Upgrade/iRedMail/0.8.7-0.9.0

From iRedMail
(Difference between revisions)
Jump to: navigation, search
(Add new LDAP values for existing mail users)
(Upgrade phpMyAdmin to the latest stable release)
Line 26: Line 26:
 
== Upgrade phpMyAdmin to the latest stable release ==
 
== Upgrade phpMyAdmin to the latest stable release ==
 
Please follow this short tutorial to upgrade phpMyAdmin to the latest stable release: http://docs.phpmyadmin.net/en/latest/setup.html#upgrading-from-an-older-version
 
Please follow this short tutorial to upgrade phpMyAdmin to the latest stable release: http://docs.phpmyadmin.net/en/latest/setup.html#upgrading-from-an-older-version
 +
 +
== Fix improper Postfix setting in both main.cf and master.cf ==
 +
Currently, we don't have Postfix parameter 'receive_override_options=' set in main.cf, instead, we have it in transport '127.0.0.1:10025' (Amavisd) like this:
 +
{{cfg|/etc/postfix/master.cf|<pre>
 +
127.0.0.1:10025 inet n  -  -  -  -  smtpd
 +
    ...
 +
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
 +
</pre>}}
 +
 +
Without 'receive_override_options=no_address_mappings' in Postfix main.cf:
 +
* Postfix will enable canonical address mapping, virtual alias map expansion, address masquerading, and automatic BCC (blind carbon-copy) recipients BEFORE injecting emails to content filter (Amavisd, in our case). For example, if you forward email to 3 email addresses, Postfix will expand the original recipient to 3 recipients, then Amavisd will get 3 emails for scanning. But with 'receive_override_options=no_address_mappings', Postfix won't expand original recipient to 3 addresses, and Amavisd gets only 1 email for scanning. It slightly improves mail server performance.
 +
 +
* If a blacklisted sender (stored in Amavisd SQL database, not Policyd/Cluebringer) sends email to user who forwards email to other addresses, Amavisd will quarantine the one sent to original recipient, but bypass emails sent to forwarded addresses.
 +
 +
Please apply below steps to fix above issues:
 +
 +
# Add '''receive_override_options''' in Postfix:
 +
{{cmd|<pre>
 +
# postconf -e receive_override_options='no_address_mappings'
 +
</pre>}}
 +
# Open file '''/etc/postfix/master.cf''' (On Linux/OpenBSD) or '''/usr/local/etc/postfix/master.cf''' (on FreeBSD), find setting for transport '''127.0.0.1:10025''', remove '''no_address_mappings''' for its '''receive_override_options''' option:
 +
{{cfg|/etc/postfix/master.cf|<pre>
 +
# ORIGINAL setting
 +
#    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
 +
 +
# MODIFIED setting
 +
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
 +
</pre>}}
 +
# Restart Postfix service.
  
 
= OpenLDAP backend special =
 
= OpenLDAP backend special =

Revision as of 09:37, 15 July 2014

Contents



This is a DRAFT, do not apply it.



ChangeLog

  • 2014-06-19: [All backends] Add index for SQL column policy.policy_name in amavisd database.
  • 2014-06-07:
    • [OpenLDAP] Add new value for existing mail users: enabledService=indexer-worker.
    • [MySQL/PostgreSQL] New SQL column in vmail database: mailbox.enableindexer-worker.

General (All backends should apply these steps)

Update /etc/iredmail-release with iRedMail version number

iRedMail stores the initial version number in /etc/iredmail-release after installation completed, it's recommended to update this file after you upgraded iRedMail, so that you can know which version of iRedMail you're running. For example:

File: /etc/iredmail-release
0.9.0

Upgrade Roundcube webmail to the latest stable release

Please follow Roundcube official tutorial to upgrade Roundcube webmail to the latest stable release immediately: http://trac.roundcube.net/wiki/Howto_Upgrade

Upgrade phpMyAdmin to the latest stable release

Please follow this short tutorial to upgrade phpMyAdmin to the latest stable release: http://docs.phpmyadmin.net/en/latest/setup.html#upgrading-from-an-older-version

Fix improper Postfix setting in both main.cf and master.cf

Currently, we don't have Postfix parameter 'receive_override_options=' set in main.cf, instead, we have it in transport '127.0.0.1:10025' (Amavisd) like this:

File: /etc/postfix/master.cf
127.0.0.1:10025 inet n  -   -   -   -  smtpd
    ...
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings

Without 'receive_override_options=no_address_mappings' in Postfix main.cf:

  • Postfix will enable canonical address mapping, virtual alias map expansion, address masquerading, and automatic BCC (blind carbon-copy) recipients BEFORE injecting emails to content filter (Amavisd, in our case). For example, if you forward email to 3 email addresses, Postfix will expand the original recipient to 3 recipients, then Amavisd will get 3 emails for scanning. But with 'receive_override_options=no_address_mappings', Postfix won't expand original recipient to 3 addresses, and Amavisd gets only 1 email for scanning. It slightly improves mail server performance.
  • If a blacklisted sender (stored in Amavisd SQL database, not Policyd/Cluebringer) sends email to user who forwards email to other addresses, Amavisd will quarantine the one sent to original recipient, but bypass emails sent to forwarded addresses.

Please apply below steps to fix above issues:

  1. Add receive_override_options in Postfix:
Terminal:
# postconf -e receive_override_options='no_address_mappings'
  1. Open file /etc/postfix/master.cf (On Linux/OpenBSD) or /usr/local/etc/postfix/master.cf (on FreeBSD), find setting for transport 127.0.0.1:10025, remove no_address_mappings for its receive_override_options option:
File: /etc/postfix/master.cf
# ORIGINAL setting
#    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings

# MODIFIED setting
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
  1. Restart Postfix service.

OpenLDAP backend special

Add new LDAP values for existing mail users

We will add two new LDAP attribute/value pairs for existing mail users: enabledService=indexer-worker. It's used by Dovecot.

Steps:

  • Download below python script to adding new values for existing mail users.
Terminal:
# cd /root/
# wget https://bitbucket.org/zhb/iredmail/raw/default/extra/update/updateLDAPValues_087_to_090.py

Open updateLDAPValues_087_to_090.py, config LDAP server related settings in file head. e.g.

File: updateLDAPValues_087_to_090.py
uri = 'ldap://127.0.0.1:389'
basedn = 'o=domains,dc=example,dc=com'
bind_dn = 'cn=vmailadmin,dc=example,dc=com'
bind_pw = 'passwd'

Tip:

  • You can find them in iRedAdmin config file or iRedMail.tips file under your iRedMail installation directory.
  • Use 'cn=Manager' instead of 'cn=vmailadmin' here is ok too.

Execute this script, it will fix incorrect values and add correct ones:

Terminal:
# python updateLDAPValues_087_to_090.py

That's all.

Add index for SQL column in amavisd database

We need index for some SQL columns in amavisd database:

  • policy.policy_name: used by iRedAdmin-Pro.

Now connect to SQL server as MySQL root user, create new columns, add required INDEX:

Terminal:
$ mysql -uroot -p
mysql> USE amavisd;
mysql> CREATE UNIQUE INDEX policy_idx_policy_name ON policy (policy_name);

MySQL backend special

Add and remove SQL columns in vmail and amavisd databases

We need new SQL columns in vmail database:

  • mailbox.enableindexer-worker: used by Dovecot.

And we need index for some SQL columns in amavisd database:

  • policy.policy_name: used by iRedAdmin-Pro.

Now connect to SQL server as MySQL root user, create new columns, add required INDEX:

Terminal:
$ mysql -uroot -p
mysql> USE vmail;
mysql> ALTER TABLE mailbox ADD COLUMN `enableindexer-worker` TINYINT(1) NOT NULL DEFAULT 1;
mysql> ALTER TABLE mailbox ADD INDEX (`enableindexer-worker`);

mysql> USE amavisd;
mysql> CREATE UNIQUE INDEX policy_idx_policy_name ON policy (policy_name);

PostgreSQL backend special

Add and remove SQL columns in vmail and amavisd databases

We need new SQL columns in vmail database:

  • mailbox.enableindexer-worker: used by Dovecot.

And we need index for some SQL columns in amavisd database:

  • policy.policy_name: used by iRedAdmin-Pro.

Now connect to SQL server as PostgreSQL root user, create new columns, add required INDEX:

Terminal:
# su - postgres
$ psql -d vmail
sql> ALTER TABLE mailbox ADD COLUMN enableindexer-worker INT2 NOT NULL DEFAULT 1;
sql> CREATE INDEX idx_mailbox_enableindexer_worker ON mailbox (enableindexer-worker);

sql> \c amavisd;
sql> CREATE UNIQUE INDEX policy_idx_policy_name ON policy (policy_name);
Personal tools