Sync release notes of iRedMail Easy.
This commit is contained in:
parent
de396d7b25
commit
7b9ba8e807
|
@ -2,7 +2,85 @@
|
||||||
|
|
||||||
[TOC]
|
[TOC]
|
||||||
|
|
||||||
## Version: 2019090601 (Sep 06, 2019) {: id=20190906 class="release" }
|
## Version: 2019102201 (Oct 22, 2019) {: id=20191022 class="release" }
|
||||||
|
|
||||||
|
* OpenLDAP:
|
||||||
|
- Remove 2 unused LDAP schema files: `calentry.schema`, `calresource.schema`.
|
||||||
|
|
||||||
|
* Postfix:
|
||||||
|
- Fixed incorrect CA file on OpenBSD.
|
||||||
|
- Add `LIMIT 1` in SQL queries for better performance.
|
||||||
|
|
||||||
|
* Dovecot:
|
||||||
|
- Log ssl protocol and cipher information for login session.
|
||||||
|
e.g. "TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)"
|
||||||
|
|
||||||
|
* Firewall:
|
||||||
|
- Fixed: not filter IPv4/IPv6 addresses while generating iptables rules.
|
||||||
|
- Fixed: not enable ipv6-icmp in firewall.
|
||||||
|
|
||||||
|
* Nginx:
|
||||||
|
- Make sure Apache/Lighttpd service is not enabled, otherwise Nginx may
|
||||||
|
not be able to start due to 80/443 ports are used by them.
|
||||||
|
|
||||||
|
* AntiSpam:
|
||||||
|
- OpenDMARC is disabled due to internal bug which caused incorrect
|
||||||
|
email rejection. Bug reported to upstream:
|
||||||
|
https://github.com/trusteddomainproject/OpenDMARC/issues/50
|
||||||
|
|
||||||
|
It's recommended to disable DMARC check to avoid incorrect rejections.
|
||||||
|
We don't expect it will be fixed in upstream soon, so DMARC check will
|
||||||
|
be disabled for new deployments and further upgrades.
|
||||||
|
|
||||||
|
To disable DMARC check, please follow steps below:
|
||||||
|
|
||||||
|
- Login to iRedMail Easy web portal: https://easy.iredmail.org/
|
||||||
|
- Go to mail server profile page
|
||||||
|
- Click tab `Settings`
|
||||||
|
- Find section `Anti Spam/Virus`, make sure option `Disable DMARC` is
|
||||||
|
checked.
|
||||||
|
- Save your change. Then click the button `Apply changed settings` to
|
||||||
|
apply the changes.
|
||||||
|
|
||||||
|
NOTE: OpenDMARC and DMARC check will be removed in next release due to
|
||||||
|
this unacceptable bug.
|
||||||
|
|
||||||
|
* autodiscover:
|
||||||
|
- Fixed the `Undefined offset` php error.
|
||||||
|
- Log the schema data sent by remote MUA, also the settings sent to MUA.
|
||||||
|
- Log file is now `/var/log/autoconfig/autoconfig.log`.
|
||||||
|
|
||||||
|
* netdata:
|
||||||
|
- If component `Nginx` was not chosen, netdata is inaccessible although
|
||||||
|
Nginx is actually deployed as dependent component.
|
||||||
|
- Move http auth file to `/opt/iredmail/custom/netdata/`.
|
||||||
|
|
||||||
|
Since netdata-1.17.0, netdata sets permission of directory
|
||||||
|
`/opt/netdata/etc/netdata/` to 0700, this causes Nginx can not read
|
||||||
|
the http auth file.
|
||||||
|
|
||||||
|
* Backup scripts:
|
||||||
|
- It now removes old empty backup directories.
|
||||||
|
|
||||||
|
* Changes to iRedMail Easy platform:
|
||||||
|
- Not add `priority` parameter in iRedMail yum repo. (CentOS 7 only)
|
||||||
|
- Able to whitelist IP or CIDR newtorks in fail2ban.
|
||||||
|
- Do not forward systemd journald log to syslog.
|
||||||
|
- Run shell script `/opt/iredmail/custom/openldap/custom.sh` while
|
||||||
|
deploying or upgrading OpenLDAP. You can write shell commands in this
|
||||||
|
file to update other config files for advanced customization. for
|
||||||
|
example, updating `/etc/sysconfig/slapd` (CentOS) or
|
||||||
|
`/etc/ldap/slapd` (Debian/Ubuntu) to make OpenLDAP listening on all
|
||||||
|
available network interfaces and IP addresses.
|
||||||
|
- Add Fail2ban related info in `/root/iRedMail/iRedMail.tips`.
|
||||||
|
- Make sure no SysV script and rule files for 'iptables' service on
|
||||||
|
Debian 10.
|
||||||
|
|
||||||
|
* Package updates:
|
||||||
|
- netdata -> 1.18.1
|
||||||
|
- iredapd -> 3.2
|
||||||
|
|
||||||
|
## Version: 2019090601 (Sep 06, 2019) {: id=20190906 class="old_release" }
|
||||||
|
|
||||||
* Postfix:
|
* Postfix:
|
||||||
- Sign DKIM signature for locally generated emails, like auto-reply (a.k.a
|
- Sign DKIM signature for locally generated emails, like auto-reply (a.k.a
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
<div class="toc">
|
<div class="toc">
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="#iredmail-easy-release-notes">iRedMail Easy: Release Notes</a><ul>
|
<li><a href="#iredmail-easy-release-notes">iRedMail Easy: Release Notes</a><ul>
|
||||||
|
<li><a href="#20191022">Version: 2019102201 (Oct 22, 2019)</a></li>
|
||||||
<li><a href="#20190906">Version: 2019090601 (Sep 06, 2019)</a></li>
|
<li><a href="#20190906">Version: 2019090601 (Sep 06, 2019)</a></li>
|
||||||
<li><a href="#20190802">Version: 2019080201 (Aug 02, 2019)</a></li>
|
<li><a href="#20190802">Version: 2019080201 (Aug 02, 2019)</a></li>
|
||||||
<li><a href="#20190801">Version: 2019080101 (Aug 01, 2019)</a></li>
|
<li><a href="#20190801">Version: 2019080101 (Aug 01, 2019)</a></li>
|
||||||
|
@ -36,7 +37,120 @@
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
<h2 class="release" id="20190906">Version: 2019090601 (Sep 06, 2019)</h2>
|
<h2 class="release" id="20191022">Version: 2019102201 (Oct 22, 2019)</h2>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>OpenLDAP:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Remove 2 unused LDAP schema files: <code>calentry.schema</code>, <code>calresource.schema</code>.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Postfix:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Fixed incorrect CA file on OpenBSD.</li>
|
||||||
|
<li>Add <code>LIMIT 1</code> in SQL queries for better performance.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Dovecot:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Log ssl protocol and cipher information for login session.
|
||||||
|
e.g. "TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)"</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Firewall:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Fixed: not filter IPv4/IPv6 addresses while generating iptables rules.</li>
|
||||||
|
<li>Fixed: not enable ipv6-icmp in firewall.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Nginx:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Make sure Apache/Lighttpd service is not enabled, otherwise Nginx may
|
||||||
|
not be able to start due to 80/443 ports are used by them.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>AntiSpam:</p>
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<p>OpenDMARC is disabled due to internal bug which caused incorrect
|
||||||
|
email rejection. Bug reported to upstream:
|
||||||
|
https://github.com/trusteddomainproject/OpenDMARC/issues/50</p>
|
||||||
|
<p>It's recommended to disable DMARC check to avoid incorrect rejections.
|
||||||
|
We don't expect it will be fixed in upstream soon, so DMARC check will
|
||||||
|
be disabled for new deployments and further upgrades.</p>
|
||||||
|
<p>To disable DMARC check, please follow steps below:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Login to iRedMail Easy web portal: https://easy.iredmail.org/</li>
|
||||||
|
<li>Go to mail server profile page</li>
|
||||||
|
<li>Click tab <code>Settings</code></li>
|
||||||
|
<li>Find section <code>Anti Spam/Virus</code>, make sure option <code>Disable DMARC</code> is
|
||||||
|
checked.</li>
|
||||||
|
<li>Save your change. Then click the button <code>Apply changed settings</code> to
|
||||||
|
apply the changes.</li>
|
||||||
|
</ul>
|
||||||
|
<p>NOTE: OpenDMARC and DMARC check will be removed in next release due to
|
||||||
|
this unacceptable bug.</p>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>autodiscover:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Fixed the <code>Undefined offset</code> php error.</li>
|
||||||
|
<li>Log the schema data sent by remote MUA, also the settings sent to MUA.</li>
|
||||||
|
<li>Log file is now <code>/var/log/autoconfig/autoconfig.log</code>.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>netdata:</p>
|
||||||
|
<ul>
|
||||||
|
<li>If component <code>Nginx</code> was not chosen, netdata is inaccessible although
|
||||||
|
Nginx is actually deployed as dependent component.</li>
|
||||||
|
<li>
|
||||||
|
<p>Move http auth file to <code>/opt/iredmail/custom/netdata/</code>.</p>
|
||||||
|
<p>Since netdata-1.17.0, netdata sets permission of directory
|
||||||
|
<code>/opt/netdata/etc/netdata/</code> to 0700, this causes Nginx can not read
|
||||||
|
the http auth file.</p>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Backup scripts:</p>
|
||||||
|
<ul>
|
||||||
|
<li>It now removes old empty backup directories.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Changes to iRedMail Easy platform:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Not add <code>priority</code> parameter in iRedMail yum repo. (CentOS 7 only)</li>
|
||||||
|
<li>Able to whitelist IP or CIDR newtorks in fail2ban.</li>
|
||||||
|
<li>Do not forward systemd journald log to syslog.</li>
|
||||||
|
<li>Run shell script <code>/opt/iredmail/custom/openldap/custom.sh</code> while
|
||||||
|
deploying or upgrading OpenLDAP. You can write shell commands in this
|
||||||
|
file to update other config files for advanced customization. for
|
||||||
|
example, updating <code>/etc/sysconfig/slapd</code> (CentOS) or
|
||||||
|
<code>/etc/ldap/slapd</code> (Debian/Ubuntu) to make OpenLDAP listening on all
|
||||||
|
available network interfaces and IP addresses.</li>
|
||||||
|
<li>Add Fail2ban related info in <code>/root/iRedMail/iRedMail.tips</code>.</li>
|
||||||
|
<li>Make sure no SysV script and rule files for 'iptables' service on
|
||||||
|
Debian 10.</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
<li>
|
||||||
|
<p>Package updates:</p>
|
||||||
|
<ul>
|
||||||
|
<li>netdata -> 1.18.1</li>
|
||||||
|
<li>iredapd -> 3.2</li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
<h2 class="old_release" id="20190906">Version: 2019090601 (Sep 06, 2019)</h2>
|
||||||
<ul>
|
<ul>
|
||||||
<li>
|
<li>
|
||||||
<p>Postfix:</p>
|
<p>Postfix:</p>
|
||||||
|
|
Loading…
Reference in New Issue