ChangeLog of iRedMail Enterprise Edition
Attention
Check out the lightweight on-premises email archiving software developed by iRedMail team: Spider Email Archiver.
v1.5.1, Sep 29, 2025
- API:
- NEW: Export mailbox quota usage while getting full user profile
(
GET /api/user/<email>
):
- BREAKING CHANGE: last login date has been moved to same level of user profile:
# GET /api/user/<email>
{
"_msg": ...,
"_success": ...,
"data": {
"profile": {
...
"last_login": {...} // OLD. REMOVED.
},
"last_login": {...}, // NEW
"used_quota": { // NEW
"size": ..., // Size (in bytes) of stored messages
"messages": ... // Number of stored messages
}
}
}
-
Improvements:
- Remove data in SpamAssassin SQL database while removing user or domain.
- Update SQL databases used by other applications while renaming user's
email address.
- Able to abort disabling component.
- Always allow deleting SQL database and user while disabling component.
- PostgreSQL now loads additional config files under
/opt/iredmail/custom/postgresql/conf.d/
.
- Able to check all search result with the new
Previous Page
and Next
Page
buttons.
- Display password last change date on user list and profile page.
- Allow to customize base URI of SOGo Groupware. Defaults to
/SOGo/
.
Note: SOGo hard-codes this URI internally, it will be redirected to
/SOGo/
after login.
-
Fixed issues:
- Email sent by mlmmj was not signed with DKIM signature. Thanks to Peter.
- Incorrect URLs of newsletter subscription and unsubscription.
- Resetting password always reports error INVALID_LINK.
Thanks to Leon Koster.
- Not correctly create symbol link of Roundcube third-party plugins.
- Not save password last change time in UTC timezone in Roundcube.
- Not backup milter SQL database (introduced in EE v1.5.0).
- Incorrect path to mysql client on RedHat family OS version 8.
- Upgrade from EE v1.3.0 failed due to missing milter related file
introduced in v1.4.0.
- Cannot start netdata in Docker container.
- Mistakenly hard-coded hostname in DNS result page. Thanks to Ian Little.
- Missing python module on Rocky 8. Thanks to Justin.
- Incorrect permission on PostgreSQL data directory. Thanks to Swarn Sandhu.
-
Updated packages:
- milter v1.2.0
- Fixed: Not correctly count sent / received mails.
- Fixed: Not correctly recognize emails sent with
sendmail
or mail
commands from localhost.
- adminer 5.4.1
v1.5.0, Sep 8, 2025
BREAKING CHANGES
- Dovecot quota status service has been removed. If you have custom Postfix
config file
/opt/iredmail/custom/postfix/main.cf
, please remove line
check_policy_service inet:127.0.0.1:12340
and restart Postfix service.
- It's not recommended to maintain custom Postfix settings with
/opt/iredmail/custom/postfix/main.cf
and /opt/iredmail/custom/postfix/master.cf
.
Read our Best Practice
tutorial
for customization.
-
Supports new distribution release:
- Debian 13.
- WARNING: Debian 13 offers Dovecot 2.4 which uses different config
syntax than Dovecot 2.3. If you have custom config files for Dovecot
2.3, Dovecot may fail to start. In this case, you must fix config
syntax manually in your custom config files.
- WARNING: SOGo team doesn't offer binary packages for Debian 13 yet,
so if you're running SOGo on Debian, do NOT upgrade OS right now.
- Driver of full-text search has been switched from
fts-xapian
(third-party driver) to fts-flatcurve
(Dovecot builtin driver).
- Dovecot will re-index all mails after upgraded to Debian 13 when
user accesses the mailbox.
- You may want to remove directory
xapian-indexes
inside each
mailbox manually, it stores index data generated by fts-xapian
,
it's useless after switched to fts-flatcurve
, and it may
take a lot disk space.
-
Docker edition is now available, based on Debian 12 and Ubuntu 24.04,
available for amd64 and arm64 platform:
https://hub.docker.com/r/iredmail/ee
-
New features:
- Able to view / manage smtp sessions saved by milter. Old sessions will
be cleaned up everyday. Defaults to keep for 30 days.
- Able to discard saved changes of server settings.
- While disabling a component, you can now choose to uninstall software,
remove its config files and data, SQL database and SQL user.
-
Improvements:
- Sort mail users by display name.
- Install netdata from yum/apt repositories offered by upstream (netdata).
WARNING: Directory
/opt/netdata/
will be removed automatically.
- Show commands used to query DNS records manually.
- Able to manage per-user mailbox path on user profile page.
- Disabled Dovecot quota status service (not much useful but takes up dict
processes).
- Set
vsz_limit=0
(unlimited) in Dovecot by default.
- Able to download quarantined mail.
- Able to release or delete multiple quarantined mails.
- Able to release or delete quarantined mail while adding whitelist or
blacklist.
- Disabled DKIM verification for sent emails in Amavisd.
- Show allowed special characters while updating Password Policy.
-
Fixed issues:
- Data was not loaded on Sent Mails and Received Mails pages.
- Email sent by mlmmj was not signed with DKIM signature.
- Not generate mailbox path if mailbox format is not "maildir".
- Cannot add firewall rule in some cases.
- Not reload Prosody service after successfully requested or renewed ssl cert.
- DKIM verification failed due to Amavisd inserts disclaimer text after
milter signs DKIM signature. Disclaimer is disabled by default now.
-
Updated packages:
- adminer v5.4.0
- mlmmjadmin 3.5.0
- Z-Push v2.7.6 (security fix)
- milter v1.1.0
-
New translations:
- pl_PL (Polski). Thanks to Kordian Sawikowski.
- fr_FR (Français). Thanks to Monel Dossou.
v1.4.0, Jul 11, 2025
v1.3.1, Jun 3, 2025
-
Fixed issues:
- [PostgreSQL] Not set
NOT NULL
for SQL table vmail.mailbox.employeeid
.
- Not remove Nginx config snippet files after disabled SOGo.
- Not properly expire cache of static files (js/css).
- Not generate file
/opt/iredmail/ssl/cert.pem
after successfully
requested ssl cert from Let's Encrypt.
- Not handle error if SOGo user profile is empty.
- Not upgrade required components while after upgraded EE binary.
-
Updated packages:
- roundcube 1.6.11 (security fix)
- netdata v2.5.2
- iRedAPD 5.9.1
v1.3.0, May 22, 2025
v1.2.1, Apr 4, 2025
- Fixed issues:
- [SQL backends] Not apply required SQL changes to
vmail.mailbox
table.
v1.2.0, Apr 2, 2025
-
Breaking changes:
-
Storing IMAP metadata in file inside mailboxes instead of SQL database.
If you have shared folders, or enabled http push notification, you
have to reset ACL or re-enable http push notification.
-
New features:
- Z-Push is now available as alternative ActiveSync server.
- Fail2ban integration for activesync auth failure is enabled by default.
- Password recovery. Allow end user to reset password with a recovery email. Notes:
- User must login to self-service and add recovery email first, so
that user can reset password with this recovery email.
- A SMTP Account is required to send emails while user requests to
reset password.
-
Improvements:
- [web] Add links to view per-domain, per-user mail activities.
- [web] Able to disable creating IMAP folder for email address extension.
When local user
user@domain.com
receives an email sent to
user+ExT@domain.com
, do not create mailbox folder ExT
and deliver
email to the folder.
- [web] Able to re-deploy backend database (MariaDB, PostgreSQL, OpenLDAP0.
- [server] Discard duplicate emails by default in global sieve rule.
- [server] Supports storing custom Postfix config snippets in
/opt/iredmail/custom/postfix/append_main.cf
and append_master.cf
.
Full content of these 2 files will be appended to the end of
/etc/postfix/main.cf
and master.cf
.
- [Fail2ban] Monitoring EE log file for login failures.
- [SOGo] Re-create SQL VIEW to display more contact info stored in
newly added SQL columns in
vmail.mailbox
.
- [SQL backends] Able to manage more info of a mail user: first name, last
name, mobile numbers, telphone numbers, birthday.
-
Fixed issues:
- [web] Updating
Server Settings
may lose some other settings.
- [web] Cannot re-upload custom logo image.
- [web] Typing 2FA security code doesn't work well with numeric keypad.
- [server] Incorrect firewall rules in some cases.
- [server] Incorrect sql column in SQL VIEW
sogo.users
.
- [server] Storing IMAP metadata in SQL is not working well, fallback to
store in file inside user mailbox instead.
- [server] Not sync mail attachment size with web upload file size.
- [server] Incorrect SQL column definitions in table
amavisd.msgs
.
- [server] Error while setting owner/permission of a lot DKIM keys.
Thanks subarticThrone@forum for the feedback.
-
Updated translations:
- de_DE (German). Thanks to Jochen Häberle .
-
Updated packages:
- adminer v5.1.1
- iRedAPD 5.9.0
- netdata 2.3.2
v1.1.0, Mar 11, 2025
-
API:
- Parameter name changed:
- User profile (
/api/user/{email}
): employeeid
-> employee_id
.
- URI changed:
- Release quarantined mails:
/api/activities/msg/{mail_id}
->
/api/activities/msg/{mail_id}
.
-
New features:
- Self service. End users can login to EE to manage personal information,
whitelists / blacklists, spam policy and more. Defaults to URL
https://<your-server>/self-service/
.
-
Improvements:
- Amavisd: Create symbol link
/etc/amavisd.conf
on RHEL-family.
- netdata: Avoid the login page and splash screen, also disable cloud.
-
Fixed issues:
- [web] Failed in adding whitelisting or blacklisting addresses with leading
or ending whitespace.
- [web] Last Logins page may contain non-existing users.
- [server] Missing required Dovecot (sub-)package on Debian/Ubuntu. fixes #1153
- [server] Dovecot: Not eanble stats-writer. fixes #1154
- [server] SOGo: Add missing GroupObjectClasses for OpenLDAP backend. fixes #1155
- [server] netdata cannot load cloud config '/opt/netdata/var/lib/netdata/cloud.d/cloud.conf'.
-
Updated packages:
- Adminer v5.0.2
- netdata v2.2.6
v1.0.2, Feb 20, 2025
-
New features:
- You can now customize branding on web UI directly (Server Settings ->
Custom Branding), including short and full brand name, website link,
logo image and favicon icon.
-
Improvements:
- [web] Able to enable LDAP over TLS and SSL.
- [web] Able to display more accounts on user list page. Defaults to 50.
- [web] On user list page, it's now able to sort by quota usage pacentage
or stored size.
- [web] On
Last Logins
page, it's now able to sort by either IMAP, POP3
or delivery.
- Improve performance while deleting multiple mailboxes at the same time.
- dovecot: Switch to old stats plugin so that netdata can collect metrics.
- netdata: Switch all Python plugins to Go for better performance.
-
Fixed:
- [web] Not preserve address extension in forwarding address.
Thanks Jean-lou Schmidt for the feedback.
- [web] Filter of disabled domains is incorrect.
- [web] Normal admin was able to update domain quota and account limits.
- [web] Cannot save max retries and timeout while updating Push Notification
settings.
- [server] Amavisd cannot save mail subject longer than 255 characters.
- [server] Amavisd requires at least 2 child processes (was set to 1).
- [server] Netdata doesn't collect data for OpenLDAP server.
- Migrating from non-EE server may take too much time to update existing
Amavisd SQL tables.
- Succeeded deployment may be displayed as Aborted in some case.
-
Updated packages:
- mlmmjadmin 3.3.1
- netdata 2.2.5
- roundcube 1.6.10
v1.0.1, Jan 26, 2025
-
Improvements:
- [web] Able to allow users to add auxiliary IMAP accounts
(
SOGoMailAuxiliaryUserAccountsEnabled=YES
).
-
Fixed:
- [web] Cannot save some checkbox status on
Server Settings
page.
v1.0.0, Jan 24, 2025
-
New features:
-
Improvements:
- [LDAP backend] Able to add and manage (old-style) mailing list account.
- Able to accept connections from certain source address to any port
while adding new firewall rule.
Thanks Ian for the feedback.
- Supports autoconfig, autodiscover and mobileconfig out of box. Component
Autoconfig and Autodiscover
has been removed.
- [web] Able to filter events on Activities page.
- [web] Able to redirect to mail alias profile page from user profile page,
Membership tab.
-
Fixed:
- [server] Not serve ACME challenge over HTTP directly.
Let's Encrypt cert renewal may fail with error
Connection refused
if
the HTTP request is redirected to HTTPS.
- [server] Incorrectly prefix
[Spam]
text in mail subject when option
Always insert X-Spam-* headers
is enabled.
- [server] Not apply default firewall rules while upgrading from v1.0-beta8
when Firewall component is enabled.
Thanks Ian for the report.
- [server] Not install required package for FTS on Ubuntu 24.04.
- [server] Disable slow query log in mariadb to prevent large log file.
Thanks Günther Pfannhauser for the report.
- [server] Upgrading from v1.0-beta7 or earlier releases fails.
- [server] Not restart cron job to load newly added tasks.
- [api] Cannot reset user password with a hashed password.
Thanks Michael Stamouli for the report.
- [api] Cannot use "-" (dash) in password.
- [web]
Statistics
on Dashboard does not reflect the log retention days.
- [web]
Delete All
button doesn't work on Sent Mails
page.
Thanks Justin for the report.
- [web] OTP doesn't work. (#1037)
Thanks Sascha Linke for the report.
- [web] Several web UI minor fixes and tweaks.
-
Updated packages:
v1.0-beta9, Dec 12, 2024
v1.0-beta8, Sep 14, 2024
We're working hard to finish OpenLDAP support in next beta release, v1.0-beta9.
- [NEW] Able to manage global, per-domain and per-user whitelists and
blacklists on web UI or API interface.
- [NEW] Two-factor authentication (2FA) with TOTP.
- [web] Global admin can enforce all domain admins to enable 2FA.
- [NEW] New translation: es_ES (Español). Thanks to Leslie León Sinclair [leslie84 at nauta dot cub].
- Improvements:
- [api] New parameter
maildir
used to customize mailbox path while
creating new user or updating user profile.
- [api][web] Optional: Remove data from other applications while removing
mailbox or domain. Defaults to keep the data.
- [api][web] No more max password length.
- [web] Able to disable 2FA for SOGo user.
- [web] Able to download deployment log.
- [web] 2 new cards on Dashboard page:
Top Senders
, Top Recipients
.
- [web] Display 3 cards on top of domain profile page:
Statistics of
latest 24 hours
, Top Senders
, Top Recipients
.
- [web] Able to configure the notification of quarantined emails:
Quarantined Mails
-> Quarantine Notify
(the small bell icon).
- [web] Able to abort the running deployment.
- [web] Able to subscribe to or unsubscribe from newsletter-style
mailing list on web UI.
- [web] Removed all optional settings in setup wizard. Please tune the
server after initial deployment.
- [web] Component
Firewall
is disabled during initial setup.
Setup will restart firewall at the end of deployment, it blocks the
network port used by setup and causes deployment failure. Feel free
to enable it after initial setup.
- [web] Able to filter user accounts by first character of email address.
- [web] Able to filter disabled user accounts.
- [server] Disable SpamAssassin rule
RCVD_IN_DNSWL_HI
(Sender listed at
http://www.dnswl.org/ with high trust) due to too many false positives.
- Fixed issues:
- [server] Not correctly wrap IPv6 addresses (saved in
Server Settings
->
Trusted Clients
) in Postfix config file.
Thanks to Peter Radig for the feedback.
- [server] ClamAV can not scan emails due to permission issue.
Thanks to Peter Radig for the feedback.
- [api] Normal domain admin may be able to delete any domain via API calls.
- [web] Incorrect count while displaying disabled domains.
- Rotated log files (/opt/iredmail/log/*.log) were not compressed.
- Updated packages:
- Roundcube 1.6.9, 1.5.9
- netdata v1.47.1
- Fail2ban 1.1.0 (OpenBSD only)
- Adminer has been replaced by AdminerEvo and upgraded to v4.8.4.
Original Adminer project was abandoned, AdminerEvo is the successor.
https://github.com/adminerevo/adminerevo
- Known issues:
- Fail2ban cannot start on OpenBSD after system reboot.
v1.0-beta7, Aug 2, 2024
v1.0-beta6, May 31, 2024
- A valid license key is now required for installation.
-
Improvements:
- [web] New search bar on top-left of all web pages. You can search
with domain name, email address, or display name, top 10 results are
displayed, click item to visit account profile page.
- [web] Removed component
iRedAdmin
since iRedMail Enterprise Edition
offers same features as iRedAdmin and iRedAdmin-Pro.
- [web] Able to set isolation level of the spam/ham auto-learning data.
Currently 3 options are available: per-user, per-domain or server wide.
Defaults to server wide (share learning data between all users).
- [server] If component
BIND DNS Server
is enabled, use localhost as
DNS server in systemd resolved service.
- [server] Not use Google DNS servers as default upstream anymore.
Spamhaus blocks queries from public/open DNS servers.
- [server] Set default max connections to 1024 for PostgreSQL.
- [server] Use systemd-timesyncd as ntp client on Ubuntu 24.04.
- [server] Fail2ban now stores banned IP addresses in SQL database by default.
- [server] Fail2ban now stores enabled jail names in SQL table
fail2ban.jails
.
-
Updated packages:
- Roundcube 1.6.7
- Roundcube 1.5.7 (Ubuntu 18.04 only)
- netdata v1.45.5
v1.0-beta5, May 8, 2024
v1.0-beta4, April 26, 2024