74 lines
3.1 KiB
HTML
74 lines
3.1 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<title>Fixes you need after upgrading Debian from 8 to 9</title>
|
|
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
|
</head>
|
|
<body>
|
|
|
|
<div id="navigation">
|
|
<a href="https://www.iredmail.org" target="_blank">
|
|
<img alt="iRedMail web site"
|
|
src="./images/logo-iredmail.png"
|
|
style="vertical-align: middle; height: 30px;"
|
|
/>
|
|
<span>iRedMail</span>
|
|
</a>
|
|
// <a href="./index.html">Document Index</a></div><h1 id="fixes-you-need-after-upgrading-debian-from-8-to-9">Fixes you need after upgrading Debian from 8 to 9</h1>
|
|
<div class="toc">
|
|
<ul>
|
|
<li><a href="#fixes-you-need-after-upgrading-debian-from-8-to-9">Fixes you need after upgrading Debian from 8 to 9</a><ul>
|
|
<li><a href="#postfix">Postfix</a></li>
|
|
<li><a href="#dovecot">Dovecot</a></li>
|
|
<li><a href="#fail2ban">Fail2ban</a></li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
<h2 id="postfix">Postfix</h2>
|
|
<p>Run commands:</p>
|
|
<pre><code># Backup files
|
|
cp /etc/postfix/main.cf /etc/postfix/main.cf.bak
|
|
cp /etc/postfix/master.cf /etc/postfix/master.cf.bak
|
|
|
|
# Update main.cf and master.cf
|
|
postconf -e daemon_directory='/usr/lib/postfix/sbin'
|
|
postconf -e shlib_directory='/usr/lib/postfix'
|
|
postconf -e compatibility_level=2
|
|
for i in $(postconf -Mf | grep '^[0-9a-zA-Z]' | awk '{print $1"/"$2"/chroot=n"}'); do postconf -F $i; done
|
|
</code></pre>
|
|
|
|
<ul>
|
|
<li>Incorrect <code>daemon_directory</code> causes Postfix cannot start.</li>
|
|
<li>Incorrect <code>shlib_directory</code> causes Postfix cannot find pcre/mysql/pgsql/ldap modules.</li>
|
|
<li>Debian 8 ships Postfix 2.x, but Debian 9 ships Postfix 3.x, we need to disable compatible mode.</li>
|
|
</ul>
|
|
<h2 id="dovecot">Dovecot</h2>
|
|
<p>Please remove <code>!SSLv2</code> from parameter <code>ssl_protocols</code>, and restart Dovecot service:</p>
|
|
<pre><code>ssl_protocols = !SSLv3
|
|
</code></pre>
|
|
|
|
<h2 id="fail2ban">Fail2ban</h2>
|
|
<p>There's a duplicate parameter in file <code>/etc/fail2ban/jail.conf</code>, under section
|
|
<code>[pam-generic]</code> like below:</p>
|
|
<pre><code>[pam-generic]
|
|
...
|
|
port = all
|
|
...
|
|
port = anyport
|
|
</code></pre>
|
|
|
|
<p>Comment out <code>port = anyport</code> and restart fail2ban service.</p><div class="footer">
|
|
<p style="text-align: center; color: grey;">All documents are available in <a href="https://github.com/iredmail/docs/">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://github.com/iredmail/docs/archive/master.zip">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
|
</div>
|
|
<!-- Global site tag (gtag.js) - Google Analytics -->
|
|
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-3293801-21"></script>
|
|
<script>
|
|
window.dataLayer = window.dataLayer || [];
|
|
function gtag(){dataLayer.push(arguments);}
|
|
gtag('js', new Date());
|
|
|
|
gtag('config', 'UA-3293801-21');
|
|
</script>
|
|
</body></html> |