
||||
<p><strong>NOTE</strong>: This is applicable to only Dovecot-2.x. You can check Dovecot version
|
||||
and its main config file with command:</p>
|
||||
|
|
|
@ -0,0 +1,255 @@
|
|||
# Upgrade iRedMail from 0.7.4 to 0.8.0
|
||||
|
||||
[TOC]
|
||||
|
||||
## ChangeLog
|
||||
|
||||
* 2012-07-12: [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail
|
||||
* 2012-07-12: [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot
|
||||
* 2012-05-10: Initial release.
|
||||
|
||||
## General (All backends should apply these upgrade steps)
|
||||
|
||||
### Update /etc/iredmail-release with iRedMail version number
|
||||
|
||||
iRedMail stores the release version in `/etc/iredmail-release` after
|
||||
installation, it's recommended to update this file after you upgraded iRedMail,
|
||||
so that you can know which version of iRedMail you're running. For example:
|
||||
|
||||
```
|
||||
# File: /etc/iredmail-release
|
||||
|
||||
0.8.0
|
||||
```
|
||||
|
||||
### Upgrade Roundcube webmail to the latest stable release
|
||||
|
||||
Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
|
||||
latest stable release immediately: [How to upgrade Roundcube](http://trac.roundcube.net/wiki/Howto_Upgrade)
|
||||
|
||||
### Upgrade iRedAPD (Postfix policy server) to the latest stable release
|
||||
|
||||
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
|
||||
[How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release](http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD)
|
||||
|
||||
### Upgrade iRedAdmin (open source edition) to the latest stable release
|
||||
|
||||
Please follow this tutorial to upgrade iRedAdmin open source edition to the
|
||||
latest stable release: [Upgrade iRedAdmin to the latest stable release](./migrate.or.upgrade.iredadmin.html)
|
||||
|
||||
### Set strict file permission for Dovecot config files
|
||||
|
||||
There's one world-readable Dovecot config file, we should set strict file
|
||||
owner and permission on it so that it won't leak SQL server infomation.
|
||||
|
||||
Please execute below command to fix it, then restart Dovecot service:
|
||||
|
||||
__NOTE__: The file name on different Linux/BSD distributions may be different,
|
||||
it should be `dovecot-used-quota.conf` or `used-quota.conf`.
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux 5.x:
|
||||
```
|
||||
# chown dovecot:dovecot /etc/dovecot-used-quota.conf
|
||||
# chmod 0500 /etc/dovecot-used-quota.conf
|
||||
```
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux 6.x, Debian, Ubuntu, openSUSE:
|
||||
```
|
||||
# chown dovecot:dovecot /etc/dovecot/used-quota.conf
|
||||
# chmod 0500 /etc/dovecot/used-quota.conf
|
||||
```
|
||||
|
||||
* On FreeBSD:
|
||||
```
|
||||
# chown dovecot:dovecot /usr/local/etc/dovecot-used-quota.conf
|
||||
# chmod 0500 /usr/local/etc/dovecot-used-quota.conf
|
||||
```
|
||||
|
||||
### Enable greylist opt in and opt out in Policyd
|
||||
|
||||
Note: If you're running Ubuntu 11.10 or later releases, there's no Policyd
|
||||
(v1.8) installed at all, it's replaced by Cluebringer, a.k.a. Policyd v2. So
|
||||
it's safe to skip this step.
|
||||
|
||||
Some people are fairly irate when it comes to mail and
|
||||
refuse wanting to have any type of delay. this feature
|
||||
enables each and every person the ability to not subject
|
||||
themselves to greylisting. this feature is also VERY
|
||||
usefull when you dont want to subject EVERY person to
|
||||
greylisting at once but instead allows you to enable
|
||||
it in batches/groups of users so you get a feel on the
|
||||
type of complaints or praise from your users.
|
||||
|
||||
Please update Policyd setting `OPTINOUT` and `OPTINOUTALL=1` to 1 to enable
|
||||
greylist opt-in/opt-out:
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux, it's set in file `/etc/policyd.conf`.
|
||||
* On Debian/Ubuntu, it's set in file `/etc/postfix-policyd.conf`.
|
||||
* On openSUSE, it's set in file `/etc/policyd.conf`.
|
||||
* On FreeBSD, it's set in file `/usr/local/etc/postfix-policyd-sf.conf`.
|
||||
|
||||
```
|
||||
# Part of file: policyd.conf
|
||||
|
||||
OPTINOUT=1
|
||||
OPTINOUTALL=1
|
||||
```
|
||||
|
||||
Restarting Policyd service is required to make it work.
|
||||
|
||||
__Notes__:
|
||||
|
||||
* iRedAdmin-Pro customers can manage greylist opt-in with one lick with the
|
||||
latest iRedAdmin-Pro releases, in domain profile page or user profile page,
|
||||
under tab `Advanced`.
|
||||
* For more details about how to set greylist opt-in manually with MySQL command
|
||||
line or phpMyAdmin, please refer to Policyd official document:
|
||||
http://policyd.sourceforge.net/readme.html (Section "Greylist Opt-in / Opt-out")
|
||||
|
||||
### Enable case insensitive user authentication in Roundcube webmail
|
||||
|
||||
Please change below setting to `true` in Roundcube webmail config file
|
||||
'config/main.inc.php' to enable case insensitive user authentication. The
|
||||
config file should be:
|
||||
|
||||
* `/var/www/roundcubemail/config/main.inc.php` on RHEL/CentOS/Scientific Linux
|
||||
* `/usr/share/apache2/roundcubemail/config.inc.php` on Debian/Ubuntu
|
||||
* `/srv/www/roundcubemail/config/main.inc.php` on openSUSE
|
||||
* `/usr/local/www/roundcubemail/config/main.inc.php` on FreeBSD
|
||||
|
||||
```
|
||||
# Part of file: config/main.inc.php
|
||||
|
||||
$rcmail_config['login_lc'] = false;
|
||||
```
|
||||
|
||||
### Fix logrotate setting of Dovecot log files
|
||||
|
||||
Open `/etc/logrotate.d/dovecot` and `/etc/logrotate.d/sieve`, update postrotate commands:
|
||||
|
||||
* If you're running Dovecot-1.x, please update postrotate command with below
|
||||
value:
|
||||
|
||||
```
|
||||
# Part of file: /etc/logrotate.d/dovecot and /etc/logrotate.d/sieve
|
||||
|
||||
postrotate
|
||||
/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
|
||||
endscript
|
||||
```
|
||||
|
||||
* If you're running Dovecot-2.x, please update postrotate command with below value:
|
||||
|
||||
# Part of file: /etc/logrotate.d/dovecot, /etc/logrotate.d/sieve
|
||||
|
||||
postrotate
|
||||
doveadm log reopen
|
||||
endscript
|
||||
```
|
||||
|
||||
### [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail
|
||||
|
||||
This step is optional but highly recommended for better security.
|
||||
|
||||
Please update below parameter in Roundcube config file
|
||||
`roundcubemail/config/main.inc.php` to enforce connections over https for
|
||||
better security. With this option enabled, all non-secure connections will be
|
||||
redirected to httpS://.
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux, Gentoo, OpenBSD, it's `/var/www/roundcubemail/config/main.inc.php`.
|
||||
* On Debian/Ubuntu, it's `/usr/share/apache2/roundcubemail/config/main.inc.php`.
|
||||
* On openSUSE, it's `/srv/www/roundcubemail/config/main.inc.php`.
|
||||
* On FreeBSD, it's `/usr/local/www/roundcubemail/config/main.inc.php`.
|
||||
|
||||
```
|
||||
# Part of file: roundcubemail/config/main.inc.php
|
||||
|
||||
$rcmail_config['force_https'] = true;
|
||||
```
|
||||
|
||||
Restarting Apache web server is required.
|
||||
|
||||
### [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot
|
||||
|
||||
This step is OPTIONAL but highly recommended for better security. Since it may
|
||||
requires update on your mail users' MUA (e.g. Thunderbird, Outlook), please
|
||||
notify your mail users before this change.
|
||||
|
||||
Since iRedMail-0.8.0, all clients are forced to use IMAPS and POPS (via
|
||||
STARTTLS) for better security by default. To enable this feature, please update
|
||||
below parameters in your Dovecot config file, `dovecot.conf`.
|
||||
|
||||
* On RHEL/CentOS/Scientific Linux 5.x, it's `/etc/dovecot.conf`.
|
||||
* On RHEL/CentOS/Scientific Linux 6.x, it's `/etc/dovecot/dovecot.conf`.
|
||||
* On Debian/Ubuntu, it's `/etc/dovecot/dovecot.conf`.
|
||||
* On openSUSE, it's `/etc/dovecot/dovecot.conf`.
|
||||
* On FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`.
|
||||
|
||||
```
|
||||
# Part of file: dovecot.conf
|
||||
|
||||
ssl = required
|
||||
disable_plaintext_auth = yes
|
||||
```
|
||||
|
||||
Restarting Dovecot service is required.
|
||||
|
||||
## OpenLDAP backend special
|
||||
|
||||
### Add internal service required by Doveadm
|
||||
|
||||
__NOTE__: This step is applicable to both Dovecot-1.x and Dovecot-2.x.
|
||||
|
||||
To use `doveadm` command provided by Dovecot-2, please add one more value of
|
||||
attribute 'enabledService' for mail user.
|
||||
|
||||
* Download python script used to adding missing values.
|
||||
```
|
||||
# cd /root/
|
||||
# wget https://bitbucket.org/zhb/iredmail/raw/f0e7e84c4b8a/extra/update/updateLDAPValues_074_to_080.py
|
||||
```
|
||||
|
||||
* Open `updateLDAPValues_074_to_080.py`, config LDAP server related settings in
|
||||
file head. e.g.
|
||||
|
||||
```
|
||||
# Part of file: updateLDAPValues_074_to_080.py
|
||||
|
||||
uri = 'ldap://127.0.0.1:389'
|
||||
basedn = 'o=domains,dc=example,dc=com'
|
||||
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
|
||||
bind_pw = 'passwd'
|
||||
```
|
||||
|
||||
You can find required LDAP credential in iRedAdmin config file or `iRedMail.tips`
|
||||
file under your iRedMail installation directory. Using either
|
||||
`cn=Manager,dc=xx,dc=xx` or `cn=vmailadmin,dc=xx,dc=xx` as bind dn is ok.
|
||||
|
||||
* Execute this script, it will add missing values for mail accounts:
|
||||
```
|
||||
# python updateLDAPValues_074_to_080.py
|
||||
```
|
||||
|
||||
It will print progress message in the terminal, just be patient.
|
||||
|
||||
If you're running Dovecot-2, please add below lines in `dovecot-ldap.conf` to
|
||||
make command `doveadm mailbox` work as expected:
|
||||
|
||||
```
|
||||
# Part of file: dovecot-ldap.conf
|
||||
|
||||
iterate_attrs = mail=user
|
||||
iterate_filter = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail))
|
||||
```
|
||||
|
||||
## MySQL backend special
|
||||
|
||||
### Add internal service required by Doveadm
|
||||
|
||||
To use doveadm command provided by Dovecot-2, please add one more column in
|
||||
MySQL table `vmail.mailbox` with below command:
|
||||
```
|
||||
# mysql -uroot -p
|
||||
mysql> USE vmail;
|
||||
mysql> ALTER TABLE mailbox ADD COLUMN enabledoveadm TINYINT(1) NOT NULL DEFAULT 1;
|
||||
```
|
|
@ -11,6 +11,33 @@
|
|||
|
||||
## General (All backends should apply these upgrade steps)
|
||||
|
||||
### Update /etc/iredmail-release with iRedMail version number
|
||||
|
||||
iRedMail stores the release version in `/etc/iredmail-release` after
|
||||
installation, it's recommended to update this file after you upgraded iRedMail,
|
||||
so that you can know which version of iRedMail you're running. For example:
|
||||
|
||||
```
|
||||
# File: /etc/iredmail-release
|
||||
|
||||
0.8.1
|
||||
```
|
||||
|
||||
### Upgrade Roundcube webmail to the latest stable release
|
||||
|
||||
Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
|
||||
latest stable release immediately: [How to upgrade Roundcube](http://trac.roundcube.net/wiki/Howto_Upgrade)
|
||||
|
||||
### Upgrade iRedAPD (Postfix policy server) to the latest stable release
|
||||
|
||||
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
|
||||
[How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release](http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD)
|
||||
|
||||
### Upgrade iRedAdmin (open source edition) to the latest stable release
|
||||
|
||||
Please follow this tutorial to upgrade iRedAdmin open source edition to the
|
||||
latest stable release: [Upgrade iRedAdmin to the latest stable release](./migrate.or.upgrade.iredadmin.html)
|
||||
|
||||
### Add missing auth service in Dovecot for Dovecot-2
|
||||
|
||||
__NOTE__: This is applicable to only Dovecot-2.x. You can check Dovecot version
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
* [0.8.3](http://www.iredmail.org/forum/topic4016-news-announcements-bug-fixes-iredmail083-has-been-released.html), Oct 13, 2012. [Upgrade from iRedMail-0.8.2](./upgrade.iredmail.0.8.2-0.8.3.html)
|
||||
* [0.8.2](http://www.iredmail.org/forum/topic3913-news-announcements-bug-fixes-iredmail082-has-been-released.html), Sep 19, 2012. [Upgrade from iRedMail-0.8.1](./upgrade.iredmail.0.8.1-0.8.2.html)
|
||||
* [0.8.1](http://www.iredmail.org/forum/topic3499-news-announcements-bug-fixes-iredmail081-has-been-released.html), Jun 8, 2012. [Upgrade from iRedMail-0.8.0](./upgrade.iredmail.0.8.0-0.8.1.html)
|
||||
* [0.8.0](http://www.iredmail.org/forum/topic3345.html), May 10, 2012. [Upgrade from iRedMail-0.7.4](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.4-0.8.0)
|
||||
* [0.8.0](http://www.iredmail.org/forum/topic3345.html), May 10, 2012. [Upgrade from iRedMail-0.7.4](./upgrade.iredmail.0.7.4-0.8.0.html)
|
||||
* [0.7.4](http://www.iredmail.org/forum/topic2816-iredmail074-has-been-released.html), Jan 9, 2012. [Upgrade from iRedMail-0.7.3](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.3-0.7.4)
|
||||
* [0.7.3](http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.3), Aug 17, 2011. [Upgrade from iRedMail-0.7.2](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.2-0.7.3)
|
||||
* [0.7.2](http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.2), Jun 10, 2011. [Upgrade from iRedMail-0.7.1](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.1-0.7.2)
|
||||
|
|
Loading…
Reference in New Issue