Warning
This IS A DRAFT DOCUMENT, DO NOT APPLY IT.
Paid Remote Upgrade Support
We offer remote upgrade support if you don't want to get your hands dirty, check the details and contact us.
/etc/iredmail-release
with new iRedMail version numberiRedMail stores the release version in /etc/iredmail-release
after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
1.4.3
Please follow below tutorial to upgrade mlmmjadmin to the latest stable release: Upgrade mlmmjadmin to the latest stable release
Attention
All credit goes to GitHub user @ludovicandrieux, thanks for the contributions. See also: #136, #137, #138.
ssl_session_cache
parameter. See also:
EECDH+CHACHA20
. It requires openssl 1.1.0, which is
available on:AES256+EDH
.To apply these changes, please open file /etc/nginx/templates/ssl.tmpl
with
your favourite text editor, then:
TLSv1.3
in parameter ssl_protocols
. For example:ssl_protocols TLSv1.2 TLSv1.3;
EECDH+CHACHA20
in parameter ssl_ciphers
, also remove AES256+EDH
.
For example:ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH;
ssl_session_cache
and optional comment lines:# Greatly improve the performance of keep-alive connections over SSL.
# With this enabled, client is not necessary to do a full SSL-handshake for
# every request, thus saving time and cpu-resources.
ssl_session_cache shared:SSL:10m;
Restarting Nginx service is required.
EECDH+CHACHA20
and remove the weak one AES256+EDH
Please open file /etc/dovecot/dovecot.conf
(Linux/OpenBSD) or
/usr/local/etc/dovecot/dovecot.conf
(FreeBSD), update parameter
ssl_cipher_list
to:
ssl_cipher_list = EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH
Restarting Dovecot service is required.