26

Re: Roadmap: iRedMail-1.0

Any plan to support SOGo on CentOS7? RPMs for RedHat7 was recently released by Inverse.
I'm using iRedMail LDAP on my own server with CentOS 6.6+SOGo (self configured) since a couple of years and I'm waiting your support to upgrade os!!!

Thank you!

27

Re: Roadmap: iRedMail-1.0

matteo.frakka wrote:

Any plan to support SOGo on CentOS7? RPMs for RedHat7 was recently released by Inverse.

The problem is, SOGo RPM packages doesn't work with MySQL, so you can only install sogo with PostgreSQL backend in iRedMail -- if we enable it on CentOS 7.

I already reported this issue to sogo team, no update yet:
http://www.sogo.nu/bugs/view.php?id=3225

I saw some other users reported this issue in sogo mailing list, hope we can get a fix soon.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

28

Re: Roadmap: iRedMail-1.0

Arghhhh!!!

Ok, thank you!

29

Re: Roadmap: iRedMail-1.0

I'd like to see some modern security updates like encFS or some other encrypted mail storage as well as DANE, DMARC, DNSSEC, etc.

From "mail-in-a-box" project website:

"It implements modern mail protocols (SPF, DKIM, and DMARC) and the latest security best practices, including opportunistic TLS, strong ciphers, and HSTS. When enabled, DNSSEC (with DANE TLSA) provides a higher level of protection against active attacks. Exchange ActiveSync is also available as a beta feature."

I know iRedmail already implements SPF, DKIM. How about HSTS? and DNSSEC (with DANE TLSA)?

How about Z-push?

30

Re: Roadmap: iRedMail-1.0

*) EncFS should be done after server OS installation by sys admin, not by iRedMail.
*) iRedMail doesn't install a local DNS server, so all DNS server side settings are not applicable. for example, DNSSEC.
*) DMARC is planned, but no deadline yet.
*) No plan for z-push. We use SOGo groupware, it offers ActiveSync.
*) HSTS is implemented in Nginx, and will be available in upcoming iRedMail release. Actually, it's just one line in /etc/nginx/conf.d/default.conf (inside https block):

    # Use HTTP Strict Transport Security to force client to use secure             
    # connections only. Reference:                                                 
    # https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

31

Re: Roadmap: iRedMail-1.0

Hi,

I've just read your roadmap and I would like to add a suggestion.

First of all, I've installed iRedMail to deploy a full and powerful mail server without the assle of grabbing each package and configure it, and to be able to concentrate my efforts on PHP developpement. Meaning I need a LAMP stack. I believe that if you bypass Apache, it will be either a deal breaker for some developer or at least slow down the adoption of iRedMail.

That was my 2 cents feeling about this.

Best regards !

32

Re: Roadmap: iRedMail-1.0

About LAMP, you can use LNMP instead.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

33

Re: Roadmap: iRedMail-1.0

If you're looking to reduce the complexity of the support matrix, I'd suggest dropping one of the database platforms.  Using the same logic as removing Apache, you don't need multiple databases any more than multiple web servers.  Supporting both Postgres and MySQL seems equally redundant.

Apparently the concern is not the size of the install base as you've chosen to remove support for the web server which has 50% of the market share of active web sites vs one that has 14%.   If you believe nginx better suited for the job, then it makes sense to support it.   The same would be true of database back ends.

Do you have any stats as to what percentage of iRedMail installs are on dedicated servers?   This would seem to be a fairly major factor in determining what needs to be supported.   If the vast majority are dedicated servers, perhaps reducing the number of Linux distros would also be appropriate for future releases?

34

Re: Roadmap: iRedMail-1.0

bmackay wrote:

If you're looking to reduce the complexity of the support matrix, I'd suggest dropping one of the database platforms.  Using the same logic as removing Apache, you don't need multiple databases any more than multiple web servers.  Supporting both Postgres and MySQL seems equally redundant.

*) Looks like we have to keep both Apache and Nginx for a long time.
*) I don't want to drop any backend database (LDAP/MySQL/PGSQL).

PGSQL is too different than MySQL/MariaDB, and many admins prefer PGSQL, they don't like Oracle MySQL due to license concern.

*) We dropped Gentoo, openSUSE before, because just very few users chose them. No plan to drop one more.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

35

Re: Roadmap: iRedMail-1.0

ZhangHuangbin wrote:

*) I don't want to drop any backend database (LDAP/MySQL/PGSQL).

Also dropping LDAP would be stupid since LDAP is widely used in enterprise environment as a user database for centralized user administration and authentication/authorization.

36

Re: Roadmap: iRedMail-1.0

ZhangHuangbin wrote:

*) We dropped Gentoo, openSUSE before, because just very few users chose them. No plan to drop one more.

Is it possible to give back openSuse ....  Leap has now 36 months maintance. I could help if needed.

37

Re: Roadmap: iRedMail-1.0

Still no plan to support openSUSE, sorry.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

38

Re: Roadmap: iRedMail-1.0

hey Zhang,

is it possible to request for next versions of iredmail-mysql/mariadb to use innodb as the default engine for table creation?
since we're trying to create cluster of iredmail-mariadb server using maria-db wsrep, but noticed that account creation doesn't get synced across the nodes, since vmail table still uses myisam.

39

Re: Roadmap: iRedMail-1.0

Hi beez,

I will switch MyISAM to InnoDB and do a quick testing, if it works, you got it.

BTW, are you willing to share your cluster document with our community?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

40

Re: Roadmap: iRedMail-1.0

ZhangHuangbin wrote:

Hi beez,

I will switch MyISAM to InnoDB and do a quick testing, if it works, you got it.

BTW, are you willing to share your cluster document with our community?

Sure, I'll share it later once our new cluster setup is a success.


our current setup is also basically an iredmail cluster at the moment, using 3 ubuntu servers: 2 for iredmail and 1 for the nfs storage & mysql database. once we installed both iredmail server, we just moved the database from one server to the central database, and changed the iredmail configuration to use that database instead.
For the storage, we just nfs mounted the /var/vmail from the storage to each iredmail server. and then setup dns pointer to both iredmail server for round-robin resolve.
As for the webmail it's optional; on our setup actually we used another server and used horde-groupware for the webmail service.

The weakest link is at the database server, if it has problem, all the services will halt; (we have to restart each services again)

Right now we are trying to improve the setup by using GlusterFS Cluster mounted storage and Master/Master mariaDB replication, plus using dovecot director to better handle the IMAP session. The details will be shared later.

41

Re: Roadmap: iRedMail-1.0

Have you considered putting ha-proxy in front of your mail setup? With this you will gain HA and load balancing.

42

Re: Roadmap: iRedMail-1.0

mir wrote:

Have you considered putting ha-proxy in front of your mail setup? With this you will gain HA and load balancing.

Yea, I've considered the adding ha-proxy for the new setup.

The old setup was done early 2012-ish, before dovecot and postfix fully support the proxy protocol, thus why only simple dns round-robin was used.

43

Re: Roadmap: iRedMail-1.0

exists on your side any plans to make a ident system? also i mean thaht the user of email xy can write from some diferent emails?,i use at the moment something like this but would be cool to controll it over the ired admin pro

44

Re: Roadmap: iRedMail-1.0

stefanr wrote:

exists on your side any plans to make a ident system? also i mean thaht the user of email xy can write from some diferent emails?,i use at the moment something like this but would be cool to controll it over the ired admin pro

Excuse me, what do you mean "ident system"? Does it mean some kind of identity management system, or a central account management system?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

45

Re: Roadmap: iRedMail-1.0

heyho,
also i mean a system where i can select thaht the user user1@systemxy.de also can write from the email admin@myservice.com.

46 (edited by josteiner87 2015-12-10 00:29:08)

Re: Roadmap: iRedMail-1.0

Have you considered adding Horde 5 as a groupware option? Any chance Horde's ActiveSync would be more stable than Sogo? Here's a bit of background on this...

I am responsible for a few iRedmail instances -- been installing it for clients who need an onsite mail solution.

In a couple of these, we use Sogo Activesync; and I'm disappointed to report that it seems very buggy. Moving more than a few messages at a time in Outlook doesn't work; various things break from one update to another, random things may get fixed when an update occurs, etc. It's very frustrating. Recently the CardDAV protocol seems to have quit working correctly also; contacts mysteriously just quit syncing with my BlackBerry and Thunderbird. It used to work. Sometimes I have gotten issues fixed simply by updating to the latest nightly build; other times, the nightly build broke things which didn't get fixed til the next stable release.

Horde 5 has ActiveSync support also, apparently. And Horde has been around for a long time. Does anybody know if their ActiveSync implementation is more stable than that of Sogo?

47

Re: Roadmap: iRedMail-1.0

Dear Josteiner87,

Thanks for sharing your experience. Unfortunately, we have no plan to switch from SOGo to Horde.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

48

Re: Roadmap: iRedMail-1.0

I think Kolab is better than SoGo and more similar to Roundcube.

(http://www.kolab.org/)

49

Re: Roadmap: iRedMail-1.0

blp330 wrote:

I think Kolab is better than SoGo and more similar to Roundcube.

(http://www.kolab.org/)

Kolab uses Roundcube as webmail, plus some plugins developed by their own (they're open source).

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

50 (edited by extremeshok 2015-12-16 10:13:19)

Re: Roadmap: iRedMail-1.0

@josteiner87 the issues you have are caused by the sogo config not being optimized and configured correctly.

When you upgrade to new versions its usually an idea to empty the various sogo caches to prevent random bugs.

Its also relatively simple to add any extra groupware or mailclients to iredmail, so you can run horde or the zafara zpush implementation if you want, we have done this

Groupware requires lots of resources, our sogo works perfectly with 150+ concurrent/simultaneous users syncing and mail boxes of 30GB+, but then its on its own dedicated machine with 128GB ram and 16cores.