diff --git a/convert.py b/convert.py new file mode 100644 index 00000000..2034fa2c --- /dev/null +++ b/convert.py @@ -0,0 +1,49 @@ +#!/usr/bin/env python3 + +from pathlib import Path + + +OUTPUT_DIR = 'html' +CHAPTERS = ( + 'overview', + 'installation', + 'mua', + 'upgrade', + 'iredmail-easy', + 'migrations', + 'howto', + 'integrations', + 'cluster', + 'iredadmin', + 'troubleshooting', + 'faq') + + +def _get_dir_languages(path): + FILE_NAME = '_lang.md' + + languages = {} + directories = [p for p in Path(path).iterdir() if p.is_dir()] + for d in directories: + path_name = d / FILE_NAME + if path_name.exists(): + languages[d.name.lower()] = { + 'path': d, + 'name': path_name.read_text(encoding='utf-8').strip() + } + + return languages + + +def main(): + current_dir = Path(__file__).parent + output_dir = current_dir / OUTPUT_DIR + + languages = _get_dir_languages(current_dir) + en = languages.pop('en_us') + + return + + +if __name__ == '__main__': + main() diff --git a/convert.sh b/convert.sh index e7b2a747..25957056 100755 --- a/convert.sh +++ b/convert.sh @@ -30,7 +30,7 @@ strip_name_prefix() } # Available translations -export all_languages='en_US it_IT lv_LV zh_CN' +export all_languages='en_US it_IT zh_CN es_MX' # Chapter directories in specified order export all_chapter_dirs="overview \ diff --git a/es_MX/overview/0-network.ports.md b/es_MX/overview/0-network.ports.md new file mode 100644 index 00000000..f6f032db --- /dev/null +++ b/es_MX/overview/0-network.ports.md @@ -0,0 +1,42 @@ +# Qué puertos de red deben estar abiertos para iRedMail + +Puerto | Servicio | Software | Comentario | ¿Permitir el acceso público? +--- |--- |--- |--- |--- +25 | smtp | Postfix | Used for communication betweem mail servers. __WARNING__: This port __MUST__ be open, otherwise you cannot receive email sent by other mail servers. | __YES (REQUIRED)__{: .red } +587 | submission | Postfix | SMTP over TLS. Used by end users to send/submit email. | YES (open to your end users) +110 | pop3 | Dovecot | Used by end users to retrieve emails via POP3 protocol, secure connection over STARTTLS is enforced by default. | YES (open to your end users) +995 | pop3s | Dovecot | Used by end users to retrieve emails via POP3 protocol over SSL. | YES (open to your end users) +143 | imap |Dovecot | Used by end users to retrieve emails via IMAP protocol, secure connection over STARTTLS is enforced by default. | YES (open to your end users) +993 | imaps | Dovecot | Used by end users to retrieve emails via IMAP protocol over SSL. | YES (open to your end users) +24 | lmtp | Dovecot | Used to deliver email to local mailboxes via LMTP protocol. | NO (listen on `127.0.0.1` by default) +4190 | managesieve | Dovecot | Sieve service used by end users to manage mail filters. Note: in old iRedMail releases, it's port 2000 (deprecated and not even listed in `/etc/services` file). | NO (disabled by default and users are forced to manage mail filters with webmail) +80 | http | Apache/Nginx | Web service. Redirect to https by default. | YES (open to your webmail users) +443 | https | Apache/Nginx | Web service over over SSL, secure connection. | YES (open to your webmail and ActiveSync users) +3306 | mysql | MySQL/MariaDB | MySQL/MariaDB database service | NO (listen on `127.0.0.1` by default) +5432 | postgresql | PostgreSQL | PostgreSQL database service | NO (listen on `127.0.0.1` by default) +389 | ldap | OpenLDAP (or OpenBSD ldapd) | LDAP service, STARTTLS is available for secure connection. | NO (listen on `127.0.0.1` by default) +636 |ldaps | OpenLDAP (or OpenBSD ldapd) | LDAP service over SSL. Deprecated, port 389 with STARTTLS is recommended. | NO (Not enabled by default) +10024 | | Amavisd-new | Used to scan inbound messages, includes spam/virus scanning, DKIM verification, applying spam policy. | NO (listen on `127.0.0.1` by default) +10025 | smtp | Postfix | Used by Amavisd to inject scanned emails back to Postfix queue. | NO (listen on `127.0.0.1` by default) +10026 | | Amavisd-new | Used to scan outbound messages, includes spam/virus scanning, DKIM signing, applying spam policy. | NO (listen on `127.0.0.1` by default) +10027 | | Amavisd-new | Used by mlmmj mailing list manager, it bypasses spam/virus/header/banned checks by default, but have DKIM signing enabled. | NO (listen on `127.0.0.1` by default) +10028 | | Postfix | Used by Amavisd-new to handle email message sent by mlmmj mailing list manager. Introduced in iRedMail-0.9.9. | NO (listen on `127.0.0.1` by default) +9998 | | Amavisd-new | Used to manage quarantined emails. | NO (listen on `127.0.0.1` by default) +7777 | | iRedAPD | Postfix policy service for greylisting, whitelisting, blacklists, throttling, etc | NO (listen on `127.0.0.1` by default) +7778 | | iRedAPD | [SRS](https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) sender address rewritting. | NO (listen on `127.0.0.1` by default) +7779 | | iRedAPD | [SRS](https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme) recipient address rewritting. | NO (listen on `127.0.0.1` by default) +7790 | http | mlmmjadmin | RESTful API server used to manage mlmmj mailing lists. Introduced in iRedMail-0.9.8. | NO (listen on `127.0.0.1` by default) +7791 | http | iredadmin | iRedAdmin (standalone uwsgi instance). Introduced in iRedMail-0.9.9. | NO (listen on `127.0.0.1` by default) +20000 | | SOGo | SOGo groupware | NO (listen on `127.0.0.1` by default) +11211 | | Memcached | A distributed, high performance memory object caching system. Currently used by only SOGo Groupware. | NO (listen on `127.0.0.1` by default) +12340 | | Dovecot | Dovecot quota status. Introduced in iRedMail-1.0. | NO (listen on `127.0.0.1` by default) +24242 | | Dovecot | Dovecot service status. Introduced in iRedMail-0.9.8. | NO (listen on `127.0.0.1` by default) +19999 | | Netdata | Netdata monitor. Introduced in iRedMail-0.9.8. | NO (listen on `127.0.0.1` by default) + +!!! Nota: + + * En iRedMail-0.9.2 y versiones anteriores, Policyd o Cluebringer escuchan el + puerto 10031. Han sido eliminados en iRedMail-0.9.3, y reemplazados por + iRedAPD. + * El puerto 465, para por ejemplo SMTP sobre SSL, ha sido depreciado por años. + Por favor, use el puerto 587. diff --git a/es_MX/overview/0-used.components.md b/es_MX/overview/0-used.components.md new file mode 100644 index 00000000..e3f0d201 --- /dev/null +++ b/es_MX/overview/0-used.components.md @@ -0,0 +1,38 @@ +# Major open source softwares used in iRedMail + +[TOC] + +## Used Components + +Name | Comment +--- |--- +[Postfix](http://www.postfix.org) | Mail Transfer Agent (MTA) +[Dovecot](http://www.dovecot.org) | POP3, IMAP and Managesieve server +[Nginx](http://www.nginx.org), [Nginx](http://nginx.org) | Web server +[OpenLDAP](http://www.openldap.org), [ldapd(8)](http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldapd.8?query=ldapd&arch=i386) | LDAP server, used for storing mail accounts (optional) +[MySQL](http://www.mysql.com), [MariaDB](https://mariadb.org), [PostgreSQL](http://www.postgresql.org) | SQL server used to store application data. Could be used to store mail accounts too. +[mlmmj](http://mlmmj.org) | Mailing list manager. Shipped in iRedMail-0.9.8 and later releases. +[Amavisd-new](http://www.amavis.org) | Interface between Postfix and SpamAssassin, ClamAV. +[SpamAssassin](http://spamassassin.apache.org) | Content-based spam scanner +[ClamAV](http://www.clamav.net/) | Virus scanner +[Roundcube webmail](http://roundcube.net) | Webmail (PHP) +[SOGo Groupware](http://sogo.nu) | A groupware which provides calendar (CalDAV), contact (CardDAV), tasks and ActiveSync services +[Fail2ban](http://www.fail2ban.org) | Scans log files and bans IPs that show the malicious signs +[iRedAPD](https://github.com/iredmail/iRedAPD/) | A simple postfix policy server developed by iRedMail team, with SRS (Sender Rewrite Scheme) support. + +## The Big Picture + +![](./images/big.picture.png) + +## Mail Flow of Inbound Emails + +![](./images/flow.inbound.png) + +## Mail Flow of Outbound Emails + +![](./images/flow.outbound.png) + +## See also + +* [Locations of configuration and log files of major components](./file.locations.html) +* [Which network ports are open by iRedMail](./network.ports.html) diff --git a/es_MX/overview/0-why.build.your.own.mail.server.md b/es_MX/overview/0-why.build.your.own.mail.server.md new file mode 100644 index 00000000..5b940805 --- /dev/null +++ b/es_MX/overview/0-why.build.your.own.mail.server.md @@ -0,0 +1,37 @@ +# Why build your own mail server instead of outsourcing to external entities + +Quote from [Spamhaus news article](http://www.spamhaus.org/news/article/719/a-survival-guide-for-the-small-mail-server): + +> outsourcing (the mail service) does not come without costs, even when the +> outsourced service appears to be "free". Hidden costs include: +> +> * Another organization can see the content of all messages. In some cases, +> the contents of messages are stored on the outsourcing company's servers +> indefinitely. External access to unencrypted emails poses privacy and +> confidentiality issues. Furthermore, the outsourcing company may be located +> in another country and be subjected to different regulations and obligations. +> +> * In some cases, the outsourcing company's terms and conditions allow it to +> search the content of emails to aid in targeting advertising, which poses +> even greater privacy and confidentiality problems. +> +> * The organization no longer has control of its own email security. +> Server-based encryption and authentication is managed by the outsourcing +> company, requiring end-to-end encryption for sensitive communications. +> +> * Large companies with many customers are often a target of cybercrime +> attacks aimed at stealing customer data, and some of these attacks have +> succeeded. +> +> * Inspection of SMTP transaction logs may be impossible for the end user. +> Troubleshooting failed deliveries and other email problems requires +> interacting with an external support desk. Support desks are sometimes +> slow to respond. First-line support, in particular, might lack the +> training and access to fix any but simple problems, requiring escalation +> and further delays. +> +> * Sharing a mail server with other organizations can cause delivery issues +> when a user at another organization sends spam through that mail server. +> When the outsourcing company fails to detect and block spam, or is slow to +> terminate service to spammers, the likelihood of problems increases +> substantially. diff --git a/es_MX/overview/_summary.md b/es_MX/overview/_summary.md new file mode 100644 index 00000000..d62fd232 --- /dev/null +++ b/es_MX/overview/_summary.md @@ -0,0 +1,3 @@ +* [Por qué construir su propio servidor de correo en lugar de subcontratar un servicio](./why.build.your.own.mail.server.html) +* [Principal softwar libre utilizado en iRedMail, y el flujo general del correo](./used.components.html) +* [Qué puertos de red abre iRedMail](./network.ports.html) diff --git a/es_MX/overview/_title.md b/es_MX/overview/_title.md new file mode 100644 index 00000000..ef7c4ec5 --- /dev/null +++ b/es_MX/overview/_title.md @@ -0,0 +1 @@ +Visión General {: #overview } diff --git a/html/active.directory.html b/html/active.directory.html index 18725927..31479eba 100644 --- a/html/active.directory.html +++ b/html/active.directory.html @@ -132,17 +132,15 @@ same account vmail in AD, with strong and complex password.

Make sure this newly created user is able to connect to AD server with below command on iRedMail server:

-
# ldapsearch -x -h ad.example.com -D 'vmail' -W -b 'cn=users,dc=example,dc=com'
+
# ldapsearch -x -h ad.example.com -D 'vmail' -W -b 'cn=users,dc=example,dc=com'
 Enter password: password_of_vmail
 

-
 
If it prints all users stored in AD server, then it's working as expected.

 
If you're using LDAPS, replace -h ad.example.com by
 -H ldaps://ad.example.com:636 instead:

-
# ldapsearch -x -H ldaps://ad.example.com:636 -D 'vmail' -W -b 'cn=users,dc=example,dc=com'
+
# ldapsearch -x -H ldaps://ad.example.com:636 -D 'vmail' -W -b 'cn=users,dc=example,dc=com'
 Enter password: password_of_vmail
 

-
 
If LDAPS doesn't work, you may need to update parameter TLS_CACERT in
 /etc/openldap/ldap.conf (RHEL/CentOS) or /etc/ldap/ldap.conf to use correct CA
 certificate. For example:

@@ -151,63 +149,53 @@ certificate. For example:

 
 
TLS_CACERT /etc/pki/tls/certs/ca-bundle.trust.crt
 

-
 
    
 
  • on Debian/Ubuntu, use /etc/ssl/certs/ca-certificates.crt:
    • 
 

 
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
 

-
 
Enable LDAP query with AD in Postfix

 
Disable unused iRedMail special settings:

-
postconf -e virtual_alias_maps=''
+
postconf -e virtual_alias_maps=''
 postconf -e sender_bcc_maps=''
 postconf -e recipient_bcc_maps=''
 postconf -e relay_domains=''
 postconf -e relay_recipient_maps=''
 postconf -e sender_dependent_relayhost_maps=''
 

-
 
Add your mail domain name in smtpd_sasl_local_domain and virtual_mailbox_domains:

-
postconf -e smtpd_sasl_local_domain='example.com'
+
postconf -e smtpd_sasl_local_domain='example.com'
 postconf -e virtual_mailbox_domains='example.com'
 

-
 
Change transport maps setting:

 
postconf -e transport_maps='hash:/etc/postfix/transport'
 

-
 
Enable AD query. Note: We will create these 3 files later.

 
    
 
  • Verify SMTP senders
    • 
 

-
postconf -e smtpd_sender_login_maps='proxy:ldap:/etc/postfix/ad_sender_login_maps.cf'
+
postconf -e smtpd_sender_login_maps='proxy:ldap:/etc/postfix/ad_sender_login_maps.cf'
 

-
 
    
 
  • Verify local mail users
    • 
 

-
postconf -e virtual_mailbox_maps='proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps.cf'
+
postconf -e virtual_mailbox_maps='proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps.cf'
 

-
 
    
 
  • Verify local mail lists/groups.
    • 
 

 
postconf -e virtual_alias_maps='proxy:ldap:/etc/postfix/ad_virtual_group_maps.cf'
 

-
 
    
 
  • Create/edit file: /etc/postfix/transport.
    • 
 

 
example.com dovecot
 

-
 
Note: the name dovecot used here is a Postfix transport defined in
 /etc/postfix/master.cf, used to deliver received emails to local user mailboxes.

 
Run postmap so that postfix can read it:

 
# postmap hash:/etc/postfix/transport
 

-
 
    
 
  • Create file: /etc/postfix/ad_sender_login_maps.cf:
    • 
 

@@ -224,7 +212,6 @@ query_filter    = (&(userPrincipalName=%s)(objectClass=person)(!(userAccount
 result_attribute= userPrincipalName
 debuglevel      = 0
 

-
 
    
 
  • Create file: /etc/postfix/ad_virtual_mailbox_maps.cf:
    • 
 

@@ -242,7 +229,6 @@ result_attribute= userPrincipalName
 result_format   = %d/%u/Maildir/
 debuglevel      = 0
 

-
 
Note: We hard-code user's mailbox path in result_format = parameter, it
 will be something like example.com/username/Maildir/.

 
    
@@ -263,7 +249,6 @@ leaf_result_attribute = mail
 result_attribute= userPrincipalName
 debuglevel      = 0
 

-
 
Notes:

 
    
 
  • If your user have email address in both mail and userPrincipalName, you
@@ -285,10 +270,9 @@ Before testing, we have to create two testing mail accounts first:
    
    user user@example.com as group member.
    • 
 
  • Query mail user account with below command:
    • 
 
-
    # postmap -q user@example.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf
+
    # postmap -q user@example.com ldap:/etc/postfix/ad_virtual_mailbox_maps.cf
 example.com/user/Maildir/
 
    
-
 
    If nothing returned by the command, it means LDAP query doesn't get expected
 result. Please set debuglevel = 1 file /etc/postfix/ad_virtual_mailbox_maps.cf,
 then query again, it now will print detailed debug message. If you're not
@@ -298,12 +282,10 @@ familiar with LDAP related info, please post the debug message in our
 
    # postmap -q user@example.com ldap:/etc/postfix/ad_sender_login_maps.cf
 user@example.com
 
    
-
 
    Verify mail group
    
 
    # postmap -q testgroup@example.com ldap:/etc/postfix/ad_virtual_group_maps.cf
 user@example.com
 
    
-
 
    NOTE: postmap return nothing if:
    
 
      
 
    1. mail group doesn't exist
      2. 
@@ -343,7 +325,6 @@ pass_attrs      = userPassword=password
 default_pass_scheme = CRYPT
 user_attrs      = =home=/var/vmail/vmail1/%Ld/%Ln/,=mail=maildir:~/Maildir/
 
    
-
 
    Restart dovecot service to make it work.
    
 
    
 
    Attention
    
@@ -373,7 +354,6 @@ number of gigabytes:
    
 
 ^]                                         # <- Quit telnet with "Ctrl+]", then type 'quit'.
 

-
 
Note: Do NOT miss the dot character before login command. if it returns
 Logged in, then dovecot + AD works.

 
Enable Active Directory integration in Roundcube webmail for Global LDAP Address Book

@@ -383,7 +363,7 @@ address book setting added by iRedMail, and add new setting for AD like below:on RHEL/CentOS/Debian/Ubuntu and OpenBSD: it's /opt/www/roundcubemail/config/config.inc.php
 
  • on FreeBSD: it's /usr/local/www/roundcubemail/config/config.inc.php
    • 
 
-
    #
+
    #
 # "sql" is personal address book stored in roundcube database.
 # "global_ldap_abook" is the new LDAP address book for AD, we will create it below.
 #
@@ -456,7 +436,6 @@ $config['ldap_public']["global_ldap_abook"] = array(
                                 // Directory setups
 );
 
    
-
 
    Enable Active Directory integration in SOGo Groupware
    
 
    Edit SOGo config file /etc/sogo/sogo.conf, comment out the LDAP address book
 setting added by iRedMail, and add new setting for AD like below:
    
@@ -542,7 +521,6 @@ setting added by iRedMail, and add new setting for AD like below:
    
         }
     );
 
    
-
 
    Additions documents
    
 
      
 
    • If your mail domain name is different than Windows Active Directory domain: https://forum.iredmail.org/topic3165-integration-with-windows-domain.html
      • 
diff --git a/html/additional.smtp.port-it_IT.html b/html/additional.smtp.port-it_IT.html
index 1be8e022..f943fa84 100644
--- a/html/additional.smtp.port-it_IT.html
+++ b/html/additional.smtp.port-it_IT.html
@@ -39,12 +39,10 @@
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_sasl_security_options=noanonymous
 
    
-
 
    2525 è il nuovo numero di porta per il servizio smtp. potete cambiarlo nel valore che preferite.
    
 
    Il riavvio del servizio Posfitx è necessario. Dopo il riavvio potete verificare se si sta ascoltando su questa nuova porta:
    
 
    netstat -ntlp | grep 2525
 
    
-
 
    Ora è il momento di aggiornare i vostri apparati di rete, affinché inviino la posta attraverso questo numero di porta, senza usare STARTTLS o SSL.
    
 
    
 
    Note
    
diff --git a/html/additional.smtp.port.html b/html/additional.smtp.port.html
index 7c9363c9..c9878f5e 100644
--- a/html/additional.smtp.port.html
+++ b/html/additional.smtp.port.html
@@ -48,7 +48,6 @@ in /etc/postfix/master.cf (on Linux/OpenBSD) or
   -o smtpd_tls_security_level=may
   -o smtpd_sender_restrictions=permit_sasl_authenticated,reject
    - 
    smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
    - -
    plugins = ['reject_sender_login_mismatch', ...]
+
    plugins = ['reject_sender_login_mismatch', ...]
 
    
-
 
-
    ALLOWED_LOGIN_MISMATCH_SENDERS = ['user1@here.com', 'user2@here.com']
+
    ALLOWED_LOGIN_MISMATCH_SENDERS = ['user1@here.com', 'user2@here.com']
 
    
-
 
    NOTA: Questo parametro non è presnete di default, aggiungilo manualmente.
 
    
 
    Riavvia il servizio iRedAPD. Questo è tutto.
    
diff --git a/html/allow.certain.users.to.send.email.as.different.user.html b/html/allow.certain.users.to.send.email.as.different.user.html
index f31fe4e6..693e62c6 100644
--- a/html/allow.certain.users.to.send.email.as.different.user.html
+++ b/html/allow.certain.users.to.send.email.as.different.user.html
@@ -38,22 +38,19 @@ below:
    
 
 
    smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
 
    
-
 
      
 
    • Enable plugin reject_sender_login_mismatch in iRedAPD config file
   /opt/iredapd/settings.py:
      • 
 
    
-
    plugins = ['reject_sender_login_mismatch', ...]
+
    plugins = ['reject_sender_login_mismatch', ...]
 
    
-
 
      
 
    • List senders who are allowed to send email as different users in iRedAPD
   config file /opt/iredapd/settings.py, in parameter
   ALLOWED_LOGIN_MISMATCH_SENDERS. For example:
      • 
 
    
-
    ALLOWED_LOGIN_MISMATCH_SENDERS = ['user1@here.com', 'user2@here.com']
+
    ALLOWED_LOGIN_MISMATCH_SENDERS = ['user1@here.com', 'user2@here.com']
 
    
-
 
    NOTE: this parameter does not present by default, please add it manually.
 
    
 
    Restart iRedAPD service. That's all.
    
diff --git a/html/allow.insecure.pop3.imap.smtp.connections-it_IT.html b/html/allow.insecure.pop3.imap.smtp.connections-it_IT.html
index 29fa6d15..644ac676 100644
--- a/html/allow.insecure.pop3.imap.smtp.connections-it_IT.html
+++ b/html/allow.insecure.pop3.imap.smtp.connections-it_IT.html
@@ -32,7 +32,6 @@
 
    Con la configurazione di default di iRedMail, tutti i client di posta sono forzati ad usare i servizi POP3/IMAP/SMTP over STARTTLS per ottenere connessioni sicure. Se il vostro client di posta tentasse l'accesso alla casella di posta con il protocollo POP3/IMAP/SMTP senza il support TLS, otterreste un messaggio di errore simile quello sottostante:
    
 
    Plaintext authentication disallowed on non-secure (SSL/TLS) connections
 
    
-
 
    Questo tutorial descrive come abilitare connessioni insicure per l'uso quotidiano.
    
 
    
 
    Note
    
@@ -47,13 +46,11 @@
 
    disable_plaintext_auth=no
 ssl=yes
 
    
-
 
    Nuovamente, è fortemente raccomandato di usare solo POP3S/IMAPS per una migliore sicurezza.
    
 
    La configurazione di default, e raccomandata, impostata da iRedMail è:
    
 
    disable_plaintext_auth=yes
 ssl=required
 
    
-
 
    Abilitare connessioni STMP insicure
    
 
    Commentate la riga sottostante nel file di configurazione di Postifx, /etc/postfix/main.cf e ricaricate o riavviate il servizio Postfix:
    
 
    smtpd_tls_auth_only=yes
diff --git a/html/allow.insecure.pop3.imap.smtp.connections.html b/html/allow.insecure.pop3.imap.smtp.connections.html
index 9bf00eda..bf643c29 100644
--- a/html/allow.insecure.pop3.imap.smtp.connections.html
+++ b/html/allow.insecure.pop3.imap.smtp.connections.html
@@ -35,7 +35,6 @@ try to access mailbox via protocol POP3/IMAP without TLS support, you will
 get error message like below:
    
 
    Plaintext authentication disallowed on non-secure (SSL/TLS) connections
 
    
-
 
    This tutorial describes how to allow insecure connection for daily use.
    
 
    
 
    Note
    
@@ -54,13 +53,11 @@ file /etc/dovecot/dovecot.conf and restart Dovecot service:
    
 
    disable_plaintext_auth=no
 ssl=yes
 
    
-
 
    Again, it's strongly recommended to use only POP3S/IMAPS for better security.
    
 
    Default and recommended setting configured by iRedMail is:
    
 
    disable_plaintext_auth=yes
 ssl=required
 
    
-
 
    Allow insecure SMTP connection on port 25
    
 
    Please comment out lines below in Postfix config file /etc/postfix/main.cf
 and reload or restart Postfix service:
    
diff --git a/html/allow.member.to.send.email.as.mail.list-it_IT.html b/html/allow.member.to.send.email.as.mail.list-it_IT.html
index 4c7fc7ec..c3d4b414 100644
--- a/html/allow.member.to.send.email.as.mail.list-it_IT.html
+++ b/html/allow.member.to.send.email.as.mail.list-it_IT.html
@@ -28,7 +28,6 @@
 
 
    ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True
 
    
-
 
      
 
    • Riavviare entrambi i servizi Postfix ed iRedAPD
      • 
 
    
diff --git a/html/allow.member.to.send.email.as.mail.list-zh_CN.html b/html/allow.member.to.send.email.as.mail.list-zh_CN.html
index 46e37287..30e2cd81 100644
--- a/html/allow.member.to.send.email.as.mail.list-zh_CN.html
+++ b/html/allow.member.to.send.email.as.mail.list-zh_CN.html
@@ -27,14 +27,12 @@
 
 
    plugins = [..., 'reject_sender_login_mismatch']
 
    
-
 
      
 
    • 在 iRedAPD 配置文件 /opt/iredapd/settings.py 中添加如下参数,允许列表成员
   以列表邮件地址作为发件人发送邮件:
      • 
 
    
 
    ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True
 
    
-
 
      
 
    • 修改后需要重启 Postfix 和 iRedAPD 服务。
      • 
 
    
diff --git a/html/allow.member.to.send.email.as.mail.list.html b/html/allow.member.to.send.email.as.mail.list.html
index 3184646c..baf38625 100644
--- a/html/allow.member.to.send.email.as.mail.list.html
+++ b/html/allow.member.to.send.email.as.mail.list.html
@@ -31,7 +31,6 @@ mailing list (or mail alias), please follw steps below:
    
 
 
    ALLOWED_LOGIN_MISMATCH_LIST_MEMBER = True
 
    
-
 
      
 
    • Restart both Postfix and iRedAPD services.
      • 
 
    
diff --git a/html/allow.send.without.smtp.auth.html b/html/allow.send.without.smtp.auth.html
index a6edce05..14ce5c2c 100644
--- a/html/allow.send.without.smtp.auth.html
+++ b/html/allow.send.without.smtp.auth.html
@@ -38,14 +38,12 @@ address which you're going to allow to send email without smtp
 authentication. We use email address user@example.com for example here.
    
 
    /^user@example\.com$/ OK
 
    
-
 
    It's ok to use IP address instead like below if you want to allow all emails
 sent from this IP address:
    
 
    /^192\.168\.1\.1$/ OK
 /^192\.168\.2\./   OK
 /^172\.16\./       OK
 
    
-
 
    
 
    Attention
    
 
      
@@ -58,7 +56,6 @@ sent from this IP address:
      
 
      Now restart or reload postfix to make it work:
      
 
      postfix reload
 
      
-
 
      iRedAPD
      
 
      iRedAPD plugin reject_sender_login_mismatch checks forged sender address.
 If sender domain is hosted on your server, but email was sent without smtp
@@ -77,14 +74,12 @@ in file /opt/iredapd/libs/default_settings.py.
      
 
    
 
    ALLOWED_FORGED_SENDERS = ['user@example.com']
 
    
-
 
      
 
    • To bypass sender IP address or network, for example, 192.168.0.1 and
   192.168.1.0/24, please add setting in /opt/iredapd/settings.py like below:
      • 
 
    
 
    MYNETWORKS = ['192.168.0.1', '192.168.1.0/24']
 
    
-
 
    Restarting iRedAPD service is required if you updated /opt/iredapd/settings.py.
    
     
    All documents are available in GitHub repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.
    
 
    
\ No newline at end of file
diff --git a/html/allow.user.to.send.email.without.authentication-it_IT.html b/html/allow.user.to.send.email.without.authentication-it_IT.html
index 43fe3502..9b2bf705 100644
--- a/html/allow.user.to.send.email.without.authentication-it_IT.html
+++ b/html/allow.user.to.send.email.without.authentication-it_IT.html
@@ -23,17 +23,14 @@
 
    Create questo file di testo: /etc/postfix/accepted_unauth_senders, elencandoci tutti gli indirizzi mail degli utenti abilitati ad inviare posta senza l'autenticazione smtp. Verrà usato l'indirizzo user@example.com come esempio:
    
 
    user@example.com OK
 
    
-
 
    Create un file db hash con il comando postmap :
    
 
    # postmap hash:/etc/postfix/accepted_unauth_senders
 
    
-
 
    Modificate il file di configurazione di Postfix /etc/postmap/main.cf affinché uso questo file di testo:
    
 
    smtpd_sender_restrictions =
     check_sender_access hash:/etc/postfix/accepted_unauth_senders,
     [...OTHER RESTRICTIONS HERE...]
 
    
-
 
    Riavviate/ricaricate Postfix per rendere effettiva la modifica.
    
 
    # /etc/init.d/postfix restart
 
    
diff --git a/html/allow.user.to.send.email.without.authentication-zh_CN.html b/html/allow.user.to.send.email.without.authentication-zh_CN.html
index 66990df3..698afa38 100644
--- a/html/allow.user.to.send.email.without.authentication-zh_CN.html
+++ b/html/allow.user.to.send.email.without.authentication-zh_CN.html
@@ -25,21 +25,17 @@
 发送邮件的用户邮件地址。下面以用户 user@example.com 为例:
    
 
    user@example.com OK
 
    
-
 
    使用 postmap 命令建立哈希数据库文件:
    
 
    # postmap hash:/etc/postfix/accepted_unauth_senders
 
    
-
 
    修改 Postfix 配置文件 /etc/postfix/main.cf 以使用该文件:
    
 
    smtpd_sender_restrictions =
     check_sender_access hash:/etc/postfix/accepted_unauth_senders,
     [...OTHER RESTRICTIONS HERE...]
 
    
-
 
    重启 postfix 服务以使设置生效:
    
 
    # /etc/init.d/postfix restart
 
    
-
 
    iRedAPD
    
 
    iRedAPD 插件 reject_sender_login_mismatch 会检测伪造的发件人地址。如果发件人
 的域名在你的服务器托管,并且邮件不是经由 SMTP 验证发送的,就会被认为是伪造的
@@ -52,14 +48,12 @@ not logged in),因此需要在 iRedAPD 里放行将该收件人邮件
 
 
    ALLOWED_FORGED_SENDERS = ['user@example.com']
 
    
-
 
      
 
    • 放行发件人 IP 地址或网段,例如, 192.168.0.1192.168.1.0/24,请在
   /opt/iredapd/settings.py 里加以下参数:
      • 
 
    
 
    MYNETWORKS = ['192.168.0.1', '192.168.1.0/24']
 
    
-
 
    修改后需要重启 iRedAPD 服务。
    
     
    All documents are available in GitHub repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.
    
 
    
\ No newline at end of file
diff --git a/html/allow.user.to.send.email.without.authentication.html b/html/allow.user.to.send.email.without.authentication.html
index 9e1dfe55..537a1c6f 100644
--- a/html/allow.user.to.send.email.without.authentication.html
+++ b/html/allow.user.to.send.email.without.authentication.html
@@ -38,7 +38,6 @@ users' email addresses which are allowed to send email without smtp
 authentication. We use user email address user@example.com for example:
    
 
    /^user@example\.com$/ OK
 
    
-
 
    It's ok to use IP address instead like below:
    
 
    
 
    For more allowed sender format, please check Postfix manual page: access(5).
    
@@ -47,17 +46,14 @@ authentication. We use user email address user@example.com for exam
 /^192\.168\.2\./   OK
 /^172\.16\./       OK
 
    
-
 
    Update Postfix config file /etc/postfix/main.cf to use this pcre file:
    
 
    smtpd_sender_restrictions =
     check_sender_access pcre:/etc/postfix/sender_access.pcre,
     [...OTHER RESTRICTIONS HERE...]
 
    
-
 
    Restart/reload postfix to make it work:
    
 
    # /etc/init.d/postfix restart
 
    
-
 
    iRedAPD
    
 
    iRedAPD plugin reject_sender_login_mismatch will check forged sender address.
 If sender domain is hosted on your server, but no smtp auth, it will be
@@ -71,14 +67,12 @@ device like printer, fax, we can also its IP address directly.
    
 
 
    ALLOWED_FORGED_SENDERS = ['user@example.com']
 
    
-
 
      
 
    • To bypass sender IP address or network, for example, 192.168.0.1 and
   192.168.1.0/24, please add setting in /opt/iredapd/settings.py like below:
      • 
 
    
 
    MYNETWORKS = ['192.168.0.1', '192.168.1.0/24']
 
    
-
 
    Restarting iRedAPD service is required if you updated /opt/iredapd/settings.py.
    
 
    References
    
 
      
diff --git a/html/amavisd.per-recipient.policy.lookup-it_IT.html b/html/amavisd.per-recipient.policy.lookup-it_IT.html
index 774eeb61..f1235c4c 100644
--- a/html/amavisd.per-recipient.policy.lookup-it_IT.html
+++ b/html/amavisd.per-recipient.policy.lookup-it_IT.html
@@ -27,7 +27,6 @@
 @storage_sql_dsn = [...]
 @lookup_sql_dsn = @storage_sql_dsn;
 
    
-
 
    Acqueo punto riavviate il servizio Amavisd.
    
 
    Se non sapete dove sia il file di configurazione di Amavisd, fate riferimento a questo documento: Posizione dei file di configurazione e log dei componenti maggiori
    
 
    Referenze:
    
diff --git a/html/amavisd.per-recipient.policy.lookup.html b/html/amavisd.per-recipient.policy.lookup.html
index 1e10b3c5..22034790 100644
--- a/html/amavisd.per-recipient.policy.lookup.html
+++ b/html/amavisd.per-recipient.policy.lookup.html
@@ -33,7 +33,6 @@ it's very easy to enable per-recipient policy lookup. Just add one line after
 @storage_sql_dsn = [...]
 @lookup_sql_dsn = @storage_sql_dsn;
 
    
-
 
    Then restart Amavisd serivce.
    
 
    If you don't know where Amavisd config file is, please refer to our document:
 Locations of configuration and log files of major components
    
diff --git a/html/amavisd.wblist-it_IT.html b/html/amavisd.wblist-it_IT.html
index 8379e1b9..2560788e 100644
--- a/html/amavisd.wblist-it_IT.html
+++ b/html/amavisd.wblist-it_IT.html
@@ -39,7 +39,6 @@
 
    # cd /opt/iredapd/tools/
 # python wblist_admin.py
 
    
-
 
    Esempi di utilizzo:
    
 
      
 
    • Aggiungere globalmente in whitelist o blacklist mittenti:
      • 
@@ -47,14 +46,12 @@
 
      # python wblist_admin.py --add --whitelist 202.96.134.133 john@example.com @test.com @.abc.com
 # python wblist_admin.py --add --blacklist 202.96.134.133 john@example.com @test.com @.abc.com
 
      
-
 
        
 
      • Elencare mittenti inseriti in whitelist o blacklist a livello globale:
        • 
 
      
 
      # python wblist_admin.py --list --whitelist
 # python wblist_admin.py --list --blacklist
 
      
-
 
        
 
      • Per gestire a livello utente o dominio le white/backlist aggiungete il parametro --account come sotto riportato:
        • 
 
      
@@ -64,13 +61,11 @@
 # python wblist_admin.py --account mydomain.com --list --whitelist
 # python wblist_admin.py --account user@mydomain.com --list --blacklist
 
    
-
 
 
    # python wblist_admin.py --outbound --account mydomain.com --add --whitelist 202.96.134.133
 
    
-
 
    Screenshot di iRedAdmin-Pro:
    
 
    
     
    All documents are available in GitHub repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.
    
diff --git a/html/amavisd.wblist.html b/html/amavisd.wblist.html
index 37dcae36..a9a8f512 100644
--- a/html/amavisd.wblist.html
+++ b/html/amavisd.wblist.html
@@ -47,7 +47,6 @@ without argument like this:
    
 
    # cd /opt/iredapd/tools/
 # python wblist_admin.py
 
    
-
 
    Sample usages:
    
 
      
 
    • Add server-wide whitelisted or blacklisted senders:
      • 
@@ -55,14 +54,12 @@ without argument like this:
      
 
      # python wblist_admin.py --add --whitelist 202.96.134.133 john@example.com @test.com @.abc.com
 # python wblist_admin.py --add --blacklist 202.96.134.133 john@example.com @test.com @.abc.com
 
      
-
 
        
 
      • Show server-wide whitelisted and blacklisted senders:
        • 
 
      
 
      # python wblist_admin.py --list --whitelist
 # python wblist_admin.py --list --blacklist
 
      
-
 
        
 
      • For per-domain or per-user white/blacklists, please add argument --account.
   like below:
        • 
@@ -73,13 +70,11 @@ without argument like this:
        
 # python wblist_admin.py --account mydomain.com --list --whitelist
 # python wblist_admin.py --account user@mydomain.com --list --blacklist
    - 
    # python wblist_admin.py --outbound --account mydomain.com --add --whitelist 202.96.134.133
    -

    Screenshot of iRedAdmin-Pro:

    All documents are available in GitHub repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

    diff --git a/html/authenticate.without.domain.name.html b/html/authenticate.without.domain.name.html index 7c32bb7c..cff82027 100644 --- a/html/authenticate.without.domain.name.html +++ b/html/authenticate.without.domain.name.html @@ -35,7 +35,6 @@ email address, please follow below steps.

    without domain name part in email address. For example:

    auth_default_realm = mydomain.com
    -

    Restarting Dovecot is required. After restarted Dovecot, user logins as john.smith will be rewritten to john.smith@mydomain.com by Dovecot. This works for POP3/IMAP/SMTP services.

    @@ -56,7 +55,6 @@ in this parameter. For example:

    // For example %n = mail.domain.tld, %t = domain.tld $config['username_domain'] = 'mydomain.com'; -

    Restarting web server (Apache or php-fpm) is recommended.

    All documents are available in GitHub repository, and published under Creative Commons license. You can download the latest version for offline reading. If you found something wrong, please do contact us to fix it.

    \ No newline at end of file diff --git a/html/backup.restore.html b/html/backup.restore.html index c2caba43..35077f4b 100644 --- a/html/backup.restore.html +++ b/html/backup.restore.html @@ -67,7 +67,6 @@ installation, so what you need to do is checking whether or not they're defined as cron jobs with below commands:

    # crontab -l -u root
    -

    Sample output on an iRedMail server with OpenLDAP backend:

    # iRedMail: Backup OpenLDAP data every day on 03:01 AM
 1   3   *   *   *   /bin/bash /var/vmail/backup/backup_openldap.sh
@@ -75,7 +74,6 @@ defined as cron jobs with below commands:
    
 # iRedMail: Backup MySQL databases every day on 03:10 AM
 10   3   *   *   *   /bin/bash /var/vmail/backup/backup_mysql.sh
    -

    Notes:

    Some tutorials have been translated to different languages. Help translate more

    -

    English / Italiano /

    +

    English / Italiano / Español /

    安装 iRedMail