473 lines
24 KiB
HTML
473 lines
24 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<title>Upgrade iRedMail from 0.9.9 to 1.0</title>
|
|
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
|
</head>
|
|
<body>
|
|
|
|
<div id="navigation">
|
|
<a href="https://www.iredmail.org" target="_blank">
|
|
<img alt="iRedMail web site"
|
|
src="./images/logo-iredmail.png"
|
|
style="vertical-align: middle; height: 30px;"
|
|
/>
|
|
<span>iRedMail</span>
|
|
</a>
|
|
// <a href="./index.html">Document Index</a></div><h1 id="upgrade-iredmail-from-099-to-10">Upgrade iRedMail from 0.9.9 to 1.0</h1>
|
|
<div class="toc">
|
|
<ul>
|
|
<li><a href="#upgrade-iredmail-from-099-to-10">Upgrade iRedMail from 0.9.9 to 1.0</a><ul>
|
|
<li><a href="#changelog">ChangeLog</a></li>
|
|
<li><a href="#general-all-backends-should-apply-these-changes">General (All backends should apply these changes)</a><ul>
|
|
<li><a href="#update-etciredmail-release-with-new-iredmail-version-number">Update /etc/iredmail-release with new iRedMail version number</a></li>
|
|
<li><a href="#upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release-33">Upgrade iRedAPD (Postfix policy server) to the latest stable release: 3.3</a></li>
|
|
<li><a href="#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-099">Upgrade iRedAdmin (open source edition) to the latest stable release: 0.9.9</a></li>
|
|
<li><a href="#upgrade-mlmmjadmin-to-the-latest-stable-release-21">Upgrade mlmmjadmin to the latest stable release (2.1)</a></li>
|
|
<li><a href="#upgrade-roundcube-webmail-to-the-latest-stable-release-141">Upgrade Roundcube webmail to the latest stable release: 1.4.1</a></li>
|
|
<li><a href="#upgrade-netdata-to-the-latest-stable-release-1190">Upgrade netdata to the latest stable release (1.19.0)</a></li>
|
|
<li><a href="#fixed-improper-order-of-postfix-smtpd_sender_restriction-rules">Fixed: improper order of Postfix smtpd_sender_restriction rules</a></li>
|
|
<li><a href="#fixed-fix-improper-helo-rule-which-blocks-new-facebook-servers">Fixed: fix improper HELO rule which blocks new Facebook servers</a></li>
|
|
<li><a href="#fixed-incorrect-ssl-ca-file-path-in-postfix-on-freebsd-and-openbsd">Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD</a></li>
|
|
<li><a href="#fail2ban-slightly-loose-filter-rule-for-postfix">Fail2ban: slightly loose filter rule for postfix</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#for-openldap-backend">For OpenLDAP backend</a><ul>
|
|
<li><a href="#optional-enable-mailbox-quota-status-check-in-dovecot-and-postfix">[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.</a><ul>
|
|
<li><a href="#add-required-ldap-attributevalue-pair-for-all-mail-users">Add required LDAP attribute/value pair for all mail users</a></li>
|
|
<li><a href="#enable-quota-status-service-in-dovecot">Enable quota-status service in Dovecot</a></li>
|
|
<li><a href="#enable-quota-status-check-in-postfix">Enable quota status check in Postfix</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#optional-track-the-time-of-user-last-login-via-imappop3">[OPTIONAL] Track the time of user last login via IMAP/POP3</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#for-mysqlmariadb-backends">For MySQL/MariaDB backends</a><ul>
|
|
<li><a href="#optional-enable-mailbox-quota-status-check-in-dovecot-and-postfix_1">[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.</a><ul>
|
|
<li><a href="#add-new-sql-column-in-vmailmailbox-table">Add new SQL column in vmail.mailbox table</a></li>
|
|
<li><a href="#enable-quota-status-service-in-dovecot_1">Enable quota-status service in Dovecot</a></li>
|
|
<li><a href="#enable-quota-status-check-in-postfix_1">Enable quota status check in Postfix</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#optional-track-the-time-of-user-last-login-via-imappop3_1">[OPTIONAL] Track the time of user last login via IMAP/POP3</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#for-postgresql-backend">For PostgreSQL backend</a><ul>
|
|
<li><a href="#optional-enable-mailbox-quota-status-check-in-dovecot-and-postfix_2">[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.</a><ul>
|
|
<li><a href="#add-new-sql-column-in-vmailmailbox-table_1">Add new SQL column in vmail.mailbox table</a></li>
|
|
<li><a href="#enable-quota-status-service-in-dovecot_2">Enable quota-status service in Dovecot</a></li>
|
|
<li><a href="#enable-quota-status-check-in-postfix_2">Enable quota status check in Postfix</a></li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
<div class="admonition note">
|
|
<p class="admonition-title">Paid Remote Upgrade Support</p>
|
|
<p>We offer remote upgrade support if you don't want to get your hands dirty,
|
|
check <a href="https://www.iredmail.org/support.html">the details</a> and
|
|
<a href="https://www.iredmail.org/contact.html">contact us</a>.</p>
|
|
</div>
|
|
<h2 id="changelog">ChangeLog</h2>
|
|
<ul>
|
|
<li>Apr 18, 2020, mention how to configure Dovecot to track user last login time.</li>
|
|
<li>Dec 11 2019, mention not to enable quota-status service in Dovecot-2.1.x.</li>
|
|
<li>Dec 9, 2019, initial release.</li>
|
|
</ul>
|
|
<h2 id="general-all-backends-should-apply-these-changes">General (All backends should apply these changes)</h2>
|
|
<h3 id="update-etciredmail-release-with-new-iredmail-version-number">Update <code>/etc/iredmail-release</code> with new iRedMail version number</h3>
|
|
<p>iRedMail stores the release version in <code>/etc/iredmail-release</code> after
|
|
installation, it's recommended to update this file after you upgraded iRedMail,
|
|
so that you can know which version of iRedMail you're running. For example:</p>
|
|
<pre><code>1.0
|
|
</code></pre>
|
|
|
|
<h3 id="upgrade-iredapd-postfix-policy-server-to-the-latest-stable-release-33">Upgrade iRedAPD (Postfix policy server) to the latest stable release: 3.3</h3>
|
|
<div class="admonition attention">
|
|
<p class="admonition-title">Attention</p>
|
|
<p>iRedAPD offers SRS (Sender Rewriting Scheme) support in this release, but
|
|
it's disabled by default, please read our tutorial to understand known
|
|
issues and how to enable it: <a href="./srs.html">Enable SRS (Sender Rewriting Scheme) support</a>.</p>
|
|
</div>
|
|
<p>Please follow below tutorial to upgrade iRedAPD to the latest stable release:
|
|
<a href="./upgrade.iredapd.html">Upgrade iRedAPD to the latest stable release</a></p>
|
|
<h3 id="upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-099">Upgrade iRedAdmin (open source edition) to the latest stable release: 0.9.9</h3>
|
|
<p>Please follow this tutorial to upgrade iRedAdmin open source edition to the
|
|
latest stable release:
|
|
<a href="./migrate.or.upgrade.iredadmin.html">Upgrade iRedAdmin to the latest stable release</a></p>
|
|
<h3 id="upgrade-mlmmjadmin-to-the-latest-stable-release-21">Upgrade mlmmjadmin to the latest stable release (2.1)</h3>
|
|
<p>Please follow below tutorial to upgrade mlmmjadmin to the latest stable release:
|
|
<a href="./upgrade.mlmmjadmin.html">Upgrade mlmmjadmin to the latest stable release</a></p>
|
|
<h3 id="upgrade-roundcube-webmail-to-the-latest-stable-release-141">Upgrade Roundcube webmail to the latest stable release: 1.4.1</h3>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Roundcube 1.4</p>
|
|
<p>Since Roundcube 1.3, at least <strong>PHP 5.4</strong> is required. If your server is
|
|
running PHP 5.3 and cannot upgrade to 5.4, please upgrade Roundcube
|
|
the latest 1.2 branch instead.</p>
|
|
</div>
|
|
<p>The latest Roundcube webmail 1.4.1 offers a shiny new web UI.
|
|
Please follow Roundcube official tutorial to upgrade Roundcube webmail to the
|
|
latest stable release (1.4.1):</p>
|
|
<ul>
|
|
<li><a href="https://github.com/roundcube/roundcubemail/wiki/Upgrade">How to upgrade Roundcube</a>.</li>
|
|
</ul>
|
|
<h3 id="upgrade-netdata-to-the-latest-stable-release-1190">Upgrade netdata to the latest stable release (1.19.0)</h3>
|
|
<p>If you have netdata installed, you can upgrade it by following this tutorial:
|
|
<a href="./upgrade.netdata.html">Upgrade netdata</a>.</p>
|
|
<h3 id="fixed-improper-order-of-postfix-smtpd_sender_restriction-rules">Fixed: improper order of Postfix smtpd_sender_restriction rules</h3>
|
|
<p>iRedMail-0.9.9 and earlier releases didn't configure Postfix to apply custom
|
|
restriction rule before querying DNS records of sender domain,
|
|
this way you cannot whitelist some sender mail domains which don't have
|
|
DNS records (especially your internal mail domains used in LAN). Please follow
|
|
steps below to fix it.</p>
|
|
<ul>
|
|
<li>Open file <code>/etc/postfix/main.cf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
|
|
<code>smtpd_sender_restrictions</code> like below:</li>
|
|
</ul>
|
|
<pre><code>smtpd_sender_restrictions =
|
|
reject_unknown_sender_domain
|
|
...
|
|
check_sender_access pcre:...
|
|
</code></pre>
|
|
|
|
<ul>
|
|
<li>Move the <code>reject_unknown_sender_domain</code> line after <code>check_sender_access</code> line
|
|
like below:</li>
|
|
</ul>
|
|
<pre><code>smtpd_sender_restrictions =
|
|
...
|
|
check_sender_access pcre:...
|
|
reject_unknown_sender_domain
|
|
</code></pre>
|
|
|
|
<ul>
|
|
<li>Reloading or restarting Postfix service is required.</li>
|
|
</ul>
|
|
<h3 id="fixed-fix-improper-helo-rule-which-blocks-new-facebook-servers">Fixed: fix improper HELO rule which blocks new Facebook servers</h3>
|
|
<p>Facebook has some new servers which uses <code><ip>.mail-mail.facebook.com</code> as
|
|
HELO identities, this is blocked by the default HELO rules configured by
|
|
iRedMail-0.9.9 and earlier releases. Please fix it with EITHER step described
|
|
below, but solution 1 is the recommended.</p>
|
|
<ol>
|
|
<li>Prepend line below in <code>/etc/postfix/helo_access.pcre</code> (Linux/OpenBSD) and
|
|
<code>/usr/local/etc/postfix/helo_access.pcre</code> (FreeBSD):</li>
|
|
</ol>
|
|
<pre><code>/^\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\.mail-mail\.facebook\.com$/ DUNNO
|
|
</code></pre>
|
|
|
|
<ol>
|
|
<li>Or, find line below in <code>helo_access.pcre</code> and remove it.</li>
|
|
</ol>
|
|
<pre><code>/(\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3}[\.-]\d{1,3})/ REJECT ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery
|
|
</code></pre>
|
|
|
|
<p>Reloading or restarting Postfix service is required.</p>
|
|
<h3 id="fixed-incorrect-ssl-ca-file-path-in-postfix-on-freebsd-and-openbsd">Fixed: Incorrect SSL CA file path in Postfix on FreeBSD and OpenBSD</h3>
|
|
<div class="admonition attention">
|
|
<p class="admonition-title">Attention</p>
|
|
<p>This applies to only FreeBSD and OpenBSD, NOT Linux.</p>
|
|
</div>
|
|
<p>FreeBSD and OpenBSD has all CAs in file <code>/etc/ssl/cert.pem</code>, but it's
|
|
configured by iRedMail to load multiple CA files under <code>/etc/ssl/certs</code>
|
|
directory like Linux. Commands below fix this issue.</p>
|
|
<pre><code>postconf -e smtpd_tls_CAfile=/etc/ssl/cert.pem
|
|
postconf -e smtpd_tls_CApath=''
|
|
postfix reload
|
|
</code></pre>
|
|
|
|
<h3 id="fail2ban-slightly-loose-filter-rule-for-postfix">Fail2ban: slightly loose filter rule for postfix</h3>
|
|
<p>We received few reports from clients that Outlook for macOS may trigger some
|
|
unexpected smtp errors, and caught by the Fail2ban filter rules shipped by
|
|
iRedMail, so we decide to remove the filter rule used to match Postfix log
|
|
<code>lost connection after EHLO</code>.</p>
|
|
<p>Please follow commands below to get the updated filter rules.</p>
|
|
<ul>
|
|
<li>On Linux:</li>
|
|
</ul>
|
|
<pre><code>cd /etc/fail2ban/filter.d/
|
|
wget -O postfix.iredmail.conf https://github.com/iredmail/iRedMail/raw/1.0/samples/fail2ban/filter.d/postfix.iredmail.conf
|
|
wget -O dovecot.iredmail.conf https://github.com/iredmail/iRedMail/raw/1.0/samples/fail2ban/filter.d/dovecot.iredmail.conf
|
|
</code></pre>
|
|
|
|
<p>Restarting Fail2ban service is required.</p>
|
|
<h2 id="for-openldap-backend">For OpenLDAP backend</h2>
|
|
<h3 id="optional-enable-mailbox-quota-status-check-in-dovecot-and-postfix">[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.</h3>
|
|
<p>With default iRedMail settings, Postfix accepts email without checking whether
|
|
user's mailbox is over quota, then pipes email to Dovecot LDA for local
|
|
delivery. If mailbox is over quota, Dovecot can not save message to mailbox
|
|
and generates a "sender non-delivery notification" to sender.</p>
|
|
<p>With the change below, Postfix will query mailbox quota status from Dovecot
|
|
directly, then reject email if it's over quota. It saves system resource used
|
|
to process this email (e.g. spam/virus scanning), and avoids bounce message.</p>
|
|
<h4 id="add-required-ldap-attributevalue-pair-for-all-mail-users">Add required LDAP attribute/value pair for all mail users</h4>
|
|
<p>According to the Dovecot settings configured by iRedMail, all mail users
|
|
should have LDAP attribute/value pair <code>enabledService=quota-status</code> to use
|
|
this service.</p>
|
|
<ul>
|
|
<li>Download script used to update existing mail accounts:</li>
|
|
</ul>
|
|
<pre><code>cd /root/
|
|
wget https://github.com/iredmail/iRedMail/raw/1.0/update/ldap/updateLDAPValues_099_to_1.py
|
|
</code></pre>
|
|
|
|
<ul>
|
|
<li>Open downloaded file <code>updateLDAPValues_099_to_1.py</code>, set LDAP server
|
|
related settings in this file. For example:</li>
|
|
</ul>
|
|
<pre><code># Part of file: updateLDAPValues_099_to_1.py
|
|
|
|
uri = 'ldap://127.0.0.1:389'
|
|
basedn = 'o=domains,dc=example,dc=com'
|
|
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
|
|
bind_pw = 'passwd'
|
|
</code></pre>
|
|
|
|
<p>You can find required LDAP credential in iRedAdmin config file or
|
|
<code>iRedMail.tips</code> file under your iRedMail installation directory. Using either
|
|
<code>cn=Manager,dc=xx,dc=xx</code> or <code>cn=vmailadmin,dc=xx,dc=xx</code> as bind dn is ok, both
|
|
of them have read-write privilege to update mail accounts.</p>
|
|
<ul>
|
|
<li>Execute this script, it will add required data:</li>
|
|
</ul>
|
|
<pre><code># python2 updateLDAPValues_099_to_1.py
|
|
</code></pre>
|
|
|
|
<h4 id="enable-quota-status-service-in-dovecot">Enable quota-status service in Dovecot</h4>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This feature requires Dovecot-2.2 or later releases, do not apply it on
|
|
Dovecot-2.1.x or earlier versions.</p>
|
|
</div>
|
|
<p>Open Dovecot config file <code>/etc/dovecot/dovecot.conf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD), find the <code>plugin {}</code> block
|
|
and add 3 new parameters:</p>
|
|
<pre><code>plugin {
|
|
...
|
|
# Used by quota-status service.
|
|
quota_status_success = DUNNO
|
|
quota_status_nouser = DUNNO
|
|
quota_status_overquota = "552 5.2.2 Mailbox is full"
|
|
...
|
|
}
|
|
</code></pre>
|
|
|
|
<p>In same <code>dovecot.conf</code>, append settings below <strong>at the end of file</strong>:</p>
|
|
<ul>
|
|
<li>With settings below, Dovecot quota-status service will listen on <code>127.0.0.1:12340</code>.</li>
|
|
<li>You can change the port number <code>12340</code> to any other spare one if you want.</li>
|
|
</ul>
|
|
<pre><code>service quota-status {
|
|
executable = quota-status -p postfix
|
|
client_limit = 1
|
|
inet_listener {
|
|
address = 127.0.0.1
|
|
port = 12340
|
|
}
|
|
}
|
|
</code></pre>
|
|
|
|
<p>Restarting Dovecot service is required.</p>
|
|
<h4 id="enable-quota-status-check-in-postfix">Enable quota status check in Postfix</h4>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This feature requires Dovecot-2.2 or later releases, do not apply it on
|
|
Dovecot-2.1.x or earlier versions.</p>
|
|
</div>
|
|
<p>Open Postfix config file <code>/etc/postfix/main.cf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
|
|
<code>smtpd_recipient_restrictions</code> and append a new <code>check_policy_service</code> setting
|
|
<strong>at the end</strong> like below:</p>
|
|
<pre><code>smtpd_recipient_restrictions =
|
|
...
|
|
check_policy_service inet:127.0.0.1:12340
|
|
</code></pre>
|
|
|
|
<p>Restarting Postfix service is required.</p>
|
|
<h3 id="optional-track-the-time-of-user-last-login-via-imappop3">[OPTIONAL] Track the time of user last login via IMAP/POP3</h3>
|
|
<p>Sometimes you may want/need to know the time of user last login via IMAP/POP3,
|
|
and here's the tutorial to implement this feature. If you run iRedAdmin-Pro
|
|
admin panel, it's visiable on the web UI directly.</p>
|
|
<ul>
|
|
<li><a href="./track.user.last.login.html">Track user last login time</a></li>
|
|
</ul>
|
|
<h2 id="for-mysqlmariadb-backends">For MySQL/MariaDB backends</h2>
|
|
<h3 id="optional-enable-mailbox-quota-status-check-in-dovecot-and-postfix_1">[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.</h3>
|
|
<p>With default iRedMail settings, Postfix accepts email without checking whether
|
|
user's mailbox is over quota, then pipes email to Dovecot LDA for local
|
|
delivery. If mailbox is over quota, Dovecot can not save message to mailbox
|
|
and generates a "sender non-delivery notification" to sender.</p>
|
|
<p>With the change below, Postfix will query mailbox quota status from Dovecot
|
|
directly, then reject email if it's over quota. It saves system resource used
|
|
to process this email (e.g. spam/virus scanning), and avoids bounce message.</p>
|
|
<h4 id="add-new-sql-column-in-vmailmailbox-table">Add new SQL column in <code>vmail.mailbox</code> table</h4>
|
|
<p>According to the Dovecot settings configured by iRedMail, a new SQL column
|
|
<code>mailbox.enablequota-status</code> is required.</p>
|
|
<p>Download plain SQL file used to create required column and index, then import
|
|
it directly as MySQL root user (Please run commands below as <code>root</code> user):</p>
|
|
<pre><code>wget -O /tmp/iredmail.mysql https://github.com/iredmail/iRedMail/raw/1.0/update/1.0/iredmail.mysql
|
|
mysql vmail < /tmp/iredmail.mysql
|
|
rm -f /tmp/iredmail.mysql
|
|
</code></pre>
|
|
|
|
<h4 id="enable-quota-status-service-in-dovecot_1">Enable quota-status service in Dovecot</h4>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This feature requires Dovecot-2.2 or later releases, do not apply it on
|
|
Dovecot-2.1.x or earlier versions.</p>
|
|
</div>
|
|
<p>Open Dovecot config file <code>/etc/dovecot/dovecot.conf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD), find the <code>plugin {}</code> block
|
|
and add 3 new parameters:</p>
|
|
<pre><code>plugin {
|
|
...
|
|
# Used by quota-status service.
|
|
quota_status_success = DUNNO
|
|
quota_status_nouser = DUNNO
|
|
quota_status_overquota = "552 5.2.2 Mailbox is full"
|
|
...
|
|
}
|
|
</code></pre>
|
|
|
|
<p>In same <code>dovecot.conf</code>, append settings below <strong>at the end of file</strong>:</p>
|
|
<ul>
|
|
<li>With settings below, Dovecot quota-status service will listen on <code>127.0.0.1:12340</code>.</li>
|
|
<li>You can change the port number <code>12340</code> to any other spare one if you want.</li>
|
|
</ul>
|
|
<pre><code>service quota-status {
|
|
executable = quota-status -p postfix
|
|
client_limit = 1
|
|
inet_listener {
|
|
address = 127.0.0.1
|
|
port = 12340
|
|
}
|
|
}
|
|
</code></pre>
|
|
|
|
<p>Restarting Dovecot service is required.</p>
|
|
<h4 id="enable-quota-status-check-in-postfix_1">Enable quota status check in Postfix</h4>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This feature requires Dovecot-2.2 or later releases, do not apply it on
|
|
Dovecot-2.1.x or earlier versions.</p>
|
|
</div>
|
|
<p>Open Postfix config file <code>/etc/postfix/main.cf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
|
|
<code>smtpd_recipient_restrictions</code> and append a new <code>check_policy_service</code> setting
|
|
<strong>at the end</strong> like below:</p>
|
|
<pre><code>smtpd_recipient_restrictions =
|
|
...
|
|
check_policy_service inet:127.0.0.1:12340
|
|
</code></pre>
|
|
|
|
<p>Restarting Postfix service is required.</p>
|
|
<h3 id="optional-track-the-time-of-user-last-login-via-imappop3_1">[OPTIONAL] Track the time of user last login via IMAP/POP3</h3>
|
|
<p>Sometimes you may want/need to know the time of user last login via IMAP/POP3,
|
|
and here's the tutorial to implement this feature. If you run iRedAdmin-Pro
|
|
admin panel, it's visiable on the web UI directly.</p>
|
|
<ul>
|
|
<li><a href="./track.user.last.login.html">Track user last login time</a></li>
|
|
</ul>
|
|
<h2 id="for-postgresql-backend">For PostgreSQL backend</h2>
|
|
<h3 id="optional-enable-mailbox-quota-status-check-in-dovecot-and-postfix_2">[OPTIONAL] Enable mailbox quota status check in Dovecot and Postfix.</h3>
|
|
<p>With default iRedMail settings, Postfix accepts email without checking whether
|
|
user's mailbox is over quota, then pipes email to Dovecot LDA for local
|
|
delivery. If mailbox is over quota, Dovecot can not save message to mailbox
|
|
and generates a "sender non-delivery notification" to sender.</p>
|
|
<p>With the change below, Postfix will query mailbox quota status from Dovecot
|
|
directly, then reject email if it's over quota. It saves system resource used
|
|
to process this email (e.g. spam/virus scanning), and avoids bounce message.</p>
|
|
<h4 id="add-new-sql-column-in-vmailmailbox-table_1">Add new SQL column in <code>vmail.mailbox</code> table</h4>
|
|
<p>According to the Dovecot settings configured by iRedMail, a new SQL column
|
|
<code>mailbox.enablequota-status</code> is required.</p>
|
|
<ul>
|
|
<li>Download plain SQL file used to create required column and index:</li>
|
|
</ul>
|
|
<pre><code>wget -O /tmp/iredmail.pgsql https://github.com/iredmail/iRedMail/raw/1.0/update/1.0/iredmail.pgsql
|
|
</code></pre>
|
|
|
|
<ul>
|
|
<li>Connect to PostgreSQL server as <code>postgres</code> user and import the SQL file:<ul>
|
|
<li>on Linux, it's <code>postgres</code> user</li>
|
|
<li>on FreeBSD, it's <code>pgsql</code> user</li>
|
|
<li>on OpenBSD, it's <code>_postgresql</code> user</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
<pre><code>su - postgres
|
|
psql -d vmail < /tmp/iredmail.pgsql
|
|
</code></pre>
|
|
|
|
<ul>
|
|
<li>Remove downloaded file as root user:</li>
|
|
</ul>
|
|
<pre><code>rm -f /tmp/iredmail.pgsql
|
|
</code></pre>
|
|
|
|
<h4 id="enable-quota-status-service-in-dovecot_2">Enable quota-status service in Dovecot</h4>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This feature requires Dovecot-2.2 or later releases, do not apply it on
|
|
Dovecot-2.1.x or earlier versions.</p>
|
|
</div>
|
|
<p>Open Dovecot config file <code>/etc/dovecot/dovecot.conf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/dovecot/dovecot.conf</code> (FreeBSD), find the <code>plugin {}</code> block
|
|
and add 3 new parameters:</p>
|
|
<pre><code>plugin {
|
|
...
|
|
# Used by quota-status service.
|
|
quota_status_success = DUNNO
|
|
quota_status_nouser = DUNNO
|
|
quota_status_overquota = "552 5.2.2 Mailbox is full"
|
|
...
|
|
}
|
|
</code></pre>
|
|
|
|
<p>In same <code>dovecot.conf</code>, append settings below <strong>at the end of file</strong>:</p>
|
|
<ul>
|
|
<li>With settings below, Dovecot quota-status service will listen on <code>127.0.0.1:12340</code>.</li>
|
|
<li>You can change the port number <code>12340</code> to any other spare one if you want.</li>
|
|
</ul>
|
|
<pre><code>service quota-status {
|
|
executable = quota-status -p postfix
|
|
client_limit = 1
|
|
inet_listener {
|
|
address = 127.0.0.1
|
|
port = 12340
|
|
}
|
|
}
|
|
</code></pre>
|
|
|
|
<p>Restarting Dovecot service is required.</p>
|
|
<h4 id="enable-quota-status-check-in-postfix_2">Enable quota status check in Postfix</h4>
|
|
<div class="admonition warning">
|
|
<p class="admonition-title">Warning</p>
|
|
<p>This feature requires Dovecot-2.2 or later releases, do not apply it on
|
|
Dovecot-2.1.x or earlier versions.</p>
|
|
</div>
|
|
<p>Open Postfix config file <code>/etc/postfix/main.cf</code> (Linux/OpenBSD) or
|
|
<code>/usr/local/etc/postfix/main.cf</code> (FreeBSD), find parameter
|
|
<code>smtpd_recipient_restrictions</code> and append a new <code>check_policy_service</code> setting
|
|
<strong>at the end</strong> like below:</p>
|
|
<pre><code>smtpd_recipient_restrictions =
|
|
...
|
|
check_policy_service inet:127.0.0.1:12340
|
|
</code></pre>
|
|
|
|
<p>Restarting Postfix service is required.</p><div class="footer">
|
|
<p style="text-align: center; color: grey;">All documents are available in <a href="https://github.com/iredmail/docs/">GitHub repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://github.com/iredmail/docs/archive/master.zip">download the latest version</a> for offline reading. If you found something wrong, please do <a href="https://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
|
</div>
|
|
<!-- Global site tag (gtag.js) - Google Analytics -->
|
|
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-3293801-21"></script>
|
|
<script>
|
|
window.dataLayer = window.dataLayer || [];
|
|
function gtag(){dataLayer.push(arguments);}
|
|
gtag('js', new Date());
|
|
|
|
gtag('config', 'UA-3293801-21');
|
|
</script>
|
|
</body></html> |