Sync upgrade tutorial of iRedMail-1.0.
This commit is contained in:
parent
e58993380e
commit
de58cf48fc
|
@ -87,8 +87,8 @@ DNS records (especially your internal mail domains used in LAN). Please follow
|
|||
steps below to fix it.
|
||||
|
||||
* Open file `/etc/postfix/main.cf` (Linux/OpenBSD) or
|
||||
`/usr/local/etc/postfix/main.cf` (FreeBSD), find parameter
|
||||
`smtpd_sender_restrictions` like below:
|
||||
`/usr/local/etc/postfix/main.cf` (FreeBSD), find parameter
|
||||
`smtpd_sender_restrictions` like below:
|
||||
|
||||
```
|
||||
smtpd_sender_restrictions =
|
||||
|
@ -109,6 +109,28 @@ smtpd_sender_restrictions =
|
|||
|
||||
* Reloading or restarting Postfix service is required.
|
||||
|
||||
### Fixed: fix improper HELO rule which blocks new Facebook servers
|
||||
|
||||
Facebook has some new servers which uses `<ip>.mail-mail.facebook.com` as
|
||||
HELO identities, this is blocked by the default HELO rules configured by
|
||||
iRedMail-0.9.9 and earlier releases. Please fix it with EITHER step described
|
||||
below, but solution 1 is the recommended.
|
||||
|
||||
1. Prepend line below in `/etc/postfix/helo_access.pcre` (Linux/OpenBSD) and
|
||||
`/usr/local/etc/postfix/helo_access.pcre` (FreeBSD):
|
||||
|
||||
```
|
||||
/^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\.mail-mail\.facebook\.com$/ DUNNO
|
||||
```
|
||||
|
||||
2. Or, find line below in `helo_access.pcre` and remove it.
|
||||
|
||||
```
|
||||
/(\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3})/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery
|
||||
```
|
||||
|
||||
Reloading or restarting Postfix service is required.
|
||||
|
||||
### Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD
|
||||
|
||||
!!! attention
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
|
||||
<li><a href="#upgrade-netdata-to-the-latest-stable-release-1171">Upgrade netdata to the latest stable release (1.17.1)</a></li>
|
||||
<li><a href="#fixed-improper-order-of-postfix-smtpd_sender_restriction-rules">Fixed: improper order of Postfix smtpd_sender_restriction rules</a></li>
|
||||
<li><a href="#fixed-fix-improper-helo-rule-which-blocks-new-facebook-servers">Fixed: fix improper HELO rule which blocks new Facebook servers</a></li>
|
||||
<li><a href="#fixed-incorrect-ssl-ca-file-path-in-postfix-on-freebsd-and-openbsd">Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD</a></li>
|
||||
<li><a href="#fail2ban-slightly-loose-filter-rule-for-postfix">Fail2ban: slightly loose filter rule for postfix</a></li>
|
||||
</ul>
|
||||
|
@ -133,8 +134,8 @@ DNS records (especially your internal mail domains used in LAN). Please follow
|
|||
steps below to fix it.</p>
|
||||
<ul>
|
||||
<li>Open file <code>/etc/postfix/main.cf</code> (Linux/OpenBSD) or
|
||||
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
|
||||
<code>smtpd_sender_restrictions</code> like below:</li>
|
||||
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
|
||||
<code>smtpd_sender_restrictions</code> like below:</li>
|
||||
</ul>
|
||||
<pre><code>smtpd_sender_restrictions =
|
||||
reject_unknown_sender_domain
|
||||
|
@ -155,6 +156,25 @@ steps below to fix it.</p>
|
|||
<ul>
|
||||
<li>Reloading or restarting Postfix service is required.</li>
|
||||
</ul>
|
||||
<h3 id="fixed-fix-improper-helo-rule-which-blocks-new-facebook-servers">Fixed: fix improper HELO rule which blocks new Facebook servers</h3>
|
||||
<p>Facebook has some new servers which uses <code><ip>.mail-mail.facebook.com</code> as
|
||||
HELO identities, this is blocked by the default HELO rules configured by
|
||||
iRedMail-0.9.9 and earlier releases. Please fix it with EITHER step described
|
||||
below, but solution 1 is the recommended.</p>
|
||||
<ol>
|
||||
<li>Prepend line below in <code>/etc/postfix/helo_access.pcre</code> (Linux/OpenBSD) and
|
||||
<code>/usr/local/etc/postfix/helo_access.pcre</code> (FreeBSD):</li>
|
||||
</ol>
|
||||
<pre><code>/^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\.mail-mail\.facebook\.com$/ DUNNO
|
||||
</code></pre>
|
||||
|
||||
<ol>
|
||||
<li>Or, find line below in <code>helo_access.pcre</code> and remove it.</li>
|
||||
</ol>
|
||||
<pre><code>/(\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3})/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery
|
||||
</code></pre>
|
||||
|
||||
<p>Reloading or restarting Postfix service is required.</p>
|
||||
<h3 id="fixed-incorrect-ssl-ca-file-path-in-postfix-on-freebsd-and-openbsd">Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD</h3>
|
||||
<div class="admonition attention">
|
||||
<p class="admonition-title">Attention</p>
|
||||
|
|
Loading…
Reference in New Issue