1

Topic: iRedMail-0.9.8 has been released

Dear all,

iRedMail-0.9.8 stable release has been released.

Below are changes since iRedMail-0.9.7, and planned changes in next release.

Supports new distribution release
  • OpenBSD 6.2 and 6.3.

  • Ubuntu 17.10. Ubuntu 14.04 and 17.04 are not supported anymore.

Dropped distribution releases
  • RHEL/CentOS 6

  • Ubuntu 14.04 LTS, 17.04

  • Debian 8

  • OpenBSD 6.1

Removed component
  • Apache has been removed, Nginx is the only one web server available.

New components
Improvements
  • SQL backends:

    • New table: maillists.

    • New columns: domain.maillists, forwardings.is_maillist

    • Removed column: mailbox.local_part. It's inherited from PostfixAdmin at the beginning, but not used by any applications, time to drop it.

    • Table renamed: alias_moderators -> moderators.

  • LDAP backend:

    • Allow mail list account to use 2 attributes: member, uniqueMember.

  • Nginx: redirect all traffic from http to https by default.

  • Fail2ban: new jail `postfix-pregreet`.

  • Dovecot: Log subject, sender, size in mail deliver log.

  • Amavisd: Add new sql column `maddr.email_raw` and trigger to store email address without address extension.

Fixed issues
  • iRedMail installer:

    • Not correctly configure SOGo with IPv6 SQL server address. Thanks to Wraptor <nijs.thibaut _at_ gmail.com> for the report in forum.

    • Not check whether mailbox storage is set to /root.

  • Postfix: don't block the HELOs used by SendGrid.

  • Nginx:

    • Use single config file for default web hosts.

    • [SECURITY FIX] Not block access to Roundcube sensitive files.

  • SOGo: Cannot sync contacts on Android devices via EAS.

  • Amavisd: cannot store mail subject and sender address if it contains emoji.

  • SQL backends: User under disabled domain is able to send email with smtp protocol.

  • tools/backup_sogo.sh

    • Not set correct owner and permission on backup files.

    • Cannot remove old backup files.

  • tools/backup_openldap.sh: Cannot log backup result to SQL db. Note: backup is fine, just no log in SQL db. Thanks swejun <ingvar _at_ zebware.com> for the feedback and fix in forum.

  • tools/create_mail_user_*: Not use current date as password last change date for newly created user.

  • tools/migrate_sql_alias_table.py: Doesn't support 'utf8' charset. Thanks Kacper Guzik <kacper.guzik _at_ zenbox _dot_ pl> for the report and code contribution.

Updated packages
  • Roundcube -> 1.3.5

  • iRedAdmin -> 0.9

  • iRedAPD -> 2.2

  • uwsgi -> 2.0.17 (OpenBSD only)

  • SOGo -> 4.0 (switched yum/apt repo to SOGo v4 nightly builds)

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 (edited by lug 2018-04-03 16:14:40)

Re: iRedMail-0.9.8 has been released

Hi, I think I've found a typo in the upgrade tutorial

Note: Nginx in iRedMail-0.9.7 loads modular config files from /etc/nginx/sites-conf/default/ and /etc/nginx/sites-conf/default-ssl/ instead of storing all configurations for default web hosts in one file, in this case you need to:

rename file /etc/nginx/sites-conf/default/99-include-tmpl-misc.conf to /etc/nginx/sites-conf/default/1-include-tmpl-misc.conf.
rename file /etc/nginx/sites-conf/default-ssl/99-include-tmpl-misc.conf to /etc/nginx/sites-conf/default-ssl/1-include-tmpl-misc.conf.
Restarting Nginx service is required.

It's not sites-conf, it's sites-conf.d smile

3

Re: iRedMail-0.9.8 has been released

lug wrote:

It's not sites-conf, it's sites-conf.d

Fixed. Thanks. smile

4

Re: iRedMail-0.9.8 has been released

in your mlmmj addition tutorial, in section Update SQL tables in vmail database, your mysql script produces sql errors because maillist columns / indexes already exist coming from 0.9.7 system. i had to parse down your script and the only section that runs without error is the 3rd one, "Table used to store mailing list accounts". FYI.

5

Re: iRedMail-0.9.8 has been released

another thing; the forwardings table contains columns is_list and is_maillist. why is that? is_list is pre-existing.

also, for my above comment, i think you're doubling up on work in iredmail.mysql and mlmmj.mysql. it seems on the surface anyway.

6

Re: iRedMail-0.9.8 has been released

in your post you mention:

Updated packages
Roundcube -> 1.3.5

iRedAdmin -> 0.9

iRedAPD -> 2.2

uwsgi -> 2.0.17 (OpenBSD only)

SOGo -> 4.0 (switched yum/apt repo to SOGo v4 nightly builds)

but your upgrade docs make no mention of updating sogo or iredadmin. ? did i miss something?

7

Re: iRedMail-0.9.8 has been released

fsantiago06111979 wrote:

in your mlmmj addition tutorial, in section Update SQL tables in vmail database, your mysql script produces sql errors because maillist columns / indexes already exist coming from 0.9.7 system. i had to parse down your script and the only section that runs without error is the 3rd one, "Table used to store mailing list accounts". FYI.

Fixed.

fsantiago06111979 wrote:

another thing; the forwardings table contains columns is_list and is_maillist. why is that? is_list is pre-existing.

"is_list" is a historical thing, it's now used for mail alias account.
"is_maillist" is for mlmmj mailing list.

8

Re: iRedMail-0.9.8 has been released

i used this doc to try upgrading from sogo 3 > 4:

https://docs.iredmail.org/upgrade.sogo.2.to.3.html

but now sogo fails to start. so obviously it's not as simple as reusing the backed up configs. can you help me? i haven't found a sogo 4 upgrade doc on your site yet. forgive me if one exists.

9

Re: iRedMail-0.9.8 has been released

fsantiago06111979 wrote:

in your post you mention:

Updated packages
Roundcube -> 1.3.5

iRedAdmin -> 0.9

iRedAPD -> 2.2

uwsgi -> 2.0.17 (OpenBSD only)

SOGo -> 4.0 (switched yum/apt repo to SOGo v4 nightly builds)

but your upgrade docs make no mention of updating sogo or iredadmin. ? did i miss something?

Just updated iRedMail upgrade tutorial to cover them all.

10

Re: iRedMail-0.9.8 has been released

sogod still fails to start after the update. the only step i hadn't done yet was the sql db update but even that was misleading; it asked me for sql auth info, for which i used my sql root user, and it stated it would ask for the password twice. it didn't. it only did once. t listed two queries, and then closed. and sogod fails to start now.

db updater:

Username (xxx): root
Hostname (127.0.0.1):
Database (sogo):
This script will ask for the database password twice
Converting c_content from TEXT to LONGTEXT in the sogo_user_profile table
Converting c_mail from VARCHAR(255) to TEXT in Contacts quick tables
Enter password:
[root@mail yum.repos.d]#

so now i'm stuck.

11

Re: iRedMail-0.9.8 has been released

iredadmin update worked fine. so only thing i have left is sogod, which is now down. if i have to i can restore v3.x but prefer not to. any ideas? what data can i get you to help you sort it out?

12

Re: iRedMail-0.9.8 has been released

according to journalctl:

kernel: sogod[25074]: segfault at 7ffec6050c78 ip 00007f1b69c139cf sp 00007ffec6050c60 error 6 in libgnustep-base.so.1.24.9[7f1b69881000+4dc000]

happens every time i try starting the sogod service.

13

Re: iRedMail-0.9.8 has been released

Hi

I tried to install twice on OpenBSD 6.3 version but in both cases i have the same error:

In roundcube i have the next error: DATABASE ERROR: CONNECTION FAILED!, i verify the mysqld (mariadb) and it's working well, before the installation the server works with resolution DNS names without any problem, after that i have notice that can't resolve DNS names i have the next error: nslookup: isc_socket_bind: address not available.

I don't know why the system doesn't resolve names and why don't connect to MySQL

14

Re: iRedMail-0.9.8 has been released

In the release notes you indicate Apache support is gone and we need to use Nginx. For those of us who've been using Apache, it would be helpful to have a section in the tutorial for migrating from Apache to Nginx. Thanks!

15

Re: iRedMail-0.9.8 has been released

rafael.arellano wrote:

In roundcube i have the next error: DATABASE ERROR: CONNECTION FAILED!

What's the log message related to this Roundcube error in /var/log/maillog?

rafael.arellano wrote:

i have the next error: nslookup: isc_socket_bind: address not available.

Did you notice any error related to DNS server in /var/log/messages?

16 (edited by Davesworld 2018-04-06 22:46:40)

Re: iRedMail-0.9.8 has been released

That was quite a circuitous upgrade path. I managed to get through it except my iredAdmin pro doesn't work. Updated roundcube and the additition of netdata work fine. I got this is my Postmaster mailbox:

Traceback (most recent call last):
  File "/opt/www/iredadmin/tools/delete_mailboxes.py", line 50, in <module>
    from tools import ira_tool_lib
  File "/opt/www/iredadmin/tools/../tools/ira_tool_lib.py", line 20, in <module>
    import settings
  File "/opt/www/iredadmin/tools/../settings.py", line 107
    mlmmjadmin_api_auth_token = '
                                ^
SyntaxError: EOL while scanning string literal

I was really starting to like Pro and am licensed until 2023. As  far as I can tell all the other servers are working correctly.

Edit: Nevermind, I found an eol error in settings.py The mlmmjadmin_api_auth_token = looked like

mlmmjadmin_api_auth_token ='
xxxxxxxxxxxxxx'

Rather than

mlmmjadmin_api_auth_token ='xxxxxxxxxxxxxx'

Edit: That only worked because of cached content. Still need to look into this.

Post's attachments

Dashboard.png
Dashboard.png 85.48 kb, file has never been downloaded. 

Login To Manage Your Mail Domains & Accounts.png
Login To Manage Your Mail Domains & Accounts.png 29.41 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

17

Re: iRedMail-0.9.8 has been released

Davesworld wrote:

Edit: That only worked because of cached content. Still need to look into this.

Seems CSS/JS files were not loaded. Did you update any Nginx config file related to iRedAdmin-Pro?

18

Re: iRedMail-0.9.8 has been released

ZhangHuangbin wrote:
rafael.arellano wrote:

In roundcube i have the next error: DATABASE ERROR: CONNECTION FAILED!

What's the log message related to this Roundcube error in /var/log/maillog?

rafael.arellano wrote:

i have the next error: nslookup: isc_socket_bind: address not available.

Did you notice any error related to DNS server in /var/log/messages?

On the /var/log/maillog i have the next errors:

roundcube: <k9n6mj5k> DB Error: SQLSTATE[HY000] [2003] Can't connect to MySQL server on '127.0.0.1' (49 "Can't assign requested address") (GET /mail/)

postfix/error[31549]: 375EFED094B: to=<root@mercurio.domain.com>, orig_to=<root>, relay=none, delay=69572, delays=69572/0.06/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Can't assign requested address)

I think that was packet filter so i disable it witout any result

19

Re: iRedMail-0.9.8 has been released

rafael.arellano wrote:

postfix/error[31549]: 375EFED094B: to=<root@mercurio.domain.com>, orig_to=<root>, relay=none, delay=69572, delays=69572/0.06/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Can't assign requested address)

Do you have local address '127.0.0.1' on this server? Is it a IPv6 only server?

20

Re: iRedMail-0.9.8 has been released

great!
I guess you have the 0.9.7 to 0.9.8 upgrade guide?
To bad that you dropped apache thou wink

21

Re: iRedMail-0.9.8 has been released

My SQL login failed after changes

dovecot-mysql.conf

driver = mysql
default_pass_scheme = CRYPT
connect = host=127.0.0.1 dbname=vmail user=vmail password=va9cjhkMpaBs4xVKSdHfUVAWFQRO6V
# connect = host=127.0.0.1 dbname=vmail user=vmail password=XOAqPlgYhwHmC3FiWG9NLH8Gfmhx2t

#password_query = SELECT mailbox.password, mailbox.allow_nets \
#FROM mailbox,domain \
#WHERE mailbox.username='%u' \
#      AND mailbox.`enable%Ls%Lc`=1 \
#      AND mailbox.active=1 \
#      AND mailbox.domain=domain.domain \
#      AND domain.backupmx=0 \
#      AND domain.active=1

password_query = SELECT password FROM mailbox WHERE username='%u'AND enable%Ls%Lc=1 AND active='$
user_query = SELECT \
    CONCAT(mailbox.storagebasedirectory, '/', mailbox.storagenode, '/', mailbox.maildir) AS home$
    CONCAT('*:bytes=', mailbox.quota*1048576) AS quota_rule \
FROM mailbox,domain \
WHERE mailbox.username='%u' \
    AND mailbox.domain='%d' \
    AND mailbox.`enable%Ls%Lc`=1 \
    AND mailbox.domain=domain.domain \
    AND domain.backupmx=0 \
    AND domain.active=1 \
    AND mailbox.active=1

iterate_query = SELECT username AS user FROM mailbox

===================
Do I need to keep this in the new section?

user_query = SELECT \
    CONCAT(mailbox.storagebasedirectory, '/', mailbox.storagenode, '/', mailbox.maildir) AS home$
    CONCAT('*:bytes=', mailbox.quota*1048576) AS quota_rule \

System:
Debian 9 (Buster)
Dovecot 2.2.35 (also upgraded from 2.0.18 same day)
IredAdmin Pro - MySQL Edition

22

Re: iRedMail-0.9.8 has been released

Dovecot Error

After upgrading to Dovecot 2.2.35 I am getting this error in the /var/log/dovecot.log?

Apr 11 10:00:20 dict(16164): Error: Couldn't load plugin /usr/lib/dovecot/modules/dict/libdriver _pgsql.so: Module is for different ABI version 2.0.18 (we have 2.2.ABIv35(2.2.35))

I don't even use postgressql.   How do I get rid of this error?

System:
Debian 9 (Buster)
Dovecot 2.2.35 (also upgraded from 2.0.18 same day)
IredAdmin Pro - MySQL Edition

23

Re: iRedMail-0.9.8 has been released

darth_wells wrote:

My SQL login failed after changes
dovecot-mysql.conf

Why did you comment out other parameters in dovecot-mysql.conf? Just replace the 'password_query =' line.

24

Re: iRedMail-0.9.8 has been released

darth_wells wrote:

I don't even use postgressql.   How do I get rid of this error?

Do you have any pgsql related settings in /etc/dovecot/dovecot.conf?

25

Re: iRedMail-0.9.8 has been released

ZhangHuangbin wrote:
darth_wells wrote:

I don't even use postgressql.   How do I get rid of this error?

Do you have any pgsql related settings in /etc/dovecot/dovecot.conf?


cat dovecot.conf

mail_plugins = quota
# Listen addresses.
#   - '*' means all available IPv4 addresses.
#   - '[::]' means all available IPv6 addresses.
# Use below setting to listen on all available addresses:
#listen = *, [::]
listen = *

#base_dir = /var/run/dovecot

# Enabled mail protocols.
protocols = pop3 imap sieve

# User/group who owns the message files:
mail_uid = 1001
mail_gid = 1001

# Assign uid to virtual users.
first_valid_uid = 1001
last_valid_uid = 1001

deliver_log_format = from=%{from}, envelope_sender=%{from_envelope}, subject=%{subject}, msgid=%m, size=%{size}, %$

# Global Plugins
mail_plugins = $mail_plugins expire

# Logging. Reference: http://wiki2.dovecot.org/Logging
log_path = /var/log/dovecot.log
# info_log_path = /var/log/dovecot-info.log
# debug_log_path = /var/log/dovecot-debug.log
mail_debug = no
auth_verbose = no
auth_debug = no
auth_debug_passwords = no
# Possible values: no, plain, sha1.
auth_verbose_passwords = no

# SSL: Global settings.
# Refer to wiki site for per protocol, ip, server name SSL settings:
# http://wiki2.dovecot.org/SSL/DovecotConfiguration
ssl = yes
verbose_ssl = no
ssl_cipher_list = ALL:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

# ssl_cipher_list = ALL:!ADH:!LOW:!SSLv2:!SSLv3:!EXP:!aNULL:+HIGH:+MEDIUM

# ssl_cert = </etc/ssl/certs/iRedMail_CA.pem
# ssl_key = </etc/ssl/private/iRedMail.key

ssl_cert = </etc/ssl/certs/nm2.abgnetwork.net.pem
ssl_key = </etc/ssl/private/nm2.key
ssl_ca = </etc/ssl/certs/gd_bundle.pem


disable_plaintext_auth = no



# Mail location and mailbox format.
mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/

# Authentication related settings.
# Append this domain name if client gives empty realm.
#auth_default_realm =

# Authentication mechanisms.
auth_mechanisms = PLAIN LOGIN

service auth {
    unix_listener /var/spool/postfix/dovecot-auth {
        user = postfix
        group = postfix
        mode = 0666
    }
    unix_listener auth-master {
        user = vmail
        group = vmail
        mode = 0666
    }
    unix_listener auth-userdb {
        user = vmail
    group = vmail
    mode = 0660
    }
}

# Virtual mail accounts.
userdb {
    args = /etc/dovecot/dovecot-mysql.conf
    driver = sql
}
passdb {
    args = /etc/dovecot/dovecot-mysql.conf
    driver = sql
}

plugin {
    auth_socket_path = /var/run/dovecot/auth-master

    quota = dict:user::proxy::quotadict
    quota_rule = *:storage=250M
    #quota_rule2 = *:messages=0
    #quota_rule3 = Trash:storage=1G
    #quota_rule4 = Junk:ignore

    # Quota warning.
    # If user suddenly receives a huge mail and the quota jumps from
    # 85% to 95%, only the 95% script is executed.
    quota_warning = storage=95%% quota-warning 95 %u
    quota_warning2 = storage=90%% quota-warning 90 %u
    quota_warning3 = storage=85%% quota-warning 85 %u
   
    # Plugin: autocreate. Create and subscribe to default IMAP folders.
    # autocreate = INBOX
    # autocreate2 = Sent
    # autocreate3 = Trash
    # autocreate4 = Drafts
    # autocreate5 = Junk
    # autosubscribe = INBOX
    # autosubscribe2 = Sent
    # autosubscribe3 = Trash
    # autosubscribe4 = Drafts
    # autosubscribe5 = Junk

    # Plugin: expire.
    expire = Trash 7 Trash/* 7 Junk 30 Sent 180
    expire_dict = proxy::expire

    # ACL and share folder
    acl = vfile
    acl_shared_dict = proxy::acl

    # Pigeonhole managesieve service.
    # Reference: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
    # Per-user sieve settings.
    sieve_dir = /%Lh/sieve
    sieve = /%Lh/sieve/dovecot.sieve

    # Global sieve settings.
    sieve_global_dir = /var/vmail/sieve
    sieve_global_path = /var/vmail/sieve/dovecot.sieve
    #sieve_before =
    #sieve_after =
}

service quota-warning {
    executable = script /usr/local/bin/quota-warning.sh
#    executable = script /usr/local/bin/dovecot-quota-warning.sh
    unix_listener quota-warning {
        user = vmail
        group = vmail
        mode = 0660
    }
}

service dict {
    unix_listener dict {
        mode = 0660
        user = vmail
        group = vmail
    }
}

dict {
    # expire = db:/var/lib/dovecot/expire/expire.db
    expire = mysql:/etc/dovecot/dovecot-dict-expire.conf
    quotadict = mysql:/etc/dovecot/dovecot-used-quota.conf
    acl = mysql:/etc/dovecot/dovecot-share-folder.conf
}

protocol lda {
    # Reference: http://wiki2.dovecot.org/LDA
    mail_plugins = quota sieve expire
    auth_socket_path = /var/run/dovecot/auth-master
    log_path = /var/log/sieve.log
#    lda_mailbox_autocreate = yes
    postmaster_address = root
}
protocol imap {
    imap_client_workarounds = tb-extra-mailbox-sep
    mail_plugins = quota imap_quota expire
}
protocol pop3 {
    mail_plugins = quota expire
    pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
    pop3_uidl_format = %08Xu%08Xv
}
namespace {
    type = private
    separator = /
    prefix =
    #location defaults to mail_location.
    inbox = yes

    mailbox Sent {
        auto = subscribe
        special_use = \Sent
    }
    mailbox Drafts {
        auto = subscribe
        special_use = \Drafts
    }
    mailbox Trash {
        auto = subscribe
        special_use = \Trash
    }
    mailbox Junk {
        auto = subscribe
        special_use = \Junk
    }
}

namespace {
    type = shared
    separator = /
    prefix = Shared/%%u/
    location = maildir:/%%Lh/Maildir/:INDEX=/%%Lh/Maildir/Shared/%%u
    # this namespace should handle its own subscriptions or not.
    subscriptions = yes
    list = children
}