1

Topic: iRedMail-0.9.5 has been released.

Dear all,

iRedMail-0.9.5 stable release has been released.

Below are changes since iRedMail-0.9.4:

Supports new distribution release
  • Ubuntu 16.04 LTS (code name: xenial).

  • OpenBSD 5.9.

Drop support for old distribution releases
  • Ubuntu 15.10 (code name: wily).

  • OpenBSD 5.8.

  • Debian 7 (code name: Wheezy). Please use Debian 8 instead. Debian team stops offering security updates for Debian 7 after April 25, 2016. Reference: https://wiki.debian.org/DebianOldStable

Improvements
  • Postfix:

    • Supports Postfix parameter `sender_dependent_relayhost_maps`.

    • SMTP SASL AUTH is disabled on port 25. Please use port 587 instead.

  • Amavisd:

    • Add custom Amavisd log template (at log level 0) to always log SpamAssassin testing result.

  • OpenLDAP:

    • Switch OpenLDAP backend to mdb (Memory-Mapped DB backend to slapd) on Linux and FreeBSD (not available on OpenBSD yet).

    • Enable OpenLDAP overlay 'pw-sha2' to support password verification with sha2 algorithms.

  • SOGo:

    • SOGo is configured to store password in SSHA512 (instead of ssha) hash by default.

    • Switch SOGo to 3.x from 2.x on Linux/FreeBSD (OpenBSD offers v2).

    • Able to enable/disable sogo service for a single user with new SQL column `mailbox.enablesogo` and LDAP attribute/value `enabledService=sogo`.

  • OpenBSD ldapd(8):

    • Add script and daily cron job to backup ldapd.

Fixed issues
  • Not correctly setup Fail2ban jail `action=` setting to block bad ssh client IP address.

  • Improper proxy timeout setting in SOGo and Nginx which cause SOGo error 'client disconnected during delivery of response'.

  • Not correctly add Postfix alias 'virusalert: root' for non-(Debian/Ubuntu) OSes.

  • Not create directory used to store php session files.

  • Not enable cron job to auto update SpamAssassin rules on RHEL/CentOS.

Updated packages
  • Roundcube webmail -> 1.1.5

  • iRedAdmin -> 0.6

  • iRedAPD -> 1.9.0

In next few months, we will focus on cluster solution.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: iRedMail-0.9.5 has been released.

Hi Zhang,

i've seen the FreeBSD port textproc/wbxml2 was upgraded...


>>>>SOGo-3.x is not available on Ubuntu 16.04 (no binary packages from SOGo team) and FreeBSD (due to broken dependent port 'devel/sope3').We will repack iRedMail-0.9.5 when it's available.<<<<

regards pylox

3

Re: iRedMail-0.9.5 has been released.

Hi pylox,

wbxml2 is ok, but dependent port 'devel/sop3' is broken.

4

Re: iRedMail-0.9.5 has been released.

Hello Zhang,

Great job as always. I completed the upgrade today and I have a few notes about the documentation (nothing major).

In the iRedAdmin upgrade tutorial, the filename shows as containing the backend format. However, in the yum directory, this doesn't appear to be the case.

In the Fail2ban jail fix section, my sshd and sshd-dos jails did not contain the multiport action line, instead mine were:

[sshd]
enabled     = true
filter      = sshd
action      = iptables-allports
logpath     = /var/log/auth.log

[sshd-ddos]
enabled     = true
filter      = sshd-ddos
action      = iptables-allports
logpath     = /var/log/auth.log

I updated these entires to match the new jail actions in the upgrade document anyway. However, I'm just curious if maybe an older version of iRedMail script contained different jails.

In the sogo proxy timeout fix, there's a warning that says:

The timeout value, 360 (seconds), used below must be same as the value of parameter SOGoMaximumPingInterval = in SOGo config file /etc/sogo/sogo.conf (Linux/OpenBSD) or /usr/local/etc/sogo/sogo.conf.

However, my sogo.conf did not contain a setting for SOGoMaximumPingInterval. Do I need to add it? If so, where?

In the Enable/Disable SOGo for single user section, there's a note that says:

Before we go further, please find the SQL password for SQL user vmail in Postfix config file /etc/postfix/mysql/*.cf (on Linux/OpenBSD) or /usr/local/etc/postfix/mysql/*.cf (on FreeBSD), we need this while (re-)creating SQL VIEW sogo.users.

I looked in the files and found the password, but there's no mention of using it later in the directions. Is there a step missing?

Lastly, while recreating the view sogo.users, the drop statement in the directions is "DROP TABLE USERS;" however I think it should be "DROP VIEW USERS;"

Thanks,
Ralph

5

Re: iRedMail-0.9.5 has been released.

Dear ralph,

Thanks very much for the feedback.

ralph wrote:

In the iRedAdmin upgrade tutorial, the filename shows as containing the backend format. However, in the yum directory, this doesn't appear to be the case.

Fixed.

ralph wrote:

In the Fail2ban jail fix section, my sshd and sshd-dos jails did not contain the multiport action line, instead mine were:

Add one line to mention this difference: "If your jail.local uses action = iptables-allports, then you can skip this step." Hope it's clearer now.

ralph wrote:

However, my sogo.conf did not contain a setting for SOGoMaximumPingInterval. Do I need to add it? If so, where?

Added one sentence to mention this: "if your `sogo.conf` doesn't have this setting, please add it manually (`SOGoMaximumPingInterval = 360;`).".

ralph wrote:

I looked in the files and found the password, but there's no mention of using it later in the directions. Is there a step missing?

Removed. It's useless (but it's used for PostgreSQL backend, i guess i copied mistakenly. big_smile )

ralph wrote:

Lastly, while recreating the view sogo.users, the drop statement in the directions is "DROP TABLE USERS;" however I think it should be "DROP VIEW USERS;"

Fixed.

6

Re: iRedMail-0.9.5 has been released.

I love it, Zhang.

One more thing. I'm happy about using SOGo 3. However, in order to upgrade to SOGo 3 with Debian, I had to make a small change in /etc/apt/sources.list:
from:

deb http://inverse.ca/debian jessie jessie

to:

deb http://inverse.ca/debian-v3 jessie jessie

Reference: http://sogo.nu/support/faq/article/how- … ebian.html

I guess this could have been done a while ago, but I didn't think to check it until I saw it in the release notes.

I have been experiencing frequent crashes in SOGo, the workers will periodically stop responding and have to be killed manually prior to restarting the sogo service. I haven't been able to find anything about it in SOGo's bug tracker, so I hope it is fixed now...

A little disappointed to see I still cannot search mail in Android or iOS devices used with SOGo in EAS mode. neutral

7

Re: iRedMail-0.9.5 has been released.

We have a tutorial for upgrading SOGo from v2 to v3 here:
http://www.iredmail.org/docs/upgrade.sogo.2.to.3.html

Several users reported in SOGo mailing list that it raised "gateway error" while using the web UI. If it occurs, please backup your SOGo config files (/etc/sogo), remove both sogo and sope packages (libsope*, or sope*), then reinstall both sope and sogo, restore config files. This should fix it. [Of course it's mentioned in above upgrade tutorial.]

Since this may cause some trouble, i didn't mention this in iRedMail-0.9.5 upgrade tutorial. It's better to stick with current 2.3.x stable release.

8

Re: iRedMail-0.9.5 has been released.

awstats is disabled?

9

Re: iRedMail-0.9.5 has been released.

Updated from 0.9.4 to 0.9.5 without any problems.

Thanks Zhang!

10

Re: iRedMail-0.9.5 has been released.

Hi Zhang,
(I'm using iredmail from version 0.9.2, i have successfully upgraded to 0.9.3 and 0.9.4)

now i upgraded from 0.9.4 to 0.9.5.
I did tasks: General, OpenLDAP backend special

in the part MySQL/MariaDB backend special i cannot use command "sql> USE vmail;"

mysql> USE vmail;
ERROR 1049 (42000): Unknown database 'vmail'

mysql> SHOW DATABASES;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| amavisd            |
| iredadmin          |
| iredapd            |
| mysql              |
| roundcubemail      |
| sogo               |
| test               |
+--------------------+
8 rows in set (0.00 sec)

iredmail working good , but i stuck in this part of upgrade .
Could you please help me,
thank you
Zdenek

11

Re: iRedMail-0.9.5 has been released.

jirous wrote:

in the part MySQL/MariaDB backend special i cannot use command "sql> USE vmail;"

"MySQL/MariaDB backend special" means those steps are only applicable to MySQL/MariaDB backends. Are you using OpenLDAP backend or MySQL/MariaDB backend? Show us output of commands below:

postconf -n | grep _maps

12

Re: iRedMail-0.9.5 has been released.

Hello,
I really using OpenLDAP as backend
I'm sorry, it's my mistake :-(

output of postconf:

[root@ms3 ~]# postconf -n | grep _maps
alias_maps = hash:/etc/postfix/aliases
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions $sender_dependent_relayhost_maps
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/recipient_bcc_maps_domain.cf
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_user.cf, proxy:ldap:/etc/postfix/ldap/sender_bcc_maps_domain.cf
sender_dependent_relayhost_maps = proxy:ldap:/etc/postfix/ldap/sender_dependent_relayhost_maps_domain.cf, proxy:ldap:/etc/postfix/ldap/sender_dependent_relayhost_maps_user.cf
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap/sender_login_maps.cf
transport_maps = proxy:ldap:/etc/postfix/ldap/transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap/transport_maps_domain.cf
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap/virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_members_maps.cf, proxy:ldap:/etc/postfix/ldap/catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
virtual_uid_maps = static:2000

I apologize again
thanx
Zdenek