From 84aca58146591ebc747b6e899133208ef46792a5 Mon Sep 17 00:00:00 2001 From: Zhang Huangbin Date: Wed, 17 Sep 2014 08:59:10 +0800 Subject: [PATCH] Add converted HTML files. --- convert.sh | 2 +- .../migrate.to.new.iredmail.server.html | 122 ++++++++++++++++++ html/faq-howto/_summary.html | 10 ++ html/faq-howto/amavisd.no.x-spam.headers.html | 22 ++++ ...y.disable.amavisd.clamav.spamassassin.html | 51 ++++++++ ...pam.virus.scanning.for.outgoing.mails.html | 32 +++++ ...to.configure.thunderbird.for.iredmail.html | 56 ++++++++ .../faq-howto/howto.enable.smtps.service.html | 58 +++++++++ html/index.html | 21 +++ html/index.md | 9 ++ 10 files changed, 382 insertions(+), 1 deletion(-) create mode 100644 html/backup-restore/migrate.to.new.iredmail.server.html create mode 100644 html/faq-howto/_summary.html create mode 100644 html/faq-howto/amavisd.no.x-spam.headers.html create mode 100644 html/faq-howto/completely.disable.amavisd.clamav.spamassassin.html create mode 100644 html/faq-howto/disable.spam.virus.scanning.for.outgoing.mails.html create mode 100644 html/faq-howto/howto.configure.thunderbird.for.iredmail.html create mode 100644 html/faq-howto/howto.enable.smtps.service.html create mode 100644 html/index.html create mode 100644 html/index.md diff --git a/convert.sh b/convert.sh index eb7c18b8..7ec751fb 100644 --- a/convert.sh +++ b/convert.sh @@ -92,4 +92,4 @@ cd ${OUTPUT_DIR} python ../tools/markdown2html.py ${INDEX_MD} ${OUTPUT_DIR} css='../css/markdown.css' # Cleanup -rm -f ${INDEX_MD} +#rm -f ${INDEX_MD} diff --git a/html/backup-restore/migrate.to.new.iredmail.server.html b/html/backup-restore/migrate.to.new.iredmail.server.html new file mode 100644 index 00000000..cd09fd3b --- /dev/null +++ b/html/backup-restore/migrate.to.new.iredmail.server.html @@ -0,0 +1,122 @@ + + + + + + + + +

+

How to migrate old iRedMail server to the latest stable release

+

WARNING: Please try it on a test server first. if it works well, then try it on product server.

+

Since new iRedMail server will install same components as old server, you can choose what data you want to migrate. Most important data are:

+ +

WARNING: Do not restore database mysql exported from old server, it contains SQL usernames/passwords for Roundcube/Amavisd/Policyd/Cluebringer used on old server. New iRedMail server has the same SQL usernames, but different passwords. So please do not restore it.

+

Client settings (Outlook, Thunderbird)

+

Since iRedMail-0.8.7, iRedMail enforces secure POP3/IMAP/SMTP connections. +Mail client programs must issue 'STARTTLS' command before authentication, +so please update your mail client programs you must change your mail client +programs (e.g. Outlook, Thunderbird) to use TLS connection.

+ +

Addition notes:

+ +

LDAP: migrate mail accounts

+

Steps to migrate LDAP mail accounts:

+ +

Normally, LDAP data can be exported into LDIF format. Here's backup/export script: http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Backup

+

Note: + There might be some changes in LDAP schema, please find scripts in below URL to apply all required changes: https://bitbucket.org/zhb/iredmail/src/default/extra/update/ + You can find all upgrade tutorials of iRedMail here: http://www.iredmail.org/doc.html#upgrade_tutorial

+

MySQL/PostgreSQL: Migrate mail accounts

+

All mail accounts are stored in database vmail by default, to migrate mail +accounts, you can simply export this database on old server, then import it +on new server.

+

IMPORTANT NOTE: iRedMail-0.8.7 drops several SQL columns, so before you +import backup SQL database, please add them first. It's safe to drop them +after you imported old database on new server.

+
mysql> USE vmail;
+
+mysql> ALTER TABLE mailbox ADD COLUMN bytes BIGINT(20) NOT NULL DEFAULT 0;
+mysql> ALTER TABLE mailbox ADD COLUMN messages BIGINT(20) NOT NULL DEFAULT 0;
+
+mysql> ALTER TABLE domain ADD COLUMN defaultlanguage VARCHAR(5) NOT NULL DEFAULT 'en_US';
+mysql> ALTER TABLE domain ADD COLUMN defaultuserquota BIGINT(20) NOT NULL DEFAULT '1024';
+mysql> ALTER TABLE domain ADD COLUMN defaultuseraliases TEXT;
+mysql> ALTER TABLE domain ADD COLUMN disableddomainprofiles VARCHAR(255) NOT NULL DEFAULT '';
+mysql> ALTER TABLE domain ADD COLUMN disableduserprofiles VARCHAR(255) NOT NULL DEFAULT '';
+mysql> ALTER TABLE domain ADD COLUMN defaultpasswordscheme VARCHAR(10) NOT NULL DEFAULT '';
+mysql> ALTER TABLE domain ADD COLUMN minpasswordlength INT(10) NOT NULL DEFAULT 0;
+mysql> ALTER TABLE domain ADD COLUMN maxpasswordlength INT(10) NOT NULL DEFAULT 0;
+
+mysql> ALTER TABLE alias ADD COLUMN islist TINYINT(1) NOT NULL DEFAULT 0;
+
+ +

After imported backup SQL databases, please execute below commands to mark +mail alias accounts and drop above newly created columns:

+
mysql> USE vmail;
+mysql> UPDATE alias SET islist=1 WHERE address NOT IN (SELECT username FROM mailbox);
+mysql> UPDATE alias SET islist=0 WHERE address=domain;    -- domain catch-all account
+
+-- Store values into new column: domain.settings and drop them
+mysql> UPDATE domain SET settings='';
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(defaultlanguage IS NULL OR defaultlanguage='', '', CONCAT('default_language:', defaultlanguage, ';')));
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(defaultuserquota IS NULL OR defaultuserquota=0, '', CONCAT('default_user_quota:', defaultuserquota, ';')));
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(defaultuseraliases IS NULL OR defaultuseraliases='', '', CONCAT('default_groups:', defaultuseraliases, ';')));
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(minpasswordlength IS NULL OR minpasswordlength=0, '', CONCAT('min_passwd_length:', minpasswordlength, ';')));
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(maxpasswordlength IS NULL OR maxpasswordlength=0, '', CONCAT('max_passwd_length:', maxpasswordlength, ';')));
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(disableddomainprofiles IS NULL OR disableddomainprofiles='', '', CONCAT('disabled_domain_profiles:', disableddomainprofiles, ';')));
+mysql> UPDATE domain SET settings=CONCAT(settings, IF(disableduserprofiles IS NULL OR disableduserprofiles='', '', CONCAT('disabled_user_profiles:', disableduserprofiles, ';')));
+
+mysql> ALTER TABLE domain DROP defaultlanguage;
+mysql> ALTER TABLE domain DROP defaultuserquota;
+mysql> ALTER TABLE domain DROP defaultuseraliases;
+mysql> ALTER TABLE domain DROP minpasswordlength;
+mysql> ALTER TABLE domain DROP maxpasswordlength;
+mysql> ALTER TABLE domain DROP disableddomainprofiles;
+mysql> ALTER TABLE domain DROP disableduserprofiles;
+
+ +

IMPORTANT NOTE: There might be some changes in SQL structure, please read +all upgrade tutorials for your current iRedMail release, then apply SQL +structure related changes. For example: +http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.7.4-0.8.0#Add_internal_service_required_by_Doveadm_2

+

Migrate mailboxes (Maildir format)

+ +

WARNING: please make sure maildir path stored in SQL/LDAP matches the mailbox +path on file system, so that mail clients can find imported emails.

+

Migrate Roundcube webmail data

+ \ No newline at end of file diff --git a/html/faq-howto/_summary.html b/html/faq-howto/_summary.html new file mode 100644 index 00000000..f07dde3b --- /dev/null +++ b/html/faq-howto/_summary.html @@ -0,0 +1,10 @@ + + + + + + + + +

+

This is most frequently asked questions.

\ No newline at end of file diff --git a/html/faq-howto/amavisd.no.x-spam.headers.html b/html/faq-howto/amavisd.no.x-spam.headers.html new file mode 100644 index 00000000..4115ae5c --- /dev/null +++ b/html/faq-howto/amavisd.no.x-spam.headers.html @@ -0,0 +1,22 @@ + + + + + + + + +

+

Amavisd + SpamAssassin not working, no mail header (X-Spam-*) inserted.

+

Amavisd has below setting in its config file /etc/amavisd/amavisd.conf by default:

+
$sa_tag_level_deflt  = 2.0;
+
+

That means Amavisd will insert X-Spam-Flag and other X-Spam-* headers when email score >= 2.0. If you want to let Amavisd always insert these headers, you can set it to a low score, for example:

+
$sa_tag_level_deflt  = -999;
+
+

Amavisd's main config file is different on different Linux/BSD distributions:

+ \ No newline at end of file diff --git a/html/faq-howto/completely.disable.amavisd.clamav.spamassassin.html b/html/faq-howto/completely.disable.amavisd.clamav.spamassassin.html new file mode 100644 index 00000000..2a3f2f28 --- /dev/null +++ b/html/faq-howto/completely.disable.amavisd.clamav.spamassassin.html @@ -0,0 +1,51 @@ + + + + + + + + +

+

How to completely disable amavisd/ClamAV/SpamAssassin

+

In iRedMail, Amavisd provides below features:

+ +

Stop virus/spam scanning, keep DKIM signing/verification and Disclaimer

+

If you want to disable virus and spam scanning, but keep DKIM signing and disclaimer, please try this:

+ +
# @bypass_virus_checks_maps = (1);  # controls running of anti-virus code
+# @bypass_spam_checks_maps  = (1);  # controls running of anti-spam code
+
+ +

Uncomment above lines (removing "# " at the beginning of each line), and restart Amavisd service.

+

Completely disable all features

+

If you want to completely disable spam and virus scanning services, steps:

+ +
content_filter = smtp-amavis:[127.0.0.1]:10024
+receive_override_options = no_address_mappings
+
+ + +

Notes:

+ \ No newline at end of file diff --git a/html/faq-howto/disable.spam.virus.scanning.for.outgoing.mails.html b/html/faq-howto/disable.spam.virus.scanning.for.outgoing.mails.html new file mode 100644 index 00000000..a15dbf4e --- /dev/null +++ b/html/faq-howto/disable.spam.virus.scanning.for.outgoing.mails.html @@ -0,0 +1,32 @@ + + + + + + + + +

+

How to disable spam virus scanning for outgoing mails

+

To disable spam/virus scanning for outgoing mails, you can add bypass settings in Amavisd config file: /etc/amavisd/amavisd.conf (RHEL/CentOS/Scientific Linux) or /etc/amavis/conf.d/50-user (Debian/Ubuntu) or /usr/local/etc/amavisd.conf (FreeBSD).

+ +

These settings can be added in setting block $policy_bank{'MYUSERS'}:

+
$policy_bank{'MYUSERS'} = {
+    [...OMIT OTHER SETTINGS HERE...]
+
+    # don't perform spam/virus/header check.
+    bypass_spam_checks_maps => [1],
+    bypass_virus_checks_maps => [1],
+    bypass_header_checks_maps => [1],
+
+    # allow sending any file names and types
+    bypass_banned_checks_maps => [1],
+}
+
+ +

Restarting Amavisd service is required after changing settings.

\ No newline at end of file diff --git a/html/faq-howto/howto.configure.thunderbird.for.iredmail.html b/html/faq-howto/howto.configure.thunderbird.for.iredmail.html new file mode 100644 index 00000000..1d12ae34 --- /dev/null +++ b/html/faq-howto/howto.configure.thunderbird.for.iredmail.html @@ -0,0 +1,56 @@ + + + + + + + + +

+

Configure Thunderbird as mail client (IMAP, SMTP and global ldap address book)

+

iRedMail provides POP3S (POP3 over TLS), IMAPS (IMAP over TLS), SMTPS (SMTP over TLS) for receiving and sending emails by default.

+

Create new mail account

+

To create a new mail account with Thunderbird, please click menu: File -> New -> Mail Account.

+

Add your name, email address and password in this screen.

+

[[File:../images/thunderbird.new.mail.account.png]]

+

Click continue, it will detect IMAP and SMTP server automatically.

+

Note:

+ +

+

Configure Thunderbird as POP3 client

+

Warning: Make sure you're using full email address as username.

+

+

Configure Thunderbird as IMAP client

+

Warning: Make sure you're using full email address as username.

+

+

Configure Thunderbird to send mail via SMTP

+

Menu: Tools -> Account settings... -> Outgoing server (SMTP) -> Choose the server you're using.

+

Warning: Make sure you're using full email address as username.

+

+

Use OpenLDAP as Global LDAP Address Book

+

IMPORTANT NOTE: Thunderbird won't show contacts in LDAP address book directly, but it works when you starting typing email address in recipient field while composing email.

+

Here we take Thunderbird 5.0 for example. Steps:

+ +

That's all.

\ No newline at end of file diff --git a/html/faq-howto/howto.enable.smtps.service.html b/html/faq-howto/howto.enable.smtps.service.html new file mode 100644 index 00000000..feac9d0b --- /dev/null +++ b/html/faq-howto/howto.enable.smtps.service.html @@ -0,0 +1,58 @@ + + + + + + + + +

+

How to enable SMTPS service (SMTP over SSL, port 465)

+

Why iRedMail doesn't enable SMTPS (SMTP over SSL) by default

+

SMTPS is deprecated, so iRedMail disable it by default. +Quote from wikipedia.org: http://en.wikipedia.org/wiki/SMTPS

+
+

Originally, in early 1997, the Internet Assigned Numbers Authority registered 465 for SMTPS. By the end of 1998, this was revoked when STARTTLS has been specified. With STARTTLS, the same port can be used with or without TLS. SMTP was seen as particularly important, because clients of this protocol are often other mail servers, which can not know whether a server they wish to communicate with will have a separate port for TLS. The port 465 is now registered for Source-Specific Multicast audio and video.

+
+

Why enable SMTPS since it's depreciated

+

Unfortunately, there're some popular mail clients don't support submission (SMTP over STARTTLS, port 587), the famous one is Microsoft Outlook. Quote from wikipedia.org:

+
+

Even in 2013, there are still services that continue to offer the deprecated SMTPS interface on port 465 in addition to (or instead of!) the RFC-compliant message submission interface on the port 587 defined by RFC 6409. Service providers that maintain port 465 do so because older Microsoft applications (including Entourage v10.0) do not support STARTTLS, and thus not the smtp-submission standard (ESMTPS on port 587). The only way for service providers to offer those clients an encrypted connection is to maintain port 465.

+
+

How to enable SMTPS

+

To enable SMTPS, you should configure Postfix to listen on port 465 first, then open port 465 in iptables.

+

Please find below lines in Postfix config file /etc/postfix/master.cf (Linux/OpenBSD) or /usr/local/etc/postfix/master.cf (FreeBSD):

+
#smtps     inet  n       -       n       -       -       smtpd
+#  -o smtpd_tls_wrappermode=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+
+

Uncomment first 4 lines, but leave the last one commented out (because iRedMail doesn't use Postfix milter at all):

+
smtps     inet  n       -       n       -       -       smtpd
+  -o smtpd_tls_wrappermode=yes
+  -o smtpd_sasl_auth_enable=yes
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+
+

Restart Postfix service to enable SMTPS.

+

Open port 465 in iptables

+

On RHEL/CentOS, please update iptables rule file /etc/sysconfig/iptables, add one rule (third line in below code) for port 465, then restart iptables service.

+
# File: /etc/sysconfig/iptables
+-A INPUT -p tcp --dport 25 -j ACCEPT
+-A INPUT -p tcp --dport 587 -j ACCEPT
+-A INPUT -p tcp --dport 465 -j ACCEPT
+
+

On Debian/Ubuntu, if you use iptables rule file provided by iRedMail, please update /etc/default/iptables, add one rule (third line in below code) for port 465, then restart iptables service.

+
File: /etc/sysconfig/iptables
+-A INPUT -p tcp --dport 25 -j ACCEPT
+-A INPUT -p tcp --dport 587 -j ACCEPT
+-A INPUT -p tcp --dport 465 -j ACCEPT
+
+

On OpenBSD, please append service 'smtps' in /etc/pf.conf, parameter mail_services=:

+
File: /etc/pf.conf
+mail_services="{www, https, submission, imap, imaps, pop3, pop3s, ssh, smtps}"
+
+

Reload PF rule file:

+
# pfctl -f /etc/pf.conf
+
\ No newline at end of file diff --git a/html/index.html b/html/index.html new file mode 100644 index 00000000..762ad52c --- /dev/null +++ b/html/index.html @@ -0,0 +1,21 @@ + + + + + + + + +

+

Frequently Asked Questions and Howto documents

+ +

Backup and Restore

+ \ No newline at end of file diff --git a/html/index.md b/html/index.md new file mode 100644 index 00000000..b96aaea7 --- /dev/null +++ b/html/index.md @@ -0,0 +1,9 @@ + +# [Frequently Asked Questions and Howto documents](/Users/zhb/projects/docs/html/faq-howto/_summary.html) +* [ Amavisd + SpamAssassin not working, no mail header (X-Spam-*) inserted.](/Users/zhb/projects/docs/html/faq-howto/amavisd.no.x-spam.headers.html) +* [ How to completely disable amavisd/ClamAV/SpamAssassin](/Users/zhb/projects/docs/html/faq-howto/completely.disable.amavisd.clamav.spamassassin.html) +* [ How to disable spam virus scanning for outgoing mails](/Users/zhb/projects/docs/html/faq-howto/disable.spam.virus.scanning.for.outgoing.mails.html) +* [Configure Thunderbird as mail client (IMAP, SMTP and global ldap address book)](/Users/zhb/projects/docs/html/faq-howto/howto.configure.thunderbird.for.iredmail.html) +* [ How to enable SMTPS service (SMTP over SSL, port 465)](/Users/zhb/projects/docs/html/faq-howto/howto.enable.smtps.service.html) +# [Backup and Restore](/Users/zhb/projects/docs/html/backup-restore/_summary.html) +* [How to migrate old iRedMail server to the latest stable release](/Users/zhb/projects/docs/html/backup-restore/migrate.to.new.iredmail.server.html)