diff --git a/html/backup-restore/migrate.to.new.iredmail.server.html b/html/backup-restore/migrate.to.new.iredmail.server.html deleted file mode 100644 index e79f6beb..00000000 --- a/html/backup-restore/migrate.to.new.iredmail.server.html +++ /dev/null @@ -1,133 +0,0 @@ - - - - How to migrate old iRedMail server to the latest stable release - - - - -

How to migrate old iRedMail server to the latest stable release

-
- -
-

WARNING: Please try it on a test server first. if it works well, then try it on product server.

-

Since new iRedMail server will install same components as old server, you can choose what data you want to migrate. Most important data are:

- -

WARNING: Do not restore database mysql exported from old server, it contains SQL usernames/passwords for Roundcube/Amavisd/Policyd/Cluebringer used on old server. New iRedMail server has the same SQL usernames, but different passwords. So please do not restore it.

-

Client settings (Outlook, Thunderbird)

-

Since iRedMail-0.8.7, iRedMail enforces secure POP3/IMAP/SMTP connections. -Mail client programs must issue 'STARTTLS' command before authentication, -so please update your mail client programs you must change your mail client -programs (e.g. Outlook, Thunderbird) to use TLS connection.

- -

Addition notes:

- -

LDAP: migrate mail accounts

-

Steps to migrate LDAP mail accounts:

- -

Normally, LDAP data can be exported into LDIF format. Here's backup/export script: http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Backup

-

Note: - There might be some changes in LDAP schema, please find scripts in below URL to apply all required changes: https://bitbucket.org/zhb/iredmail/src/default/extra/update/ - You can find all upgrade tutorials of iRedMail here: http://www.iredmail.org/doc.html#upgrade_tutorial

-

MySQL/PostgreSQL: Migrate mail accounts

-

All mail accounts are stored in database vmail by default, to migrate mail -accounts, you can simply export this database on old server, then import it -on new server.

-

IMPORTANT NOTE: iRedMail-0.8.7 drops several SQL columns, so before you -import backup SQL database, please add them first. It's safe to drop them -after you imported old database on new server.

-
mysql> USE vmail;
-
-mysql> ALTER TABLE mailbox ADD COLUMN bytes BIGINT(20) NOT NULL DEFAULT 0;
-mysql> ALTER TABLE mailbox ADD COLUMN messages BIGINT(20) NOT NULL DEFAULT 0;
-
-mysql> ALTER TABLE domain ADD COLUMN defaultlanguage VARCHAR(5) NOT NULL DEFAULT 'en_US';
-mysql> ALTER TABLE domain ADD COLUMN defaultuserquota BIGINT(20) NOT NULL DEFAULT '1024';
-mysql> ALTER TABLE domain ADD COLUMN defaultuseraliases TEXT;
-mysql> ALTER TABLE domain ADD COLUMN disableddomainprofiles VARCHAR(255) NOT NULL DEFAULT '';
-mysql> ALTER TABLE domain ADD COLUMN disableduserprofiles VARCHAR(255) NOT NULL DEFAULT '';
-mysql> ALTER TABLE domain ADD COLUMN defaultpasswordscheme VARCHAR(10) NOT NULL DEFAULT '';
-mysql> ALTER TABLE domain ADD COLUMN minpasswordlength INT(10) NOT NULL DEFAULT 0;
-mysql> ALTER TABLE domain ADD COLUMN maxpasswordlength INT(10) NOT NULL DEFAULT 0;
-
-mysql> ALTER TABLE alias ADD COLUMN islist TINYINT(1) NOT NULL DEFAULT 0;
-
- -

After imported backup SQL databases, please execute below commands to mark -mail alias accounts and drop above newly created columns:

-
mysql> USE vmail;
-mysql> UPDATE alias SET islist=1 WHERE address NOT IN (SELECT username FROM mailbox);
-mysql> UPDATE alias SET islist=0 WHERE address=domain;    -- domain catch-all account
-
--- Store values into new column: domain.settings and drop them
-mysql> UPDATE domain SET settings='';
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(defaultlanguage IS NULL OR defaultlanguage='', '', CONCAT('default_language:', defaultlanguage, ';')));
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(defaultuserquota IS NULL OR defaultuserquota=0, '', CONCAT('default_user_quota:', defaultuserquota, ';')));
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(defaultuseraliases IS NULL OR defaultuseraliases='', '', CONCAT('default_groups:', defaultuseraliases, ';')));
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(minpasswordlength IS NULL OR minpasswordlength=0, '', CONCAT('min_passwd_length:', minpasswordlength, ';')));
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(maxpasswordlength IS NULL OR maxpasswordlength=0, '', CONCAT('max_passwd_length:', maxpasswordlength, ';')));
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(disableddomainprofiles IS NULL OR disableddomainprofiles='', '', CONCAT('disabled_domain_profiles:', disableddomainprofiles, ';')));
-mysql> UPDATE domain SET settings=CONCAT(settings, IF(disableduserprofiles IS NULL OR disableduserprofiles='', '', CONCAT('disabled_user_profiles:', disableduserprofiles, ';')));
-
-mysql> ALTER TABLE domain DROP defaultlanguage;
-mysql> ALTER TABLE domain DROP defaultuserquota;
-mysql> ALTER TABLE domain DROP defaultuseraliases;
-mysql> ALTER TABLE domain DROP minpasswordlength;
-mysql> ALTER TABLE domain DROP maxpasswordlength;
-mysql> ALTER TABLE domain DROP disableddomainprofiles;
-mysql> ALTER TABLE domain DROP disableduserprofiles;
-
- -

IMPORTANT NOTE: There might be some changes in SQL structure, please read -all upgrade tutorials for your current iRedMail release, then apply SQL -structure related changes. For example: -http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.4-0.8.0#Add_internal_service_required_by_Doveadm_2

-

Migrate mailboxes (Maildir format)

- -

WARNING: please make sure maildir path stored in SQL/LDAP matches the mailbox -path on file system, so that mail clients can find imported emails.

-

Migrate Roundcube webmail data

- \ No newline at end of file diff --git a/html/faq-howto/use.or.migrate.password.hashes.html b/html/faq-howto/use.or.migrate.password.hashes.html deleted file mode 100644 index 63c95300..00000000 --- a/html/faq-howto/use.or.migrate.password.hashes.html +++ /dev/null @@ -1,69 +0,0 @@ - - - - How to use or migrate password hashes - - - - -

How to use or migrate password hashes

-

Password hashes supported by iRedMail

-

iRedMail configures Postfix to use Dovecot as SASL authenticate server, so all -password schemes supported by Dovecot can be used in iRedMail. Please refer to -Dovecot wiki page -Password Schemes for more details.

-

Below password schemes are supported in iRedAdmin-Pro (which means you can add new mail user with either one):

- -

NOTE: Dovecot claims it supports SSHA512, but I didn't get it work. -Please test it first if you choose SSHA512.

-

Default password schemes used in iRedMail

- -

How to use different password hashes in iRedMail

-

For MySQL and PostgreSQL backends

-

All mail users are stored in SQL table vmail.mailbox, user password is stored -in SQL column mailbox.password. For example:

-
-sql> UPDATE mailbox SET password='$1$GfHYI7OE$vlXqMZSyJOSPXAmbXHq250' WHERE username='xx@xx';
-sql> UPDATE mailbox SET password='{SSHA}OuCrqL2yWwQIu8a9uvyOQ5V/ZKfL7LJD' WHERE username='xx@xx';
-sql> UPDATE mailbox SET password='{SSHA512}FxgXDhBVYmTqoboW+ibyyzPv/wGG7y4VJtuHWrx+wfqrs/lIH2Qxn2eA0jygXtBhMvRi7GNFmL++6aAZ0kXpcy1fxag=' WHERE username='xx@xx';
-
- - -
-sql> UPDATE mailbox SET password='{PLAIN-MD5}0d2bf3c712402f428d48fed691850bfc' WHERE username='xx@xx';
-
- - -

For LDAP backends

-

User password is stored in attribute userPassword of user object.

- -

IMPORTANT NOTE: If you want to input password hash with phpLDAPadmin, -please choose clear in the password hash list, then input password hash.

\ No newline at end of file diff --git a/html/faq-howto/why.append.timestamp.in.maildir.path.html b/html/faq-howto/why.append.timestamp.in.maildir.path.html deleted file mode 100644 index b0b03d35..00000000 --- a/html/faq-howto/why.append.timestamp.in.maildir.path.html +++ /dev/null @@ -1,38 +0,0 @@ - - - - Why append timestamp in maildir path - - - - -

Why append timestamp in maildir path

-

iRedMail will append timestamp in maildir path by default, here's why.

-

Depends on the tools/scripts you used to create mail accounts, it's tunable -in scripts shipped within iRedMail and iRedAdmin (file settings.py, variable -MAILDIR_APPEND_TIMESTAMP = True or `False').

-

Deleting mail accounts with iRedAdmin will not remove the mailboxes on file -system, so that you can keep user's mailbox for some time.

-

Think about this situation:

- -

iRedAdmin doesn't remove the mailboxes on file system, so Mike will see all -emails in Michael's mailbox if Michael didn't delete them. To avoid this, we -append a timestamp in maildir path to make sure all users will be assigned -a unique maildir paths.

\ No newline at end of file diff --git a/html/faq/why.append.timestamp.in.maildir.path.html b/html/faq/why.append.timestamp.in.maildir.path.html deleted file mode 100644 index b0b03d35..00000000 --- a/html/faq/why.append.timestamp.in.maildir.path.html +++ /dev/null @@ -1,38 +0,0 @@ - - - - Why append timestamp in maildir path - - - - -

Why append timestamp in maildir path

-

iRedMail will append timestamp in maildir path by default, here's why.

-

Depends on the tools/scripts you used to create mail accounts, it's tunable -in scripts shipped within iRedMail and iRedAdmin (file settings.py, variable -MAILDIR_APPEND_TIMESTAMP = True or `False').

-

Deleting mail accounts with iRedAdmin will not remove the mailboxes on file -system, so that you can keep user's mailbox for some time.

-

Think about this situation:

- -

iRedAdmin doesn't remove the mailboxes on file system, so Mike will see all -emails in Michael's mailbox if Michael didn't delete them. To avoid this, we -append a timestamp in maildir path to make sure all users will be assigned -a unique maildir paths.

\ No newline at end of file diff --git a/html/howto/allow.user.to.send.email.without.authentication.html b/html/howto/allow.user.to.send.email.without.authentication.html deleted file mode 100644 index b417af5f..00000000 --- a/html/howto/allow.user.to.send.email.without.authentication.html +++ /dev/null @@ -1,35 +0,0 @@ - - - - How to allow user to send email without authentication - - - - -

How to allow user to send email without authentication

-
- -
-

Create a plain text file: /etc/postfix/accepted_unauth_senders:

-
-fax-machine-12@mydomain.tld OK
-
- -

Use postmap to create hash db file:

-
-# postmap hash:/etc/postfix/accepted_unauth_senders```
-
- -

Modify Postfix to use this text file: /etc/postfix/main.cf

-
-smtpd_sender_restrictions = 
-    check_sender_access hash:/etc/postfix/accepted_unauth_senders,
-    [...OTHER RESTRICTIONS HERE...]
-
- -

Restart/reload postfix to make it work:

-
-# /etc/init.d/postfix restart
-
\ No newline at end of file diff --git a/html/howto/amavisd.no.x-spam.headers.html b/html/howto/amavisd.no.x-spam.headers.html deleted file mode 100644 index 6a915d69..00000000 --- a/html/howto/amavisd.no.x-spam.headers.html +++ /dev/null @@ -1,21 +0,0 @@ - - - - Amavisd + SpamAssassin not working, no mail header (X-Spam-*) inserted. - - - - -

Amavisd + SpamAssassin not working, no mail header (X-Spam-*) inserted.

-

Amavisd has below setting in its config file /etc/amavisd/amavisd.conf by default:

-
$sa_tag_level_deflt  = 2.0;
-
-

That means Amavisd will insert X-Spam-Flag and other X-Spam-* headers when email score >= 2.0. If you want to let Amavisd always insert these headers, you can set it to a low score, for example:

-
$sa_tag_level_deflt  = -999;
-
-

Amavisd's main config file is different on different Linux/BSD distributions:

- \ No newline at end of file diff --git a/html/howto/completely.disable.amavisd.clamav.spamassassin.html b/html/howto/completely.disable.amavisd.clamav.spamassassin.html deleted file mode 100644 index c10c07e0..00000000 --- a/html/howto/completely.disable.amavisd.clamav.spamassassin.html +++ /dev/null @@ -1,50 +0,0 @@ - - - - How to completely disable amavisd/ClamAV/SpamAssassin - - - - -

How to completely disable amavisd/ClamAV/SpamAssassin

-

In iRedMail, Amavisd provides below features:

- -

Stop virus/spam scanning, keep DKIM signing/verification and Disclaimer

-

If you want to disable virus and spam scanning, but keep DKIM signing and disclaimer, please try this:

- -
# @bypass_virus_checks_maps = (1);  # controls running of anti-virus code
-# @bypass_spam_checks_maps  = (1);  # controls running of anti-spam code
-
- -

Uncomment above lines (removing "# " at the beginning of each line), and restart Amavisd service.

-

Completely disable all features

-

If you want to completely disable spam and virus scanning services, steps:

- -
content_filter = smtp-amavis:[127.0.0.1]:10024
-receive_override_options = no_address_mappings
-
- - -

Notes:

- \ No newline at end of file diff --git a/html/howto/disable.spam.virus.scanning.for.outgoing.mails.html b/html/howto/disable.spam.virus.scanning.for.outgoing.mails.html deleted file mode 100644 index df586ebb..00000000 --- a/html/howto/disable.spam.virus.scanning.for.outgoing.mails.html +++ /dev/null @@ -1,31 +0,0 @@ - - - - How to disable spam virus scanning for outgoing mails - - - - -

How to disable spam virus scanning for outgoing mails

-

To disable spam/virus scanning for outgoing mails, you can add bypass settings in Amavisd config file: /etc/amavisd/amavisd.conf (RHEL/CentOS/Scientific Linux) or /etc/amavis/conf.d/50-user (Debian/Ubuntu) or /usr/local/etc/amavisd.conf (FreeBSD).

- -

These settings can be added in setting block $policy_bank{'MYUSERS'}:

-
$policy_bank{'MYUSERS'} = {
-    [...OMIT OTHER SETTINGS HERE...]
-
-    # don't perform spam/virus/header check.
-    bypass_spam_checks_maps => [1],
-    bypass_virus_checks_maps => [1],
-    bypass_header_checks_maps => [1],
-
-    # allow sending any file names and types
-    bypass_banned_checks_maps => [1],
-}
-
- -

Restarting Amavisd service is required after changing settings.

\ No newline at end of file diff --git a/html/howto/howto.configure.thunderbird.for.iredmail.html b/html/howto/howto.configure.thunderbird.for.iredmail.html deleted file mode 100644 index 37643e9c..00000000 --- a/html/howto/howto.configure.thunderbird.for.iredmail.html +++ /dev/null @@ -1,61 +0,0 @@ - - - - Configure Thunderbird as mail client (IMAP, SMTP and global ldap address book) - - - - -

Configure Thunderbird as mail client (IMAP, SMTP and global ldap address book)

-

iRedMail provides POP3S (POP3 over TLS), IMAPS (IMAP over TLS), SMTPS (SMTP over TLS) for receiving and sending emails by default.

-

Create new mail account

-

To create a new mail account with Thunderbird, please click menu: File -> New -> Mail Account.

-

Add your name, email address and password in this screen.

-

-

Click continue, it will detect IMAP and SMTP server automatically.

-

Note:

- -

-

Configure Thunderbird as POP3 client

-

Warning: Make sure you are using full email address as username.

-

-

Configure Thunderbird as IMAP client

-

Warning: Make sure you are using full email address as username.

-

-

Configure Thunderbird to send mail via SMTP

-

Menu: Tools -> Account settings... -> Outgoing server (SMTP) -> Choose the server you are using.

-

Warning: Make sure you are using full email address as username.

-

-

Use OpenLDAP as Global LDAP Address Book

-

IMPORTANT NOTE: Thunderbird won\'t show contacts in LDAP address book directly, but it works when you starting typing email address in recipient field while composing email.

-

Here we take Thunderbird 5.0 for example. Steps:

- -

That's all.

\ No newline at end of file diff --git a/html/howto/howto.enable.smtps.service.html b/html/howto/howto.enable.smtps.service.html deleted file mode 100644 index 510acf14..00000000 --- a/html/howto/howto.enable.smtps.service.html +++ /dev/null @@ -1,68 +0,0 @@ - - - - How to enable SMTPS service (SMTP over SSL, port 465) - - - - -

How to enable SMTPS service (SMTP over SSL, port 465)

-
- -
-

Why iRedMail doesn't enable SMTPS (SMTP over SSL) by default

-

SMTPS is deprecated, so iRedMail disable it by default. -Quote from (wikipedia.org)[http://en.wikipedia.org/wiki/SMTPS]

-
-

Originally, in early 1997, the Internet Assigned Numbers Authority registered 465 for SMTPS. By the end of 1998, this was revoked when STARTTLS has been specified. With STARTTLS, the same port can be used with or without TLS. SMTP was seen as particularly important, because clients of this protocol are often other mail servers, which can not know whether a server they wish to communicate with will have a separate port for TLS. The port 465 is now registered for Source-Specific Multicast audio and video.

-
-

Why enable SMTPS since it's depreciated

-

Unfortunately, there're some popular mail clients don't support submission (SMTP over STARTTLS, port 587), the famous one is Microsoft Outlook. Quote from wikipedia.org:

-
-

Even in 2013, there are still services that continue to offer the deprecated SMTPS interface on port 465 in addition to (or instead of!) the RFC-compliant message submission interface on the port 587 defined by RFC 6409. Service providers that maintain port 465 do so because older Microsoft applications (including Entourage v10.0) do not support STARTTLS, and thus not the smtp-submission standard (ESMTPS on port 587). The only way for service providers to offer those clients an encrypted connection is to maintain port 465.

-
-

How to enable SMTPS

-

To enable SMTPS, you should configure Postfix to listen on port 465 first, then open port 465 in iptables.

-

Please find below lines in Postfix config file /etc/postfix/master.cf (Linux/OpenBSD) or /usr/local/etc/postfix/master.cf (FreeBSD):

-
#smtps     inet  n       -       n       -       -       smtpd
-#  -o smtpd_tls_wrappermode=yes
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-
-

Uncomment first 4 lines, but leave the last one commented out (because iRedMail doesn't use Postfix milter at all):

-
smtps     inet  n       -       n       -       -       smtpd
-  -o smtpd_tls_wrappermode=yes
-  -o smtpd_sasl_auth_enable=yes
-  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-
-

Restart Postfix service to enable SMTPS.

-

Open port 465 in iptables

-

On RHEL/CentOS, please update iptables rule file /etc/sysconfig/iptables, add one rule (third line in below code) for port 465, then restart iptables service.

-
# File: /etc/sysconfig/iptables
--A INPUT -p tcp --dport 25 -j ACCEPT
--A INPUT -p tcp --dport 587 -j ACCEPT
--A INPUT -p tcp --dport 465 -j ACCEPT
-
-

On Debian/Ubuntu, if you use iptables rule file provided by iRedMail, please update /etc/default/iptables, add one rule (third line in below code) for port 465, then restart iptables service.

-
File: /etc/sysconfig/iptables
--A INPUT -p tcp --dport 25 -j ACCEPT
--A INPUT -p tcp --dport 587 -j ACCEPT
--A INPUT -p tcp --dport 465 -j ACCEPT
-
-

On OpenBSD, please append service 'smtps' in /etc/pf.conf, parameter mail_services=:

-
File: /etc/pf.conf
-mail_services="{www, https, submission, imap, imaps, pop3, pop3s, ssh, smtps}"
-
-

Reload PF rule file:

-
# pfctl -f /etc/pf.conf
-
\ No newline at end of file diff --git a/html/howto/pipe.incoming.email.for.certain.user.to.external.script.html b/html/howto/pipe.incoming.email.for.certain.user.to.external.script.html deleted file mode 100644 index 30cd9fc0..00000000 --- a/html/howto/pipe.incoming.email.for.certain.user.to.external.script.html +++ /dev/null @@ -1,80 +0,0 @@ - - - - How to pipe incoming email for certain user to external script - - - - -

How to pipe incoming email for certain user to external script

-

This tutorial explains how to pipe incoming email for certain user to external script.

-

Configure Postfix to use your external script as transport

-

To pipe incoming emails to external script, you must add your external script -as Postfix transport program. Please add below line at the bottom of Postfix -config file /etc/postfix/master.cf:

-
external-pipe   unix    -   n   n   -   -   pipe
-    flags= user=vmail:vmail argv=/path/to/your/external/script.sh
-
- -

Note:

- -
external-pipe   unix    -   n   n   -   -   pipe
-    flags=DRhu user=vmail:vmail argv=/path/to/your/external/script.sh -f ${sender} -d ${user}@${domain} -m ${extension}
-
- - -

Now restart Postfix service to make this new transport available:

-
# /etc/init.d/postfix restart
-
- -

Update per-user transport to use this new transport

-

We need to update per-user transport setting, so that all emails delivered to -this user will be piped to this new transport - your script.

- -
-sql> USE vmail;
-sql> UPDATE mailbox SET transport='external-pipe' WHERE username='user@domain.ltd';
-
- -

That's all.

\ No newline at end of file diff --git a/html/howto/recalculate.mailbox.quota.html b/html/howto/recalculate.mailbox.quota.html deleted file mode 100644 index 6638f280..00000000 --- a/html/howto/recalculate.mailbox.quota.html +++ /dev/null @@ -1,32 +0,0 @@ - - - - How to force Dovecot to recalculate mailbox quota - - - - -

How to force Dovecot to recalculate mailbox quota

-

iRedMail enables dict quota since iRedMail-0.7.0, dict quota is recalculated -only if the quota goes below zero

- -
-mysql> USE vmail;
-mysql> DELETE FROM used_quota WHERE username='user@domain.ltd';
-
- - -
-mysql> USE iredadmin;
-mysql> DELETE FROM used_quota WHERE username='user@domain.ltd';
-
- -

Re-login via POP3/IMAP (or webmail) will trigger Dovecot to recalculate mailbox -quota.

-

TIP: it's safe to delete records in SQL table used_quota if mail user -was deleted in table vmail.mailbox or LDAP. iRedAdmin-Pro will handle this -for you automatically.

\ No newline at end of file diff --git a/html/howto/store.spamassassin.bayes.in.sql.html b/html/howto/store.spamassassin.bayes.in.sql.html deleted file mode 100644 index 36f882b5..00000000 --- a/html/howto/store.spamassassin.bayes.in.sql.html +++ /dev/null @@ -1,212 +0,0 @@ - - - - How to store spamassassin bayes in SQL - - - - -

How to store spamassassin bayes in SQL

-

THIS ARTICLE IS STILL A DRAFT, DO NOT APPLY IT IN PRODUCTION SERVER.

-

Summary

-

This article will guide you to configure related components to store -SpamAssassin Bayes data in SQL server, and allow webmail users to report spam -with one click.

-

Tested with:

- -

Notes:

- -

IMPORTANT NOTE:

- -

Create required SQL database used to store bayes data

-

We need to create a SQL database and necessary tables to store SpamAssassin -bayes data. The RPM package installed on CentOS 6 doesn't ship SQL template -for bayes database, so we have to download it from Apache web site. We're -running SpamAssassin-3.3.1, so what we need is this SQL template file: -http://svn.apache.org/repos/asf/spamassassin/tags/spamassassin_release_3_3_1/sql/bayes_mysql.sql. -If you're running different version, please find the proper SQL file here: -http://svn.apache.org/repos/asf/spamassassin/tags/.

-
-# cd /root/
-# wget http://svn.apache.org/repos/asf/spamassassin/tags/spamassassin_release_3_3_1/sql/bayes_mysql.sql
-
- -

Create MySQL database and import SQL template file:

-
-# mysql -uroot -p
-mysql> CREATE DATABASE sa_bayes;
-mysql> USE sa_bayes;
-mysql> SOURCE /root/bayes_mysql.sql;
-
- -

Create a new MySQL user (with password sa_user_password) and grant -permissions. IMPORTANT NOTE: Please replace password sa_user_password -by your own password.

-
-mysql> GRANT SELECT, INSERT, UPDATE, DELETE ON sa_bayes.* TO sa_user@localhost IDENTIFIED BY 'sa_user_password';
-mysql> FLUSH PRIVILEGES;
-
- -

Enable Bayes modules in SpamAssassin

-

Edit /etc/mail/spamassassin/local.cf, add (or modify below settings):

-
-use_bayes          1
-bayes_auto_learn   1
-bayes_auto_expire  1
-
-# Store bayesian data in MySQL
-bayes_store_module Mail::SpamAssassin::BayesStore::MySQL
-bayes_sql_dsn      DBI:mysql:sa_bayes:127.0.0.1:3306
-
-# Store bayesian data in PostgreSQL
-#bayes_store_module Mail::SpamAssassin::BayesStore::PgSQL
-#bayes_sql_dsn      DBI:Pg:sa_bayes:127.0.0.1:5432
-
-bayes_sql_username sa_user
-bayes_sql_password sa_user_password
-
-# Override the username used for storing
-# data in the database. This could be used to group users together to
-# share bayesian filter data. You can also use this config option to
-# trick sa-learn to learn data as a specific user.
-bayes_sql_override_username vmail
-
- -

Make sure SpamAssassin will load bayes modules:

-
-# /etc/init.d/amavisd stop
-# amavisd -c /etc/amavisd/amavisd.conf debug 2>&1 | grep -i 'bayes'
-May 16 09:59:33 ... SpamAssassin loaded plugins: ..., Bayes, ...
-May 16 10:27:38 ... extra modules loaded after daemonizing/chrooting:
-    Mail/SpamAssassin/BayesStore/MySQL.pm, Mail/SpamAssassin/BayesStore/SQL.pm, ...
-
- -

Looks fine. Now press Ctrl-C to terminate above command.

-

Start Amavisd service:

-
-# /etc/init.d/amavisd restart
-
- -

It is required we initialize the database by learning a message. We use the -sample spam email shipped in the RPM package provided by CentOS 6:

-
-# rpm -ql spamassassin | grep 'sample-spam'
-/usr/share/doc/spamassassin-3.3.1/sample-spam.txt
-
-# sa-learn --spam --username=vmail /usr/share/doc/spamassassin-3.3.1/sample-spam.txt
-Learned tokens from 1 message(s) (1 message(s) examined)
-
- -

Enable Roundcube plugin: markasjunk2

- -
-# cd /var/www/roundcubemail/plugins/markasjunk2/
-# cp config.inc.php.dist config.inc.php
-
- - -
-$rcmail_config['markasjunk2_learning_driver'] = 'cmd_learn';
-$rcmail_config['markasjunk2_read_spam'] = true;
-$rcmail_config['markasjunk2_unread_ham'] = false;
-$rcmail_config['markasjunk2_move_spam'] = true;
-$rcmail_config['markasjunk2_move_ham'] = true;
-$rcmail_config['markasjunk2_mb_toolbar'] = true;
-
-$rcmail_config['markasjunk2_spam_cmd'] = 'sa-learn --spam --username=vmail %f';
-$rcmail_config['markasjunk2_ham_cmd'] = 'sa-learn --ham --username=vmail %f';
-
- - -
-$rcmail_config['plugins'] = array(..., "markasjunk2");
-
- - -
-# OLD SETTING
-# disable_functions =show_source,system,shell_exec,passthru,exec,phpinfo,proc_open ;
-
-# NEW SETTING. exec is removed.
-disable_functions =show_source,system,shell_exec,passthru,phpinfo,proc_open ;
-
- - -

You will see a new toolbar button after logging into Roundcube webmail:

-

-

Check SQL database sa_bayes before we testing this plugin:

-
-# mysql -uroot -p
-mysql> USE sa_bayes;
-mysql> SELECT COUNT(*) FROM bayes_token;
-+----------+
-| count(*) |
-+----------+
-|       65 |
-+----------+
-
- -

Back to Roundcube webmail, select a spam email (or a testing email), click -Mark as Junk button, then this email will be scanned by command sa-learn. -Check database sa_bayes again to make sure it's working:

-
-# mysql -uroot -p
-mysql> USE sa_bayes;
-mysql> SELECT COUNT(*) FROM bayes_token;
-+----------+
-| count(*) |
-+----------+
-|      143 |
-+----------+
-
- -

Note: You may get different result number as shown above.

-

So far so good. That's all we need to do.

-

References

- \ No newline at end of file diff --git a/html/howto/unattended.iredmail.installation.html b/html/howto/unattended.iredmail.installation.html deleted file mode 100644 index 0f538a40..00000000 --- a/html/howto/unattended.iredmail.installation.html +++ /dev/null @@ -1,157 +0,0 @@ - - - - How to perform silent/unattended iRedMail installation - - - - -

How to perform silent/unattended iRedMail installation

-

iRedMail will store configrations in file iRedMail-x.y.z/config during -installation, and ask you whether to use it for installation directly -or create a new one.

-

You can create a sample config file by executing iRedMail installer:

-
# bash iRedMail.sh
-
- -

After config wizard dialogs, you will find file config under iRedMail root -directory. For example, /root/iRedMail-0.8.7/config. it will ask whether to -start installation or not, you can cancel it if you want.

-

You can copy this config file to deploy as many servers as you want, change -the hard-coded passwords in it if you want.

-

How to deploy a new server with sample config file:

- -
# AUTO_USE_EXISTING_CONFIG_FILE=y \
-    AUTO_INSTALL_WITHOUT_CONFIRM=y \
-    AUTO_CLEANUP_REMOVE_SENDMAIL=y \
-    AUTO_CLEANUP_REMOVE_MOD_PYTHON=y \
-    AUTO_CLEANUP_REPLACE_FIREWALL_RULES=y \
-    AUTO_CLEANUP_RESTART_IPTABLES=y \
-    AUTO_CLEANUP_REPLACE_MYSQL_CONFIG=y \
-    AUTO_CLEANUP_RESTART_POSTFIX=n \
-    bash iRedMail.sh
-
- -

Sample Deployment

-

Here's how i preform iRedMail tests every day with VMware Fusion on Mac OS X, -all are completed automatically with a shell command.

- -
ssh root@[SERVER] "cd /root/iRedMail/ && IREDMAIL_DEBUG='NO' AUTO_USE_EXISTING_CONFIG_FILE=y AUTO_INSTALL_WITHOUT_CONFIRM=y AUTO_CLEANUP_REMOVE_SENDMAIL=y AUTO_CLEANUP_REMOVE_MOD_PYTHON=y AUTO_CLEANUP_REPLACE_FIREWALL_RULES=y AUTO_CLEANUP_RESTART_IPTABLES=y AUTO_CLEANUP_REPLACE_MYSQL_CONFIG=y AUTO_CLEANUP_RESTART_POSTFIX=n bash iRedMail.sh"
-
- - -

It should complete in 2-3 minutes (uploading binary packages takes most time), -then i got a working iRedMail server. I do this many times every day.

-

I have 5 prepared iRedMail config files for different backends: OpenLDAP, -MySQL, MariaDB, PostgreSQL, ldapd (OpenBSD only). i run my script with an -option to install iRedMail with specified backend like below, the script will -upload proper config file to server:

-
# bash auto.centos7.sh ldap
-# bash auto.centos7.sh mysql
-# bash auto.centos7.sh pgsql
-# bash auto.ubuntu14.sh mariadb
-# bash auto.openbsd55.sh ldapd
-
- -

Below is file of auto.centos7.sh mentioned above, it prepares VMware virtual -machine, then execute another script c7.sh to perform the real installation.

-
#!/usr/bin/env bash
-# File: auto.centos7.sh
-
-[ X"$#" != X'1' ] && echo 'No backend? ldap, mysql, pgsql' && exit 255
-export backend="${1}"
-
-export VMRUN='vmrun -T fusion'
-export VM_USER_ROOT='root'
-export VM_HOSTNAME='c7'
-
-export VM="/Users/zhb/vm.packages/vm/CentOS-7-x86_64.vmwarevm/CentOS-7-x86_64.vmx"
-
-echo "* Revert to the latest snapshot."
-${VMRUN} revertToSnapshot ${VM} Latest
-
-echo "* Start VM."
-${VMRUN} start ${VM}
-
-echo "* Sleep 30 seconds to wait VM start up."
-sleep 30
-
-echo "* Detect network status with ssh."
-while :; do
-    ssh ${VM_USER_ROOT}@${VM_HOSTNAME} "exit"
-    if [ X"$?" == X'0' ]; then
-        break
-    else
-        sleep 5
-    fi
-done
-
-echo "* Start testing iRedMail."
-sh ${VM_HOSTNAME}.sh ${backend}
-
- -
#!/usr/bin/env bash
-# File: c7.sh
-[ X"$#" != X'1' ] && echo 'No backend?' && exit 255
-backend="${1}"
-# hostname of your VMware virtual machine set in Mac OS X /etc/hosts.
-HOST="c7"
-
-echo 'copying iRedMail ...'
-scp -r ~/projects/iredmail/iRedMail root@${HOST}:~ >/dev/null
-
-echo 'copying pkgs/misc ...'
-scp -r misc root@${HOST}:~/iRedMail/pkgs/ >/dev/null
-scp -r config.${backend} root@${HOST}:~/iRedMail/config >/dev/null
-
-echo 'copying archives ...'
-scp -r rhel/7/yum root@${HOST}:/var/cache/ >/dev/null
-
-echo 'updating .status ...'
-ssh root@${HOST} "echo export status_check_new_iredmail='DONE' > /root/iRedMail/.status"
-ssh root@${HOST} "echo export status_fetch_pkgs='DONE' >> /root/iRedMail/.status"
-ssh root@${HOST} "echo export status_fetch_misc='DONE' >> /root/iRedMail/.status"
-ssh root@${HOST} "echo export status_cleanup_update_clamav_signatures='DONE' >> /root/iRedMail/.status"
-ssh root@${HOST} "cd /root/iRedMail/ && yum clean metadata && AUTO_USE_EXISTING_CONFIG_FILE=y AUTO_INSTALL_WITHOUT_CONFIRM=y AUTO_CLEANUP_REMOVE_SENDMAIL=y AUTO_CLEANUP_REMOVE_MOD_PYTHON=y AUTO_CLEANUP_REPLACE_FIREWALL_RULES=y AUTO_CLEANUP_RESTART_IPTABLES=y AUTO_CLEANUP_REPLACE_MYSQL_CONFIG=y AUTO_CLEANUP_RESTART_POSTFIX=n bash iRedMail.sh"
-ssh root@${HOST} "/usr/bin/systemctl stop firewalld"
-
-#ssh root@${HOST} "mkdir /root/pro && cp /var/www/iredadmin/settings.py /root/pro/"
-#scp -r clamav/* root@${HOST}:/var/lib/clamav/
-#ssh root@${HOST} "chown clamupdate:clamupdate /var/lib/clamav/*"
-ssh root@${HOST} "echo 'reboot'; reboot"
-
\ No newline at end of file diff --git a/html/howto/use.or.migrate.password.hashes.html b/html/howto/use.or.migrate.password.hashes.html deleted file mode 100644 index 63c95300..00000000 --- a/html/howto/use.or.migrate.password.hashes.html +++ /dev/null @@ -1,69 +0,0 @@ - - - - How to use or migrate password hashes - - - - -

How to use or migrate password hashes

-

Password hashes supported by iRedMail

-

iRedMail configures Postfix to use Dovecot as SASL authenticate server, so all -password schemes supported by Dovecot can be used in iRedMail. Please refer to -Dovecot wiki page -Password Schemes for more details.

-

Below password schemes are supported in iRedAdmin-Pro (which means you can add new mail user with either one):

- -

NOTE: Dovecot claims it supports SSHA512, but I didn't get it work. -Please test it first if you choose SSHA512.

-

Default password schemes used in iRedMail

- -

How to use different password hashes in iRedMail

-

For MySQL and PostgreSQL backends

-

All mail users are stored in SQL table vmail.mailbox, user password is stored -in SQL column mailbox.password. For example:

-
-sql> UPDATE mailbox SET password='$1$GfHYI7OE$vlXqMZSyJOSPXAmbXHq250' WHERE username='xx@xx';
-sql> UPDATE mailbox SET password='{SSHA}OuCrqL2yWwQIu8a9uvyOQ5V/ZKfL7LJD' WHERE username='xx@xx';
-sql> UPDATE mailbox SET password='{SSHA512}FxgXDhBVYmTqoboW+ibyyzPv/wGG7y4VJtuHWrx+wfqrs/lIH2Qxn2eA0jygXtBhMvRi7GNFmL++6aAZ0kXpcy1fxag=' WHERE username='xx@xx';
-
- - -
-sql> UPDATE mailbox SET password='{PLAIN-MD5}0d2bf3c712402f428d48fed691850bfc' WHERE username='xx@xx';
-
- - -

For LDAP backends

-

User password is stored in attribute userPassword of user object.

- -

IMPORTANT NOTE: If you want to input password hash with phpLDAPadmin, -please choose clear in the password hash list, then input password hash.

\ No newline at end of file diff --git a/html/troubleshooting/turn.on.debug.mode.in.dovecot.html b/html/troubleshooting/turn.on.debug.mode.in.dovecot.html deleted file mode 100644 index 9a1ac67b..00000000 --- a/html/troubleshooting/turn.on.debug.mode.in.dovecot.html +++ /dev/null @@ -1,23 +0,0 @@ - - - - How to turn on debug mode in Dovecot - - - - -

How to turn on debug mode in Dovecot

-

To turn on debug mode in Dovecot, please update Dovecot config file -/etc/dovecot/dovecot.conf (Linux/OpenBSD) or -/usr/local/etc/dovecot/dovecot.conf (FreeBSD), set mail_debug to yes:

-
mail_debug = yes
-
- -

Restart Dovecot service.

-

If you need authentication and password related debug message, turn on related -settings and restart dovecot service.

-
auth_verbose = yes
-auth_debug = yes
-auth_debug_passwords = yes
-auth_verbose_passwords = yes
-
\ No newline at end of file