elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Sync iRedMail upgrade tutorial.

This commit is contained in:
Zhang Huangbin 2016-12-12 22:34:15 +08:00
parent f7833d2f40
commit fa698fc4ab
2 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
en_US/upgrade/0-upgrade.iredmail.0.9.5.1-0.9.6.md
View File

@ -17,6 +17,7 @@
## ChangeLog
* Dec 12, 2016: Improve Fail2ban filter regular expression to catch more POP3/IMAP spams
* Nov 9, 2016: Fixed: Memcached listens on all available IP addresses instead of `127.0.0.1`
* Nov 9, 2016: Fixed: not allow access to '/.well-known/' in Nginx
* Nov 1, 2016: Fixed: invalid default (datetime) value for some SQL columns in 'vmail' database.
@ -312,6 +313,30 @@ Then restart memcached service:
rcctl restart memcached
```
### Improve Fail2ban filter regular expression to catch more POP3/IMAP spams
> This step is applicable to Linux system.
We have one new Fail2ban filter regular expression to catch unauth clients
which generates log like below:
> Dec 11 16:49:41 imap-login: Info: Disconnected (auth failed, 1 attempts in
> 2 secs): user=<admin@example.net>, method=PLAIN, rip=212.8.246.222,
> lip=10.11.12.13, TLS: Disconnected, session=<xxfH9mhDwgDUCPbe>
Steps:
* On Linux:
```
cd /etc/fail2ban/filter.d/
rm -f dovecot.iredmail.conf
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/fail2ban/filter.d/dovecot.iredmail.conf
service fail2ban reload
```
* On FreeBSD and OpenBSD, we don't have Fail2ban configured, so not applicable.
## OpenLDAP backend special
### Fixed: mail accounts (user, alias, list) are still active when domain is disabled

26
html/upgrade.iredmail.0.9.5.1-0.9.6.html
View File

@ -38,6 +38,7 @@
<li><a href="#fixed-nginx-doesnt-forward-real-client-ip-address-to-sogo">Fixed: Nginx doesn't forward real client IP address to SOGo</a></li>
<li><a href="#fixed-sogo-313-and-later-releases-changed-argument-used-by-sogo-tool-command">Fixed: SOGo-3.1.3 (and later releases) changed argument used by sogo-tool command</a></li>
<li><a href="#fixed-memcached-listens-on-all-available-ip-addresses-instead-of-127001">Fixed: Memcached listens on all available IP addresses instead of 127.0.0.1</a></li>
<li><a href="#improve-fail2ban-filter-regular-expression-to-catch-more-pop3imap-spams">Improve Fail2ban filter regular expression to catch more POP3/IMAP spams</a></li>
</ul>
</li>
<li><a href="#openldap-backend-special">OpenLDAP backend special</a><ul>
@ -73,6 +74,7 @@ check <a href="../support.html">the details</a> and <a href="../contact.html">co
</ul>
<h2 id="changelog">ChangeLog</h2>
<ul>
<li>Dec 12, 2016: Improve Fail2ban filter regular expression to catch more POP3/IMAP spams</li>
<li>Nov 9, 2016: Fixed: Memcached listens on all available IP addresses instead of <code>127.0.0.1</code></li>
<li>Nov 9, 2016: Fixed: not allow access to '/.well-known/' in Nginx</li>
<li>Nov 1, 2016: Fixed: invalid default (datetime) value for some SQL columns in 'vmail' database.</li>
@ -337,6 +339,30 @@ to the IP address of your jail.</p>
<pre><code>rcctl restart memcached
</code></pre>
<h3 id="improve-fail2ban-filter-regular-expression-to-catch-more-pop3imap-spams">Improve Fail2ban filter regular expression to catch more POP3/IMAP spams</h3>
<blockquote>
<p>This step is applicable to Linux system.</p>
</blockquote>
<p>We have one new Fail2ban filter regular expression to catch unauth clients
which generates log like below:</p>
<blockquote>
<p>Dec 11 16:49:41 imap-login: Info: Disconnected (auth failed, 1 attempts in
2 secs): user=<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;&#97;&#100;&#109;&#105;&#110;&#64;&#101;&#120;&#97;&#109;&#112;&#108;&#101;&#46;&#110;&#101;&#116;">&#97;&#100;&#109;&#105;&#110;&#64;&#101;&#120;&#97;&#109;&#112;&#108;&#101;&#46;&#110;&#101;&#116;</a>, method=PLAIN, rip=212.8.246.222,
lip=10.11.12.13, TLS: Disconnected, session=<xxfH9mhDwgDUCPbe></p>
</blockquote>
<p>Steps:</p>
<ul>
<li>On Linux:</li>
</ul>
<pre><code>cd /etc/fail2ban/filter.d/
rm -f dovecot.iredmail.conf
wget https://bitbucket.org/zhb/iredmail/raw/default/iRedMail/samples/fail2ban/filter.d/dovecot.iredmail.conf
service fail2ban reload
</code></pre>
<ul>
<li>On FreeBSD and OpenBSD, we don't have Fail2ban configured, so not applicable.</li>
</ul>
<h2 id="openldap-backend-special">OpenLDAP backend special</h2>
<h3 id="fixed-mail-accounts-user-alias-list-are-still-active-when-domain-is-disabled">Fixed: mail accounts (user, alias, list) are still active when domain is disabled</h3>
<blockquote>