iRedMail
// Document IndexWarning
This IS A DRAFT DOCUMENT, DO NOT APPLY IT.
Paid Remote Upgrade Support
We offer remote upgrade support if you don't want to get your hands dirty, check the details and contact us.
/etc/iredmail-release with new iRedMail version numberiRedMail stores the release version in /etc/iredmail-release after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
1.4.3
Please follow below tutorial to upgrade mlmmjadmin to the latest stable release: Upgrade mlmmjadmin to the latest stable release
Attention
All credit goes to GitHub user @ludovicandrieux, thanks for the contributions. See also: #136, #137, #138.
ssl_session_cache parameter. See also:
EECDH+CHACHA20. It requires openssl 1.1.0, which is
available on:AES256+EDH.To apply these changes, please open file /etc/nginx/templates/ssl.tmpl with
your favourite text editor, then:
TLSv1.3 in parameter ssl_protocols. For example:ssl_protocols TLSv1.2 TLSv1.3;
EECDH+CHACHA20 in parameter ssl_ciphers, also remove AES256+EDH.
For example:ssl_ciphers EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH;
ssl_session_cache and optional comment lines:# Greatly improve the performance of keep-alive connections over SSL.
# With this enabled, client is not necessary to do a full SSL-handshake for
# every request, thus saving time and cpu-resources.
ssl_session_cache shared:SSL:10m;
Restarting Nginx service is required.
EECDH+CHACHA20 and remove the weak one AES256+EDHPlease open file /etc/dovecot/dovecot.conf (Linux/OpenBSD) or
/usr/local/etc/dovecot/dovecot.conf (FreeBSD), update parameter
ssl_cipher_list to:
ssl_cipher_list = EECDH+CHACHA20:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH
Restarting Dovecot service is required.