Sync upgrade tutorials.

This commit is contained in:
Zhang Huangbin 2015-05-26 17:43:55 +08:00
parent a9df88e41b
commit 12e121e14d
4 changed files with 70 additions and 30 deletions

View File

@ -20,6 +20,17 @@
<h2 id="upgrade-iredapd">Upgrade iRedAPD</h2>
<p><a href="./upgrade.iredapd.html">How to upgrade iRedAPD-1.4.0 or later versions to the latest stable release</a></p>
<h2 id="changelog">ChangeLog</h2>
<h3 id="160">1.6.0</h3>
<ul>
<li>New setting: <code>MYNETWORKS</code>. used to set trusted or internal networks.</li>
<li>Plugin <code>ldap_domain_wblist</code> was removed, we didn't use it at all.</li>
<li>Plugin <code>ldap_recipient_restrictions</code> is marked as deprecated, and will be
removed in next release (1.7.0). please use <code>amavisd_wblist</code> instead.</li>
<li>Fixed issues:<ul>
<li>iRedAPD daemon exits with error <code>(9, 'Bad file descriptor')</code>.</li>
</ul>
</li>
</ul>
<h3 id="150">1.5.0</h3>
<ul>
<li>

View File

@ -16,27 +16,30 @@
<li><a href="#upgrade-iredmail-from-091-to-092">Upgrade iRedMail from 0.9.1 to 0.9.2</a><ul>
<li><a href="#changelog">ChangeLog</a></li>
<li><a href="#general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</a><ul>
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
<li><a href="#fix-the-logjam-attack">Fix 'The Logjam Attack'</a><ul>
<li><a href="#generating-a-unique-dh-group">Generating a Unique DH Group</a></li>
<li><a href="#update-apache-setting">Update Apache setting</a></li>
</ul>
</li>
</ul>
</li>
<li><a href="#note-this-step-is-applicable-if-you-have-apache-running-on-your-server">Note: This step is applicable if you have Apache running on your server.</a><ul>
<li><a href="#update-nginx-setting">Update Nginx setting</a></li>
<li><a href="#update-dovecot-setting">Update Dovecot setting</a></li>
<li><a href="#update-postfix-setting">Update Postfix setting</a></li>
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
</ul>
</li>
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-160">Upgrade iRedAPD (Postfix policy server) to the latest 1.6.0</a></li>
<li><a href="#rhelcentos-7-update-cluebringer-package-to-avoid-database-connection-failure">[RHEL/CentOS 7] Update Cluebringer package to avoid database connection failure</a></li>
<li><a href="#rhelcentos-dont-ban-applicationoctet-stream-dat-file-types-in-amavisd">[RHEL/CentOS] Don't ban application/octet-stream, dat file types in Amavisd</a></li>
<li><a href="#optional-update-one-fail2ban-filter-regular-expressio-to-help-catch-dos-attacks-to-smtp-service">[OPTIONAL] Update one Fail2ban filter regular expressio to help catch DoS attacks to SMTP service</a></li>
<li><a href="#optional-update-one-fail2ban-filter-regular-expression-to-help-catch-dos-attacks-to-smtp-service">[OPTIONAL] Update one Fail2ban filter regular expression to help catch DoS attacks to SMTP service</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<p>TODO</p>
<ul>
<li>updating /etc/iredmail-release</li>
<li>upgrade iRedAPD </li>
</ul>
<h2 id="changelog">ChangeLog</h2>
<blockquote>
<p>We provide remote upgrade service, check <a href="../support.html">the price</a> and <a href="../contact.html">contact us</a>.</p>
@ -47,9 +50,18 @@
<li>2015-05-16: [All backends][RHEL/CentOS] Don't ban 'application/octet-stream,
dat' files in Amavisd. It catches too many normal file types.</li>
<li>2015-05-16: [OPTIONAL][All backends] Update one Fail2ban filter regular
expressio to help catch DoS attacks to SMTP service</li>
expression to help catch DoS attacks to SMTP service</li>
</ul>
<h2 id="general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</h2>
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<pre><code># File: /etc/iredmail-release
0.9.2
</code></pre>
<h3 id="fix-the-logjam-attack">Fix 'The Logjam Attack'</h3>
<p>For more details about The Logjam Attack, please visit this web site:
<a href="https://weakdh.org">The Logjam Attack</a>. It also provides a detailed
@ -69,7 +81,8 @@ show you how to fix it on your iRedMail server based on that tutorial.</p>
</code></pre>
<h4 id="update-apache-setting">Update Apache setting</h4>
<h2 id="note-this-step-is-applicable-if-you-have-apache-running-on-your-server">Note: This step is applicable if you have Apache running on your server.</h2>
<p>Note: This step is applicable if you have Apache running on your server.</p>
<hr />
<ul>
<li>Check your Apache version first:</li>
</ul>
@ -167,15 +180,10 @@ ssl_dh_parameters_length = 2048
<pre><code># service postfix restart
</code></pre>
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:</p>
<pre><code># File: /etc/iredmail-release
0.9.2
</code></pre>
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-160">Upgrade iRedAPD (Postfix policy server) to the latest 1.6.0</h3>
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
<a href="./upgrade.iredapd.html">How to upgrade iRedAPD-1.4.0 or later versions to the latest stable release</a></p>
<p>Detailed release notes are available here: <a href="./iredapd.releases.html">iRedAPD release notes</a>.</p>
<h3 id="rhelcentos-7-update-cluebringer-package-to-avoid-database-connection-failure">[RHEL/CentOS 7] Update Cluebringer package to avoid database connection failure</h3>
<p>Note: This is applicable to only RHEL/CentOS 7.</p>
<p>With old Cluebringer RPM package, Cluebringer starts before SQL database starts,
@ -219,7 +227,7 @@ manage it (start, stop, restart) with <code>systemctl</code> command.</p>
<pre><code># service amavisd restart
</code></pre>
<h3 id="optional-update-one-fail2ban-filter-regular-expressio-to-help-catch-dos-attacks-to-smtp-service">[OPTIONAL] Update one Fail2ban filter regular expressio to help catch DoS attacks to SMTP service</h3>
<h3 id="optional-update-one-fail2ban-filter-regular-expression-to-help-catch-dos-attacks-to-smtp-service">[OPTIONAL] Update one Fail2ban filter regular expression to help catch DoS attacks to SMTP service</h3>
<ol>
<li>Open file <code>/etc/fail2ban/filters.d/postfix.iredmail.conf</code> or
<code>/usr/local/etc/fail2ban/filters.d/postfix.iredmail.conf</code> (on FreeBSD), find

View File

@ -2,6 +2,10 @@
[TOC]
TODO
* updating /etc/iredmail-release
* upgrade iRedAPD
## ChangeLog
@ -12,10 +16,22 @@
* 2015-05-16: [All backends][RHEL/CentOS] Don't ban 'application/octet-stream,
dat' files in Amavisd. It catches too many normal file types.
* 2015-05-16: [OPTIONAL][All backends] Update one Fail2ban filter regular
expressio to help catch DoS attacks to SMTP service
expression to help catch DoS attacks to SMTP service
## General (All backends should apply these steps)
### Update `/etc/iredmail-release` with new iRedMail version number
iRedMail stores the release version in `/etc/iredmail-release` after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
```
# File: /etc/iredmail-release
0.9.2
```
### Fix 'The Logjam Attack'
For more details about The Logjam Attack, please visit this web site:
@ -40,6 +56,7 @@ show you how to fix it on your iRedMail server based on that tutorial.
#### Update Apache setting
Note: This step is applicable if you have Apache running on your server.
----
* Check your Apache version first:
@ -151,17 +168,12 @@ Reloading or restarting Postfix service is required:
# service postfix restart
```
### Update `/etc/iredmail-release` with new iRedMail version number
### Upgrade iRedAPD (Postfix policy server) to the latest 1.6.0
iRedMail stores the release version in `/etc/iredmail-release` after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
Please follow below tutorial to upgrade iRedAPD to the latest stable release:
[How to upgrade iRedAPD-1.4.0 or later versions to the latest stable release](./upgrade.iredapd.html)
```
# File: /etc/iredmail-release
0.9.2
```
Detailed release notes are available here: [iRedAPD release notes](./iredapd.releases.html).
### [RHEL/CentOS 7] Update Cluebringer package to avoid database connection failure
@ -215,7 +227,7 @@ $banned_namepath_re = new_RE(
# service amavisd restart
```
### [OPTIONAL] Update one Fail2ban filter regular expressio to help catch DoS attacks to SMTP service
### [OPTIONAL] Update one Fail2ban filter regular expression to help catch DoS attacks to SMTP service
1. Open file `/etc/fail2ban/filters.d/postfix.iredmail.conf` or
`/usr/local/etc/fail2ban/filters.d/postfix.iredmail.conf` (on FreeBSD), find

View File

@ -13,6 +13,15 @@
## ChangeLog
### 1.6.0
* New setting: `MYNETWORKS`. used to set trusted or internal networks.
* Plugin `ldap_domain_wblist` was removed, we didn't use it at all.
* Plugin `ldap_recipient_restrictions` is marked as deprecated, and will be
removed in next release (1.7.0). please use `amavisd_wblist` instead.
* Fixed issues:
* iRedAPD daemon exits with error `(9, 'Bad file descriptor')`.
### 1.5.0
* Improvements: