1

Topic: iRedAdmin-Pro-SQL-2.5.0 has been released

Dear all,

iRedAdmin-Pro-SQL-2.5.0 (iRedAdmin-Pro for MySQL, MariaDB and PostgreSQL backends) is now available for upgrading and purchasing.

How to download the latest iRedAdmin-Pro

iRedAdmin-Pro customers can get download link of this new release by following steps below:

  • Login to iRedAdmin-Pro as global admin

  • Click "License" on the top-right corner, it will show you basic license info and a "Download" button if new version is available for upgrading.

If above steps don't work for you, please send an email to support @ iredmail.org to get download link of the latest release.

Below are detailed changes since iRedAdmin-Pro-SQL-2.3.1:

RESTful API

RESTful API has been largely improved and ready for integration with your own applications. If you need an API which has not yet been implemented, don't hesitate to contact us.

You can find detailed API document here: http://www.iredmail.org/docs/iredadmin- … l.api.html

  • Several parameter names have been changed for simplification:

    • old: `cn` -> new: `name`

    • old: `mailQuota` -> new: `quota`

    • old: `preferredLanguage` -> new: `language`

  • Variable names used in returned JSON data have been changed to avoid possible namespace conflict:

    • old: {'success': ...,  'msg': ...}

    • new: {'_success': ..., '_msg': ...}

  • NEW: /api/users/<domain>: Update profiles for all users under domain.

  • NEW: /api/users/<domain>/password: Update all user passwords under domain.

  • NEW: /api/domain/admins/<domain>: manage domain admins.

  • NEW: Verify given (plain) password against the one stored in LDAP.

    • /api/verify_password/user/<mail>

    • /api/verify_password/admin/<mail>

  • NEW: /api/admin/<mail>: manage standalone domain admins.

  • Able to delete mail domain or user with option to keep mailboxes for given days.

  • Able to update more domain profiles (/api/domain/<domain>):

    • default mailbox quota for new user.

    • max mailbox quota of newly created mail user

    • catch-all account

    • inbound and outbound relay

    • sender bcc, recipient bcc

    • set max number of users, aliases, mailing lists

    • disabled domain profiles

    • disabled user profiles

    • disabled user preferences

  • Able to update more user profiles (/api/user/<mail>):

    • mail forwarding

    • employee id

    • per-user alias addresses

  • Able to change email address of user/alias accounts.

  • Able to set members while creating mail alias account.

  • Able to update members while updating mail alias account.

  • Able to get profile of existing mail domain/user/alias.

  • NEW: Able to manage global, per-domain and per-user spam policy.

  • Fixed: Cannot set per-domain quota while creating domain.

Improvements
  • Normal domain admin is now able to create new mail domains with limits like number of max domains/users/alias/lists/quota. Note: new mail domain added by normal domain admin requires domain ownership verification. For more details, please check our tutorial: http://www.iredmail.org/docs/iredadmin- … ation.html

  • Able to use domain name as primary MX server (IP address is recommended).

  • Able to enable/disable pop3/imap/smtp/sogo/managesieve services for existing or newly created mail users under domain in domain profile page.

  • Able to enable/explicitly disable greylisting for domain/user.

  • Able to schedule date to delete mailboxes while removing domain or mail users. Note: This feature requires a daily cron job to run `tools/delete_mailboxes.py` which should be added automatically while upgrading iRedAdmin.

  • Able to set access policy while creating mail alias account.

  • Able to set timezone while creating mail domain.

  • New: tools/update_password_with_csv.py, used to reset password by reading password from CSV file (format: '<email> <password>').

  • tools/dump_disclaimer.py: able to dump disclaimer for alias domains.

  • tools/cleanup_amavisd_db.py: Huge performance improvement with dirty read (SELECT) while cleaning up old records in Amavisd database.

  • tools/notify_quarantined_recipients.py:

    • able to track last notify time and notify for new quarantined emails only.

    • able to notify users under backup MX domains with command line argument '--notify-backupmx'.

    • correctly encode mail subject and sender name

Fixed issues
  • SECURITY: iRedAdmin accepts any password on FreeBSD and OpenBSD if password is stored in BCRYPT hash.

  • Standalone admin account cannot change its own password.

  • Standalone admin account can be an email address under locally hosted mail domain. This causes conflict when there's a normal mail user with same email address.

  • Normal domain admin cannot view/update its own profile if it doesn't manage its own domain.

  • Not check current email address existence while changing account email address.

  • Not update sql column `mailbox.local_part` while changing account email address.

  • Not remove per-user alias addresses while removing user account.

  • Cannot use domain name as Primary MX in backup mx setting page.

  • Cannot delete mail user account due to incorrect PostgreSQL command.

  • Cannot use non-ascii characters in mail subject and body of notification mail used to notify local recipient of quarantined mails.

  • Cannot search mail accounts with PostgreSQL backend.

  • Normal domain admin can view or update global domain admin's profile.

  • Cannot save submitted greylisting whitelists while there's a duplicate sender inserted by `tools/spf_to_greylist_whitelists.py`. Thanks Juan Bou Riquer <jbou _at_ cancun.com.mx> for the report.

  • Incorrect pages while viewing disabled accounts. Thanks to Li Wei <liwei _at_ bond520.com> for the report.

  • Incorrectly count number of mail alias accounts in domain list page. Thanks to Santosh Gupta <head.it _at_ satmatechnologies.com> for the report.

  • Separated normail domain admin cannot change its own password.

  • Able to set unlimited mailbox quota when per-domain quota was set.

  • Cannot handle mail alias members if some character is in uppercase.

  • Not specify path to python command to run 'tools/cleanup_db.py' in upgrade script, this causes error in cron job.

  • Incorrectly update domain backupmx status while updating profile under tab 'General'.

  • iOS devices may have problem with character '^' in password. we remove it from allowed special character for randomly generated password.

  • Creating domain in invalid domain format causes 'internal server error'.

  • Fix the html target="_blank" vulnerability.

Updated translations
  • Update Traditional Chinese (zh_TW). Thanks rain <rain6966@gmail>.

  • Update Simplified Chinese (zh_CN).

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.