Updated per your request, enjoy. 
https://docs.iredmail.org/migrate.to.ne … pware-data
↧
Re: Include SOGo details in iRedMail migration instructions ?
↧
Re: spamc_count
thank you Zhang. we have made the changes and waiting for user to respond.
↧
↧
Re: nginx config problem running wordpress on iredmail setup
Hello. I had a similar problem long ago.
I solved by adding:
1) in the default.conf file I simply set the RETURN of the site to https
2) in the default-ssl.conf file instead I set all the site configuration.
I hope I was helpful.
...at the end of the site configuration you need to include (INCLUDE) the php template (now I can't remember what it's called, just find it among the templates ...)
↧
Re: Include SOGo details in iRedMail migration instructions ?
That's excellent, thanks !
↧
Cannot access shared IMAP folder
After i have shared "test123" IMAP folder with user1@example.com using SoGo web UI
I cannot access it from user1@example.com
SoGo web UI throw the following error:
Jul 26 07:59:11 sogod [2758]: [ERROR] <0x0x809130128[NGImap4Connection]> could not select URL: imap://user1%40example.com@127.0.0.1/Shared/user2@example.com/test123/: {RawResponse = "{ResponseResult = {description = \" Character not allowed
in mailbox name: '.' (0.002 + 0.100 + 0.100 secs).\"; flag = CANNOT; result = no; tagId = 10; }; ok = {CLOSED = \"Previous mailbox closed.\"; }; }"; access = CANNOT; reason = " Character not allowed in mailbox name: '.' (0.002 + 0.100 +
0.100 secs)."; result = 0; }
Thunderbird throw the same one.
/usr/local/etc/dovecot/dovecot.conf
...
namespace {
type = shared
separator = /
prefix = Shared/%%u/
location = maildir:%%Lh/Maildir/:INDEX=%%Lh/Maildir/Shared/%%Ld/%%Ln
# this namespace should handle its own subscriptions or not.
subscriptions = yes
list = children
}
....
What is the problem?
- iRedMail version 0.9.9 MYSQL edition.
- Deployed with the downloadable installer?
- FreeBSD 12.0-RELEASE FreeBSD 12.0-RELEASE NS2_KERNEL amd64
- Store mail accounts in which MySQL backend
- Web server - Nginx
- Manage mail accounts with iRedAdmin-Pro? No
↧
↧
Re: easy deployment / RC mail / folder permissions
ZhangHuangbin wrote:
Could you please show me the original error/warning message about the permission?
I will replicate it for you asap but it may be quicker for you to:
> make sure your web server user does NOT have plugins directory write permission
> enable enigma plugin
> log into RC, go to settings > PGP keys
You should then see the error, produced by RC.
It may have been enough (and better) to simply grant permission to the exact folder the plugin wants. But I chose the entire plugins folder.
↧
issues with prosody easy deployment default config
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v2019071501
- Deployed with iRedMail Easy or the downloadable installer? easy
- Linux/BSD distribution name and version: ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
i started looking into this new prosody xmpp server your easy deployment includes the option for. couple issues i have given the default applied config:
1.> it's default dns hostname is set to my domain.tld, where as my mail server is actually host.domain.tld. so when you run prosodyctl check, it states:
"Host domain.tld does not seem to resolve to this server (IPv4/IPv6)"
which makes sense as i have no A record for that, only for my mail server's host. so i added the correct virtualhost to the custom config file under /opt/iredmail/custom/prosody, but now when it starts it tries to use both values. if i edit the ansible config you control, that'll probably be overwritten i assume on my next deployment. so what now? i could add another A record but i would actually want to use another host name and matching ssl cert.
2.> the same command "prosodyctl check" complains of bad file permissions for my ssl cert:
"Checking certificates...
Checking certificate for domain.tld
certmanager error SSL/TLS: Failed to load '/opt/iredmail/ssl/key.pem': Previous error (see logs), or other system error. (for domain.tld)
Error: error loading private key (system lib)"
i used letsencrypt to obtain my own trusted cert and deployed it using your docs, complete with the permission change over LE's folder structure. so now what?
that's all for now but i may have more as i dig deeper. thanks.
↧
Re: Cannot access shared IMAP folder
I found a solution:
Maildir++ layout disallows using the '.' character (unless LAYOUT=fs is used), since it's used internally as the folder hierarchy separator.
Allow '.' characters with Maildir++ layout when virtual hierarchy separator is changed to '/' (it could be anything else except '.' itself):
add to /usr/local/etc/dovecot/dovecot.conf
mail_plugins = $mail_plugins listescape
more info at https://wiki.dovecot.org/Plugins/Listescape
↧
Re: FreeBSD 12 clear install
===> Staging for spamassassin-3.4.2_3
===> spamassassin-3.4.2_3 depends on package: p5-Encode-Detect>=0 - found
===> spamassassin-3.4.2_3 depends on package: p5-HTML-Parser>=3.46 - found
===> spamassassin-3.4.2_3 depends on package: p5-HTTP-Date>=0 - found
===> spamassassin-3.4.2_3 depends on package: p5-Net-DNS>=0.63 - found
===> spamassassin-3.4.2_3 depends on package: p5-NetAddr-IP>=4.010 - found
===> spamassassin-3.4.2_3 depends on package: p5-Net-CIDR-Lite>=0 - found
===> spamassassin-3.4.2_3 depends on package: p5-Net-IDN-Encode>=0 - found
===> spamassassin-3.4.2_3 depends on package: p5-Net-LibIDN>=0 - found
===> spamassassin-3.4.2_3 depends on package: p5-URI>=0 - found
===> spamassassin-3.4.2_3 depends on package: re2c>=.12.0 - found
===> spamassassin-3.4.2_3 depends on package: dcc-dccd>=1.3.111 - not found
===> dcc-dccd-2.3.167_1 License DCC needs confirmation, but BATCH is defined.
*** Error code 1
Stop.
make[1]: stopped in /usr/ports/mail/dcc-dccd
*** Error code 1
Stop.
make: stopped in /usr/ports/mail/spamassassin
<< ERROR >> Port was not successfully installed, please fix it manually and then re-execute this script.
↧
↧
Re: rsyslog problem
FYI. Still having the failure. I've upgraded rsyslogd to 8.1901.0 from backports. It's been running for nearly a week now and hasn't failed.
↧
Re: Bind multiple IP addresses postfix
Hi Neutro,
Thank you for your reply. I am aware of this fact. The problem is not that i want multiple mailservers. The problem is that for some reason the "main ip" cannot connect to the receiving mailserver, but when i switch to the second ip then the mailserver can connect to the receiving server and the message get delivered. So to get more "sending coverage" i want to add a second ip address, but only use the second one when the main ip fails.
This is the reason i wanted to connect a second IP.
Do you have any suggestions to create a IP / relay priority list?
↧
Bug: Failing SOGo install on CentOS 7.6 (with workaround!)
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: CentOS 7.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Nope
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
So this was a bit troublesome to figure out and involved running a shell script to revert the box back to a "clean" state several times, but I eventually got it.
Suggestion #1: Oh, for the record, the CentOS box was built with the "minimal installation" profile, which /doesn't include rsync/. It might be a good idea to add that to the list of packages to be installed by the iRedAdmin.sh script so things don't mysteriously fail when some of those shell scripts call rsync instead of cp.
Suggestion #2: The shiny new /etc/my.cnf the installer script provides /lacks/ an include line to bring in the rest of the files from /etc/my.conf.d/ which could leave some people in the lurch (and it's kind of bad practice to make that kind of an architectural change to the way the maintainers defaults work). Such a line should probably be added.
So, long story short, the default setup for MariaDB is pretty happy with everything that happens except for SOGo. SOGo is apparently incredibly sensitive to charset stuff. Without the workaround in place, the following symptoms occur:
* The transient box for password length claims to require an 8 character password ("but at least 0" what??) while the interface itself will only be satisfied with a _nine-character_ password. Yes that's very weird, and I didn't think it was related until I got past the SOGo problem and it went away as well.
* sogo-tool running from cron will fail, and in some cases may begin gobbling up 100% in a spin which is just loads of fun to workaround if you've waited more than a few minutes to login over ssh after a reboot.
* sogod itself just won't launch, with systemd throwing a red card after the default timeout has been reached.
* The only table sogo will have will be "users". (This is the big, obvious one!)
The solution is that immediately after MariaDB has been installed, but _before you even start it_ go ahead and drop these details (cobbled together from what's on the SOGo support docs) into /etc/my.conf.d/utf9mb4support.cnf
----------8<----------
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
[mysqld]
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
innodb_file_per_table = TRUE
innodb_file_format = barracuda
innodb_large_prefix = TRUE
---------->8----------
After that you can `systemctl enable mariadb && systemctl start mariadb` and do the dance of the mysql_secure_installation.
Also, since the EPEL version of gnustep and gnustep-libs are now a few teeny releases ahead of the one SOGo uses and are no longer 100% binary-compatible, various parts of SOGo will crash with a segmentation fault unless one forces yum to use the version from the SOGo repo. This tidbit was also found in SOGo forums, but here's the simple way to adjust the epel.repo from the command line:
yum-config-manager --save --setopt=epel.exclude=gnustep*
Note that if you have already installed the EPEL versions of gnustep or gnustep-libs, you'll need to /remove/ them and then reinstall them (after which the above directive will pull them from SOGo, not EPEL).
↧
Re: FreeBSD 12 clear install
I had this same problem. I added the line below in /etc/make.conf
LICENSES_ACCEPTED+=DCC
↧
↧
Re: Bug: Failing SOGo install on CentOS 7.6 (with workaround!)
robertpf wrote:
Suggestion #1: Oh, for the record, the CentOS box was built with the "minimal installation" profile, which /doesn't include rsync/. It might be a good idea to add that to the list of packages to be installed by the iRedAdmin.sh script so things don't mysteriously fail when some of those shell scripts call rsync instead of cp.
iRedMail doesn't use "rsync" during installation. Do you still have the original error message for me for troubleshooting?
robertpf wrote:
Suggestion #2: The shiny new /etc/my.cnf the installer script provides /lacks/ an include line to bring in the rest of the files from /etc/my.conf.d/ which could leave some people in the lurch (and it's kind of bad practice to make that kind of an architectural change to the way the maintainers defaults work). Such a line should probably be added.
I will check this and the rest issues.
Thank you very much for the feedback.
↧
Re: easy deployment / RC mail / folder permissions
Enigma plugin will write the pgp keys to the directory specified in parameter:
$config['enigma_pgp_homedir'] =This directory must be writable by web server daemon user, not the whole "plugins/" directory.
And you'd better put this directory outside the Roundcube directory so that no one can access it via http/https. for example, /var/vmail/pgp-keys/
↧
Re: Bind multiple IP addresses postfix
Maybe you can try Postfix parameter "fallback_relay"?
http://www.postfix.org/postconf.5.html#fallback_relay
↧
Re: FreeBSD 12 clear install
Ok! It works
↧
↧
Re: easy deployment / RC mail / folder permissions
ZhangHuangbin wrote:
Enigma plugin will write the pgp keys to the directory specified in parameter:
$config['enigma_pgp_homedir'] =This directory must be writable by web server daemon user, not the whole "plugins/" directory.
And you'd better put this directory outside the Roundcube directory so that no one can access it via http/https. for example, /var/vmail/pgp-keys/
Didn’t think to check it’s config file. Thank you. That makes perfect sense. Will do. Cheers!
↧
Re: Debian 10 Buster Post
Downloaded and tested the iRedMail-1.0-beta1 (zhb-iredmail-32b706d26a5c) installer on Debian 10 in a LXC.
A couple of observations.
1. Installer.
The install worked. Observed the following
Setting up fail2ban (0.10.2-2.1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/fail2ban.service -> /lib/systemd/system/
fail2ban.service.
[fail2ban-tmpfiles.conf:1] Line references path below legacy directory /var/run/, updating /var/run/
fail2ban → /run/fail2ban; please update the tmpfiles.d/ drop-in file accordingly.
[ INFO ] Updating ClamAV database (freshclam), please wait ...
ERROR: /var/log/clamav/freshclam.log is locked by another process
2. Postfix. Notice the following warning in /var/log/mail.log file
Jul 27 11:22:07 test2 postfix/postfix-script[1051]: warning: symlink leaves directory: /etc/postfix/./makedefs.out
3. Amavis. Seeing this in /var/log/mail.log file. Initially I thought it was a configuration error. I check my the config is good.
Jul 27 11:22:08 test2 amavis[697]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Jul 27 11:22:08 test2 amavis[697]: (!!)policy_server FAILED: Missing 'request' field at (eval 105) line 197, <GEN30> line 7.
Jul 27 11:22:09 test2 amavis[697]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1,"method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params"
: [], "id": 4, "method": "gettxoutsetinfo"}]
4. SOGo warning in /var/log/mysql/error.log file. Warning is logged 2 messages per min.
2019-07-27 11:36:01 51 [Warning] Aborted connection 51 to db: 'sogo' user: 'sogo' host: 'localhost' (Got an error reading communication packets)
2019-07-27 11:36:01 52 [Warning] Aborted connection 52 to db: 'sogo' user: 'sogo' host: 'localhost' (Got an error reading communication packets)
2019-07-27 11:37:01 53 [Warning] Aborted connection 53 to db: 'sogo' user: 'sogo' host: 'localhost' (Got an error reading communication packets)
2019-07-27 11:37:01 54 [Warning] Aborted connection 54 to db: 'sogo' user: 'sogo' host: 'localhost' (Got an error reading communication packets)
5. nft & fail2ban loaded. I've not tested it.
Other than that all services appears to be working.
↧
Running Apache under the latest 0.9.9?
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.7
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: Ubuntu 16.04LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I've been using iRedMail 0.9.7 which has support for Apache for a long time. We have some production sites running on Apache and currently don't have the resource to migrate to Nginx just yet.
However, we are considering migrating to iRedMail 0.9.9 in a few days. I understand support for Apache was removed in 0.9.8. However, I wonder if it's still possible to install/run Apache with a "normal" download/install?
My understanding of you dropping Apache support means you don't provide Apache out of the box, but still allows one to add Apache back in like described in various online Apache tutorials, without major quirks, is this correct?
If this is correct, I plan to install iRedMail 0.9.9, then install Apache 2.x on top of that.
Thank you.
↧