iRedMail
// Document IndexAttention
Check out the on-premises, lightweight email archiving software developed by iRedMail team: Spider Email Archiver.
Paid Remote Upgrade Support
We offer remote upgrade support if you don't want to get your hands dirty, check the details and contact us.
/etc/iredmail-release with new iRedMail version numberiRedMail stores the release version in /etc/iredmail-release after
installation, it's recommended to update this file after you upgraded iRedMail,
so that you can know which version of iRedMail you're running. For example:
1.7.0
CentOS 7: please stick to Roundcube 1.5.2
It's time to leave your comfort zone and upgrade this server to at least CentOS Stream 8 or Rocky Linux 8.
If you're running CentOS 7, please upgrade to Roundcube 1.5.2 instead. Roundcube 1.5.3 requires PHP-7, but CentOS 7 ships PHP-5.4 which is not supported by Roundcube 1.5.3 and later releases, including 1.6.x.
Unfortunately, Roundcube 1.5.2 does NOT contains multiple security fixes which shipped in Roundcube 1.5.6 and 1.6.5.
Ubuntu 18.04: please stick to Roundcube 1.5.7
Ubuntu 18.04 runs old php version, v1.5.6 contains the security fix too. Anyway, please consider upgrading your OS to at least 20.04 LTS as soon as possible.
SOGo v5.10.0 introduces a required new parameter OCSAdminURL in config file.
Please add this new parameter and upgrade SOGo to latest nightly build.
OCSAclURL in SOGo config file /etc/sogo/sogo.conf like below: OCSAclURL = "mysql://sogo:SOVtHQXsnYOb3CqnYe5sH52fiYTvaYZT@127.0.0.1:3306/sogo/sogo_acl";
OCSAdminURL right after OCSAclURL with same value, but
replace the sql table name sogo_acl by sogo_admin: OCSAclURL = "mysql://sogo:SOVtHQXsnYOb3CqnYe5sH52fiYTvaYZT@127.0.0.1:3306/sogo/sogo_acl";
OCSAdminURL = "mysql://sogo:SOVtHQXsnYOb3CqnYe5sH52fiYTvaYZT@127.0.0.1:3306/sogo/sogo_admin";
Please follow below tutorial to upgrade mlmmjadmin to the latest stable release: Upgrade mlmmjadmin to the latest stable release
Please follow below tutorial to upgrade iRedAPD to the latest stable release: Upgrade iRedAPD to the latest stable release
Warning
It addresses 2 possible XSS vulnerabilities, please upgrade as soon as possible.
Please follow below tutorial to upgrade iRedAdmin to the latest stable release: Upgrade iRedAdmin to the latest stable release.
If you have netdata installed, you can upgrade it by following this tutorial: Upgrade netdata.
Add this parameter in ClamAV daemon config file, then restart ClamAV daemon service.
/etc/clamd.d/amavisd.conf./etc/clamav/clamd.conf./usr/local/etc/clamd.conf./etc/clamd.conf.ConcurrentDatabaseReload no
Attention
This step is required if you configured Fail2ban to store banned IP addresses in SQL database for easier management on iRedAdmin-Pro.
Copy and run shell commands below to implement this improvement:
# Create new SQL table 'fail2ban.jails' to store jail names:
wget -O /tmp/f2b.sql https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/update/1.7.0/fail2ban.mysql
mysql fail2ban < /tmp/f2b.sql
rm -f /tmp/f2b.sql
# Replace action script:
wget -O /usr/local/bin/fail2ban_banned_db \
https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/samples/fail2ban/bin/fail2ban_banned_db
# Replace action config file
wget -O /etc/fail2ban/action.d/banned_db.conf \
https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/samples/fail2ban/action.d/banned_db.conf
# Restarting fail2ban service is required:
systemctl restart fail2ban
Attention
This step is required if you configured Fail2ban to store banned IP addresses in SQL database for easier management on iRedAdmin-Pro.
Copy and run shell commands below to implement this improvement:
# Create new SQL table 'fail2ban.jails' to store jail names:
wget -O /tmp/f2b.sql https://raw.githubusercontent.com/iredmail/iRedMail/master/update/1.7.0/fail2ban.pgsql
su - postgres
psql -d fail2ban -c "\i /tmp/f2b.sql"
rm -f /tmp/f2b.sql
# Replace action script:
wget -O /usr/local/bin/fail2ban_banned_db \
https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/samples/fail2ban/bin/fail2ban_banned_db
# Replace action config file
wget -O /etc/fail2ban/action.d/banned_db.conf \
https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/samples/fail2ban/action.d/banned_db.conf
# Restarting fail2ban service is required:
systemctl restart fail2ban
iRedMail supports tracking user last login time for MySQL/MariaDB/OpenLDAP backends since iRedMail-1.2, but not PostgreSQL backend. It now finally comes.
This feature is offered by Dovecot, and is available in Dovecot-2.3.16 and later version, so it's available on:
Please follow this tutorial to implement it:
Attention
This step is required if you configured Fail2ban to store banned IP addresses in SQL database for easier management on iRedAdmin-Pro.
Copy and run shell commands below to implement this improvement:
# Create new SQL table 'fail2ban.jails' to store jail names:
wget -O /tmp/f2b.sql https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/update/1.7.0/fail2ban.mysql
mysql fail2ban < /tmp/f2b.sql
rm -f /tmp/f2b.sql
# Replace action script:
wget -O /usr/local/bin/fail2ban_banned_db \
https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/samples/fail2ban/bin/fail2ban_banned_db
# Replace action config file
wget -O /etc/fail2ban/action.d/banned_db.conf \
https://raw.githubusercontent.com/iredmail/iRedMail/1.7.0/samples/fail2ban/action.d/banned_db.conf
# Restarting fail2ban service is required:
systemctl restart fail2ban