Did you upgrade iRedMail from an old release? If yes, please check this change:
https://docs.iredmail.org/upgrade.iredm … go-webmail
↧
Re: Can't login to SOGo (5.7, iRedMail 1.6.0)
↧
Re: block outbound domain mail to external
Update sql table "vmail.mailbox", set columns "enablesmtp" and "enablesmtpsecured" of certain domain or user to value 0 (number zero), this will disable smtp service for the domain or user.
↧
↧
Re: iRedMail LDAP LoadModule Questions
memberOf only appears if you explicitly search it.
↧
Re: iRedMail LDAP LoadModule Questions
ZhangHuangbin wrote:
memberOf only appears if you explicitly search it.
Apologies, I edited original reply to include ldapsearch output. I needed to clean out all the information. MemberOf does not appear. But it should show up as an enabled module as well, without ldapsearch no?
↧
Re: iRedMail LDAP LoadModule Questions
Do the test this way:
- add a subscribable mailing list, and add some member(s)
- run ldapsearch with filter "objectclass=mailList" and attribute "mail memberOf".
↧
↧
Re: iRedMail LDAP LoadModule Questions
root@mx:/etc/ldap# ldapsearch -Z -H 'ldap://ldap.domain.tld:389' -ZZ -LLL -D 'cn=manager,dc=domain,dc=tld' -W objectclass=mailList mail memberOf
Enter LDAP Password:
dn: mail=announce@domain.tld,ou=Groups,domainName=domain.tld,o=domains,dc=domain,dc=
tld
mail: announce@domain.tld
dn: mail=genauth@domain.tld,ou=Groups,domainName=domain.tld,o=domains,dc=domain,dc=x
yz
mail: genauth@domain.tld
dn: mail=list1@domain.tld,ou=Groups,domainName=domain.tld,o=domains,dc=domain,dc=tld
mail: list1@domain.tld
dn: mail=list2@domain.tld,ou=Groups,domainName=domain.tld,o=domains,dc=domain,dc=tld
mail: list2@domain.tld
dn: mail=testing@domain.tld,ou=Groups,domainName=domain.tld,o=domains,dc=domain,dc=x
yz
mail: testing@domain.tldThe Testing@ list is the one I added. Still no impact.
↧
Re: block outbound domain mail to external
Thank you mr. ZhangHuangbin 
ZhangHuangbin wrote:
Update sql table "vmail.mailbox", set columns "enablesmtp" and "enablesmtpsecured" of certain domain or user to value 0 (number zero), this will disable smtp service for the domain or user.
↧
How to get version without the /etc/iredmail-release file?
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): unknown
- Deployed with iRedMail Easy or the downloadable installer? Downloadble installer
- Linux/BSD distribution name and version: Ubuntu 22.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hello everyone,
I have encountered an issue with the current company since they do not have the file /etc/iredmail-release with the version they have. Is there another place where I can find the version of the current installed iRedMail?
Thanks in advance,
KCHG
↧
Re: SOGo not updating?
ZhangHuangbin wrote:
Upstream didn't update the binary packages since Jun 29 (checked today Jul 5):
https://packages.inverse.ca/SOGo/nightl … ye/s/sogo/
Thank you, zhb. Upstream has resumed its updates, including a new one last night.
↧
↧
Re: Can't login to SOGo (5.7, iRedMail 1.6.0)
Yes, I have checked it.
I use nginx for reverse proxy on another web-server.
There is a config file:
```
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/mail.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mail.example.com/privkey.pem;
server_name mail.example.com;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffer_size 1024k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 1024k;
proxy_pass https://10.77.50.85/;
}
}
server {
if ($host = mail.example.com) {
return 301 https://mail.example.com$request_uri;
}
listen 80;
server_name mail.example.com;
return 404;
}
```
sogo.conf on mail server with iRedMail:
```
# Settings for SOGo Groupware
# SOGo
location ~ ^/sogo { rewrite ^ https://$host/SOGo; }
location ~ ^/SOGO { rewrite ^ https://$host/SOGo; }
# Redirect /mail to /SOGo
#location ~ ^/mail { rewrite ^ https://$host/SOGo; }
# For Mac OS X and iOS devices.
rewrite ^/.well-known/caldav /SOGo/dav permanent;
rewrite ^/.well-known/carddav /SOGo/dav permanent;
rewrite ^/principals /SOGo/dav permanent;
location ^~ /SOGo {
include /etc/nginx/templates/hsts.tmpl;
proxy_pass http://127.0.0.1:20000;
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
# forward user's IP address
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
# always use https
proxy_set_header x-webobjects-server-port $server_port;
proxy_set_header x-webobjects-server-name $host;
proxy_set_header x-webobjects-server-url https://$host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
}
location ^~ /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-S … ctiveSync;
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
proxy_connect_timeout 3540;
proxy_send_timeout 3540;
proxy_read_timeout 3540;
}
location ^~ /SOGo/Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-S … ctiveSync;
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
proxy_connect_timeout 3540;
proxy_send_timeout 3540;
proxy_read_timeout 3540;
}
location /SOGo.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
expires max;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
expires max;
}
location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
expires max;
}
```
If I go to the mail server IP from a private network like 10.77.50.85/SOGo
I will successfully login to SOGo. Everything is fine.
Now I can't login to SOGo if I login to the webserver by domain name mail.example.com
Server (nginx proxy) drops connection.
I try to test also (from nginx proxy web server):
curl -I http://10.77.50.85/SOGo
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 05 Jul 2022 15:58:24 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://10.77.50.85/SOGo
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Where is my mistake? What am I doing wrong?
↧
Installation Failed | 404 and sope 4.9 MySQL
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.0
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: Ubuntu 22.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue: Please, see attached screenshot.
Installation fails, and cannot complete install. How can I resolve given the many errors thrown?
====
↧
Re: Help needed with stopping relaying spam
ZhangHuangbin wrote:
Try to check old Postfix log file, e.g. /var/log/mail.log.1:
bash find_top_sasl_usernames.sh /var/log/mail.log.1derek1776 wrote:Update: I cleaned out the queue with:
postqueue -p (saw thousands of spam messages)
postsuper -d ALLThis is dangerous, you may remove legal emails with `postsuper -d ALL`.
If queue is full of spams, legal email may be stalled in queue and waiting for Postfix to pick it up.
Old log file shows same compromised account. Passwords have been changed. The queue shows empty now, I had to resend a few messages, so the risk was minimal.
I still see bogus sends in the logs, like this thing is still active, even after changing login credentials for the effected account that showed up in find_top_sasl_usernames.sh /var/log/mail.log.1.
Sample log here:
Jul 5 15:46:36 mail postfix/smtp[44800]: 4LctTm47CMz1KYb: to=<m.koeberl@hiway.at>, relay=smtp.sendgrid.net[167.89.115.53]:587, delay=0.21, delays=0.01/0.01/0.16/0.03, dsn=5.0.0, status=bounced (host smtp.sendgrid.net[167.89.115.53] said: 550 The from address does not match a verified Sender Identity. Mail cannot be sent until this error is resolved. Visit https://sendgrid.com/docs/for-developer … -identity/ to see the Sender Identity requirements (in reply to end of DATA command))
Jul 5 15:46:36 mail postfix/smtp[44799]: Trusted TLS connection established to smtp.sendgrid.net[167.89.123.95]:587: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jul 5 15:46:36 mail postfix/smtp[44797]: 4LctTm4t1Cz1KYc: to=<m.koeberl@hiway.at>, relay=smtp.sendgrid.net[107.20.8.136]:587, delay=0.25, delays=0.02/0/0.2/0.03, dsn=5.0.0, status=bounced (host smtp.sendgrid.net[107.20.8.136] said: 550 The from address does not match a verified Sender Identity. Mail cannot be sent until this error is resolved. Visit https://sendgrid.com/docs/for-developer … -identity/ to see the Sender Identity requirements (in reply to end of DATA command))
Jul 5 15:46:37 mail postfix/smtp[44799]: 4LctTm5B1Wz1Kgm: to=<m.koeberl@hiway.at>, relay=smtp.sendgrid.net[167.89.123.95]:587, delay=0.27, delays=0.01/0/0.16/0.1, dsn=5.0.0, status=bounced (host smtp.sendgrid.net[167.89.123.95] said: 550 The from address does not match a verified Sender Identity. Mail cannot be sent until this error is resolved. Visit https://sendgrid.com/docs/for-developer … -identity/ to see the Sender Identity requirements (in reply to end of DATA command))
Jul 5 15:46:44 mail postfix/smtp[44800]: Trusted TLS connection established to smtp.sendgrid.net[167.89.123.97]:587: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jul 5 15:46:44 mail postfix/smtp[44797]: Trusted TLS connection established to smtp.sendgrid.net[167.89.123.97]:587: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jul 5 15:46:44 mail postfix/smtp[44800]: 4LctTw1XtLz1KYk: to=<necfgn@gmail.com>, relay=smtp.sendgrid.net[167.89.123.97]:587, delay=0.24, delays=0.01/0.02/0.17/0.04, dsn=5.0.0, status=bounced (host smtp.sendgrid.net[167.89.123.97] said: 550 The from address does not match a verified Sender Identity. Mail cannot be sent until this error is resolved. Visit https://sendgrid.com/docs/for-developer … -identity/ to see the Sender Identity requirements (in reply to end of DATA command))
My outbound mail relay (sendgrid) is stopped and not allowing mail to flow out due to all the spam attempts. Kinda lost as to how to stop it. I have limited control over the firewall as it is running in a cloud instance until I can move it back to on-premise behind my firewall with ip blocks. Never had so much trouble in the 2 years this has been running. Will try to keep the post updated as I fight through it.
Thanks
↧
Re: Help needed with stopping relaying spam
Update: Mail is again flowing in both directions fine now. All I did was reload postfix and it seems to be fine, at least from the logs. Have no idea what was going on, but for the moment it seems to have stopped and everything is working. Mail-tester is giving me an 8.2/10, so the damage is not too bad.
↧
↧
Re: Installation Failed | 404 and sope 4.9 MySQL
SOGo team doesn't offer binary packages for Ubuntu 22.04 yet, if you need SOGo then you have to use Ubuntu 20.04 instead right now, or wait for SOGo team.
Help push SOGo team to build packages for 22.04:
https://www.sogo.nu/bugs/view.php?id=5511
↧
Re: Can't login to SOGo (5.7, iRedMail 1.6.0)
maxyca wrote:
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
Try to increase the size on proxy server.
↧
Re: How to get version without the /etc/iredmail-release file?
- Do you have a iRedMail installation directory? Downloaded iRedMail and installed, but leave the directory there and not removed.
- Do you have version number in files under /etc/postfix/mysql/*.conf? Old iRedMail releases writes the version number.
↧
Re: iRedMail LDAP LoadModule Questions
I tested yesterday the same way, and it works for me. 
↧
↧
Re: iRedMail LDAP LoadModule Questions
Okay, I'm not sure exactly what I did, but currently my file looks like this:
argsfile /var/run/slapd/slapd.args
modulepath /usr/lib/ldap
moduleload back_mdb
moduleload back_monitor
moduleload memberof
# Support password verification with SSHA512. Require OpenLDAP-2.4.32 or later.
moduleload pw-sha2# User object
index mailForwardingAddress,shadowAddress eq,pres,sub
index backupMailAddress,memberOfGroup eq,pres,sub
index userRecipientBccAddress,userSenderBccAddress eq,pres,sub
index mobile,departmentNumber eq,pres,sub
# MemberOf Setups
overlay memberof
memberof-group-oc mailListThis by itself did not make memberOf show up. I created a new mailing list and a new mail user account after playing around a while, assigned it to the new list, and then memberOf started showing up in ldapsearch. So I went to each user, removed them from their lists, saved, then added them back to their lists. Finally memberOf started working. Apparently the user objects needed to be refreshed I guess, it doesn't automatically apply?
Now there is a new problem(?), but I'm not sure if it is hurting anything other than graphics. Previously, in my iRedAdmin-Pro, Users under domain section it would display something like this:
Display Name Alias# MailingList# CheckMark Graph Cog Address etc etc
However, now the MailingList# is gone. The users are assigned, but the little icon is not there. I went to check inside the LDAP to see if I could notice the difference between accounts, and there was something missing - memberOfGroup is not on the accounts! Does memberOf overlay remove memberOfGroup?
↧
Re: iRedMail LDAP LoadModule Questions
armouredking wrote:
Apparently the user objects needed to be refreshed I guess, it doesn't automatically apply?
According to OpenLDAP manual page, the memberof overlay maintains the 'memberOf' attribute automatically, so it should appear automatically.
armouredking wrote:
Does memberOf overlay remove memberOfGroup?
memberof has nothing to do with "memberOfGroup" attribute.
This works for me too. It displays the "L1" (number is different on my machine) mark.
Are you sure this user belongs to some mailing list(s)?
↧
Re: iRedMail LDAP LoadModule Questions
It does work automatically, as long as you update the user. ie, I don't have to manually create the mappings. Its just that turning it on didn't automatically apply the memberOf attributes, making me think it wasn't enabled.
So yes, the users have lists, but the L# doesn't show up anymore. As an example, the account with A2 in the picture above should also have an L2 (see attached).
↧