1

Topic: iRedAdmin-Pro-LDAP-2.7.0 has been released

Dear all,

iRedAdmin-Pro-LDAP-2.7.0 (a.k.a. iRedAdmin-Pro for OpenLDAP backend) is now available for upgrading and purchasing.

How to download the latest iRedAdmin-Pro

iRedAdmin-Pro customers can get download link of this new release by following steps below:

  • Login to iRedAdmin-Pro as global admin

  • Click "License" on the top-right corner, it will show you basic license info and a "Download" button if new version is available for upgrading.

If above steps don't work for you, please send an email to support @ iredmail.org to get download link of the latest release.

Below are detailed changes since iRedAdmin-Pro-LDAP-2.6.1.

RESTful API

RESTful API has been largely improved and ready for integration with your own applications. If you need an API which has not yet been implemented, don't hesitate to contact us.

You can find detailed API document here: http://www.iredmail.org/docs/iredadmin- … l.api.html

  • Several parameter names have been changed for simplification:

    • old: `cn` -> new: `name`

    • old: `mailQuota` -> new: `quota`

    • old: `preferredLanguage` -> new: `language`

  • Variable names used in returned JSON data have been changed to avoid possible namespace conflict:

    • old: {'success': ...,  'msg': ...}

    • new: {'_success': ..., '_msg': ...}

  • NEW: /api/users/<domain>: Update profiles for all users under domain.

  • NEW: /api/users/<domain>/password: Update all user passwords under domain.

  • NEW: /api/ldif/<account_type>/<account>: export account in ldif format

  • NEW: /api/domain/admins/<domain>: manage domain admins.

  • NEW: Verify given (plain) password against the one stored in LDAP.

    • /api/verify_password/user/<mail>

    • /api/verify_password/admin/<mail>

  • NEW: /api/admin/<mail>: create and manage standalone domain admins.

  • Able to delete mail domain or user with option to keep mailboxes for given days.

  • Able to update more domain profiles (/api/domain/<domain>):

    • default mailbox quota for new user

    • max mailbox quota of newly created mail user

    • catch-all account

    • inbound and outbound relay

    • sender bcc, recipient bcc

    • set max number of users, aliases, mailing lists

    • disabled domain profiles

    • disabled user profiles

    • disabled user preferences

    • disabled mail services

  • Able to update more user profiles (/api/user/<mail>):

    • mail forwarding

    • employee id

    • per-user alias addresses

  • Able to change email address of user/alias/mailing list accounts.

  • Able to set members while creating mail alias account.

  • Able to reset, add, remove members while updating mail alias or mailing list account.

  • Able to get profile of existing mail domain/user/alias/mailing list.

  • NEW: Able to manage global, per-domain and per-user spam policy.

  • Fixed: Cannot set per-domain quota while creating domain.

Improvements
  • Normal domain admin is now able to create new mail domains with limits like number of max domains/users/alias/lists/quota. Note: new mail domain added by normal domain admin requires domain ownership verification. For more details, please check our tutorial: http://www.iredmail.org/docs/iredadmin- … ation.html.

  • Able to use domain name as primary MX server (IP address is recommended).

  • Able to enable/disable pop3/imap/smtp/sogo/managesieve services for existing or newly created mail users under domain in domain profile page.

  • Able to explicitly enable/disable greylisting for domain/user.

  • Able to set access policy while creating mailing list.

  • Able to set timezone while creating mail domain.

  • Able to schedule date to delete mailboxes while removing domain or mail users. Note: This feature requires a daily cron job to run `tools/delete_mailboxes.py` which should be added automatically while upgrading iRedAdmin.

  • Able to manage additional/custom LDAP attributes for mail user on web UI. Check comment for parameter `ADDITIONAL_MANAGED_USER_ATTRIBUTES` in `libs/default_settings.py` for more details.

  • Able to add custom LDAP objectClass and attribute/values for newly created mail user (not manageable on web UI). Please read comment of parameters `ADDITIONAL_USER_OBJECTCLASSES` and `ADDITIONAL_USER_ATTRIBUTES` in file `libs/default_settings.py` for more details.

  • New: tools/update_password_with_csv.py, used to reset password by reading password from CSV file (format: '<email> <password>').

  • tools/dump_disclaimer.py: able to dump disclaimer for alias domains.

  • tools/cleanup_amavisd_db.py: Huge performance improvement with dirty read (SELECT) while cleaning up old records in Amavisd database.

  • tools/notify_quarantined_recipients.py:

    • able to track last notify time and notify new quarantined emails only.

    • able to notify users under backup MX domains with command line argument '--notify-backupmx'.

    • correctly encode mail subject and sender name

Fixed issues
  • SECURITY: iRedAdmin accepts any password on FreeBSD and OpenBSD if password is stored in BCRYPT hash.

  • Not revoke admin privilege after deleted standalone admin account.

  • Standalone admin account can be an email address under locally hosted mail domain. This causes conflict when there's a normal mail user with same email address.

  • Normal domain admin cannot view/update its own profile if it doesn't manage its own domain.

  • Not check current email address existence while changing account email address.

  • Cannot use domain name as Primary MX in backup mx setting page.

  • Mail accounts (user, alias, list) are still active when domain is disabled.

  • Global admin cannot view BCC in user profile page if it's disabled in domain profile page ( tab 'Advanced' -> 'BCC' in 'Disabled User Profiles'). Thanks labasus <labas _at_ gmx dot co.uk> for the report.

  • Cannot use non-ascii characters in mail subject and body of notification mail used to notify local recipient of quarantined mails.

  • Normal domain admin can view or update global domain admin's profile.

  • Cannot save submitted greylisting whitelists while there's a duplicate sender inserted by `tools/spf_to_greylist_whitelists.py`. Thanks Juan Bou Riquer <jbou _at_ cancun.com.mx> for the report.

  • Incorrect pages while viewing disabled accounts. Thanks to Li Wei <liwei _at_ bond520.com> for the report.

  • Not specify path to python command to run 'tools/cleanup_db.py' in upgrade script, this causes error in cron job.

  • Not apply max user quota while creating new user or updating user profile.

  • iOS devices may have problem with character '^' in password. we remove it from allowed special character for randomly generated password.

  • Creating domain in invalid domain format causes 'internal server error'.

  • OpenBSD ldapd(*) cannot handle MOD_DELETE correctly, it will remove all values of this attribute instead of removing just the one we specified. As a workaround, we define ldap server name in parameter 'LDAP_SERVER_PRODUCT_NAME'.

  • Fix the html target="_blank" vulnerability.

Updated translations

Please help us translate iRedAdmin-Pro to your language: http://www.iredmail.org/docs/translate.iredadmin.html.

  • Update Traditional Chinese (zh_TW). Thanks rain <rain6966@gmail>.

  • Update Simplified Chinese (zh_CN).