Does this mean, that if i delete mail from Junk folder (move it from Junk to Trash) imap_sieve will think that this email is clean?
No. Trash is ignored.
No plan to get it working on Devuan shortly, sorry.
I suggest move to a supported distro instead, otherwise you need to deal with this issues for each iRedMail update.
I installed with easy initially but can't afford the ongoing monthly fees for my personal email, so I had to cancel my subscription which prevents me from accessing site or updating outside manual process right?
You don't need to subscribe for every month, just subscribe again when you need to update.
Glad you enjoyed the journey. 
Hello.
Solution to do this:
Note: This is not supported by the developers of this project! Use it at your own risk!
I noticed the installer script reads the distribution information from the os-release file in the / etc directory.
As a result, I changed this file as follows:
PRETTY_NAME="Devuan GNU/Linux 4 (chimaera)"
#NAME="Devuan GNU/Linux"
NAME="Debian GNU/Linux"
#VERSION_ID="4"
VERSION_ID="11"
#VERSION="4 (chimaera)"
VERSION="11 (bullseye)"
#VERSION_CODENAME="chimaera"
VERSION_CODENAME="bullseye"
#ID=devuan
ID=debian
#ID_LIKE=debian
HOME_URL="[iredmail forum not support more than 0 url!]"
SUPPORT_URL="[iredmail forum not support more than 0 url!]"
BUG_REPORT_URL="[iredmail forum not support more than 0 url!]"And then, I upgraded iredmail 1.5.1 to 1.5.2 and everything was done right!
I only saw some small errors due to the inability of the installer script to restart mysql. Other than that, everything was like debian
I'm currently using my server and everything is fine.
note:
Dont worry! Most iredmail sections have sysvinit scripts:
SOGo: have sysvinit script
postfix: have sysvinit script
dovecot: have sysvinit script
amavis: have sysvinit script
iredapd: only systemd, but you can write sysvinit (or openrc) script
iredadmin: same as iredapd
No plan to get it working on Devuan shortly, sorry.
I suggest move to a supported distro instead, otherwise you need to deal with this issues for each iRedMail update.
I realize that supporting a new distribution that is fundamentally different from other platforms supported by the project is really hard, and I understand that.
But please at least create a way for people with enough knowledge and acceptance of responsibility to be able to install this project on unsupported platforms.
Can't restart installation for PostGreSQL once MySQL was selected!
Since it conflicts with the existing MySQL setup.
I get error:
Error: Problem 1: problem with installed package mysql-8.0.26-1.module_el8.4.0+915+de215114.x86_64
Please advise.
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1 and 10.5.2
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version: CentOS 7 to Rocky 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Apache to NGINX
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I'm opening a new topic since the other one started as dropping a database and then diverged into migration.
Here's the last update with the question about migrating from and old to new server:
I've been digging through the databases, and other than pulling the domains from iredapd.greylisting_whitelist_domains I think I might not need the other databases brought over. It looks like the roundcubemail database will be repopulated as accounts are accessed from it and I don't think I'd miss the tracking information from the iredadmin database.
If this is true (can someone confirm?) all I really need is the vmail database and /var/vmail/vmail1 and ignore the Migration document notes to pull in the other databases.
Does restarting fail2ban service fix the issue?
Nop, i have this error in fail2ban log, when i restart the service
I've had to reinstall Sogo because it stopped working. I'm running the latest nightly build. This config (all clients, passwords, etc) did work before the sogo snafu.
I've updated the sogo config with the current mysql passwords and according to the logs, logins work fine. I'm having *some* kind of config file issue because that got blown away on the reinstall and I had to build it from scratch.
I copied the sogo.conf from a fresh install of sogo and updated the password. That's literally all I did.
Roundcube logins work fine, so I know the passwords and mysql are good.
I know SOGO is accessing the database correctly because of this:
13 Apr 13 17:43:02 sogod [3296558]: SOGoRootPage successful login from '[hostname]' for user 'XXXX' - expire = -1 grace = -1 Both web logins and activesync fail. Activesync is installed:
With web login, I get this error:
Apr 13 18:23:45 sogod [3324713]: [ERROR] <0x0x55b021b16e70[WOHttpTransaction]> client disconnected during delivery of response for <WORequest[0x0x55b022201070]: method=POST uri=/SOGo/connect app=SOGo rqKey=connect rqPath=(null)> (len=37): the socket was shutdown Apr 13 18:23:45 sogod [3324713]: [ip address] "POST /SOGo/connect HTTP/1.0" 200 37/97 0.039 - - 0 - With activesync:
Apr 13 18:14:21 sogod [3324713]: <0x0x55b021de09a0[SOGoActiveSyncDispatcher]> EAS - Forbidden access for user XXXX Apr 13 18:14:21 sogod [3324713]: |SOGo| request took 0.001488 seconds to execute Apr 13 18:14:21 sogod [3324713]: [hostname] "POST /SOGo/Microsoft-Server-ActiveSync?Cmd=FolderSync&User=XXXX&DeviceId=C235039772D84EAF8784ABF59A506311&DeviceType=WindowsOutlook15 HTTP/1.0" 403 0/45 0.002 - - 0 - 11 Apr 13 18:14:23 sogod [3324713]: |SOGo| starting method 'POST' on uri '/SOGo/Microsoft-Server-ActiveSync?Cmd=Sync&User=XXXX&DeviceId=C235039772D84EAF8784ABF59A506311&DeviceType=WindowsOutlook15'Any ideas, greatly appreciated!
Here is the sogo config file:
{
//
//
// Daemon address and port
WOPort = 127.0.0.1:20000;
// PID file
//WOPidFile = /var/run/sogo/sogo.pid;
// Log file
//WOLogFile = /var/log/sogo/sogo.log;
// Enable verbose logging. Reference:
SOGoDebugRequests = YES;
SOGoEASDebugEnabled = YES;
//ImapDebugEnabled = YES;
//LDAPDebugEnabled = YES;
//MySQL4DebugEnabled = YES;
//PGDebugEnabled = YES;
// Define the URL to online help for SOGo. When set, an additional icon
// will appear near the logout button in SOGo's web interface. The URL
// will always be open in a blank target.
//SOGoHelpURL = '';
// set the maximum allowed size for content being sent to SOGo, this can
// also limit the file attachment size being uploaded to SOGo when
// composing a mail.
// The value is in kilobyte. Default is 0 or disabled (unlimit).
WOMaxUploadSize = 15360;
// Parameter used to set the maximum allowed email message size when
// composing a mail.
// The value is in kilobytes. By default, the value is 0, or disabled so
// no limit will be set.
SOGoMaximumMessageSizeLimit = 15360;
// Performance Tuning
//
// The amount of instances of SOGo that will be spawned to handle multiple
// requests simultaneously. When started from the init script, that amount
// is overriden by the `PREFORK=` setting in /etc/sysconfig/sogo or
// /etc/default/sogo. A value of 3 is a reasonable default for low usage.
// The maximum value depends on the CPU and IO power provided by your
// machine: a value set too high will actually decrease performances under
// high load.
//
// You should have at least one child per EAS device configured to use
// "push". You must also have more children than you have EAS devices
// configured to use "push" - in order to handle normal SOGo requests to
// its Web or DAV interfaces.
//
// Defaults to 1 when unset, increase it if you see below error message in
// sogo log file: 'No child available to handle incoming request'
//
// WARNING:
// - on RHEL/CentOS, this setting is controlled by parameter
// 'PREFORK=' defined in /etc/sysconfig/sogo.
// - on Debian/Ubuntu, this setting is controlled by parameter
// 'PREFORK=' defined in /etc/default/sogo.
WOWorkersCount = 10;
// Parameter used to set the maximum amount of time, in seconds, SOGo will
// wait before replying to a Ping command.
// If not set, it defaults to 10 seconds.
SOGoMaximumPingInterval = 3540;
// Parameter used to set the maximum amount of time, in seconds, SOGo will
// wait before replying to a Sync command.
// If not set, it defaults to 30 seconds.
SOGoMaximumSyncInterval = 3540;
// Parameter used to set the maximum amount of time, in seconds, SOGo will
// wait before doing an internal check for data changes (add, delete, and
// update). This parameter must be lower than SOGoMaximumSyncInterval and
// SOGoMaximumPingInterval.
// If not set, it defaults to 10 seconds.
SOGoInternalSyncInterval = 30;
// Specifies the number of minutes after which a busy child process will be
// killed by the parent process.
// Defaults to 10 (minutes).
WOWatchDogRequestTimeout = 61;
// Overwrite the maximum number of items returned during a Sync operation.
// Defaults to 0, which means no overwrite is performed.
// Setting this parameter to a value greater than 512 will have unexpected
// behaviour with various ActiveSync clients.
//SOGoMaximumSyncWindowSize = 100;
// Overwrite the maximum response size during a Sync operation.
// The value is in kilobytes. Setting this to 512 means the response size
// will be of 524288 bytes or less (or a bit greater if needed for syncing
// one item). Note that if you set the value too low and a mail message
// (or any other object like calendar events, tasks and contacts) surpasses
// it, it will still be synced but only this item will be.
// Defaults to 0, which means no overwrite is performed.
//
// Say you have these five mails and you set the limit to 512KB:
// 1. 250 KB
// 2. 250 KB
// 3. 25 KB
// 4. 750 KB
// 5. 10 KB
// Sync iteration no. 1 will pick message 1, 2 and 3.
// Sync iteration no. 2 will pick message 4.
// Sync iteration no. 3 will pick message 5.
SOGoMaximumSyncResponseSize = 2048;
// The maximum amount of memory (in megabytes) that a child can use.
// Reaching that value will force children processes to restart, in order
// to preserve system memory.
//
// Error message when it reaches the value:
// "terminating app, vMem size limit (xxx MB) has been reached (currently xxx MB)"
//
// Defaults to 384.
SxVMemLimit = 500;
// Enable XSRF (also known as CSRF) protection.
SOGoXSRFValidationEnabled = YES;
// IMAP connection pool.
// Your performance will slightly increase, as you won't open a new
// connection for every access to your IMAP server.
// But you will get a lot of simultaneous open connections to your IMAP
// server, so make sure he can handle them.
// For debugging it is reasonable to turn pooling off.
NGImap4DisableIMAP4Pooling = NO;
SOGoProfileURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_user_profile";
OCSFolderInfoURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_folder_info";
OCSSessionsFolderURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_sessions_folder";
OCSEMailAlarmsFolderURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_alarms_folder";
// With 3 parameters below, SOGo requires only 9 SQL tables in total
// instead of creating 4 SQL tables for each user.
OCSCacheFolderURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_cache_folder";
OCSStoreURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_store";
OCSAclURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/sogo_acl";
// Default language in the web interface
SOGoLanguage = English;
// Specify which module to show after login: Calendar, Mail, Contacts.
SOGoLoginModule = Mail;
// Must login with full email address
SOGoForceExternalLoginWithEmail = YES;
// Allow user to change full name and email address.
SOGoMailCustomFromEnabled = NO;
// IMAP server
// Local connection is considered as secure by Dovecot, so 'imap://' is fine.
// With remote IMAP server, use 'imaps://127.0.0.1:143/?tls=YES' instead;
SOGoIMAPServer = "imap://127.0.0.1:143/?tls=YES&tlsVerifyMode=allowInsecureLocalhost";
// Allow user to add other IMAP accounts that will be visible from the SOGo
// Webmail interface.
// Default is NO.
//SOGoMailAuxiliaryUserAccountsEnabled = YES;
// SMTP server
SOGoSMTPServer = "smtp://127.0.0.1:587/?tls=YES&tlsVerifyMode=allowInsecureLocalhost";
SOGoMailingMechanism = smtp;
SOGoSMTPAuthenticationType = PLAIN;
// Enable managesieve service
//
// WARNING: Sieve scripts generated by SOGo is not compatible with Roundcube
// webmail, don't use sieve service in both webmails, otherwise
// it will be messy.
//
//SOGoSieveServer = "sieve://127.0.0.1:4190/?tls=YES&tlsVerifyMode=allowInsecureLocalhost";
//SOGoSieveScriptsEnabled = YES;
//SOGoVacationEnabled = YES;
//SOGoForwardEnabled = YES;
SOGoSieveFolderEncoding = UTF-8;
// Memcached
SOGoMemcachedHost = 127.0.0.1;
// Parameter used to set which usernames require administrative privileges
// over all the users tables. For example, this could be used to post
// events in the users calendar without requiring the user to configure
// his/her ACLs. In this case you will need to specify those superuser's
// usernames like this :
// SOGoSuperUsernames = (<username1>[,<username2>, ...]);
//SOGoSuperUsernames = ();
SOGoTimeZone = "America/New_York";
SOGoFirstDayOfWeek = 1;
SOGoRefreshViewCheck = every_5_minutes;
SOGoMailReplyPlacement = below;
// Disable gravatar
SOGoExternalAvatarsEnabled = NO;
SOGoGravatarEnabled = NO;
// Control WebDAV access to the Calendar / Contacts collections.
// This can be used to deny access to these resources from Thunderbird
// Lightning for example.
// Defaults to YES when unset.
//SOGoCalendarDAVAccessEnabled = NO;
//SOGoAddressBookDAVAccessEnabled = NO;
// Allow users to share publicly (ie., requiring not authentication) their
// calendars and address books.
// Defaults to NO when unset.
//SOGoEnablePublicAccess = YES;
//
// Notifications
//
// Enable email-based alarms on events and tasks.
SOGoEnableEMailAlarms = YES;
// Notify meeting participants
SOGoAppointmentSendEMailNotifications = YES;
// Notify if a calendar or an address book has been created.
SOGoFoldersSendEMailNotifications = NO;
// Notify involved users of a calendar or address book's ACLs.
SOGoACLsSendEMailNotifications = YES;
// Notify when a modification is being done to his/her own calendar by someone else.
SOGoNotifyOnExternalModifications = YES;
// NOTE: PostgreSQL cannot update view in iRedMail
SOGoPasswordChangeEnabled = YES;
// Authentication using SQL
SOGoUserSources = (
{
type = sql;
id = users;
viewURL = "mysql://sogo:[deleted]@127.0.0.1:3306/sogo/users";
canAuthenticate = YES;
// The algorithm used for password encryption when changing
// passwords without Password Policies enabled.
// Possible values are: plain, crypt, md5-crypt, ssha, ssha512.
userPasswordAlgorithm = ssha512;
prependPasswordScheme = YES;
// Use `vmail.mailbox` as per-domain address book.
isAddressBook = YES;
displayName = "Domain Address Book";
SOGoEnableDomainBasedUID = YES;
DomainFieldName = "domain";
// Listing of this LDAP source is only possible when performing a
// search (respecting the SOGoSearchMinimumWordLength parameter)
// or when explicitely typing a single dot.
// Defaults to YES when unset.
//
// WARNING: if you have many accounts in this address book, it may
// reach server-side query size limit, or cause
// performance issue.
listRequiresDot = NO;
ModulesConstraints = {
Mail = { c_webmail = y; };
Calendar = { c_calendar = y; };
ActiveSync = { c_activesync = y; };
};
},
//{
// displayName = "Global Address Book";
// type = sql;
// id = global_address_book;
// viewURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/users";
// canAuthenticate = NO;
// isAddressBook = YES;
// listRequiresDot = NO;
// SOGoEnableDomainBasedUID = YES;
// DomainFieldName = "domain";
//},
// Display mailing aliases in address book.
// You need to create SQL view 'sogo.aliases' first.
//
// For MySQL:
//
// CREATE VIEW sogo.aliases (c_uid, c_name, c_password, c_cn, mail, domain)
// AS SELECT address, name, '', name, address, domain
// FROM vmail.alias WHERE active=1;
//
//{
// displayName = "Mailing Lists";
// type = sql;
// id = aliases;
// viewURL = "mysql://sogo:hBGPpUbECqki5PzjOUaVezGDJarQA4pT@127.0.0.1:3306/sogo/aliases";
// canAuthenticate = NO;
// isAddressBook = YES;
// listRequiresDot = NO;
// SOGoEnableDomainBasedUID = YES;
// DomainFieldName = "domain";
//},
);
// Authentication using LDAP
/* LDAP backend
SOGoUserSources = (
{
// Used for user authentication
type = ldap;
id = users;
canAuthenticate = YES;
isAddressBook = NO;
displayName = "LDAP Authentication";
hostname = "PH_LDAP_URI";
baseDN = "domainName=%d,PH_LDAP_BASEDN";
bindDN = "PH_LDAP_BINDDN";
bindPassword = "PH_LDAP_BINDPW";
filter = "objectClass=mailUser AND accountStatus=active AND enabledService=mail AND enabledService=sogo";
scope = SUB;
// always keep binding to the LDAP server using the DN of the
// currently authenticated user. bindDN and bindPassword are still
// required to find DN of the user.
// Note: with default LDAP acl configured by iRedMail, user doesn't
// have privilege to query PH_LDAP_BASEDN.
// so this doesn't work.
bindAsCurrentUser = YES;
// The algorithm used for password encryption when changing
// passwords without Password Policies enabled.
// Possible values are: plain, crypt, md5-crypt, ssha, ssha512.
userPasswordAlgorithm = ssha512;
CNFieldName = cn;
IDFieldName = mail;
// value of UIDFieldName must be unique on entire server
UIDFieldName = mail;
IMAPLoginFieldName = mail;
MailFieldNames = (mail);
bindFields = (mail);
ModulesConstraints = {
Mail = { enabledService = sogowebmail; };
Calendar = { enabledService = sogocalendar; };
ActiveSync = { enabledService = sogoactivesync; };
};
},
{
// Used for global address book
type = ldap;
id = global_addressbook;
canAuthenticate = NO;
isAddressBook = YES;
displayName = "Global Address Book";
bindAsCurrentUser = YES;
// Listing of this LDAP source is only possible when performing a
// search (respecting the SOGoSearchMinimumWordLength parameter)
// or when explicitely typing a single dot.
// Defaults to YES when unset.
//
// WARNING: if you have many accounts in this address book, it may
// reach server-side query size limit, or cause
// performance issue.
listRequiresDot = NO;
hostname = "PH_LDAP_URI";
baseDN = "domainName=%d,PH_LDAP_BASEDN";
bindDN = "PH_LDAP_BINDDN";
bindPassword = "PH_LDAP_BINDPW";
filter = "((enabledService=mail AND accountStatus=active AND enabledService=displayedInGlobalAddressBook) AND ((objectClass=mailUser AND enabledService=sogo) OR (objectClass=mailList) OR (objectClass=mailAlias)))";
scope = SUB;
IDFieldName = mail;
bindFields = (mail);
// value of UID field must be unique on whole server.
UIDFieldName = mail;
IMAPLoginFieldName = mail;
CNFieldName = cn;
SearchFieldNames = (cn, sn, displayName, telephoneNumber, mail, shadowAddress, departmentNumber);
// Resources management (Free/Busy)
KindFieldName = "Kind";
MultipleBookingsFieldName = "MultipleBookings";
}
);
LDAP backend */
}did you open the port in firewall?
Which iRedMail release are you running? There're 2 SOGo related fixes in latest iRedMail-1.5.2, you'd better check it out:
https://docs.iredmail.org/upgrade.iredm … 1.5.2.html
With latest iRedMail release, Fail2ban is configured to use nftables (instead of iptables) on Debian / Ubuntu, do you use the wrong fail2ban action in /etc/fail2ban/jail.d/*.local?
WRONG.
- Roundcube stores per-user preferences, address books, contact groups in its SQL db, so you'd better migrate it.
- iRedAPD stores greylisting / throttle / whitelists / blacklists / ... in SQL db, so ...
- Amavisd stores whitelists, blacklists, spam policies, etc in SQL db, so ...
- ...
As clearly mentioned in iRedMail installation guide, please deploy iRedMail on a fresh new server.
But please at least create a way for people with enough knowledge and acceptance of responsibility to be able to install this project on unsupported platforms.
iRedMail is open source and written in Bash shell, i suppose it's not very hard to achieve this, but we do not recommend it.
Imagine you need to modify application update scripts each time you update iRedMail, needless to say the update scripts may change internally too, it's risky if you don't fully understand what it does and how it works.
You see, the problem is future maintenance, and your time.
Okay, as in my previous topic when I follow all the steps to go from 0.9.5-1 to 1.5.2 doing all the database changes only as outlined in the migration document and then exporting them on the old server and importing them to the new server running 1.5.2 I get errors. When I compare the tables between the database I changed and a database on a new 1.5.2 I see tables on the new 1.5.2 that aren't in the one that I applied all the database change (and I get errors in the logs about redapd.smtp_sessions missing) and I see lots of errors in the logs from iredapd about not being able to apply plugins throttle, greylisting, and wblist_rdns.
That's why I thought that I could ignore the others and just manually do my whitelists and blacklists. I have Roundcube installed but nobody uses it except in rare cases.
Hi,
- iRedMail version (check /etc/iredmail-release)
==> 0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
==>downloadable installer?
- Linux/BSD distribution name and version
==> Debian Linux 9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL)
==> MySQL
- Web server (Apache or Nginx)
==> Nginx
- Manage mail accounts with iRedAdmin-Pro?
==> Yes.
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Some emails from outside are stucked in Quarantine by Virus tag same emails contain PDF attachment which has bank statement please let us know how to resolve the same.
Error message
###############################
554 5.7.0 Reject, id=18145-02 - INFECTED: Heuristics.Phishing.Email.SpoofedDomain
Virus scanner output:
p015: Heuristics.Phishing.Email.SpoofedDomain FOUND
###############################
Thanks
Sunil
By "difficult" I mean that all the operating systems you support use systemd (except BSDs, of course), and support for a Linux distribution that does not have systemd may make it more difficult to maintain the project.
I understand, but I think it's worth it. I had serious problems with systemd, extremely long boot time (more than 6 minutes 
), consumption of system resources by systemd components (such as journald), high pressure on the system when reading journal (to the extent that the Minecraft server on background active, it crashed!), The launch of some services failed for no reason, and all the other reason that keeping my personal server turned into hell.
Anyway, thank you for letting me (and perhaps those who will read this topic in the future) know the dangers of doing so.
Have nice day
You can either release it to mailbox or delete it if you are sure it's virus.
This worked for me (remove the space after https):
git clone https ://github.com/freebsd/freebsd.git /usr/src
cd /usr/src; make clean