CasperSecurity
iRedMail-1.5.0:
* Supports new distribution releases:
+ OpenBSD 7.0
* DROPPED distribution release:
- CentOS 7, CentOS 8. Please use CentOS Stream 8 or Rocky Linux 8 instead.
- CentOS 7 is too old.
- CentOS 8 is end-of-life after Dec 31, 2021.
- Debian 10. Please use Debian 11 instead.
- Debian 10 enters LTS on July 2022. "Debian LTS is not handled by
the Debian security team, but by a separate group of volunteers
and companies interested in making it a success."
- Ubuntu 18.04. Please use Ubuntu 20.04 instead.
- Users chose 20.04 more than 18.04, so better just let it go.
* Improvements:
+ Nginx: Greatly improve the performance of keep-alive connections over
SSL by enabling `ssl_session_cache`.
See also #136, thanks to @ludovicandrieux.
+ Nginx: Enable TLSv1.3 by default.
See also #137, thanks to @ludovicandrieux.
+ Nginx/Dovecot: Add new ssl cipher: EECDH+CHACHA20, remove weak one: AES256+EDH.
See also #138, thanks to @ludovicandrieux.
+ Postfix now enables smtps (port 465) by default.
+ Fail2ban: Add one more rule to catch auth error in Postfix log file.
+ SOGo is now available on Debian 11 (bullseye). Thanks to SOGo team.
* Fixed issues:
- Updating password in Roundcube may fail with error
`Encryption function missing`.
* Updated packages:
+ Roundcube webmail -> 1.5.1. Note: PHP 5.5 or later is required.
+ mlmmjadmin -> 3.1.3
+ netdata -> 1.32.1
+ iRedAPD -> 5.0.4
+ iRedAdmin -> 1.6
+ [OpenBSD] fail2ban -> 0.11.2
+ [OpenBSD] uwsgi -> 2.0.20
iRedMail-1.4.2:
* Improvements:
- Remove unused LDAP attribute in iredmail.schema:
- lastLoginDate
- lastLoginIP
- lastLoginProtocol
- Remove unused sql columns in `vmail` database:
- mailbox.lastlogindate
- mailbox.lastloginipv4
- mailbox.lastloginprotocol
* Fixed issues:
- Incorrect PostgreSQL column types in `vmail` and `sogo` databases.
iRedMail-1.4.1:
* Supports new distribution releases:
+ Debian 11 (bullseye)
+ FreeBSD 13.0
* Improvements:
+ Introduce new LDAP attribute/value pairs and SQL columns used to
enable or disable per-user SOGo webmail, calendar and activesync
services.
+ Add some ban rules in Amavisd:
+ ALLOW_MS_OFFICE: Allow all Microsoft Office documents.
+ ALLOW_MS_WORD: Allow Microsoft Word documents (.doc, .docx).
+ ALLOW_MS_EXCEL: Allow Microsoft Excel documents (.xls, .xlsx).
+ ALLOW_MS_PPT: Allow Microsoft PowerPoint documents (.ppt, .pptx).
* Fixed issues:
- Allow more sendgrid HELO hostnames.
Thanks to Jim Nelin for the feedback.
* Updated packages:
+ iRedAdmin -> 1.5
+ iRedAPD -> 5.0.3
+ netdata -> 1.31.0
+ mlmmjadmin -> 3.1.2
iRedMail-1.4.0:
* Supports new distribution releases:
+ CentOS 8 Stream. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
+ AlmaLinux 8. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
+ Rocky Linux 8. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
Tested with Rocky Linux 8.3 rc1.
+ OpenBSD 6.9. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
* DROPPED distribution release:
- Debian 9 (stretch). Please use Debian 10 instead.
* Improvements:
- SQL backends: New sql table `maillist_owners`. Used to store owners
of subscribeable mailing lists. With this new table, if self-service
is enabled in iRedAdmin-Pro, mailing list owner is able to login to
iRedAdmin-Pro and manage profile and members of owned mailing lists.
- SQL backends: Drop 4 unused SQL columns in `vmail.mailbox` table:
- allowedsenders
- rejectedsenders
- allowedrecipients
- rejectedrecipients
- OpenLDAP backend: New attributes `listModerator` and `listOwner`.
Used to to store moderator and owner of subscribeable mailing lists.
With these new attributes, if self-service is enabled in
iRedAdmin-Pro, mailing list owner is able to login to iRedAdmin-Pro
and manage profile and members of owned mailing lists.
- Fail2ban now stores (base64) encoded log lines in SQL database to
avoid possible SQL injection.
- Enable long queue id support in logwatch.
* Fixed issues:
- Whitelist HELO hostname used by Microsoft Outlook/Hotmail servers.
- tools/backup_pgsql.sh: Not dump databases with `--clean` argument.
- Not install nftables package on Ubuntu 20.04.
- [OpenBSD] Used wrong Python MySQL driver name in iRedAPD.
- Fail2ban can not store banned IP address when its country name
contains quotes.
* Updated packages:
+ Roundcube webmail -> 1.4.11. Security and bug fixes.
+ netdata -> 1.30.1
+ mlmmjadmin -> 3.1
+ iRedAPD -> 5.0
+ iRedAdmin -> 1.3
iRedMail-1.3.2:
* Supports new distribution releases:
+ OpenBSD 6.8. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
Note: Fail2ban is not available on OpenBSD 6.8, because the latest
Fail2ban-0.11.1 doesn't fully support Python-3.8.6 offered by
OpenBSD 6.8.
+ FreeBSD 12.2.
* DROPPED distribution release:
- OpenBSD 6.7. Please use the latest stable release 6.8 instead.
* Improvements:
+ [Nginx] Enable http2 support by default.
+ [Roundcube] Enable plugin `zipdownload` by default. It adds an
option to download all attachments in a message to one zip file,
when the message has multiple attachments.
+ [Amavisd] Log matched virus database name.
* Fixed issues:
- [FreeBSD] Can not correctly generate random password on FreeBSD
12.1-RELEASE-p10.
- [Fail2ban] Not catch all Roundcube login failures.
- tools/create_mail_user_OpenLDAP.*: missing required ldap attr/value
pairs: `enabledService=managesievetls` and `enabledService=sievetls`.
* Updated packages:
+ Roundcube webmail -> 1.4.9
+ netdata -> 1.26.0
+ uwsgi -> 2.0.19.1. OpenBSD only.
+ mlmmjadmin -> 3.0.4
+ iRedAPD-4.6
+ iRedAdmin-1.2
+ FreeBSD: perl-5.32
iRedMail-1.3.1:
* Fixed issues:
- Fail2ban match rules were not up to date to match log lines produced
by the latest Roundcube.
Thanks Igor Cej for the feedback.
* Updated packages:
+ Roundcube webmail 1.4.7, with one security fix.
+ netdata -> 1.23.1
+ iRedAPD-4.2, with a critical issue fixed.
iRedMail-1.3:
* Supports new distribution releases:
+ Ubuntu 20.04. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
+ OpenBSD 6.7. All backends are supported: MariaDB, PostgreSQL, OpenLDAP.
* DROPPED distribution release:
- OpenBSD 6.6. Please use the latest stable release 6.7 instead.
* Improvements:
+ Enable SOGo for CentOS 8 and Ubuntu 20.04. Thanks to SOGo team.
+ Port scripts `tools/*.py` to Python 3.
* Fixed issues:
- Enable TLSv1 on CentOS 7 due to the php package doesn't support TLSv1.2.
- Fix incorrect permission of Fail2ban log file, should be 0755 so
that netdata can read banned/unbanned info.
- Add missing INDEX for SQL column `msgs.time_iso` in `amavisd`
database.
* Updated packages:
+ Roundcube webmail -> 1.4.6, it includes few security fixes.
+ iRedAPD -> 4.1. WARNING: Python 3.5+ is required, Python 2 support
has been completely dropped.
+ mlmmjadmin -> 3.0. WARNING: Python 3.5+ is required, Python 2
support has been completely dropped.
+ netdata -> 1.23.0
iRedMail-1.2.1:
* Switch self-signed ssl cert key length to 4096.
* Swith DKIM key length to 2048.
* Updated packages:
+ Roundcube webmail -> 1.4.4. it includes few security fixes.
iRedMail-1.2:
* Supports new distribution release:
+ CentOS 8
* Dropped distribution release:
- OpenBSD 6.5. Please use the latest stable release 6.6 instead.
* Improvements:
+ Able to store banned IP addresses in SQL db.
iRedAdmin-Pro customers can view banned addresses and unban them on
web UI directly.
+ Fail2ban now works on OpenBSD.
+ Track last login of both POP3/IMAP logins.
* Fixed issues:
- Use 'pspell' spell check engine instead of default 'googie' which
sends data to Roundcube website.
- Not install package `libclamunrar9` for unpacking rar file on Ubuntu.
- installer: not correctly update allowed_clients in php-fpm pool
config file for FreeBSD Jail.
- Amavisd can not store mail subject with emoji characters.
* Updated packages:
+ Roundcube webmail -> 1.4.3
+ iRedAPD -> 3.6
+ netdata -> 1.21.1
iRedMail-1.1:
* Improvements:
- tools/backup_*.sh: do not rely on Python to calculate dates.
* Fixed issues:
- PostgreSQL backend: improper index for table `vmail.sender_relayhost`.
- LDAP backend: improper filter which causes missing external members
while querying (not-subscribeable) mailing list with alias domain.
Thanks to Alyssa Hullinger for the report.
- Backup MX doesn't work.
- rsyslog config file `/etc/rsyslog.d/1-iredmail-iredapd.conf` doesn't
work on CentOS.
- Installer:
- Not enable IPv6 in Nginx.
- Not disable checks for energid in netdata.
Port 9998 is used by Amavisd and energid (not installed by
iRedMail) by default, netdata will try to send http request to
this port, hence it causes error message in Amavisd log file each
time netdata starts.
- Not correctly set Nginx log file path in Fail2ban.
- Not set message size limit in Roundcube ($config['max_message_size']).
- Not remove `!SSLv2` in Dovecot on Ubuntu 18.04.
Note: SSLv2 is actually disabled by OpenSSL.
* Updated packages:
+ Roundcube -> 1.4.2.
+ iRedAdmin -> 1.0
+ iRedAPD -> 3.4.
+ FreeBSD: postgresql-12, python-3.8, php-7.4
iRedMail-1.0:
* Supports new distribution release:
+ OpenBSD 6.6
* Improvements:
- Netdata: Replace few Python modules by Go modules to collect data
for better performance.
- Disable email notification since netdata is too sensitive and the
notification message is "useless".
* Fixed issues:
- Timeout for clamd service to load virus database is too short on
CentOS 7.
- Rejects the new Facebook servers which contain IP address in their
HELO identities.
* Updated packages:
+ Roundcube webmail -> 1.4.1
+ iRedAPD -> 3.3
+ iRedAdmin -> 0.9.9
+ netdata -> 1.19.0
iRedMail-1.0-beta2:
* Removed OpenDMARC integration due to internal bug which caused incorrect
email rejection. Bug reported to upstream:
https://github.com/trusteddomainproject/OpenDMARC/issues/50
* Improvements:
+ tools/backup_*.sh: Remove old empty backup directory.
* Fixed issues:
- Incorect SSL CA file path on FreeBSD.
- Improper postrotate command for log files on Linux.
* Updated packages:
+ iRedAPD -> 3.2
+ netdata -> 1.18.0
iRedMail-1.0-beta1:
* Supports new distribution release:
+ OpenBSD 6.5
+ Debian 10
* Drop support for old distribution releases:
- OpenBSD 6.4
- Ubuntu 16.04, 18.10.
NOTE: We have no plan to support non-LTS edition anymore, only the
latest LTS edition will be supported.
* Drop support for OpenBSD ldapd backend.
* Improvements:
+ Dovecot:
- Enable quota-status service. Postfix can query this service and
reject email immediately if user's mailbox is over quota.
- Enable tracking user loast login time by default for
MySQL/MariaDB and OpenLDAP backends.
Note: Dovecot doesn't support this with PostgreSQL yet.
+ netdata: Disable sending anonymous statistics to netdata cloud.
* Fixed issues:
- Improper order of restriction rules in Postfix
`smtpd_sender_restrictions` setting.
- Fail2ban jail config file doesn't correctly set sshd port number(s).
- Loose Fail2ban filter rules (postfix/dovecot) to reduce negative bans.
- [Linux] Not send kill signal to php-fpm daemon process to reopen log
file after logrotation.
- tools/create_mail_user_OpenLDAP.py:
- Fix missing comma which causes incorrect value of
ldap attribute 'enabledService'.
Thanks Michael Chong.
* Updated packages:
+ Roundcube webmail -> 1.3.10
+ iRedAdmin -> 0.9.8
+ iRedAPD -> 3.1
+ mlmmjadmin -> 2.1
+ netdata -> 1.17.0
+ php -> 7.3 (FreeBSD only)
iRedMail-0.9.9 (Dec 17, 2018):
* Supports new distribution release:
+ OpenBSD 6.4
+ Ubuntu 18.10. WARNING: It receives only 9 months of security and
maintenance updates, until July 2019.
NOT RECOMMENDED FOR PRODUCTION SERVER.
* Improvements:
+ netdata is able to monitor OpenLDAP.
+ SOGo now supports resource management with OpenLDAP backend.
+ Add rc script and rules for ip6tables on Debian/Ubuntu.
+ iRedAdmin is now running as a standalone uwsgi instance (service
name 'iredadmin'), not controlled by 'uwsgi' service anymore.
+ Use /opt/www to store web applications on all Linux distros and
OpenBSD.
+ Able to set per-user mailbox format (e.g. mdbox) and mailbox folder
appended to maildir path in SQL/LDAP.
+ Switch to utf8mb4 as default character set in MySQL.
+ Set file/directory permission to 0400 for dumpped SQL backup files.
+ OpenLDAP log file has been moved to /var/log/openldap/openldap.log
(was /var/log/openldap.log).
* Fixed issues:
- Not correctly generate/update firewall rules if ssh is listening on
2 network ports.
- Not index ldap attribute `mobile`.
- Not always specify a plain text footer file for altermime to update
email sent to mlmmj mailing list.
+ Use accurate Nginx url match for Roundcube.
- mlmmjadmin:
- Not set correct owner/group for config file.
- Not use correct syslog socket path on FreeBSD.
- SQL backends:
- Not handle alias domains for relay in Postfix.
* Updated packages:
+ Roundcube -> 1.3.8
+ iRedAdmin -> 0.9.2
+ iRedAPD -> 2.3
+ mlmmjadmin -> 1.9
+ netdata -> 1.11.1
+ uwsgi -> 2.0.17.1 (OpenBSD only)
iRedMail-0.9.8:
* Supports new distribution release:
+ OpenBSD 6.2, 6.3
+ Ubuntu 18.04
* Dropped distribution releases:
+ RHEL/CentOS 6
+ Ubuntu 14.04 LTS, 17.04
+ Debian 8
+ OpenBSD 6.1
* Remove components:
- Apache has been removed, Nginx is the only one web server available.
* New components:
+ netdata (1.10.0) monitor integration: http://my-netdata.io
Note: netdata currently works on Linux and FreeBSD, not OpenBSD.
- Integrate netdata on Linux server:
https://docs.iredmail.org/integration.netdata.linux.html
- Integrate netdata on FreeBSD server:
https://docs.iredmail.org/integration.netdata.freebsd.html
+ Integrate 'mlmmj' mailing list manager, and 'mlmmjadmin' RESTful API
server for easy mlmmj management.
- mlmmj: http://mlmmj.org/
- mlmmjadmin (developed and maintained by iRedMail team):
https://github.com/iredmail/mlmmjadmin
- Integrate mlmmj & mlmmjadmin:
- LDAP backends: https://docs.iredmail.org/integration.mlmmj.ldap.html
- MySQL/MariaDB backends: https://docs.iredmail.org/integration.mlmmj.mysql.html
- PostgreSQL backend: https://docs.iredmail.org/integration.mlmmj.pgsql.html
Note: mlmmj & mlmmjadmin are now core components in iRedMail.
* Improvements:
- SQL backends:
- New table: maillists.
- New columns: domain.maillists, forwardings.is_maillist.
- Removed column: mailbox.local_part.
It's inherited from PostfixAdmin at the beginning, but not used
by any applications, time to drop it.
- Table renamed: alias_moderators -> moderators.
- LDAP backend:
- Allow mail list account to use 2 attributes: member, uniqueMember.
- Nginx: redirect all traffic from http to https by default.
- Fail2ban: new jail `postfix-pregreet`.
- Dovecot: Log subject, sender, size in mail deliver log.
- Amavisd: Add new sql column `maddr.email_raw` and trigger to store
email address without address extension.
* Fixed issues:
- iRedMail Installer:
- not correctly configure SOGo with IPv6 SQL server address.
Thanks to Wraptor <nijs.thibaut _at_ gmail.com> for the report in
forum.
- not check whether mailbox storage is set to /root.
- Postfix: don't block the HELOs used by SendGrid.
- Nginx:
- Use single config file for default web hosts.
- [SECURITY FIX] Not block access to Roundcube sensitive files.
- SOGo: Cannot sync contacts on Android devices via EAS.
- Amavisd: cannot store mail subject if contains emoji.
- SQL backends:
- User under disabled domain is able to send email with smtp protocol.
- Add new SQL column `mailbox.enableimaptls`, required by
Dovecot-2.3.
- tools/backup_sogo.sh
- Not set correct owner and permission on backup files.
- Cannot remove old backup files.
- tools/backup_openldap.sh:
- Cannot log backup result to SQL db.
Note: backup is fine, just no log in SQL db.
Thanks swejun <ingvar _at_ zebware.com> for the feedback and fix
in forum.
- tools/create_mail_user_*:
- Not use current date as password last change date for newly
created user.
- tools/migrate_sql_alias_table.py:
- Doesn't support 'utf8' charset.
Thanks Kacper Guzik <kacper.guzik _at_ zenbox _dot_ pl> for the
report and code contribution.
* Updated packages:
+ Roundcube -> 1.3.5
+ iRedAdmin -> 0.9
+ iRedAPD -> 2.2
+ uwsgi -> 2.0.17 (OpenBSD only)
+ SOGo -> 4.0 (switched yum/apt repo to SOGo v4 nightly builds)
iRedMail-0.9.7:
* Supports new distribution release:
+ OpenBSD 6.1. OpenBSD 6.0 is not supported anymore.
+ Ubuntu 17.04. Ubuntu 16.10 is not supported anymore.
+ Debian 9 (code name: stretch). Tested with Debian 9 RC3.
* Improvements:
- SQL structure change (for SQL backends): drop few columns in sql
table `vmail.alias`, and creates 2 new tables: forwardings,
alias_moderators. For more technical details, please check this issue:
https://bitbucket.org/zhb/iredmail/issues/101
- SOGo:
+ New script 'tools/backup_sogo.sh'. used to backs up SOGo data
with 'sogo-tool backup' command.
- Fail2ban:
+ Add one new regular expession to filter Roundcube log.
+ Enable 2 new jails: apache-auth, nginx-http-auth.
+ Split jail.local to multiple modular jail config files under
/etc/fail2ban/jail.d.
- Nginx: Use different directories to store different type of config
files for easier customization.
- /etc/nginx/conf.d/ - store configurations used inside 'http {}'
- /etc/nginx/sites-available/ - store config files for web sites.
All files under this directory are NOT loaded by default.
- /etc/nginx/sites-enabled/ - store config files for web sites.
All files under this directory will be loaded by default.
Usually file under this directory is a symbol link to file under
/etc/nginx/sites-available/. This way we can easily enable or
disable a site without renaming or moving its config file.
- /etc/nginx/sites-conf.d/ - store per-site modular config files.
for example, for web domain 'iredmail.org', we use directory
'/etc/nginx/sites-conf.d/iredmail.org/' to store modular config
files for all its http settings, and
'/etc/nginx/sites-conf.d/iredmail.org-ssl/' for all https
settings. You can use a prefixed digital number or letter to
define the order of config files loaded by Nginx. For example,
'00-listen.conf' will be loaded before other files.
NOTE: of course you're not forced to use this directory, and
you're free to write all settings in one file like
'/etc/nginx/sites-available/<site>.conf'. it's just a different
way (which we think it's better) to manage per-site settings.
Examples:
- sites-conf.d/iredmail.org/server_name.conf: define the server
name ('server_name iredmail.org;')
- sites-conf.d/iredmail.org/listen.conf: define the listen port
('port 80;').
- sites-conf.d/iredmail.org/root.conf: define the document root
directory ('root /var/www/vhosts/iredmail.org;')
- Generate /root/.my.cnf-<sql-user>:
- /root/my.cnf-vmail
- /root/my.cnf-vmailadmin
- /root/my.cnf-amavisd
- /root/my.cnf-iredapd
- /root/my.cnf-iredadmin
- /root/my.cnf-sogo
- /root/my.cnf-roundcube
* Fixed issues:
- Enable 'iterate_query =' in 'dovecot-mysql.conf', so that doveadm
works fine if it needs to get all mail users.
- Not enable cron job for iRedAdmin script: tools/delete_mailboxes.py.
Thanks sergiocesar <sergio _at_ winc.net> for the report.
- tools/backup_mysql.sh: Backup sql databases with mysqldump option
'--skip-comments' to avoid possible backdooring hack.
FYI: https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/
- FreeBSD:
- installing port 'archives/arj' interrupts iRedMail installation.
This is caused by global variable 'LANGUAGE=C'.
- Cannot reset MySQL (5.7) password.
* Updated packages:
+ iRedAPD -> 2.1
+ iRedAdmin -> 0.8
+ Roundcube -> 1.3.0
+ uwsgi -> 2.0.15 (OpenBSD only)
iRedMail-0.9.6:
* Supports new distribution release:
+ OpenBSD 6.0. OpenBSD 5.9 is not supported anymore.
+ FreeBSD 11.0.
+ Ubuntu 16.10. WARNING: Ubuntu 16.10 will end of life in July 2017,
Ubuntu 16.04 LTS edition is recommended for a production server.
* Improvements:
- Use rsyslog (requires version 8.x) instead of internal logging system
for Dovecot on CentOS 7 and Ubuntu 16.04, 16.10.
rsyslog is default syslog program on CentOS, Debian and Ubuntu.
With rsyslog, we're able to discard log messages which matches
given regular expressions if it produces too fast. for example,
HAProxy performs health check every few seconds for POP3/IMAP (and
other) services, we can easily discard those health check related
logs to save disk space.
- Switch Awstats user authentication from SQL/LDAP to basic auth based
on file, Awstats is now available for both Apache and Nginx.
- Installer:
+ Able to choose not to install web server and web applications.
- Nginx:
- Add HSTS header for Roundcube, iRedAdmin, SOGo.
- Add sample config files to run Roundcube, iRedAdmin, SOGo as a
subdomain.
- Roundcube webmail:
- Enable plugin `enigma` by default for PGP encryption.
WARNING: The plugin uses gpg binary on the server and stores all
keys (including private keys of the users) on the server.
Encryption/decryption is done server-side. So, this plugin
is for users that trust the server.
If you get error `Identity must have a user name defined` while
first trying to generate gpg key, please add a name for your
email account in Roundcube: `Settings -> Identities`.
- SOGo:
- List all contacts by default in SOGo global address book.
- FreeBSD:
- Switch from OpenSSL to LibreSSL by default.
* Fixed issues:
- LDAP backends: mail accounts (user, alias, list) are still active
when domain is disabled.
- Fix the HTTPROXY vulnerability in Apache and Nginx.
Reference: https://httpoxy.org/
- Not convert domain name and email address to lower cases while
creating mail accounts with scripts tools/create_mail_user_*.
Thanks Santosh Gupta <head.it _at_ satmatechnologies.com> for the
report.
- SOGo:
- Not correctly redirect access to https in Apache.
- Postfix:
- Not enable opportunistic TLS support for remote smtp clients.
- Incorrect HELO restriction rule which causes Postfix rejects smtp
session with HELO "[IP_ADDRESS]" (with squared brackets).
- Nginx:
- Not allow access to '/.well-known/'.
- Not forward real client IP address to SOGo.
- Config file for catch-all virtual host `default.conf` has been
renamed to `00-default.conf`, to make sure it will be loaded
before other virtual host config files.
- Roundcube webmail:
- Missing cron job used to clean up old Roundcube temporary files
(bin/gc.sh).
- Not set proper file owner (apache/nginx) and permission (0600)
for config file of password plugin.
- iRedAPD:
- Not add FreeBSD Jail IP address as trusted client. This causes
mail delivery failure while sending to user under same domain.
Thanks Erez Zabusky <erez_z _at_ cre8ip.com> for the report.
- OpenBSD:
- not enable uwsgi service.
- not create symbol links for PHP programs.
* Updated packages:
+ Roundcube -> 1.2.3
+ iRedAPD -> 2.0
+ iRedAdmin -> 0.7
+ uwsgi -> 2.0.14 (OpenBSD only)
+ FreeBSD:
- php-7.0
- mysql-5.7
iRedMail-0.9.5-1:
* Fixed issues:
- Postfix:
- Cannot deliver email to system account.
- OpenLDAP:
- Incorrect default password scheme if module 'pw-sha2' is not
available.
- PHP
- Allow functions: 'popen', 'openlog'. Required by Roundcube.
- Incorrect compress command used in logrotate config files.
- Add missing package 'mcrypt' on RHEL/CentOS 6.
* Updated packages:
+ iRedAPD -> 1.9.1
iRedMail-0.9.5:
* Supports new distribution release:
+ Ubuntu 16.04 LTS (code name: xenial).
+ OpenBSD 5.9.
* Drop support for old distribution releases:
- Ubuntu 15.10 (code name: wily).
- OpenBSD 5.8.
- Debian 7 (code name: Wheezy). Please use Debian 8 instead.
Debian team stops offering security updates for Debian 7 after
April 25, 2016. Reference: https://wiki.debian.org/DebianOldStable
* Improvements:
- Postfix:
+ Supports Postfix parameter `sender_dependent_relayhost_maps`.
+ SMTP SASL AUTH is disabled on port 25. Please use port 587 instead.
- Amavisd:
+ Add custom Amavisd log template (at log level 0) to always log
SpamAssassin testing result.
- OpenLDAP:
+ Switch OpenLDAP backend to mdb (Memory-Mapped DB backend to slapd)
on Linux and FreeBSD (not available on OpenBSD yet).
+ Enable OpenLDAP overlay 'pw-sha2' to support password verification
with sha2 algorithms.
- SOGo:
+ SOGo is configured to store password in SSHA512 (instead of ssha)
hash by default.
+ Switch SOGo to 3.x from 2.x on Linux/FreeBSD (OpenBSD offers v2).
+ Able to enable/disable sogo service for a single user with new SQL
column `mailbox.enablesogo` and LDAP attribute/value
`enabledService=sogo`.
- OpenBSD ldapd(8):
+ Add script and daily cron job to backup ldapd.
* Fixed issues:
- Not correctly setup Fail2ban jail `action=` setting to block bad ssh
client IP address.
- Improper proxy timeout setting in SOGo and Nginx which cause SOGo
error 'client disconnected during delivery of response'.
- Not correctly add Postfix alias 'virusalert: root' for
non-(Debian/Ubuntu) OSes.
- Not create directory used to store php session files.
- Not enable cron job to auto update SpamAssassin rules on RHEL/CentOS.
* Updated packages:
+ Roundcube webmail -> 1.1.5
+ iRedAdmin -> 0.6
+ iRedAPD -> 1.9.0
iRedMail-0.9.4:
* New scripts:
- tools/fail2ban_unban_ip.sh. Used to unban specified IP addresses
from ALL fail2ban jails.
* Fixed issues:
- Not enable port 25 in OpenBSD PF rule.
- Not detect IPv6 support on server.
- Not correct set file permission of /etc/mail/mailer.conf on FreeBSD.
- Not install port 'www/sogo-activesync' on FreeBSD.
- Installation inside FreeBSD Jail:
- Not correctly set MySQL/PostgreSQL/SOGo/Amavisd bind addresses.
- Not updating Postfix `mynetworks=` to use specified local
address.
Thanks Peter2121 <peter _at_ flytrace.com> for the report in forum.
- Use only 2 DNSBL services in postscreen service:
zen.spamhaus.org, b.barracudacentral.org.
- Cannot use specified MySQL root password on command line while
installing with remote MySQL server.
* Updated packages:
+ Roundcube webmail -> 1.1.4
+ iRedAPD -> 1.8.0
+ iRedAdmin -> 0.5
+ uwsgi -> 2.0.12 (OpenBSD only)
iRedMail-0.9.3:
* Works on new distribution releases:
- Ubuntu 15.10. [Note: old 15.04 is not supported.]
- OpenBSD 5.8. Notes:
+ 5.7 and earlier releases are not supported.
+ spamd(8) is not enabled and replaced by postscreen, because
postscreen is better to reduce spam (e.g. with help of DNSBL
services).
* Remove components:
- Cluebringer has been removed. It's not under active development and
no new release since 2013 (the latest stable release doesn't support
IPv6), we have greylisting and throttling support in iRedAPD as
replacement.
* Improvements:
- SOGo Groupware is now available on FreeBSD.
- Enable HSTS (HTTP Strict Transport Security) in both Apache and Nginx.
- Update Fail2ban filter to catch postscreen log.
- Enable global address book for SQL backends in SOGo by default,
domains are isolated. Thanks dnwahs <shawn _at_ mcsp.net> for the
sharing in iRedMail forum.
- Supports per-user alias address in SQL backends. 2 new sql columns
are required: `alias.is_alias`, `alias.alias_to`.
- Enable postscreen service in Postfix by default.
Important Note: all users must use port 587 for sending email, port
25 doesn't accept submitted mail by authenticated users anymore.
- New SQL table `amavisd.outbound_wblist`, used to store whitelists
and blacklists for outbound messages. It's required by iRedAPD
plugin 'amavisd_wblist'.
* New scripts:
- tools/ldap_assign_user_to_groups.py. Used to assign user to specified
mailing lists, or remove membership.
- tools/ldap_move_members_to_another_group.py. Used to move or copy ALL
members of specified mailing list to another.
* Fixed issues:
- Key length 2048 of DKIM key is too long, too many complains because
many DNS vendors don't support it. So we generate with 1024 instead.
- Not add 'virusalert' in Postfix alias file.
- Not use correct postrotate command to rotate log file on Debian.
- Incorrectly set default fireewall zone on RHEL/CentOS 7 if you
didn't choose to restart firewall immediately.
- 'daemonze =' is required by RHEL/CentOS v6, but not v7.
- Incorrect Dovecot Master User account used by SOGo.
- Dovecot Master User doesn't work with LDAP backend.
- Incorrect quota warning priorities in Dovecot.
Thanks Peter <rs _at_ samplezone.ch> for the feedback.
- Incorrect Amavisd setting to sign DKIM on inbound messages.
- [RHEL/CentOS] Cannot start uwsgi service with 'daemonize' setting in
/etc/uwsgi.ini.
- Not preserve the case of ${extension} while delivering message to
mailbox.
* Updated packages:
+ Roundcube webmail -> 1.1.3.
+ uwsgi -> 2.0.11.2 (OpenBSD only)
+ iRedAPD -> 1.7.0
+ iRedAdmin -> 0.4.3
+ FreeBSD:
- php-5.6
iRedMail-0.9.2:
* SOGo now works on Debian 8.
* Improvements:
- LMTP (port 24) and managesieve (port 4190) services are now listening
on only localhost (127.0.0,1 and ::1) by default.
- Improve Fail2ban filter `postfix.iredmail.conf` to prevent DoS
attack to SMTP service.
* Fixed issues:
- Cannot create required SQL tables in `vmail` database with PostgreSQL
backend.
- catch-all support doesn't work with user+extension@domain.com.
Thanks to stevekez <iredmail@stevekerrison.com> for the contribution
in iRedMail support forum.
- uwsgi service doesn't work on RHEL/CentOS. A new version of uwsgi
package was submitted to EPEL repo with higher priority (not
submitted by iRedMail team), it's not compatible with settings
configured by iRedMail, this causes uwsgi service cannot be started.
- Cannot import MySQL database on Jailed FreeBSD.
- Not install required port 'databases/py-sqlalchemy' on FreeBSD.
- Fix 'The Logjam Attack' ssl related issue. Reference:
https://weakdh.org/
* Updated packages:
+ iRedAPD -> 1.6.0, bug fixes.
iRedMail-0.9.1:
* Works on new distribution releases:
- Debian 8, Ubuntu 15.04. Notes:
o Roundcube and iRedAdmin are now stored under /opt/www.
o Cluebringer is not installed due to package missing in official
repo, that means your server doesn't support greylisting and
throttling.
o SOGo is not installed due to package missing in upstream (SOGo)
repo.
- OpenBSd 5.7. Notes:
o No official MySQL binary packages, so please use MariaDB instead.
* Drop support for old distribution releases:
- Ubuntu 12.04, 14.10. Please use Ubuntu 14.04 LTS or 15.04 instead.
* Improvements:
- Log most terminal output of iRedMail installation to file
'runtime/install.log', used for troubleshooting after installation.
- Backup scripts are able to delete old backup copies. Default setting
is keeping backup copies for 90 days.
- [LDAP] Allow mailing list account to use attributes: gidNumber,
memberUid.
- Don't install both Apache and Nginx, just one of them.
Debian/Ubuntu package maintainer over-designed the post-install
script, it will restart service after package installed, if we have
both installed, installing another one will fail, because network
ports are used by the first one.
Same reason as above, if we have both installed, upgrading both of
them will trigger service restarting too. This may cause the
currently running web service cannot start.
- Make Dovecot subscribe newly created folder automatically.
Thanks Michael Telatynski <postmaster _at_ webdevguru.co.uk> for the
patch.
- Able to restrict user to login for specified IP addresses or
networks, multiple IP addresses or networks must be separated by
comma.
o LDAP: IP addresses or networks must be listed in attribute
`allowNets` in user object.
o SQL: IP addresses or networks must be listed in SQL column
`mailbox.allow_nets`.
- Bypass greylisting for some big ISPs
(samples/cluebringer/greylisting-whitelist.sql).
- Setup Fail2ban to monitor SOGo log file.
- Add two new Fail2ban filters to help catch spam.
* Fixed issues:
- Amavisd cannot ban zipped '.exe' file on RHEL/CentOS.
- Install package `unrar` as rar unarchiver on RHEL/CentOS/Debian/Ubuntu.
- Incorrect log file and owner/group in /etc/logrotate.d/policyd.
- Cannot send email to user+ext@domain.com when per-domain catch-all
is enabled. Note: not fixed with LDAP backend yet.
- Cannot send mail with Roundcube and PHP 5.6.
- Cannot run PHP scripts under web document root with Nginx.
- Not use user's identity as envelope sender for 'return receipt'
responses.
- Not backup SOGo SQL database.
- Incorrect path of command 'sogo-tool' on OpenBSD.
- Not apply service restriction in Dovecot SQL query file while acting
as SASL server.
* Updated packages:
+ Roundcube webmail -> 1.1.1
+ uwsgi -> 2.0.10. OpenBSD only.
+ iRedAdmin -> 0.4.2 (open source edition).
+ iRedAPD -> 1.5.0.
* Known issues:
+ OpenLDAP backend:
- if you have catch-all account enabled for mail domain, email
sent to user+extension@domain.com will be delivered to catch-all
account.
iRedMail-0.9.0:
* Works on new distribution releases:
- RHEL/CentOS 7
- Ubuntu 14.10 (codename: utopic)
- OpenBSD 5.6. Note: Nginx is used as web server, the new built-in
httpd daemon (not Apache-1.3) is not used.
* SOGo groupware integration:
SOGo groupware provides a rich AJAX-based Web interface and supports
multiple native clients through the use of standard protocols such as
CalDAV, CardDAV and GroupDAV, as well as Microsoft ActiveSync.
Check its website for more details: http://sogo.nu/
Important notes of SOGo integration in iRedMail:
o SOGo integration is available on below Linux distributions and releases:
- RHEL/CentOS 6. SOGo project doesn't provide RPMs for CentOS 7 yet.
- Debian 7.
- Ubuntu 12.04 and 14.04. No official packages for 14.10 yet.
- OpenBSD 5.6.
o Full/native Exchange protocol support requires OpenChange and Samba4,
but they're not integrated in iRedMail, so iRedMail-0.9.0 doesn't
provide full/native support for Microsoft Outlook clients, Apple
Mail.app and iOS devices. BlackBerry 10 works fine.
Check our tutorial to setup your mail clients:
http://www.iredmail.org/docs/index.html#configure-mail-client-applications
o If you choose to install both Roundcube webmail and SOGo, Managesieve
service is disabled in SOGo by default, because sieve rules generated
by SOGo is not compatible with Roundcube webmail. but if you don't
install Roundcube, managesieve will be enabled in SOGo by default, plus
vacation and forwarding support.
o User cannot change password with PostgreSQL backend.
* Improvements:
- Nginx support is now available on all Linux/BSD distributions.
If you choose to use Nginx as default web server, both Awstats and
Cluebringer are not accessible, because Nginx doesn't have official
SQL/LDAP auth modules. You have to switch to Apache instead, and
reset mail user password to MD5.
- MariaDB support is now available on FreeBSD.
- Add new index for SQL column 'msgs.spam_level' in 'amavisd' database.
- With MySQL/PostgreSQL backends, password hash is now SSHA512 by
default password on Linux, and BCRYPT on FreeBSD and OpenBSD.
Both Roundcube password plugin and iRedAdmin support them.
if you want to login to Awstats/Cluebringer, you have to reset mail
user password to MD5 since Apache sql/ldap auth doesn't support
SSHA512/BCRYPT.
- Enable global sieve script in Dovecot to move spam to Junk folder by
default.
- Disable SSLv3 in Postfix, Dovecot, Apache, Nginx.
- Backup scripts will log backup status in SQL table `iredadmin`, so
that admin can easily check backup status with iRedAdmin.
- Enable '@lookup_sql_dsn' in Amavisd by default, used for
per-recipient lookup policy, including white/blacklist, spam policy,
incoming message size limit.
- New index in `amavisd` database for SQL column `policy.policy_name`.
Required by iRedAdmin-Pro self-service.
* Fixed issues:
- Replace mod_auth_mysql/pgsql by apr-util-mysql/pgsql for Awstats
and Cluebringer webui user authentication on Debian/Ubuntu.
- Not enable cron job to update SpamAssassin rules in file
/etc/default/spamassassin (CRON=1) on Debian/Ubuntu.
- Incorrect quota dict name in Dovecot quota warning script.
- Decrease number of pre-forked Amavisd processes ($max_servers) to 4
by default to reduce memory usage.
- Add missing SQL column (mailbox.enableindexer-worker) and LDAP
attribute/value pair: enabledService=indexer-worker. Required by
Dovecot.
Thanks dwbotsch <botsch _at_ cnf.cornell.edu> for the report.
* Updated packages:
+ Roundcube webmail -> 1.0.4
+ iRedAPD -> 1.4.4. 3 new plugins, bug fixes, performance improvements.
+ iRedAdmin -> 0.4.1. New tool scripts, fixes several issues.
* FreeBSD ports of major component:
o Apache: www/apache24
o PHP: lang/php55
o MySQL: databases/mysql56-server
o MariaDB: databases/mariadb55-server
o PostgreSQL: databases/postgresql93-server
* Below packages are removed from iRedMail due to security concern:
- phpMyAdmin
- phpPgAdmin
- phpLDAPadmin
If you need a sql management tool, please try http://adminer.org/
(web-based, a single PHP file) or other desktop applications instead.
For local LDAP management, you can try ldapvi
(http://www.lichteblau.com/ldapvi/) in terminal.
For remote LDAP management, you can try http://www.ldapadmin.org/ on
Windows PC, or Apache Directory Studio on Windows/Linux/BSD/Mac:
http://directory.apache.org/studio/ (Java application).
iRedMail-0.8.7:
* Works on new Linux/BSD distribution releases:
+ Ubuntu 14.04 LTS. With MariaDB support.
+ OpenBSD 5.5
* Drop support for below releases:
- Ubuntu 13.04, 13.10
- OpenBSD 5.4
* Increase default Amavisd prefork children to 10 (default is 2).
* Allows sasl authentication ONLY over a TLS-encrypted smtp connection.
* Enable LMTP service in Dovecot by default.
To use LMTP instead of Dovecot LDA as per-domain or per-user local
deliver agent in Postfix, you need to use one of below:
- LMTP socket: lmtp:unix:private/dovecot-lmtp
- LMTP inet listener: lmtp:inet:127.0.0.1:24
* Removed columns for MySQL and PostgreSQL backends:
- domain.defaultlanguage
- domain.defaultuserquota
- domain.defaultuseraliases
- domain.disableddomainprofiles
- domain.disableduserprofiles
- domain.defaultpasswordscheme
- domain.minpasswordlength
- domain.maxpasswordlength
They all are merged into column 'domain.settings'. For example:
domain.settings='default_language:en_US;default_user_quota:1024;'
Please check iRedMail upgrade tutorial to migrate these columns:
http://www.iredmail.org/wiki/index.php?title=Upgrade/iRedMail/0.8.6-0.8.7
* New columns for MySQL and PostgreSQL backends:
+ mailbox.enablelmtp: used by Dovecot LMTP server.
+ domain.settings: used to store per-domain settings, userd in
iRedAdmin-Pro.
+ mailbox.settings: used to store per-user settings, used in
iRedAdmin-Pro.
+ admin.settings: used to store per-user settings, used in
iRedAdmin-Pro.
+ alias.islist: used to mark a sql record is a mail list account.
* New LDAP attribute/value pairs for mail users:
+ enabledService=lmtp: used by Dovecot LMTP server.
* Fixed issues:
+ Postfix cannot resolve IP address under chroot on RHEL/CentOS.
* Updated packages:
+ Roundcube webmail -> 1.0.1
+ phpMyAdmin -> 4.2.0
+ iRedAdmin -> 0.3.3
+ iRedAPD -> 1.4.3
iRedMail-0.8.6:
* Works on new Linux/BSD distribution releases:
- Works on Ubuntu 13.10 (saucy). NOTE: phpLDAPadmin is not available
for OpenLDAP backend because it cannot be installed at all.
- OpenBSD 5.4, plus Awstats support.
* Drop support for below releases:
+ Debian 6 (squeeze). Please use Debian 7 (wheezy) instead.
+ OpenBSD 5.3. Please use OpenBSD 5.4 (released on 2013-11-01) instead.
* Drop support for Gentoo Linux and openSUSE linux.
Just few users chose them, so we decided to drop it to reduce our
workload and bring you better support for supported Linux/BSD distributions.
* Better support for installing iRedMail with remote MySQL server.
Reference:
http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/MySQL/install.iredmail.with.remote.mysql.server
* Enable 'innodb_file_per_table' (per-table tablespaces) in MySQL by
default, this parameter avoids large ibdata files (.idb).
Reference:
http://dev.mysql.com/doc/refman/5.5/en/innodb-multiple-tablespaces.html
* Enable Opportunistic TLS support in Postfix when sending mail to remote
SMTP server (smtp_tls_security_level=may).
Thanks kotso <admin _at_ co.ge> and vlastikcz for the report.
* Switch from Policyd-1.8 to Cluebringer on all Linux/BSD distributions.
NOTE: The latest iRedAdmin-Pro supports Cluebringer management, includes
white/black/greylisting, throttling.
* Add parameter 'inet6 => 0' in Amavisd ldap settings to avoid ldap
connection error.
* Fixed issues:
+ Not rotate Cluebringer log file.
+ Not setup cron job to cleanup expired entries in Cluebringer database.
* Updated packages:
+ iRedAPD -> 1.4.2. Fixed a bug in plugin sql_user_restrictions.py.
+ iRedAdmin -> 0.3. Use python source file as config file.
+ Roundcube webmail -> 0.9.5
+ phpMyAdmin -> 4.0.10
iRedMail-0.8.5:
* Use EPEL yum repo on RHEL/CentOS 6 by default.
* Update SQL triggers to insert value for column 'used_quota.domain'
automatically.
* SQL backends: Allow to assign mail list/alias as member of mailing list.
* New SQL column and LDAP attribute for mail domain, used to store
preferred language for newly created mail users.
- SQL: column domain.defaultlang
- OpenLDAP: attribute 'preferredLanguage' for mailDomain object
* Drop support for below releases:
+ Ubuntu 12.10
+ RHEL/CentOS 5.x
+ OpenBSD 5.1, 5.2.
+ openSUSE 12.1, 12.2.
* Fixed:
+ Incorrect Amavisd column name:
policy.unchecked_lovers_maps (incorrect) -> policy.unchecked_lover.
+ Incorrect LDAP ACL for attribute "memberOfGroup".
Thanks Hoang Tuan Viet <vietht _at_ vccloud.vn> for the report.
* Package update:
+ Roundcube webmail -> 0.9.2
+ phpMyAdmin -> 4.0.4.1
+ iRedAdmin -> 0.2.2
+ iRedAPD -> 1.4.1
+ phpPgAdmin -> 5.1
iRedMail-0.8.4:
* Enable Dovecot Master User by default, but no pre-defined account.
* [SQL] New SQL columns in `vmail.mailbox` for per-user restriction, used
by iRedAPD:
allowedsenders, rejectedsenders, allowedrecipients, rejectedrecipients
* Now supports OpenBSD built-in LDAP daemon: ldapd(8).
* Fixed:
+ [FreeBSD] Force all ports to use database/db48 by setting
'WANT_BDB_VER=48' in /etc/make.conf.
Thanks hunci <hunci _at_ hunci.sk> for the report.
- [ldap] Cannot mail to external members of mailing list if we use
alias domain as recipient (user@[alias_domain).
Thanks Soundar Rajan <soundarajan _at_ take10.in> for the report.
- Add new alias 'virusalert' in Postfix for Amavisd.
Thanks Frankstar <frankstar.at _at_ gmail.com> for the report.
- [ldap] Not enable OpenLDAP TLS/SSL support on OpenBSD by default.
- [ldap] Cannot handle alias domain in Postfix per-user bcc.
Thanks Ward De Backer <wdb _at_ stabe.be> for the report.
* Package update:
+ iRedAPD -> 1.4.0
+ iRedAdmin (open source edition) -> 0.2.1
+ Roundcube webmail -> 0.8.6
+ phpMyAdmin -> 3.5.5
+ phpLDAPadmin -> 1.2.3
iRedMail-0.8.3:
* Works on OpenBSD 5.2.
* Works on Ubuntu 12.10 (quantal).
* Dovecot will send an email to postmaster@ if user's mailbox is larger
than or equal to 95% full.
* Drop support for below distributions and releases:
+ FreeBSD 8.x.
+ Ubuntu 10.04 (lucid). Please use 12.04 (precise) instead.
+ openSUSE 12.1 (asparagus). Please use 12.2 (mantis) instead.
* Fixed:
+ Incorrect LDAP uri in cluebringer Apache config file.
Thanks labasus <labas _at_ gmx.co.uk> for the report.
+ amavisLocal=true should be amavisLocal=TRUE (upper cases) in
tools/create_mail_user_OpenLDAP.sh.
Thanks soxgoon @https://bitbucket.org/ (issue #6)
+ Incorrect SQL table name in Cluebringer httpd config file.
+ Empty value of AMAVISD_VIRUSMAILS_DIR on RHEL/CENTOS/Scientific 6.
This issue causes cron job deletes DKIM pem files.
Thanks kislik <kislik _at_ centrum.cz> for the report.
* Package update:
+ phpMyAdmin -> 3.5.3
+ iRedAdmin -> 0.2
+ Roundcube webmail -> 0.8.2
iRedMail-0.8.2:
* Add shell script to backup PostgreSQL databases in cron by default.
Script is /var/vmail/backup/backup_pgsql.sh, backup directory is
/var/vmail/backup/pgsql/.
* It now works on openSUSE-12.2 with all 3 backends available.
* Drop support for Ubuntu-11.10 (oneiric).
* New columns for MySQL/PGSQL backend in table vmail.mailbox:
isadmin, isglobaladmin, language.
* Allow to use LDAP attribute shadowAddress for mail list account.
Thanks chrisjrob <cjr _at_ tridentgarages.co.uk> for the report.
* Add checkpoint setting in OpenLDAP for data recovery, used to define
the time between BDB checkpoint operations. Default is whenever 128kb
data bytes written or 5 minutes has elapsed whichever occurs first.
* Rotate Dovecot log files on OpenBSD and FreeBSD.
* Allow to use LDAP attribute domainGlobalAdmin for mail user.
* Fixed:
+ Don't orerride default SpamAssassin score of SPF_PASS, SPF_FAIL.
Thanks brandon <brandon _at_ brandonbianchi.com> and imknight
<ian _at_ imknight.co.uk> for the feedback.
+ [LDAP] Incorrect maildir path while using Postfix built-in
'virtual' transport.
+ Incorrect log rotate setting of iRedAPD log file on FreeBSD.
Thanks openbsdnoob <w-chi _at_ gmx.de> for the report.
* Package update:
+ phpMyAdmin -> 3.5.2.2
+ iRedAPD -> 1.3.8
+ iRedAdmin -> 0.1.9
+ Roundcube webmail -> 0.8.1
iRedMail-0.8.1:
* It now works on Debian wheezy. Tested with Debian wheezy alpha 1.
* Drop support for Linux Mint. Sorry, not a server OS.
* Add new column 'mailbox.language' in MySQL & PGSQL backends, used by
iRedAdmin.
* Make sure per-user BCC settings have higher priority than per-domain
settings.
* Enforce connections over https in Roundcube.
* Fixed:
+ Incorrect MySQL user password and databases in MySQL backup script.
+ Add missing rotate config for iRedAPD log file on FreeBSD, OpenBSD.
+ Add missing config and SQL table required for sharing IMAP folder to
anyone. Thanks BigMichi1 <bigmichi1 _at_ bigmichi1.de>.
+ Add missing auth service in Dovecot-2: auth-userdb.
+ Add new LDAP attribute and SQL column required by Dovecot-2 share folder:
enabledService=lib-storage (ldap), enablelib-storage=1 (SQL).
Thanks moreni <fmoreni _at_ simtrack.com.br> for the report.
+ [mysql & pgsql] Incorrect maildir path while using Postfix built-in
'virtual' as transport.
+ [ldap] Require enabledService=deliver instead of enabledService=smtp
for maillist members.
Thanks rain6966 <uenuan@gmail> for the report.
* Package update:
+ iRedAdmin -> 0.1.8
+ phpMyAdmin -> 3.5.1
iRedMail-0.8.0:
* It now works on OpenBSD. Tested with OpenBSD 5.1.
iRedMail-0.8.0-beta4:
* Add new value of enabledService: doveadm. Required by Dovecot-2.0
service doveadm.
* All clients are forced to use IMAPS and POPS (via STARTTLS).
To enable POP3/IMAP without STARTTLS again, set 'ssl=yes' and
'disable_plaintext_auth=no' in dovecot.conf.
* Drop support for Dovecot-1.1. At least Dovecot-1.2 is required.
* Fixed:
+ DEBUG=NO in conf/global breaks postfix installation on FreeBSD.
* Package update:
+ iRedAdmin -> 0.1.7. It now works with PostgreSQL.
+ iRedAPD -> 1.3.7. It now works with PostgreSQL.
iRedMail-0.8.0-beta3:
* Enable PostgreSQL support on FreeBSD, RHEL/CentOS 6.
* Add shell scripts to backup OpenLDAP and/or MySQL in cron by default.
* Use Dovecot-2.0 instead of 1.2.x on openSUSE-12.1.
* Drop support for below distributions and releases:
+ Debian 5 (Lenny)
+ Ubuntu 8.x, 9.x, 10.10, 11.04
+ openSUSE: 11.x
+ FreeBSD: 7.x
* Enable greylist opt-in in Policyd-1.x by default.
* It now works on Ubuntu Linux 12.04 (precise). Tested on Alpha 2.
* It now works on Linux Mint 12 (based on Ubuntu, code name: lisa).
* Add share folder support within Dovecot 2.
* Fixed:
+ Incorrect postrotate command for dovecot log files.
Thanks raffayellow@gmail for the report.
+ Two Dovecot config files are world readable: used_quota.conf,
share-folder.conf.
Thanks Martin Kuchar for the report.
* Package update:
+ Roundcube -> 0.7.2
+ MySQL -> 5.5 (FreeBSD)
+ Dovecot -> 2.0 (FreeBSD)
+ iRedAPD -> 1.3.7
iRedMail-0.8.0-beta2:
* It now works perfectly on Gentoo.
* Fixed:
+ Dovecot cannot store realtime quota usage in PostgreSQL.
+ User authentication in Roundcube is case sensitive (login_lc).
iRedMail-0.8.0-beta1:
* It now supports PostgreSQL as backend on Ubuntu 11.10/12.04.
* Package update:
+ Roundcube webmail -> 0.7.1
iRedMail-0.7.4:
* Enable two sample dovecot sieve filters in Roundcube webmail:
Move spam to Junk, Vacation. Both are disabled by default.
* Store realtime mailbox quota in separate SQL table in MySQL backend.
* It now works on Ubuntu 11.10, openSUSE 12.1.
* SPF verification is now enabled by default.
* Add Policyd-2.0.x (code name "cluebringer") support on Ubuntu 11.10.
* Fixed:
+ Apache daemon user doesn't have permission to read Apache log files in
Awstats's cron job.
+ Incorrect per-user realtime mailbox quota if loggin in with shadowAddress.
OpenLDAP backend only. Thanks tmihalicek <tomislav.mihalicek @gmail>.
+ Incorrect per-user sieve_dir setting in Dovecot.
Thanks cetex <oskar @cetex.se>.
+ Add missing INDEXes for Amavisd database: msgs.mail_id, (msgs.content,
msgs.time_num), quarantine.mail_id.
Thanks rjnena <rjnena@gmail>, David <dcharbonnier@gmail>.
* Package update:
+ phpLDAPadmin -> 1.2.2
+ Roundcube webmail -> 0.7.0
+ phpMyAdmin -> 3.4.8
iRedMail-0.7.3:
* Add enabledService=lda for newly created LDAP mail user. Required by
Dovecot 2.x.
* Works on CentOS 6.0, RHEL 6.x, Scientific Linux 6.x.
* Mbox format mailbox is not supported anymore.
* Add smtp-amavis_destination_recipient_limit=1 in Postfix for concurrency
per-recipient limit. Thanks beez <jason@indo.net.id>.
* Package update:
+ Roundcube webmail -> 0.5.4
+ iRedAdmin -> 0.1.6
+ phpMyAdmin -> 3.4.3.2
iRedMail-0.7.2:
* Works on Ubuntu 11.04.
* Enable LDAPS on FreeBSD by default. Thanks Markus Wyrsch <W-Chi@>.
* Improvements:
+ Add alias domain support in postfix virtual_mailbox_domains (MySQL
backend special).
* Fixed:
+ Set 'ServerTokens' to 'ProductOnly' in Apache on Debian/Ubuntu.
Thanks c33s@forum.
* Package update:
+ Roundcube webmail -> 0.5.3
+ phpLDAPadmin -> 1.2.1.1
+ phpMyAdmin -> 3.4.1
+ iRedAPD -> 1.3.6. Fix two issues for MySQL backend.
+ iRedAdmin -> 0.1.5. Security fix edition.
iRedMail-0.7.1:
* Fix incorrect icon path in awstats. Thanks <rannal@> for the feedback.
* Use 2048 as default SSL key length. Thanks mike.f@forum <m.fresel@>.
* Increase Postfix timeout seconds: smtp_data_init_timeout (120s -> 240s),
and smtp_data_xfer_timeout (180s -> 600s). Hope to avoid some timeout
issues. Thanks write4saini@forum, mbsouth@forum.
* Integrate Fail2ban. Note: It doesn't work on FreeBSD yet.
* Support domain alias in postfix relay_domains (MySQL backend special).
Thanks atros@forum.
* Support domain alias in mail alias, catch-all account.
* Package update/changes:
+ Roundcube -> 0.5.2
+ iRedAPD -> 1.3.5
iRedMail-0.7.0:
* Append '-f /path/to/slapd.conf' to slapcat in tools/backup_openldap.sh.
Thanks Enrico Cotti <enrico.cotti@>.
* Save date of password last change while updating password in roundcube.
iRedMail-0.7.0-rc3:
* Make IMAP share folder work with LDAP backend. Thanks alexp@forum.
* Update phpMyAdmin to 3.3.10.
iRedMail-0.7.0-rc2:
* Check domain status in dovecot MySQL lookup and postfix
virtual_mailbox_maps, virtual_alias_maps, sender_login_maps, per-user
transport_maps, per-user sender_bcc_maps and recipient_bcc_maps (MySQL
backend).
iRedMail-0.7.0-rc1:
* Make catch-all account work as expected with MySQL backend.
* Create indexes for some columns in MySQL backend.
iRedMail-0.7.0-beta6:
* Enable iRedAPD for MySQL backend. Used for mail alias deliver
restrictions. Reference:
http://www.iredmail.org/wiki/index.php?title=Install/iRedAPD/MySQL
iRedMail-0.7.0-beta5:
* Reverse Amavisd LDAP query base dn.
* Install python-xml on OpenSuSE 11.4.
iRedMail-0.7.0-beta4:
* Works on OpenSuSE 11.4.
* Improvements:
+ Alias domain support for catchall account in LDAP backend.
* Package update/changes:
+ phpMyAdmin -> 3.3.9.2.
iRedMail-0.7.0-beta3:
* New features:
+ Enable personal LDAP address book for OpenLDAP backend.
+ New column for MySQL backend: domain.defaultpasswordscheme. Used
to store per-domain password scheme.
* Improvements:
+ Check domain status in virtual_mailbox_maps, virtual_alias_maps
for MySQL backend.
+ Don't allow user to view ldap attributes: domainAdmin,
domainGlobalAdmin.
* Fixed:
+ Remove unique index (primary key) on table amavisd.msgrcpt to avoid
duplicate entries.
+ Incorrect path of phpLDAPadmin on Ubuntu 10.04.x/10.10.x.
Thanks xulingyun@bbs for the feedback.
* Package update/changes:
+ PostfixAdmin -> Removed.
+ iRedAdmin -> 0.1.4.
+ Roundcube webmail -> 0.5.1. Remove 3rd-party plugin: imap_acl.
iRedMail-0.7.0-beta2:
* Improvements:
+ Auto create default IMAP folders with dovecot plugin: autocreate.
+ Add plugin 'imap_acl' for roundcube to let users manage their
mailbox sharing, but disabled by default.
+ Mailbox sharing support with dovecot 1.2. Disabled by default.
+ Show realtime quota usage with dovecot-1.2 dict quota in
PostfixAdmin.
+ Don't quarantine mails with bad header in Amavisd.
'$bad_header_quarantine_method=undef;'
+ Increase dovecot "mail_process_size" to 1024MB by default. Hope to
avoid a dovecot "out of memory" issue when processing large mailbox.
Thanks James Kong.
+ Enable whitelising sender (WHITELISTSENDER=1) in policyd by default.
* Fixed:
+ Make sure apache wsgi module is loaded on RHEL/CentOS.
Thanks Murat Uğur Eminoğlu for the feedback.
+ Fix incorrect file localtion of php.ini on OpenSuSE.
* Package Update:
+ Roundcube webmail -> 0.5
+ phpMyAdmin -> 3.3.9.1
iRedMail-0.7.0-beta1:
* Works on OpenSuSE 11.3. Tested on 11.3, but it should work well on
11.2, 11.1 too.
* Improvements:
+ Store realtime quota usage in MySQL with Dovecot-1.2. Reference:
http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Store.Realtime.Quota.In.MySQL
+ Use repository 'backports.debian.org' on Debian 5.
+ Bypass shadow address in postfix sender login checking.
+ Improve postfix ldap lookup to make mail list of alias domain work.
Thanks for Andrea Di Dato's feedback and testing.
+ Integrate MySQL in Amavisd: @storage_sql_dsn.
+ Improve backup mx support with MySQL backend. Thanks tiangangnet@bbs
+ Replaced ldap attribute:
- gn (old) -> givenName
- fax (old) -> facsimileTelephoneNumber
* New backup scripts: tools/backup_openldap.sh, tools/backup_mysql.sh.
Reference: http://www.iredmail.org/wiki/index.php?title=IRedMail/FAQ/Backup
* Upgrade packages:
+ Dovecot -> 1.2.x. On RHEL/CentOS & Debian 5 (with backports).
+ PostfixAdmin -> 2.3.2
+ phpMyAdmin -> 3.3.7
+ Roundcube webmail -> 0.4.2
* Fixed:
+ Fix incorrect file location of awstats.pl on Debian/Ubuntu.
iRedMail-0.6.1:
* Add missing mail log files (mail.info, mail.err, mail.warn) in logrotate.
Thanks to BigMichi1@forum.
* Catch-all account support in MySQL backend.
* Run iRedAdmin as a low privilege user (iredadmin).
* Improve Ubuntu 10.04 support.
* Update iRedAPD to 1.3.3. Run iRedAPD as a low privilege user (iredapd).
iRedMail-0.6.0:
* Disallow to use multiple identities in postfix and roundcube.
* Update iRedAPD to 1.3.0.
* Add missing table on Debian 5 and Ubuntu 9.04:
postfixpolicyd.blacklist_dnsname.
* Upgrade phpMyAdmin to 2.11.10.
* Add 'enableinternal=1' in vmail.mailbox and 'enabledService: internal'
in OpenLDAP.
* Not allow to login with shadow address. It may cause login failed due
to duplicate ldap query result (normal user, another normal user with
shadow address).
* Fix shabang line of dovecot quota warning script. Thanks Alex Stanciu.
* Fix loading awstats issue on FreeBSD. Thanks dbetts22@forum.
* New LDAP attributes: mailWhitelistRecipient, mailBlacklistRecipient.
Used for per-user recipient restrictions.
* Fix: freshclam can't start after update to 0.96. Fixed by removing inline
comment in freshclam setting. Thanks wildweasel@forum.
* Fix incorrect path of policyd-cleanup on Debian & Ubuntu. Thanks
tkuntario@forum.
* Improve ldap scheme file to use 'sub' index.
iRedMail-0.6.0-RC1:
* Add catch-all account support in LDAP backend.
* Fix amavisd startup issue on FreeBSD: run sa-update first.
* Patch to fix roundcube security issue: CVE-2010-0464, Disable DNS
prefetching.
* New LDAP attribute: userManager. Used to replace 'manager' attribute.
* Hide template warning in phpLDAPadmin.
* Update iRedAPD to 1.2.3.
iRedMail-0.6.0-beta3:
* Fix incorrect symbol link of /usr/lib/sendmail on FreeBSD.
* Fix iRedAPD rc script on FreeBSD.
* Fix rc.conf setting for policyd on FreeBSD.
iRedMail-0.6.0-beta2:
* Integrate iRedAPD-1.2 to provide mail list access management for LDAP
backend.
* Upgrade phpLDAPadmin to 1.2.0.5.
* Use yum repository to install all rpm packages on RHEL/CentOS.
* Move dovecot-quota-warning.sh to /usr/local/bin/. Thanks chunlinyao@bbs.
* Don't use 'mktemp' to generate random temp file. Thanks chunlinyao@bbs.
iRedMail-0.6.0-beta1:
* Update dovecot to 1.1.20 on RHEL/CentOS.
* Update postfixadmin to 2.3.
* Add domain alias support in MySQL backend.
* Update phpMyAdmin to 2.11.9.6.
* New LDAP attribute: accountSetting.
* Update roundcube to 0.3.1.
* Add script used to generate new SSL keys: tools/generate_ssl_keys.sh.
* Add 'disclaimer' in mail user object, used to store per-user
disclaimer text.
* Allow ping from remote hosts in iptables rule.
* Update clamav to 0.95.3. Thanks http://dag.wieers.com.
iRedMail-0.5.1:
* Remove three more unnecessary dialog pages.
* Use random password for ldap admin dn: cn=vmailadmin.
* Add domain alias support with new ldap attribute: domainAliasName.
* Ability to restrict POP3S & IMAPS in dovecot now.
* LDAP attribute 'domainName' now allow multi-value.
* Enable mod_deflate in apache by default.
* Update dovecot to 1.1.16 on Debian 5, patched to fix security holes in
CMU Sieve plugin. Reference:
http://marc.info/?l=dovecot&m=125288621404279&w=2
* Add script (tools/clear_iredmail.sh) to remove main components
installed by iRedMail.
* Use postfix proxymap(8) to reduce server load under high load.
* Update dovecot to 1.1.19 on RHEL/CentOS.
* Add 'preferredLanguage' in objectClass mailUser.
* Increase ldap server-side sizelimit to 1000.
* Add external user support in mail list.
* Allow to use multiple identities.
* Fix incorrect postfix setting which will cause mail forwarding and bcc
invalid after upgrade to 2.5.
* Make user can't change employeeNumber.
* Add more LDAP attributes: domainDefaultUserQuota,
domainMinPasswordLength, domainMaxPasswordLength.
* Add more sql columns: defaultuserquota, minpasswordlength, maxpasswordlength.
* Update postfix to 2.5.9.
* Replace sshd port number in default iptable rule by the current setting.
* Add @mynetworks in amavisd config for Debian/Ubuntu.
* Make file world-readable if ACL is not available.
* Add per-user shadow address support in LDAP backend, and it's allowed to
login with shadow address.
* Add missing pkg: altermime for RHEL/CentOS (i386). Thanks to
sdaniel@bbs.
* Remove php-eaccelerator, will abort installation process when php-5.2+
already installed.
* Add missing service control in postfix ldap lookup table.
* Fix per-user sieve setting in dovecot. Thanks Emidio Reggiani
and Caliban @forum.
iRedMail-0.5.0:
* Fix mod_auth_mysql config issue on Ubuntu.
* Update: dovecot -> 1.1.18.
* Fix DKIM singing issue on Debian/Ubuntu. Thanks shake.chen@gmail.
* Add columns/attributes to store user last-login data.
* Support per-user transport maps, enabled by default.
* Remove unnecessary ldap lookup in postfix.
* Set storagebasedirectory in MySQL template.
* Add ldap attribute and mysql column 'disclaimer' to store disclaimer
text.
* Enable dovecot quota warning by default.
* Move default mail storage directory: /home/vmail -> /var/vmail/. Use
/var/vmail/vmail01 as default storage base directory. Thanks mbsouth
@forum.
* Only modify /etc/amavis/conf.d/50-user in debian & ubuntu.
* Fix DKIM singing issue: disable 'forward_method' in policy_bank
'ORIGINATING'. Thanks webstudio@forum.
iRedMail-0.5.0-rc2:
* Add relay_domains & relay_recipient_maps in postfix, used for backup mx.
* Improve global ldap address book in roundcube, make it search accounts
which in the same domain.
* Fix dovecot setting for mysql backend.
* Update: clamav -> 0.95.2, awstats -> 6.9-2, dovecot -> 1.1.16.
* Add two more LDAP attributes in iredmail.schema:
domainMaxListNumber, domainCurrentListNumber.
* Add missing package vixie-cron & tmpwatch in RHEL/CentOS.
* Enable anti-spam & anti-virus on Debian & Ubuntu by default. Thanks
Falador@forum.
* Add quota warning report tool: tools/dovecot-quota-warning.sh.
* Automatically add a disclaimer to outgoing emails with Amavisd-new +
alterMIME (v0.3.10).
* Update Mail-DKIM to 0.36. Thanks to lidaobing@gmail for ubuntu 8.04 and
debian lenny packages.
* Add /extra/ directory for 3rd-party service integration.
* Improve tools/create_mail_user_OpenLDAP.sh to integrate pureftpd
schema.
* Hashed maildir string: hash_domain(), hash_maildir in conf/functions.
* Flexible storage base directory used to store users' mail data, easy
to change, useful for large-scale deployment. e.g.:
Your mail data are all stored in /home/vmail01, but disk storage is
nearly full, it's easy to make new users use new storage like
/home/vmail02, /home/vmail03 or whatever:
- Prevous maildir: /home/vmail01/z/zh/zha/zhang/
- Current maildir: /home/vmail02/h/hu/hua/huang/
You can set the storage base directory in either MySQL (column:
vmail.storagebasedirectory) or OpenLDAP backend (attribute:
storageBaseDirectory).
In addition, maildir and user's HOME directory are seperated (maildir
is $HOME/Maildir/ by default), so that you can integrate more
applications against LDAP user auth like OpenSSH, FTP service, SugarCRM
or whatever you want, data stored in disk storage of each service will
not be mixed.
* Add group 'all@domain.ltd' by default for ldap solution.
* Add 'enabledService=displayedInGlobalAddressBook' for ldap solution,
used to control mail address displayed in global ldap address book or
not.
iRedMail-0.5.0-rc1:
* Update perl-Mail-DKIM to 0.35. hope to fix dkim issue in amavisd:
Reference: http://marc.info/?t=124300167400002&r=1&w=2
* Add new ldap attribute: memberOfGroup.
* Update SquirrelMail to 1.4.19.
* Works on Ubuntu 9.04 (Juanty) now.
* Add rc script for iptables used on Debian.
* Works on Debian (Lenny, 5.0.1) now.
* Add priority (=1) in iRedMail repo file. Thanks scrummie02@forum.
* Update phpLDAPadmin to 1.1.0.7.
* Add bcc control in postfix bcc lookup map.
* LDAP attribute 'domainStatus' is deprecated, use accountStatus instead.
* Add more ldap attributes: domainCurrentQuotaSize,
domainCurrentUserNumber, domainCurrentAliasNumber.
* Add objectclass mailAlias in ldap schema, sync postfix alias lookup
and roundcube global address book lookup, both will search mailList,
mailAlias, mailUser forwarding in one search filter.
* Add forwarding control in postfix alias lookup map.
* Update dovecot to 1.1.14.
* Add 'employeeID' in SQL template.
* Add robots.txt in web server document root to disallow search engines.
* POP3/IMAP are enabled by default, dialog page removed.
* Known issue: pysieved will cause a zombie process.
* Update clamav to 0.95.1.
* Update roundcube and related patches to 0.2.1-stable.
* managesieve service (pysieved) is now not a optional function.
* Add one more object to ldap user/admin: shadowAccount.
* Add ldap attribute to store user's backup mail address, used for
password reset or whatever.
* Add backup mx detect in virtual domain lookup.
* Update phpMyAdmin to 2.11.9.5.
* Address of mail group/list will be autocomplete while you type
recipients in roundcube now.
* Say goodbye to Horde.
* Add group mail/alias support for openldap backend.
* Add attribute for mail list access policy control.
* Add missing index attributes in OpenLDAP: listMember, listAllowedUser,
accessPolicy.
* userPassword & accountStatus are optional for objectclass mailAdmin.
* Fixed OpenLDAP ACL.
* Fixed: Make awstats access via https only.
* Create symbol link for all web-based programs, so that we don't have
to restart apache while upgrade them.
* Fix file permission: /etc/pysieved.ini, should be owned by vmail:vmail.
* Add max length limit for several ldap attributes, remove unnecessary
attribute.
* Adjust mail_location setting in dovecot, use home directory now.
* Replace 'gn' by 'givenName' in roundcube global ldap address book.
Thanks shake.chen@gmail.
* Add script for mysql database backup: tools/backup_MySQL.sh.
iRedMail-0.4.0:
* Say goodbye to mailgraph.
* Say goodbye to ExtMail.
* Add two tool scripts for winwebmail and extmail mailbox migration.
* Change ${SIEVE_DIR} to ${VMAIL_USER_HOME_DIR}/sieve/.
* Add patch for roundcube-0.2 to change ldap password.
* Use mod_auth_mysql for user auth in awstats.
* Improve LDAP schema.
* Avoid quote in HOSTNAME variable. Thanks shake.chen@gmail.
* Update rrdtool to 1.2.30.
* Enable preview pane in roundcube by default.
* Remove phpLDAPadmin templates.
* Add shell script for creating ldap virtual user.
* Update amavisd-new to 2.6.2, dovecot to 1.1.11, lzo to 1.08-5, nomarch
to 1.4-2.
* Remove package: cyrus-sasl, mailman.
* Prompt to choose the default language for webmails.
* Update awstats to 6.9.
* Make webmail can be accessed via HTTPS (except horde).
* Use syslog as default log driver in roundcube.
* Directory renamed: tools/ => dialog/.
* Make phpLDAPadmin, phMyAdmin, PostfixAdmin can be accessed via HTTPS
only.
* Improve LDAP schema, use 'enabledService=XXX' instead of
enableXXXService.
* Make awstats use LDAP user auth if use OpenLDAP as backend.
* Update dovecot-sieve to 1.1.6.
* Use variable to control whether download packages from official yum
repository or not.
* Mark iptables as a must service.
* Update packages: Dovecot => 1.1.8, rrdtool => 1.2.29, postfix => 2.5.6.
* Fix incorrect parameter in postfix ldap lookup table: debug_level =>
debuglevel.
* Add <Directory> container to disable autoindex in apache. Thanks
muniao@gmail.
* Update Postfix to 2.5.5.
* Add one more helo pcre rule, prepend helo identifier in mail header.
* Add missing package 'perl-Encode-Detect', required by sa-update.
* Update phpLDAPadmin to 1.1.0.6.
* Fix crontab job for expire mail in dovecot. Thanks xcrossbow@gmail.
* Reduce postfix queue run retry time to '300s'.
* Add one more pcre expression for smtpd helo restriction to block client
which use dynamic ip address. Thanks muniao@gmail.
* Fix incorrect crontab job for vmail user. Thanks xcrossbow@gmail.
* Set maximal_queue_lifetime and bounce_queue_lifetime to '1d'. Thanks
muniao@gmail.
* Fix incorrect filename while attachment file with Chinese (non-ascii)
characters in Roundcube-0.1.1-stable. Thanks bruce.16899@gmail and
tao.xu.man@gmail.
* Fix postfix aliases file.
iRedMail-0.3.2:
* Export PATH variable while switch to root user. Thanks xcrossbow@gmail.
* Update phpMyAdmin to 2.11.9.4.
* Fix MySQL password issue while contains special characters. Thanks
xcrossbow@gmail.
* Make some command operating system independent.
* Update Dovecot to 1.1.7.
* Update SquirrelMail to 1.4.17.
* Don't specify vmail uid/gid.
* Generate sieve global filter rule sample file.
* Use mail log config in awstats as default config file.
* Fix file permission for awstats if we use ExtMail at the same time.
* Remove two extra packages: roundcubemail-0.1.1-buttons-zh_CN.tar.bz2,
roundcubemail-0.1.1-skin-default-labels.tar.bz2.
* Update clamav to 0.94.2.
* Add patch for ExtMail to make it create user maildir automatic.
* Clear default account in ExtMail global address book.
* Fix change password issue in ExtMail-1.0.5. Thanks ilovell.pan@gmail.
iRedMail-0.3.2-beta1:
* Fix missing php-mysql installation. Thanks webyuhang@hotmail.
* Add LDAP attrubites for service control: enableMailService,
enableFTPService, enableIMService.
* Split dialog config, make webmail program in a standlone page.
* Use unix socket to connect mysql server by default.
* Make Horde Ingo mail filter rules manager works with pysieved.
* Make horde sql database use utf8 as default charset. Thanks
bruce.16899@gmail for his remind.
* Add global ldap address book for horde when use OpenLDAP as backend.
Thanks bruce.16899@gmail for his remind.
* Initialize import php-eaccelerator.
* Update clamav to 0.94.1. Thanks to chenwei for his remind.
* Update php-rrdtool, rrdtool to 1.2.28.
* Initialize import awstats as web and mail log analyzer.
* Improve mailgraph, it can display greylist counter now. Merge css code
to mailgraph.cgi.
* Update phpMyAdmin to 2.11.9.3.
* Set default language to zh_CN in horde, roundcube, squirrelmail.
* Make Roundcube WebMail work while use OpenLDAP as backend, use OpenLDAP
as global ldap address book.
Note: Change password and forwarding setting are disabled yet.
* Remove postgrey, it's replaced by policyd.
Note: Due to this change, MySQL will be installed if you choose OpenLDAP
as backend.
* Fix mail attachment size in ExtMail. Thanks tongds@gmail.
* Add patch to fix login security issue. Reference:
https://sourceforge.net/mailarchive/forum.php?thread_name=49057E07.3060806%40gmail.com&forum_name=postfixadmin-devel
* Improve dovecot quota warning support.
* Add bzip2 as compress command in logrotate. Enabled by default.
* Integrate expire plugin support for Dovecot.
* Enable SSL support for MySQL.
* Fix issue of TERM variable. Thanks yao.xu at
http://bbs.iredmail.org.
* Improve support for exist amp.
* Add missing backup of postfix main.cf file.
* Remove some scripts:
- tools/backup_mysql_db.sh
- tools/convert_winmail_mailbox.sh
- tools/create_mail_user_ldap.sh
- tools/create_mail_user_mysql.sh
- tools/get_helo_count.sh
- tools/migrate_extmail_mailbox.sh
- tools/sysreport.sh
iRedMail-0.3.1:
* Do not allow empty username while create first user. Thanks
edisonwang2007 <at> gmail.
* Make sieve.log logrotate setting file standalone. Thanks
chenwei1973 <at> gmail.
* Set file permission for phpldapadmin. Thanks ipostfix <at>
gmail.com
* Set TERM to 'pcconsole'.
* Remove folder prefix in SquirrelMail.
* Remove non-exist function call: openldap_tls_config. Thanks
ipostfix <at> gmail.com
* Add crontab job for vmail user to delete amavisd virus mail per
month. Thanks xcrossbow <at> gmail.
* Update packages:
- perl-Error => 0.17015-1.
- perl-Compress-Raw-Zlib => 2.015-1.
- perl-BerkeleyDB => 0.36-1.
- perl-IO-Multiplex => 1.10-1.
- perl-MailTools => 2.04-1.
- perl-Mail-SPF => 2.006-1.
- perl-Archive-Zip => 1.26-1.
- Horde WebMail => 1.2.
- Dovecot => 1.1.4.
- SquirrelMail => 1.4.16.
- phpMyAdmin => 2.11.9.2.
* Use unique SSL cert file in Postfix, Dovecot, Apache, OpenLDAP:
/etc/pki/iRedMail{Key,Cert}.pem.
* Disable pysieved service in xinetd.
* Fix 'killall' command path in dovecot logrotate file. Thanks
chenwei <at> gmail.com.
iRedMail-0.3:
* Update ExtMail to 1.0.5.
* Enable submission in postfix.
* Bypass checks for internally generated mail: master.cf.
* Hide Apache + PHP version.
* Fix smtpd.conf file location on x86_64.
* Add SquirrelMail plugin: add_address.
* Update phpMyAdmin to '2.11.9.1'.
* Re-enable select_language plugin in SquirrelMail.
* Make managesieve as an optional component.
iRedMail-0.3-beta1:
* Add plugin section for sieve in dovecot.conf, remove sample
sieve filter rule file.
* Hide SquirrelMail version number and other attributions in login
page.
* Set default language to English in all webmail program.
* Update Horde WebMail to 1.1.2.
* Add avelsieve plugin for SquirrelMail.
* Initialize import pysieved-1.0 for managesieve service.
* Use 'iredmail.org' as example, replace 'osspinc.com'.
* Update unrar to 3.8.2-1.
* Update perl-MailTools to 2.03-1.
* Update perl-Mail-DKIM to 0.32-1.
* Update perl-Error to 0.17014-1.
* Update perl-BerkeleyDB to 0.34-1.
* Update ClamAV to 0.94-1.
* Update Dovecot to 1.1.3-0_80.
* Change official package mirror to 'www.iredmail.org'.
* Add one more SquirrelMail plugin: login_auto, disable
'select_language' plugin.
* Bulk change ldap lookup filenames for postfix.
* Remove external iRedMail logo link.
* Update phpMyAdmin to '2.11.9'.
* Compaction 'smtpd_sender_login_maps' in postfix. Thanks shing.
* Correct 'local' and 'virtual' domains in Postfix. Thanks shing.
* Enable SMTP AUTH while sending email in SquirrelMail.
* Make SquirrelMail work with MySQL backend.
* Update SquirrelMail plugin 'compatibility' to '2.0.13-1.0'.
* Fix perl regular expression while modify ldap init script.
Thanks to ejzhang@www.iredmail.org/bbs/.
* Add script to backup mysql databases: 'tools/backup_mysql_db.sh'.
* Fix policyd crontab job, configuration file permission.
* Add 'default-character-set=utf8' in my.cnf.
iRedMail-0.2:
* Add iRedMail logo in several web-base programs, used to track
how many users use them.
* Remove per-user restriction feature.
* Update postgrey to 1.32.
* Update postfix to 2.3.15. Reference:
http://groups.google.com/group/iredmail/t/d38f9d6a8c1e9cf0
* Add 'expired' field in SQL template for expired date, used for
per-domain, per-user, alias, domain bcc, user bcc.
* Add expire plugin in dovecot. Disabled by default.
* Enable zlib plugin in dovecot by default.
* Improve postfixadmin config dialog, fill with default domain
admin address.
* Sync LDAP schema.
* Fix postfix sender_access ldap lookup.
* Add pcre rule in header_checks(5) for postfix to replace
internal IP address by external IP address or whatever you
want. Disabled default. Thanks muniao. :)
* Change 'virus_admin_maps' and 'spam_admin_maps' to
'root@mydomain' in amavisd.conf. Thanks hihihihi <at>
'www.osspinc.com/bbs/'.
* Make saslauthd disabled while we use dovecot sasl mechanism.
iRedMail-0.2-rc3:
* Update postfixadmin to 2.2.1.1.
* New roundcubemail plugin: vacation. Created by KaraDog <at>
gmail.com. Thanks kara :)
* New feature: Protecting internal email addresses, such as mail
list addresses.
* Remove postfixadmin vacation table in mysql template, disable
vacation functions in postfixadmin.
* Disable mailman, it should be integrated more smoothly.
* New feature: Restricting what users can send mail to off-site
destinations.
* Add 'mail_name', 'mail_version' in postfix. Thanks muniao. :)
* Update dovecot to 1.1.2. Thanks atrpms.net.
* Update phpMyAdmin to 2.11.8.1.
* Add maillog analyze tool: tools/get_helo_count.sh.
* Fix sieve log file permission.
* Make maillog as standalone logrotated job.
* Disable blacklist_helo in policyd, replaced by pcre table in
postfix.
* Remove policyd_blacklist_helo.sql, it was merged into file:
samples/check_helo_access.pcre. We won't import blacklist_helo
records shipped within policyd by default.
* Enable smtpd_helo_restrictions in Postfix and sample pcre table.
* Replace reject_invalid_hostname by reject_invalid_helo_hostname.
Thanks muniao. :)
* Make saslauthd service disabled while we use dovecot as SASL
auth mechanism in Postfix.
* Add more blacklist helo records for policyd. Disabled by
default. Thanks for muniao & ipostfix's help.
* Fix mailgraph directory and cgi file permission for extmail.
Bug reported by ranjun. Thanks :)
* Make 'crond' as enabled services.
* Add default whitelist and blacklist records shipped within
policyd.
* Add another policyd instance for sender throttle feature,
sync init script, crontab job, pidfile. Disabled by default.
* Update ClamAV to 0.93.3.
* Update perl-Convert-UUlib to 1.11. Bug fix version.
iRedMail-0.2-rc2:
* Add file: AUTHORS. include all members.
* Initialize import karadog@gmail's roundcubemail patch for
attachment name with Chinese characters. Thanks Kara. :)
* Initialize import karadog@gmail's roundcubemail patch for
national imap folder name. Good Job, Kara. :)
* Add optional package for Roundcubemail: php-pecl-fileinfo.
* Changed 'SENDER_QUOTA_REJECTION' msg, reduce SENDERMSGLIMIT to
60 msgs per hour. Thanks chenwei. :)
* Implement vacation via dovecot-sieve vacation feature, vacation
rule sample was added. We need a roundcubemail plugin now.
* Allow specify non-standard httpd port in 'conf/httpd' now.
* Mailgraph localtion changed to '/var/www/cgi-bin/mailgraph.cgi'.
* Add 'redirect' command in sieve rule file.
* Drop SPAM mail to INBOX, not Junk.
* Set policyd chroot directory to its home directory.
* Create HOME directory for policyd user. otherwise, crontabs will
failed. Thanks chenwei. :)
* Add 'SMTP_SERVER' for distribute deployment.
* Add iRedMail VERSION info in 'conf/global'.
* Set 'BLACKLIST_TEMP_REJECT=0'. Disabled by default. Thanks muniao.
* Add policyd blacklist_helo list. Thanks muniao. :)
* Improve tool/create_mail_user_mysql.sh, use username as password
by default.
* Make policyd reject 5xx code while user quota exceeded. Thanks
chenwei1973@gmail.
* Remove 'reject_unverified_recipient, reject_unlisted_recipient,'
in smtpd_recipient_restrictions.
* Remove INDEX on vmail.mailbox.
* Add 'smtpd_helo_required=yes' in Postfix.
* Add 'BLACKLIST_REJECTION', 'GREYLIST_REJECTION', 'SPAMTRAP_REJECTION'
in policyd, disabled by default.
* Add 'reject_unknown_sender_domain' in smtpd_recipient_restrictions.
iRedMail-0.2-rc1:
* Add more amavisd options.
* Adjust mailgraph filter rule, add greylist graph.
* Fix quota config in dovecot for 1.1.x. Thanks chenwei. :)
Warning: we use '10' as '10M' now. please refer dovecot userbd
setting file: /etc/dovecot-{mysql,ldap}.conf.
* Make amavisd log to /var/log/maillog by default, so that
mailgraph will detect spam mails.
* Fix SQL while SITE_ADMIN_NAME equal to FIRST_DOMAIN_ADMIN_NAME.
Reported by muniao. Thanks :)
* Add script to convert WinMail user mailboxes to standard IMAP
directory structure.
* Fix ExtMail configuration about 'SYS_MAILDIR_BASE' in webmail.cf,
Thanks xcrossbow@gmail.
* Typo in Roundcubemail display_username.patch. remove 'dot' after
username, so that it won't make user confused. Thanks
xcrossbow@gmail.
* Fix typo error in 'create_mail_mysql_user.sh'. Thanks muniao.
* Remove roundcubemail version info in 'useragent' option in
'config/main.inc.php', less is more.
* Add 'signed_header_fields' in amavisd.conf.
* Update dovecot to 1.1.1.
* Update amavisd-new to 2.6.1.
iRedMail-0.1:
* Add 'policy_time_limit=3600'. Reminded by Edison. Thanks :)
* Add 'delay_warning_time=30m'. Reminded by muniao. Thanks :)
* Add perl-Mail-SPF-Query.noarch as mandatory for SPF feature.
* Initialize version of iRedMail. based on rhms-0.5.0-rc2.
rhms ChangeLog please check:
http://rhms.googlecode.com/svn/trunk/rhms/ChangeLog