1

Topic: iRedMail-0.9.1 has been released.

Dear all,

iRedMail-0.9.1 stable release has been released.

* Download it directly with this link: https://bitbucket.org/zhb/iredmail/down … .1.tar.bz2
* Upgrade tutorials are available here: http://www.iredmail.org/docs/iredmail.releases.html

Below are detailed changes since iRedMail-0.9.0:

Works on new distribution releases:
  • Debian 8, Ubuntu 15.04. Notes:

    • Roundcube and iRedAdmin are now stored under /opt/www.

    • Cluebringer is not installed due to package missing in official repo, that means your server doesn't support greylisting and throttling. We suggest you enable DNSBL service in Postfix to help fight spam, we will develop plugins for iRedAPD to offer greylisting and throttling features in the future.

    • SOGo is not installed due to package missing in upstream (SOGo) repo.

  • OpenBSD 5.7. Notes:

    • No official MySQL binary packages, so please use MariaDB instead.

Drop support for old distribution releases:
  • Ubuntu 12.04, 14.10. Please use Ubuntu 14.04 LTS or 15.04 instead.

Improvements
  • Log most terminal output of iRedMail installation to file 'runtime/install.log', used for troubleshooting after installation.

  • Backup scripts are able to delete old backup copies. Default setting is keeping backup copies for 90 days.

  • [LDAP] Allow mailing list account to use attributes: gidNumber, memberUid.

  • Don't install both Apache and Nginx, just one of them.

Debian/Ubuntu package maintainer over-designed the post-install
script, it will restart service after package installed, if we have
both installed, installing another one will fail, because network
ports are used by the first one.

Same reason as above, if we have both installed, upgrading both of
them will trigger service restarting too. This may cause the
currently running web service cannot start.

  • Make Dovecot subscribe newly created folder automatically. Thanks Michael Telatynski <postmaster _at_ webdevguru.co.uk> for the patch.

  • Able to restrict user to login for specified IP addresses or networks, multiple IP addresses or networks must be separated by comma.

    • LDAP backend: IP addresses or networks must be listed in attribute `allowNets` in user object.

    • SQL backends: IP addresses or networks must be listed in SQL column `mailbox.allow_nets`.

  • Bypass greylisting for some big ISPs (samples/cluebringer/greylisting-whitelist.sql).

  • Setup Fail2ban to monitor SOGo log file.

  • Add two new Fail2ban filters to help catch spam.

Fixed issues
  • Amavisd cannot ban zipped '.exe' file on RHEL/CentOS.

  • Install package `unrar` as rar unarchiver on RHEL/CentOS/Debian/Ubuntu.

  • Incorrect log file and owner/group in /etc/logrotate.d/policyd.

  • Cannot send email to user+ext@domain.com when per-domain catch-all is enabled. Note: not fixed with LDAP backend yet.

  • Cannot send mail with Roundcube and PHP 5.6.

  • Cannot run PHP scripts under web document root with Nginx.

  • Not use user's identity as envelope sender for 'return receipt' responses.

  • Not backup SOGo SQL database.

  • Incorrect path of command 'sogo-tool' on OpenBSD.

  • Not apply service restriction in Dovecot SQL query file while acting as SASL server.

Updated packages
  • Roundcube webmail -> 1.1.1

  • iRedAdmin -> 0.4.2 (open source edition).

  • iRedAPD -> 1.5.0.

  • uwsgi -> 2.0.10. OpenBSD only.

Known issues
  • OpenLDAP backend: if you have catch-all account enabled for mail domain, email sent to user+extension@domain.com will be delivered to catch-all account.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: iRedMail-0.9.1 has been released.

Fantastic.

Guys dont forget to download the updated clamav-unofficial-sigs

https://github.com/extremeshok/clamav-unofficial-sigs

The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol. T

3

Re: iRedMail-0.9.1 has been released.

Woooow! Thank you for super fasts!!!

4 (edited by mir 2015-05-15 20:19:24)

Re: iRedMail-0.9.1 has been released.

ZhangHuangbin wrote:

Cluebringer is not installed due to package missing in official repo, that means your server doesn't support greylisting and throttling. We suggest you enable DNSBL service in Postfix to help fight spam, we will develop plugins for iRedAPD to offer greylisting and throttling features in the future.

Any idea when this will be available?
Until this is solved I will stick to 0.9.0 on Wheezy.

5

Re: iRedMail-0.9.1 has been released.

mir wrote:
ZhangHuangbin wrote:

Cluebringer is not installed due to package missing in official repo, that means your server doesn't support greylisting and throttling. We suggest you enable DNSBL service in Postfix to help fight spam, we will develop plugins for iRedAPD to offer greylisting and throttling features in the future.

Any idea when this will be available?
Until this is solved I will stick to 0.9.0 on Wheezy.

You can find the Maintainer's Contact E-Mail and you could ask him yourself - https://qa.debian.org/developer.php?ema … usan.id.au

6

Re: iRedMail-0.9.1 has been released.

^^install it from source

7

Re: iRedMail-0.9.1 has been released.

7t3chguy wrote:

You can find the Maintainer's Contact E-Mail and you could ask him yourself - https://qa.debian.org/developer.php?ema … usan.id.au

I was referring to plugins for iRedAPD.

8

Re: iRedMail-0.9.1 has been released.

Ah, there's a thread in iRedAdmin-Pro Support having the same question and Zhang said that he does not yet know - but it is already in development - there is no estimate just yet

9

Re: iRedMail-0.9.1 has been released.

7t3chguy wrote:

Ah, there's a thread in iRedAdmin-Pro Support having the same question and Zhang said that he does not yet know - but it is already in development - there is no estimate just yet

I have just backported cluebringer from Debian Sid to Debian Jessie which is actually the same version as in Debian Wheezy. Would you be interested in having those deb packages?

10

Re: iRedMail-0.9.1 has been released.

Hello,

new fail2ban rule in dovecot.iredmail.conf can end up with banned localhost used by roundcube...

Some content of dovecot.log file :

May 17 20:17:36 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<1M6KF0sWVQB/AAAB>
May 17 20:27:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<VrY4O0sWuAB/AAAB>
May 17 20:27:36 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<zERIO0sWyQB/AAAB>
May 17 20:37:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<pPf1XksWeAB/AAAB>
May 17 20:37:36 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<uKEFX0sWhQB/AAAB>
May 17 20:47:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<3DDAgksWFQB/AAAB>
May 17 20:47:36 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<vo7PgksWJAB/AAAB>
May 17 20:57:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<PLuFpksW5QB/AAAB>
May 17 20:57:36 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<Gy+VpksW8gB/AAAB>
May 17 21:07:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<zf5ByksWowB/AAAB>
May 17 21:07:36 pop3-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<eodRyksWsAB/AAAB>

Regards,
Stanislav

11

Re: iRedMail-0.9.1 has been released.

Did it occur on your server?
127.0.0.0/8 is listed in 'ignoreip =' in /etc/fail2ban/jail.local, so localhost is not expected to be block.

12

Re: iRedMail-0.9.1 has been released.

ZhangHuangbin wrote:

Did it occur on your server?
127.0.0.0/8 is listed in 'ignoreip =' in /etc/fail2ban/jail.local, so localhost is not expected to be block.

Hi, you are right. It was missing ignoreip in jail.local due to copy&paste (last line) roll.

Regards,
Stanislav