elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

New: upgrade/0-upgrade.iredmail.0.7.4-0.8.0.md.

This commit is contained in:
Zhang Huangbin 2014-12-06 20:28:25 +08:00
parent 62222fc50f
commit 0374297fab
6 changed files with 583 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
html/iredmail.releases.html
View File

@ -41,7 +41,7 @@
<li><a href="http://www.iredmail.org/forum/topic4016-news-announcements-bug-fixes-iredmail083-has-been-released.html">0.8.3</a>, Oct 13, 2012. <a href="./upgrade.iredmail.0.8.2-0.8.3.html">Upgrade from iRedMail-0.8.2</a></li>
<li><a href="http://www.iredmail.org/forum/topic3913-news-announcements-bug-fixes-iredmail082-has-been-released.html">0.8.2</a>, Sep 19, 2012. <a href="./upgrade.iredmail.0.8.1-0.8.2.html">Upgrade from iRedMail-0.8.1</a></li>
<li><a href="http://www.iredmail.org/forum/topic3499-news-announcements-bug-fixes-iredmail081-has-been-released.html">0.8.1</a>, Jun 8, 2012. <a href="./upgrade.iredmail.0.8.0-0.8.1.html">Upgrade from iRedMail-0.8.0</a></li>
<li><a href="http://www.iredmail.org/forum/topic3345.html">0.8.0</a>, May 10, 2012. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.4-0.8.0">Upgrade from iRedMail-0.7.4</a></li>
<li><a href="http://www.iredmail.org/forum/topic3345.html">0.8.0</a>, May 10, 2012. <a href="./upgrade.iredmail.0.7.4-0.8.0.html">Upgrade from iRedMail-0.7.4</a></li>
<li><a href="http://www.iredmail.org/forum/topic2816-iredmail074-has-been-released.html">0.7.4</a>, Jan 9, 2012. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.3-0.7.4">Upgrade from iRedMail-0.7.3</a></li>
<li><a href="http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.3">0.7.3</a>, Aug 17, 2011. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.2-0.7.3">Upgrade from iRedMail-0.7.2</a></li>
<li><a href="http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.2">0.7.2</a>, Jun 10, 2011. <a href="http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.1-0.7.2">Upgrade from iRedMail-0.7.1</a></li>

277
html/upgrade.iredmail.0.7.4-0.8.0.html Normal file
View File

@ -0,0 +1,277 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Upgrade iRedMail from 0.7.4 to 0.8.0</title>
<link href="./css/markdown.css" rel="stylesheet"></head>
</head>
<body>
<div id="navigation">
<a href="http://www.iredmail.org" target="_blank">iRedMail web site</a>
// <a href="./index.html">Document Index</a>
</div><h1 id="upgrade-iredmail-from-074-to-080">Upgrade iRedMail from 0.7.4 to 0.8.0</h1>
<div class="toc">
<ul>
<li><a href="#upgrade-iredmail-from-074-to-080">Upgrade iRedMail from 0.7.4 to 0.8.0</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</a><ul>
<li><a href="#update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</a></li>
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</a></li>
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</a></li>
<li><a href="#set-strict-file-permission-for-dovecot-config-files">Set strict file permission for Dovecot config files</a></li>
<li><a href="#enable-greylist-opt-in-and-opt-out-in-policyd">Enable greylist opt in and opt out in Policyd</a></li>
<li><a href="#enable-case-insensitive-user-authentication-in-roundcube-webmail">Enable case insensitive user authentication in Roundcube webmail</a></li>
<li><a href="#fix-logrotate-setting-of-dovecot-log-files">Fix logrotate setting of Dovecot log files</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#part-of-file-etclogrotateddovecot-etclogrotatedsieve">Part of file: /etc/logrotate.d/dovecot, /etc/logrotate.d/sieve</a></li>
<li><a href="#part-of-file-roundcubemailconfigmainincphp">Part of file: roundcubemail/config/main.inc.php</a></li>
<li><a href="#part-of-file-dovecotconf">Part of file: dovecot.conf</a></li>
<li><a href="#cd-root">cd /root/</a></li>
<li><a href="#wget-httpsbitbucketorgzhbiredmailrawf0e7e84c4b8aextraupdateupdateldapvalues_074_to_080py">wget https://bitbucket.org/zhb/iredmail/raw/f0e7e84c4b8a/extra/update/updateLDAPValues_074_to_080.py</a></li>
<li><a href="#part-of-file-updateldapvalues_074_to_080py">Part of file: updateLDAPValues_074_to_080.py</a></li>
<li><a href="#python-updateldapvalues_074_to_080py">python updateLDAPValues_074_to_080.py</a></li>
<li><a href="#part-of-file-dovecot-ldapconf">Part of file: dovecot-ldap.conf</a></li>
<li><a href="#mysql-uroot-p">mysql -uroot -p</a></li>
</ul>
</div>
<h2 id="changelog">ChangeLog</h2>
<ul>
<li>2012-07-12: [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail</li>
<li>2012-07-12: [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot</li>
<li>2012-05-10: Initial release.</li>
</ul>
<h2 id="general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</h2>
<h3 id="update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<pre><code># File: /etc/iredmail-release
0.8.0
</code></pre>
<h3 id="upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</h3>
<p>Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
latest stable release immediately: <a href="http://trac.roundcube.net/wiki/Howto_Upgrade">How to upgrade Roundcube</a></p>
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</h3>
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
<a href="http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD">How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release</a></p>
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</h3>
<p>Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release: <a href="./migrate.or.upgrade.iredadmin.html">Upgrade iRedAdmin to the latest stable release</a></p>
<h3 id="set-strict-file-permission-for-dovecot-config-files">Set strict file permission for Dovecot config files</h3>
<p>There's one world-readable Dovecot config file, we should set strict file
owner and permission on it so that it won't leak SQL server infomation.</p>
<p>Please execute below command to fix it, then restart Dovecot service:</p>
<p><strong>NOTE</strong>: The file name on different Linux/BSD distributions may be different,
it should be <code>dovecot-used-quota.conf</code> or <code>used-quota.conf</code>.</p>
<ul>
<li>On RHEL/CentOS/Scientific Linux 5.x:</li>
</ul>
<pre><code># chown dovecot:dovecot /etc/dovecot-used-quota.conf
# chmod 0500 /etc/dovecot-used-quota.conf
</code></pre>
<ul>
<li>On RHEL/CentOS/Scientific Linux 6.x, Debian, Ubuntu, openSUSE:</li>
</ul>
<pre><code># chown dovecot:dovecot /etc/dovecot/used-quota.conf
# chmod 0500 /etc/dovecot/used-quota.conf
</code></pre>
<ul>
<li>On FreeBSD:</li>
</ul>
<pre><code># chown dovecot:dovecot /usr/local/etc/dovecot-used-quota.conf
# chmod 0500 /usr/local/etc/dovecot-used-quota.conf
</code></pre>
<h3 id="enable-greylist-opt-in-and-opt-out-in-policyd">Enable greylist opt in and opt out in Policyd</h3>
<p>Note: If you're running Ubuntu 11.10 or later releases, there's no Policyd
(v1.8) installed at all, it's replaced by Cluebringer, a.k.a. Policyd v2. So
it's safe to skip this step.</p>
<p>Some people are fairly irate when it comes to mail and
refuse wanting to have any type of delay. this feature
enables each and every person the ability to not subject
themselves to greylisting. this feature is also VERY
usefull when you dont want to subject EVERY person to
greylisting at once but instead allows you to enable
it in batches/groups of users so you get a feel on the
type of complaints or praise from your users.</p>
<p>Please update Policyd setting <code>OPTINOUT</code> and <code>OPTINOUTALL=1</code> to 1 to enable
greylist opt-in/opt-out:</p>
<pre><code>* On RHEL/CentOS/Scientific Linux, it's set in file `/etc/policyd.conf`.
* On Debian/Ubuntu, it's set in file `/etc/postfix-policyd.conf`.
* On openSUSE, it's set in file `/etc/policyd.conf`.
* On FreeBSD, it's set in file `/usr/local/etc/postfix-policyd-sf.conf`.
</code></pre>
<pre><code># Part of file: policyd.conf
OPTINOUT=1
OPTINOUTALL=1
</code></pre>
<p>Restarting Policyd service is required to make it work.</p>
<p><strong>Notes</strong>:</p>
<ul>
<li>iRedAdmin-Pro customers can manage greylist opt-in with one lick with the
latest iRedAdmin-Pro releases, in domain profile page or user profile page,
under tab <code>Advanced</code>.</li>
<li>For more details about how to set greylist opt-in manually with MySQL command
line or phpMyAdmin, please refer to Policyd official document:
http://policyd.sourceforge.net/readme.html (Section "Greylist Opt-in / Opt-out")</li>
</ul>
<h3 id="enable-case-insensitive-user-authentication-in-roundcube-webmail">Enable case insensitive user authentication in Roundcube webmail</h3>
<p>Please change below setting to <code>true</code> in Roundcube webmail config file
'config/main.inc.php' to enable case insensitive user authentication. The
config file should be:</p>
<pre><code>* `/var/www/roundcubemail/config/main.inc.php` on RHEL/CentOS/Scientific Linux
* `/usr/share/apache2/roundcubemail/config.inc.php` on Debian/Ubuntu
* `/srv/www/roundcubemail/config/main.inc.php` on openSUSE
* `/usr/local/www/roundcubemail/config/main.inc.php` on FreeBSD
</code></pre>
<pre><code># Part of file: config/main.inc.php
$rcmail_config['login_lc'] = false;
</code></pre>
<h3 id="fix-logrotate-setting-of-dovecot-log-files">Fix logrotate setting of Dovecot log files</h3>
<p>Open <code>/etc/logrotate.d/dovecot</code> and <code>/etc/logrotate.d/sieve</code>, update postrotate commands:</p>
<ul>
<li>If you're running Dovecot-1.x, please update postrotate command with below
value:</li>
</ul>
<pre><code># Part of file: /etc/logrotate.d/dovecot and /etc/logrotate.d/sieve
postrotate
/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2&gt;/dev/null` 2&gt; /dev/null || true
endscript
</code></pre>
<ul>
<li>If you're running Dovecot-2.x, please update postrotate command with below value:</li>
</ul>
<h1 id="part-of-file-etclogrotateddovecot-etclogrotatedsieve">Part of file: /etc/logrotate.d/dovecot, /etc/logrotate.d/sieve</h1>
<p>postrotate
doveadm log reopen
endscript</p>
<pre><code>
### [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail
This step is optional but highly recommended for better security.
Please update below parameter in Roundcube config file
`roundcubemail/config/main.inc.php` to enforce connections over https for
better security. With this option enabled, all non-secure connections will be
redirected to httpS://.
* On RHEL/CentOS/Scientific Linux, Gentoo, OpenBSD, it's `/var/www/roundcubemail/config/main.inc.php`.
* On Debian/Ubuntu, it's `/usr/share/apache2/roundcubemail/config/main.inc.php`.
* On openSUSE, it's `/srv/www/roundcubemail/config/main.inc.php`.
* On FreeBSD, it's `/usr/local/www/roundcubemail/config/main.inc.php`.
</code></pre>
<h1 id="part-of-file-roundcubemailconfigmainincphp">Part of file: roundcubemail/config/main.inc.php</h1>
<p>$rcmail_config['force_https'] = true;</p>
<pre><code>
Restarting Apache web server is required.
### [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot
This step is OPTIONAL but highly recommended for better security. Since it may
requires update on your mail users' MUA (e.g. Thunderbird, Outlook), please
notify your mail users before this change.
Since iRedMail-0.8.0, all clients are forced to use IMAPS and POPS (via
STARTTLS) for better security by default. To enable this feature, please update
below parameters in your Dovecot config file, `dovecot.conf`.
* On RHEL/CentOS/Scientific Linux 5.x, it's `/etc/dovecot.conf`.
* On RHEL/CentOS/Scientific Linux 6.x, it's `/etc/dovecot/dovecot.conf`.
* On Debian/Ubuntu, it's `/etc/dovecot/dovecot.conf`.
* On openSUSE, it's `/etc/dovecot/dovecot.conf`.
* On FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`.
</code></pre>
<h1 id="part-of-file-dovecotconf">Part of file: dovecot.conf</h1>
<p>ssl = required
disable_plaintext_auth = yes</p>
<pre><code>
Restarting Dovecot service is required.
## OpenLDAP backend special
### Add internal service required by Doveadm
__NOTE__: This step is applicable to both Dovecot-1.x and Dovecot-2.x.
To use `doveadm` command provided by Dovecot-2, please add one more value of
attribute 'enabledService' for mail user.
* Download python script used to adding missing values.
</code></pre>
<h1 id="cd-root">cd /root/</h1>
<h1 id="wget-httpsbitbucketorgzhbiredmailrawf0e7e84c4b8aextraupdateupdateldapvalues_074_to_080py">wget https://bitbucket.org/zhb/iredmail/raw/f0e7e84c4b8a/extra/update/updateLDAPValues_074_to_080.py</h1>
<pre><code>
* Open `updateLDAPValues_074_to_080.py`, config LDAP server related settings in
file head. e.g.
</code></pre>
<h1 id="part-of-file-updateldapvalues_074_to_080py">Part of file: updateLDAPValues_074_to_080.py</h1>
<p>uri = 'ldap://127.0.0.1:389'
basedn = 'o=domains,dc=example,dc=com'
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
bind_pw = 'passwd'</p>
<pre><code>
You can find required LDAP credential in iRedAdmin config file or `iRedMail.tips`
file under your iRedMail installation directory. Using either
`cn=Manager,dc=xx,dc=xx` or `cn=vmailadmin,dc=xx,dc=xx` as bind dn is ok.
* Execute this script, it will add missing values for mail accounts:
</code></pre>
<h1 id="python-updateldapvalues_074_to_080py">python updateLDAPValues_074_to_080.py</h1>
<pre><code>
It will print progress message in the terminal, just be patient.
If you're running Dovecot-2, please add below lines in `dovecot-ldap.conf` to
make command `doveadm mailbox` work as expected:
</code></pre>
<h1 id="part-of-file-dovecot-ldapconf">Part of file: dovecot-ldap.conf</h1>
<p>iterate_attrs = mail=user
iterate_filter = (&amp;(objectClass=mailUser)(accountStatus=active)(enabledService=mail))</p>
<pre><code>
## MySQL backend special
### Add internal service required by Doveadm
To use doveadm command provided by Dovecot-2, please add one more column in
MySQL table `vmail.mailbox` with below command:
</code></pre>
<h1 id="mysql-uroot-p">mysql -uroot -p</h1>
<p>mysql&gt; USE vmail;
mysql&gt; ALTER TABLE mailbox ADD COLUMN enabledoveadm TINYINT(1) NOT NULL DEFAULT 1;
```</p><p style="text-align: center; color: grey;">Document published under a <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">CC BY-ND 3.0</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<!-- Google Analytics -->
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-3293801-14");
pageTracker._trackPageview();
} catch(err) {}
</script>
</body></html>

22
html/upgrade.iredmail.0.8.0-0.8.1.html
View File

@ -16,6 +16,10 @@
<li><a href="#upgrade-iredmail-from-080-to-081">Upgrade iRedMail from 0.8.0 to 0.8.1</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</a><ul>
<li><a href="#update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</a></li>
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</a></li>
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</a></li>
<li><a href="#add-missing-auth-service-in-dovecot-for-dovecot-2">Add missing auth service in Dovecot for Dovecot-2</a></li>
<li><a href="#add-missing-config-for-imap-share-folder-in-dovecot">Add missing config for IMAP share folder in Dovecot</a></li>
<li><a href="#rotate-iredapd-log-file-on-freebsd-and-openbsd">Rotate iRedAPD log file on FreeBSD and OpenBSD</a></li>
@ -56,6 +60,24 @@
<li>2012-05-20: Add Dovecot share folder: anyone_shares.</li>
</ul>
<h2 id="general-all-backends-should-apply-these-upgrade-steps">General (All backends should apply these upgrade steps)</h2>
<h3 id="update-etciredmail-release-with-iredmail-version-number">Update /etc/iredmail-release with iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<pre><code># File: /etc/iredmail-release
0.8.1
</code></pre>
<h3 id="upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</h3>
<p>Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
latest stable release immediately: <a href="http://trac.roundcube.net/wiki/Howto_Upgrade">How to upgrade Roundcube</a></p>
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release">Upgrade iRedAPD (Postfix policy server) to the latest stable release</h3>
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
<a href="http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD">How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release</a></p>
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release">Upgrade iRedAdmin (open source edition) to the latest stable release</h3>
<p>Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release: <a href="./migrate.or.upgrade.iredadmin.html">Upgrade iRedAdmin to the latest stable release</a></p>
<h3 id="add-missing-auth-service-in-dovecot-for-dovecot-2">Add missing auth service in Dovecot for Dovecot-2</h3>
<p><strong>NOTE</strong>: This is applicable to only Dovecot-2.x. You can check Dovecot version
and its main config file with command:</p>

255
upgrade/0-upgrade.iredmail.0.7.4-0.8.0.md Normal file
View File

@ -0,0 +1,255 @@
# Upgrade iRedMail from 0.7.4 to 0.8.0
[TOC]
## ChangeLog
* 2012-07-12: [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail
* 2012-07-12: [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot
* 2012-05-10: Initial release.
## General (All backends should apply these upgrade steps)
### Update /etc/iredmail-release with iRedMail version number
iRedMail stores the release version in `/etc/iredmail-release` after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
```
# File: /etc/iredmail-release
0.8.0
```
### Upgrade Roundcube webmail to the latest stable release
Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
latest stable release immediately: [How to upgrade Roundcube](http://trac.roundcube.net/wiki/Howto_Upgrade)
### Upgrade iRedAPD (Postfix policy server) to the latest stable release
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
[How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release](http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD)
### Upgrade iRedAdmin (open source edition) to the latest stable release
Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release: [Upgrade iRedAdmin to the latest stable release](./migrate.or.upgrade.iredadmin.html)
### Set strict file permission for Dovecot config files
There's one world-readable Dovecot config file, we should set strict file
owner and permission on it so that it won't leak SQL server infomation.
Please execute below command to fix it, then restart Dovecot service:
__NOTE__: The file name on different Linux/BSD distributions may be different,
it should be `dovecot-used-quota.conf` or `used-quota.conf`.
* On RHEL/CentOS/Scientific Linux 5.x:
```
# chown dovecot:dovecot /etc/dovecot-used-quota.conf
# chmod 0500 /etc/dovecot-used-quota.conf
```
* On RHEL/CentOS/Scientific Linux 6.x, Debian, Ubuntu, openSUSE:
```
# chown dovecot:dovecot /etc/dovecot/used-quota.conf
# chmod 0500 /etc/dovecot/used-quota.conf
```
* On FreeBSD:
```
# chown dovecot:dovecot /usr/local/etc/dovecot-used-quota.conf
# chmod 0500 /usr/local/etc/dovecot-used-quota.conf
```
### Enable greylist opt in and opt out in Policyd
Note: If you're running Ubuntu 11.10 or later releases, there's no Policyd
(v1.8) installed at all, it's replaced by Cluebringer, a.k.a. Policyd v2. So
it's safe to skip this step.
Some people are fairly irate when it comes to mail and
refuse wanting to have any type of delay. this feature
enables each and every person the ability to not subject
themselves to greylisting. this feature is also VERY
usefull when you dont want to subject EVERY person to
greylisting at once but instead allows you to enable
it in batches/groups of users so you get a feel on the
type of complaints or praise from your users.
Please update Policyd setting `OPTINOUT` and `OPTINOUTALL=1` to 1 to enable
greylist opt-in/opt-out:
* On RHEL/CentOS/Scientific Linux, it's set in file `/etc/policyd.conf`.
* On Debian/Ubuntu, it's set in file `/etc/postfix-policyd.conf`.
* On openSUSE, it's set in file `/etc/policyd.conf`.
* On FreeBSD, it's set in file `/usr/local/etc/postfix-policyd-sf.conf`.
```
# Part of file: policyd.conf
OPTINOUT=1
OPTINOUTALL=1
```
Restarting Policyd service is required to make it work.
__Notes__:
* iRedAdmin-Pro customers can manage greylist opt-in with one lick with the
latest iRedAdmin-Pro releases, in domain profile page or user profile page,
under tab `Advanced`.
* For more details about how to set greylist opt-in manually with MySQL command
line or phpMyAdmin, please refer to Policyd official document:
http://policyd.sourceforge.net/readme.html (Section "Greylist Opt-in / Opt-out")
### Enable case insensitive user authentication in Roundcube webmail
Please change below setting to `true` in Roundcube webmail config file
'config/main.inc.php' to enable case insensitive user authentication. The
config file should be:
* `/var/www/roundcubemail/config/main.inc.php` on RHEL/CentOS/Scientific Linux
* `/usr/share/apache2/roundcubemail/config.inc.php` on Debian/Ubuntu
* `/srv/www/roundcubemail/config/main.inc.php` on openSUSE
* `/usr/local/www/roundcubemail/config/main.inc.php` on FreeBSD
```
# Part of file: config/main.inc.php
$rcmail_config['login_lc'] = false;
```
### Fix logrotate setting of Dovecot log files
Open `/etc/logrotate.d/dovecot` and `/etc/logrotate.d/sieve`, update postrotate commands:
* If you're running Dovecot-1.x, please update postrotate command with below
value:
```
# Part of file: /etc/logrotate.d/dovecot and /etc/logrotate.d/sieve
postrotate
/bin/kill -USR1 `cat /var/run/dovecot/master.pid 2>/dev/null` 2> /dev/null || true
endscript
```
* If you're running Dovecot-2.x, please update postrotate command with below value:
# Part of file: /etc/logrotate.d/dovecot, /etc/logrotate.d/sieve
postrotate
doveadm log reopen
endscript
```
### [OPTIONAL] Enforce connections over HTTPS in Roundcube webmail
This step is optional but highly recommended for better security.
Please update below parameter in Roundcube config file
`roundcubemail/config/main.inc.php` to enforce connections over https for
better security. With this option enabled, all non-secure connections will be
redirected to httpS://.
* On RHEL/CentOS/Scientific Linux, Gentoo, OpenBSD, it's `/var/www/roundcubemail/config/main.inc.php`.
* On Debian/Ubuntu, it's `/usr/share/apache2/roundcubemail/config/main.inc.php`.
* On openSUSE, it's `/srv/www/roundcubemail/config/main.inc.php`.
* On FreeBSD, it's `/usr/local/www/roundcubemail/config/main.inc.php`.
```
# Part of file: roundcubemail/config/main.inc.php
$rcmail_config['force_https'] = true;
```
Restarting Apache web server is required.
### [OPTIONAL] Enforce connections over POP3S/IMAPS in Dovecot
This step is OPTIONAL but highly recommended for better security. Since it may
requires update on your mail users' MUA (e.g. Thunderbird, Outlook), please
notify your mail users before this change.
Since iRedMail-0.8.0, all clients are forced to use IMAPS and POPS (via
STARTTLS) for better security by default. To enable this feature, please update
below parameters in your Dovecot config file, `dovecot.conf`.
* On RHEL/CentOS/Scientific Linux 5.x, it's `/etc/dovecot.conf`.
* On RHEL/CentOS/Scientific Linux 6.x, it's `/etc/dovecot/dovecot.conf`.
* On Debian/Ubuntu, it's `/etc/dovecot/dovecot.conf`.
* On openSUSE, it's `/etc/dovecot/dovecot.conf`.
* On FreeBSD, it's `/usr/local/etc/dovecot/dovecot.conf`.
```
# Part of file: dovecot.conf
ssl = required
disable_plaintext_auth = yes
```
Restarting Dovecot service is required.
## OpenLDAP backend special
### Add internal service required by Doveadm
__NOTE__: This step is applicable to both Dovecot-1.x and Dovecot-2.x.
To use `doveadm` command provided by Dovecot-2, please add one more value of
attribute 'enabledService' for mail user.
* Download python script used to adding missing values.
```
# cd /root/
# wget https://bitbucket.org/zhb/iredmail/raw/f0e7e84c4b8a/extra/update/updateLDAPValues_074_to_080.py
```
* Open `updateLDAPValues_074_to_080.py`, config LDAP server related settings in
file head. e.g.
```
# Part of file: updateLDAPValues_074_to_080.py
uri = 'ldap://127.0.0.1:389'
basedn = 'o=domains,dc=example,dc=com'
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
bind_pw = 'passwd'
```
You can find required LDAP credential in iRedAdmin config file or `iRedMail.tips`
file under your iRedMail installation directory. Using either
`cn=Manager,dc=xx,dc=xx` or `cn=vmailadmin,dc=xx,dc=xx` as bind dn is ok.
* Execute this script, it will add missing values for mail accounts:
```
# python updateLDAPValues_074_to_080.py
```
It will print progress message in the terminal, just be patient.
If you're running Dovecot-2, please add below lines in `dovecot-ldap.conf` to
make command `doveadm mailbox` work as expected:
```
# Part of file: dovecot-ldap.conf
iterate_attrs = mail=user
iterate_filter = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail))
```
## MySQL backend special
### Add internal service required by Doveadm
To use doveadm command provided by Dovecot-2, please add one more column in
MySQL table `vmail.mailbox` with below command:
```
# mysql -uroot -p
mysql> USE vmail;
mysql> ALTER TABLE mailbox ADD COLUMN enabledoveadm TINYINT(1) NOT NULL DEFAULT 1;
```

27
upgrade/0-upgrade.iredmail.0.8.0-0.8.1.md
View File

@ -11,6 +11,33 @@
## General (All backends should apply these upgrade steps)
### Update /etc/iredmail-release with iRedMail version number
iRedMail stores the release version in `/etc/iredmail-release` after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
```
# File: /etc/iredmail-release
0.8.1
```
### Upgrade Roundcube webmail to the latest stable release
Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
latest stable release immediately: [How to upgrade Roundcube](http://trac.roundcube.net/wiki/Howto_Upgrade)
### Upgrade iRedAPD (Postfix policy server) to the latest stable release
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
[How to upgrade iRedAPD-1.4.1 or later versions to the latest stable release](http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Upgrade.iRedAPD)
### Upgrade iRedAdmin (open source edition) to the latest stable release
Please follow this tutorial to upgrade iRedAdmin open source edition to the
latest stable release: [Upgrade iRedAdmin to the latest stable release](./migrate.or.upgrade.iredadmin.html)
### Add missing auth service in Dovecot for Dovecot-2
__NOTE__: This is applicable to only Dovecot-2.x. You can check Dovecot version

2
upgrade/1-iredmail.releases.md
View File

@ -25,7 +25,7 @@
* [0.8.3](http://www.iredmail.org/forum/topic4016-news-announcements-bug-fixes-iredmail083-has-been-released.html), Oct 13, 2012. [Upgrade from iRedMail-0.8.2](./upgrade.iredmail.0.8.2-0.8.3.html)
* [0.8.2](http://www.iredmail.org/forum/topic3913-news-announcements-bug-fixes-iredmail082-has-been-released.html), Sep 19, 2012. [Upgrade from iRedMail-0.8.1](./upgrade.iredmail.0.8.1-0.8.2.html)
* [0.8.1](http://www.iredmail.org/forum/topic3499-news-announcements-bug-fixes-iredmail081-has-been-released.html), Jun 8, 2012. [Upgrade from iRedMail-0.8.0](./upgrade.iredmail.0.8.0-0.8.1.html)
* [0.8.0](http://www.iredmail.org/forum/topic3345.html), May 10, 2012. [Upgrade from iRedMail-0.7.4](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.4-0.8.0)
* [0.8.0](http://www.iredmail.org/forum/topic3345.html), May 10, 2012. [Upgrade from iRedMail-0.7.4](./upgrade.iredmail.0.7.4-0.8.0.html)
* [0.7.4](http://www.iredmail.org/forum/topic2816-iredmail074-has-been-released.html), Jan 9, 2012. [Upgrade from iRedMail-0.7.3](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.3-0.7.4)
* [0.7.3](http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.3), Aug 17, 2011. [Upgrade from iRedMail-0.7.2](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.2-0.7.3)
* [0.7.2](http://www.iredmail.org/wiki/index.php?title=Release.Notes/iRedMail/0.7.2), Jun 10, 2011. [Upgrade from iRedMail-0.7.1](http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.1-0.7.2)