From 23587eb95baecac56b94cfad1479f235e2da5101 Mon Sep 17 00:00:00 2001
From: Zhang Huangbin
Date: Thu, 18 Jul 2019 13:57:03 +0800
Subject: [PATCH] Sync iRedMail upgrade tutorial.
---
.../upgrade/0-upgrade.iredmail.0.9.7-0.9.8.md | 10 +-
en_US/upgrade/0-upgrade.iredmail.0.9.9-1.0.md | 205 ++++++++++++++++++
html/upgrade.iredmail.0.9.7-0.9.8.html | 16 +-
html/upgrade.iredmail.0.9.9-1.0.html | 193 +++++++++++++++++
4 files changed, 414 insertions(+), 10 deletions(-)
diff --git a/en_US/upgrade/0-upgrade.iredmail.0.9.7-0.9.8.md b/en_US/upgrade/0-upgrade.iredmail.0.9.7-0.9.8.md
index d05c7979..0a5dd157 100644
--- a/en_US/upgrade/0-upgrade.iredmail.0.9.7-0.9.8.md
+++ b/en_US/upgrade/0-upgrade.iredmail.0.9.7-0.9.8.md
@@ -734,17 +734,17 @@ We've made some changes to `vmail` database:
```bash /var/vmail/backup/backup_pgsql.sh```
-Download SQL template file used to update SQL database:
+* Download SQL template file used to update SQL database:
```
cd /tmp/
wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/0.9.8/iredmail.pgsql
```
-Connect to PostgreSQL server as `postgres` user and import the SQL file:
-* on Linux, it's `postgres` user
-* on FreeBSD, it's `pgsql` user
-* on OpenBSD, it's `_postgresql` user
+* Connect to PostgreSQL server as `postgres` user and import the SQL file:
+ * on Linux, it's `postgres` user
+ * on FreeBSD, it's `pgsql` user
+ * on OpenBSD, it's `_postgresql` user
```
su - postgres
diff --git a/en_US/upgrade/0-upgrade.iredmail.0.9.9-1.0.md b/en_US/upgrade/0-upgrade.iredmail.0.9.9-1.0.md
index 25da2521..621721a5 100644
--- a/en_US/upgrade/0-upgrade.iredmail.0.9.9-1.0.md
+++ b/en_US/upgrade/0-upgrade.iredmail.0.9.9-1.0.md
@@ -127,6 +127,8 @@ wget -O dovecot.iredmail.conf https://bitbucket.org/zhb/iredmail/raw/default/iRe
Restarting Fail2ban service is required.
+## For OpenLDAP backend
+
### [OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.
With default iRedMail settings, Postfix accepts email without checking whether
@@ -138,6 +140,209 @@ With the change below, Postfix will query mailbox quota status from Dovecot
directly, then reject email if it's over quota. It saves system resource used
to process this email (e.g. spam/virus scanning), and avoids bounce message.
+#### Add required LDAP attribute/value pair for all mail users
+
+According to the Dovecot settings configured by iRedMail, all mail users
+should have LDAP attribute/value pair `enabledService=quota-status` to use
+this service.
+
+* Download script used to update existing mail accounts:
+
+```
+cd /root/
+wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/updateLDAPValues_099_to_1.py
+```
+
+* Open downloaded file `updateLDAPValues_099_to_1.py`, set LDAP server
+ related settings in this file. For example:
+
+```
+# Part of file: updateLDAPValues_099_to_1.py
+
+uri = 'ldap://127.0.0.1:389'
+basedn = 'o=domains,dc=example,dc=com'
+bind_dn = 'cn=vmailadmin,dc=example,dc=com'
+bind_pw = 'passwd'
+```
+
+You can find required LDAP credential in iRedAdmin config file or
+`iRedMail.tips` file under your iRedMail installation directory. Using either
+`cn=Manager,dc=xx,dc=xx` or `cn=vmailadmin,dc=xx,dc=xx` as bind dn is ok, both
+of them have read-write privilege to update mail accounts.
+
+* Execute this script, it will add required data:
+
+```
+# python updateLDAPValues_099_to_1.py
+```
+
+#### Enable quota-status service in Dovecot
+
+Open Dovecot config file `/etc/dovecot/dovecot.conf` (Linux/OpenBSD) or
+`/usr/local/etc/dovecot/dovecot.conf` (FreeBSD), find the `plugin {}` block
+and add 3 new parameters:
+
+```
+plugin {
+ ...
+ # Used by quota-status service.
+ quota_status_success = DUNNO
+ quota_status_nouser = DUNNO
+ quota_status_overquota = "552 5.2.2 Mailbox is full"
+ ...
+}
+```
+
+In same `dovecot.conf`, append settings below __at the end of file__:
+
+* With settings below, Dovecot quota-status service will listen on `127.0.0.1:12340`.
+* You can change the port number `12340` to any other spare one if you want.
+
+```
+service quota-status {
+ executable = quota-status -p postfix
+ client_limit = 1
+ inet_listener {
+ address = 127.0.0.1
+ port = 12340
+ }
+}
+```
+
+Restarting Dovecot service is required.
+
+#### Enable quota status check in Postfix
+
+Open Postfix config file `/etc/postfix/main.cf` (Linux/OpenBSD) or
+`/usr/local/etc/postfix/main.cf` (FreeBSD), find parameter
+`smtpd_recipient_restrictions` and append a new `check_policy_service` setting
+__at the end__ like below:
+
+```
+smtpd_recipient_restrictions =
+ ...
+ check_policy_service inet:127.0.0.1:12340
+```
+
+Restarting Postfix service is required.
+
+## For MySQL/MariaDB backends
+
+### [OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.
+
+With default iRedMail settings, Postfix accepts email without checking whether
+user's mailbox is over quota, then pipes email to Dovecot LDA for local
+delivery. If mailbox is over quota, Dovecot can not save message to mailbox
+and generates a "sender non-delivery notification" to sender.
+
+With the change below, Postfix will query mailbox quota status from Dovecot
+directly, then reject email if it's over quota. It saves system resource used
+to process this email (e.g. spam/virus scanning), and avoids bounce message.
+
+#### Add new SQL column in `vmail.mailbox` table
+
+According to the Dovecot settings configured by iRedMail, a new SQL column
+`mailbox.enablequota-status` is required.
+
+Download plain SQL file used to create required column and index, then import
+it directly as MySQL root user (Please run commands below as `root` user):
+
+```
+wget -O /tmp/iredmail.mysql https://bitbucket.org/zhb/iredmail/raw/default/extra/update/1.0/iredmail.mysql
+mysql vmail < /tmp/iredmail.mysql
+rm -f /tmp/iredmail.mysql
+```
+
+#### Enable quota-status service in Dovecot
+
+Open Dovecot config file `/etc/dovecot/dovecot.conf` (Linux/OpenBSD) or
+`/usr/local/etc/dovecot/dovecot.conf` (FreeBSD), find the `plugin {}` block
+and add 3 new parameters:
+
+```
+plugin {
+ ...
+ # Used by quota-status service.
+ quota_status_success = DUNNO
+ quota_status_nouser = DUNNO
+ quota_status_overquota = "552 5.2.2 Mailbox is full"
+ ...
+}
+```
+
+In same `dovecot.conf`, append settings below __at the end of file__:
+
+* With settings below, Dovecot quota-status service will listen on `127.0.0.1:12340`.
+* You can change the port number `12340` to any other spare one if you want.
+
+```
+service quota-status {
+ executable = quota-status -p postfix
+ client_limit = 1
+ inet_listener {
+ address = 127.0.0.1
+ port = 12340
+ }
+}
+```
+
+Restarting Dovecot service is required.
+
+#### Enable quota status check in Postfix
+
+Open Postfix config file `/etc/postfix/main.cf` (Linux/OpenBSD) or
+`/usr/local/etc/postfix/main.cf` (FreeBSD), find parameter
+`smtpd_recipient_restrictions` and append a new `check_policy_service` setting
+__at the end__ like below:
+
+```
+smtpd_recipient_restrictions =
+ ...
+ check_policy_service inet:127.0.0.1:12340
+```
+
+Restarting Postfix service is required.
+
+## For PostgreSQL backend
+
+### [OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.
+
+With default iRedMail settings, Postfix accepts email without checking whether
+user's mailbox is over quota, then pipes email to Dovecot LDA for local
+delivery. If mailbox is over quota, Dovecot can not save message to mailbox
+and generates a "sender non-delivery notification" to sender.
+
+With the change below, Postfix will query mailbox quota status from Dovecot
+directly, then reject email if it's over quota. It saves system resource used
+to process this email (e.g. spam/virus scanning), and avoids bounce message.
+
+#### Add new SQL column in `vmail.mailbox` table
+
+According to the Dovecot settings configured by iRedMail, a new SQL column
+`mailbox.enablequota-status` is required.
+
+* Download plain SQL file used to create required column and index:
+
+```
+wget -O /tmp/iredmail.pgsql https://bitbucket.org/zhb/iredmail/raw/default/extra/update/1.0/iredmail.pgsql
+```
+
+* Connect to PostgreSQL server as `postgres` user and import the SQL file:
+ * on Linux, it's `postgres` user
+ * on FreeBSD, it's `pgsql` user
+ * on OpenBSD, it's `_postgresql` user
+
+```
+su - postgres
+psql -d vmail < /tmp/iredmail.pgsql
+```
+
+* Remove downloaded file as root user:
+
+```
+rm -f /tmp/iredmail.pgsql
+```
+
#### Enable quota-status service in Dovecot
Open Dovecot config file `/etc/dovecot/dovecot.conf` (Linux/OpenBSD) or
diff --git a/html/upgrade.iredmail.0.9.7-0.9.8.html b/html/upgrade.iredmail.0.9.7-0.9.8.html
index 4c76ab1c..662e6cf2 100644
--- a/html/upgrade.iredmail.0.9.7-0.9.8.html
+++ b/html/upgrade.iredmail.0.9.7-0.9.8.html
@@ -723,15 +723,21 @@ sasl auth. Please follow steps below to fix it.
Please backup SQL database vmail
before you run any SQL commands below.
bash /var/vmail/backup/backup_pgsql.sh
-Download SQL template file used to update SQL database:
+
+- Download SQL template file used to update SQL database:
+
cd /tmp/
wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/0.9.8/iredmail.pgsql
-Connect to PostgreSQL server as postgres
user and import the SQL file:
- on Linux, it's postgres
user
- on FreeBSD, it's pgsql
user
-* on OpenBSD, it's _postgresql
user
+
+- Connect to PostgreSQL server as
postgres
user and import the SQL file:
+- on Linux, it's
postgres
user
+- on FreeBSD, it's
pgsql
user
+- on OpenBSD, it's
_postgresql
user
+
+
+
su - postgres
psql -d vmail < /tmp/iredmail.pgsql
diff --git a/html/upgrade.iredmail.0.9.9-1.0.html b/html/upgrade.iredmail.0.9.9-1.0.html
index 1897a55f..c11b115e 100644
--- a/html/upgrade.iredmail.0.9.9-1.0.html
+++ b/html/upgrade.iredmail.0.9.9-1.0.html
@@ -29,13 +29,35 @@
Upgrade netdata to the latest stable release (1.15.0)
Fixed: improper order of Postfix smtpd_sender_restriction rules
Fail2ban: slightly loose filter rule for postfix
+
+
+For OpenLDAP backend
+For MySQL/MariaDB backends
+
+For PostgreSQL backend
+
@@ -146,6 +168,7 @@ wget -O dovecot.iredmail.conf https://bitbucket.org/zhb/iredmail/raw/default/iRe
Restarting Fail2ban service is required.
+For OpenLDAP backend
[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.
With default iRedMail settings, Postfix accepts email without checking whether
user's mailbox is over quota, then pipes email to Dovecot LDA for local
@@ -154,6 +177,39 @@ and generates a "sender non-delivery notification" to sender.
With the change below, Postfix will query mailbox quota status from Dovecot
directly, then reject email if it's over quota. It saves system resource used
to process this email (e.g. spam/virus scanning), and avoids bounce message.
+Add required LDAP attribute/value pair for all mail users
+According to the Dovecot settings configured by iRedMail, all mail users
+should have LDAP attribute/value pair enabledService=quota-status
to use
+this service.
+
+- Download script used to update existing mail accounts:
+
+cd /root/
+wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/updateLDAPValues_099_to_1.py
+
+
+
+- Open downloaded file
updateLDAPValues_099_to_1.py
, set LDAP server
+ related settings in this file. For example:
+
+# Part of file: updateLDAPValues_099_to_1.py
+
+uri = 'ldap://127.0.0.1:389'
+basedn = 'o=domains,dc=example,dc=com'
+bind_dn = 'cn=vmailadmin,dc=example,dc=com'
+bind_pw = 'passwd'
+
+
+You can find required LDAP credential in iRedAdmin config file or
+iRedMail.tips
file under your iRedMail installation directory. Using either
+cn=Manager,dc=xx,dc=xx
or cn=vmailadmin,dc=xx,dc=xx
as bind dn is ok, both
+of them have read-write privilege to update mail accounts.
+
+- Execute this script, it will add required data:
+
+# python updateLDAPValues_099_to_1.py
+
+
Enable quota-status service in Dovecot
Open Dovecot config file /etc/dovecot/dovecot.conf
(Linux/OpenBSD) or
/usr/local/etc/dovecot/dovecot.conf
(FreeBSD), find the plugin {}
block
@@ -194,6 +250,143 @@ and add 3 new parameters:
check_policy_service inet:127.0.0.1:12340
+Restarting Postfix service is required.
+For MySQL/MariaDB backends
+[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.
+With default iRedMail settings, Postfix accepts email without checking whether
+user's mailbox is over quota, then pipes email to Dovecot LDA for local
+delivery. If mailbox is over quota, Dovecot can not save message to mailbox
+and generates a "sender non-delivery notification" to sender.
+With the change below, Postfix will query mailbox quota status from Dovecot
+directly, then reject email if it's over quota. It saves system resource used
+to process this email (e.g. spam/virus scanning), and avoids bounce message.
+Add new SQL column in vmail.mailbox
table
+According to the Dovecot settings configured by iRedMail, a new SQL column
+mailbox.enablequota-status
is required.
+Download plain SQL file used to create required column and index, then import
+it directly as MySQL root user (Please run commands below as root
user):
+wget -O /tmp/iredmail.mysql https://bitbucket.org/zhb/iredmail/raw/default/extra/update/1.0/iredmail.mysql
+mysql vmail < /tmp/iredmail.mysql
+rm -f /tmp/iredmail.mysql
+
+
+Enable quota-status service in Dovecot
+Open Dovecot config file /etc/dovecot/dovecot.conf
(Linux/OpenBSD) or
+/usr/local/etc/dovecot/dovecot.conf
(FreeBSD), find the plugin {}
block
+and add 3 new parameters:
+plugin {
+ ...
+ # Used by quota-status service.
+ quota_status_success = DUNNO
+ quota_status_nouser = DUNNO
+ quota_status_overquota = "552 5.2.2 Mailbox is full"
+ ...
+}
+
+
+In same dovecot.conf
, append settings below at the end of file:
+
+- With settings below, Dovecot quota-status service will listen on
127.0.0.1:12340
.
+- You can change the port number
12340
to any other spare one if you want.
+
+service quota-status {
+ executable = quota-status -p postfix
+ client_limit = 1
+ inet_listener {
+ address = 127.0.0.1
+ port = 12340
+ }
+}
+
+
+Restarting Dovecot service is required.
+Enable quota status check in Postfix
+Open Postfix config file /etc/postfix/main.cf
(Linux/OpenBSD) or
+/usr/local/etc/postfix/main.cf
(FreeBSD), find parameter
+smtpd_recipient_restrictions
and append a new check_policy_service
setting
+at the end like below:
+smtpd_recipient_restrictions =
+ ...
+ check_policy_service inet:127.0.0.1:12340
+
+
+Restarting Postfix service is required.
+For PostgreSQL backend
+[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.
+With default iRedMail settings, Postfix accepts email without checking whether
+user's mailbox is over quota, then pipes email to Dovecot LDA for local
+delivery. If mailbox is over quota, Dovecot can not save message to mailbox
+and generates a "sender non-delivery notification" to sender.
+With the change below, Postfix will query mailbox quota status from Dovecot
+directly, then reject email if it's over quota. It saves system resource used
+to process this email (e.g. spam/virus scanning), and avoids bounce message.
+Add new SQL column in vmail.mailbox
table
+According to the Dovecot settings configured by iRedMail, a new SQL column
+mailbox.enablequota-status
is required.
+
+- Download plain SQL file used to create required column and index:
+
+wget -O /tmp/iredmail.pgsql https://bitbucket.org/zhb/iredmail/raw/default/extra/update/1.0/iredmail.pgsql
+
+
+
+- Connect to PostgreSQL server as
postgres
user and import the SQL file:
+- on Linux, it's
postgres
user
+- on FreeBSD, it's
pgsql
user
+- on OpenBSD, it's
_postgresql
user
+
+
+
+su - postgres
+psql -d vmail < /tmp/iredmail.pgsql
+
+
+
+- Remove downloaded file as root user:
+
+rm -f /tmp/iredmail.pgsql
+
+
+Enable quota-status service in Dovecot
+Open Dovecot config file /etc/dovecot/dovecot.conf
(Linux/OpenBSD) or
+/usr/local/etc/dovecot/dovecot.conf
(FreeBSD), find the plugin {}
block
+and add 3 new parameters:
+plugin {
+ ...
+ # Used by quota-status service.
+ quota_status_success = DUNNO
+ quota_status_nouser = DUNNO
+ quota_status_overquota = "552 5.2.2 Mailbox is full"
+ ...
+}
+
+
+In same dovecot.conf
, append settings below at the end of file:
+
+- With settings below, Dovecot quota-status service will listen on
127.0.0.1:12340
.
+- You can change the port number
12340
to any other spare one if you want.
+
+service quota-status {
+ executable = quota-status -p postfix
+ client_limit = 1
+ inet_listener {
+ address = 127.0.0.1
+ port = 12340
+ }
+}
+
+
+Restarting Dovecot service is required.
+Enable quota status check in Postfix
+Open Postfix config file /etc/postfix/main.cf
(Linux/OpenBSD) or
+/usr/local/etc/postfix/main.cf
(FreeBSD), find parameter
+smtpd_recipient_restrictions
and append a new check_policy_service
setting
+at the end like below:
+smtpd_recipient_restrictions =
+ ...
+ check_policy_service inet:127.0.0.1:12340
+
+
Restarting Postfix service is required.