elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Sync upgrade tutorial of iRedMail-1.0.

This commit is contained in:
Zhang Huangbin 2019-11-11 23:29:42 +08:00
parent e58993380e
commit de58cf48fc
2 changed files with 46 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
en_US/upgrade/0-upgrade.iredmail.0.9.9-1.0.md
View File

@ -87,8 +87,8 @@ DNS records (especially your internal mail domains used in LAN). Please follow
steps below to fix it.
* Open file `/etc/postfix/main.cf` (Linux/OpenBSD) or
`/usr/local/etc/postfix/main.cf` (FreeBSD), find parameter
`smtpd_sender_restrictions` like below:
`/usr/local/etc/postfix/main.cf` (FreeBSD), find parameter
`smtpd_sender_restrictions` like below:
```
smtpd_sender_restrictions =
@ -109,6 +109,28 @@ smtpd_sender_restrictions =
* Reloading or restarting Postfix service is required.
### Fixed: fix improper HELO rule which blocks new Facebook servers
Facebook has some new servers which uses `<ip>.mail-mail.facebook.com` as
HELO identities, this is blocked by the default HELO rules configured by
iRedMail-0.9.9 and earlier releases. Please fix it with EITHER step described
below, but solution 1 is the recommended.
1. Prepend line below in `/etc/postfix/helo_access.pcre` (Linux/OpenBSD) and
`/usr/local/etc/postfix/helo_access.pcre` (FreeBSD):
```
/^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\.mail-mail\.facebook\.com$/ DUNNO
```
2. Or, find line below in `helo_access.pcre` and remove it.
```
/(\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3})/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery
```
Reloading or restarting Postfix service is required.
### Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD
!!! attention

24
html/upgrade.iredmail.0.9.9-1.0.html
View File

@ -28,6 +28,7 @@
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release">Upgrade Roundcube webmail to the latest stable release</a></li>
<li><a href="#upgrade-netdata-to-the-latest-stable-release-1171">Upgrade netdata to the latest stable release (1.17.1)</a></li>
<li><a href="#fixed-improper-order-of-postfix-smtpd_sender_restriction-rules">Fixed: improper order of Postfix smtpd_sender_restriction rules</a></li>
<li><a href="#fixed-fix-improper-helo-rule-which-blocks-new-facebook-servers">Fixed: fix improper HELO rule which blocks new Facebook servers</a></li>
<li><a href="#fixed-incorrect-ssl-ca-file-path-in-postfix-on-freebsd-and-openbsd">Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD</a></li>
<li><a href="#fail2ban-slightly-loose-filter-rule-for-postfix">Fail2ban: slightly loose filter rule for postfix</a></li>
</ul>
@ -133,8 +134,8 @@ DNS records (especially your internal mail domains used in LAN). Please follow
steps below to fix it.</p>
<ul>
<li>Open file <code>/etc/postfix/main.cf</code> (Linux/OpenBSD) or
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
<code>smtpd_sender_restrictions</code> like below:</li>
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
<code>smtpd_sender_restrictions</code> like below:</li>
</ul>
<pre><code>smtpd_sender_restrictions =
reject_unknown_sender_domain
@ -155,6 +156,25 @@ steps below to fix it.</p>
<ul>
<li>Reloading or restarting Postfix service is required.</li>
</ul>
<h3 id="fixed-fix-improper-helo-rule-which-blocks-new-facebook-servers">Fixed: fix improper HELO rule which blocks new Facebook servers</h3>
<p>Facebook has some new servers which uses <code>&lt;ip&gt;.mail-mail.facebook.com</code> as
HELO identities, this is blocked by the default HELO rules configured by
iRedMail-0.9.9 and earlier releases. Please fix it with EITHER step described
below, but solution 1 is the recommended.</p>
<ol>
<li>Prepend line below in <code>/etc/postfix/helo_access.pcre</code> (Linux/OpenBSD) and
<code>/usr/local/etc/postfix/helo_access.pcre</code> (FreeBSD):</li>
</ol>
<pre><code>/^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\.mail-mail\.facebook\.com$/ DUNNO
</code></pre>
<ol>
<li>Or, find line below in <code>helo_access.pcre</code> and remove it.</li>
</ol>
<pre><code>/(\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3})/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery
</code></pre>
<p>Reloading or restarting Postfix service is required.</p>
<h3 id="fixed-incorrect-ssl-ca-file-path-in-postfix-on-freebsd-and-openbsd">Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD</h3>
<div class="admonition attention">
<p class="admonition-title">Attention</p>