差異處

這裏顯示兩個版本的差異處。

連向這個比對檢視

兩邊的前次修訂版 前次修改
下次修改
前次修改
tech:iredmail [2019/04/08 16:45] jonathan_tsaitech:iredmail [2021/06/27 00:05] (目前版本) – [更新版本程序] jonathan
行 1: 行 1:
 +====== CentOS7 安裝 iRedMail Mail Server ======
 +  * 安裝環境 : ++CentOS Linux release 7.5.1804 (Core) |<code sh>cat /etc/redhat-release</code>++
 +  * iRedMail 0.9.8
 +  * IP : 172.21.20.253
 +  * DN : iredmail.ichiayi.com
 +  * hostname : iredmail
  
 +===== 環境準備 =====
 +  * 關閉 selinux <code sh>
 +vi /etc/selinux/config</code><file>
 +:
 +SELINUX=disabled
 +</file>
 +  * 設定 /etc/sysconfig/network <file>
 +HOSTNAME=iredmail.ichiayi.com
 +</file>
 +  * 設定 /etc/hosts <file>
 +127.0.0.1   iredmail.ichiayi.com iredmail localhost localhost.localdomain
 +</file>
 +  * 設定 /etc/hostname <file>
 +iredmail.ichiayi.com
 +</file>
 +  * 重新開機<code sh>
 +sync;sync;sync;reboot
 +</code>
 +
 +===== 下載安裝 iRedMail =====
 +<code sh>
 +su - root
 +yum install wget bzip2
 +cd /root/
 +wget https://bitbucket.org/zhb/iredmail/downloads/iRedMail-0.9.9.tar.bz2
 +tar xjf iRedMail-0.9.9.tar.bz2
 +cd /root/iRedMail-0.9.9/
 +bash iRedMail.sh
 +</code>
 +
 +  * 安裝完成最後更新完成掃毒病毒碼 daily.cld 之後, 要重新開機所有服務才能正常啟動<code>
 +sync;sync;sync;reboot
 +</code>
 +
 +<note>
 +  * 如果執行安裝時一直出現 /etc/hosts 的設定錯誤, 請先用 <code sh>hostname -f</code> 是否能夠正確出現標準 FQDN 格式 Exp. iredmai.ichiayi.com
 +  * 如果是安裝在中國機房, 因為 iredmail.org 被 GFW 封鎖, 所以要改用以下語法<code sh>
 +IREDMAIL_EPEL_MIRROR='http://mirrors.aliyun.com/epel'
 +IREDMAIL_MIRROR='https://dl.iredmail.org' bash iRedMail.sh
 +</code>
 +  * 安裝完成後重要資訊會產生在 /root/iRedMail-0.9.8/iRedMail.tips 檔案內
 +</note>
 +
 +===== 相關設定與驗證測試 =====
 +  * DNS : MX / DKIM / [[http://blog.xuite.net/tolarku/blog/233356505-DNS+%E8%A8%AD%E5%AE%9A+spf+%E8%A8%98%E9%8C%84+-+Sender+Policy+Framework|SPF 設定]] / [[https://support.google.com/a/answer/2466563?hl=zh-Hant|DMARC]]
 +  * 重新產生 DKIM key
 +    * 參考 - https://docs.iredmail.org/sign.dkim.signature.for.new.domain.html ++ 操作語法|<code sh>
 +amavisd -c /etc/amavisd/amavisd.conf genrsa /var/lib/dkim/mail3.ichiayi.com.pem
 +chown amavis:amavis /var/lib/dkim/mail3.ichiayi.com.pem
 +chmod 0400 /var/lib/dkim/mail.ichiayi.com.pem
 +vi /etc/amavisd/amavisd.conf
 +</code><file>
 +:
 +# Add dkim_key here.
 +dkim_key('mail3.ichiayi.com', 'dkim', '/var/lib/dkim/mail3.ichiayi.com.pem');
 +:
 +@dkim_signature_options_bysender_maps = ({
 +:
 +    # catch-all (one dkim key for all domains)
 +    '.' => {d => 'mail3.ichiayi.com',
 +:
 +</file><code sh>
 +systemctl restart amavisd 
 +</code>至 DNS 設定 DKIM Public Key<code sh>
 +amavisd -c /etc/amavisd/amavisd.conf showkeys
 +</code> Exp. dkim._domainkey.mail3.ichiayi.com<file>
 +dkim._domainkey.mail3.ichiayi.com.     3600 TXT (
 +  "v=DKIM1; p="
 +  "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCrXC0tedP//DPy+CcC72g8lNw"
 +  "8H9igOIphFtrvNKknJPKlKaxLP8cy41rWI91WHFS0jxPyJh39kzP7ueukUMDUE0d"
 +  "veNPGOfYh32sdn5xNSYKg3l1HTj7wLIKsedN0E4aWbsBVwqAkgU3JJky7JzCc98R"
 +  "G4wj6UPgbQVBKxtgNwIDAQAB")
 +</file>
 + 
 +++
 +  * IP 反查設定 -> 找 ISP 協助
 +  * 設定 aliases domain 的方式 - https://docs.iredmail.org/sql.add.alias.domain.html ++SQL 語法|<code sql>
 +INSERT INTO alias_domain (alias_domain, target_domain) VALUES ('alias-1.com', 'example.com');
 +</code>++
 +  * 設定 aliases - mail list (虛擬信箱轉寄實際信箱) 的方式 - https://docs.iredmail.org/user.alias.address.html ++SQL 語法|<code sql>
 +INSERT INTO forwardings (address, forwarding, domain, dest_domain, is_alias, active)
 + VALUES ('[email protected]', '[email protected]', 'ichiayi.com', 'ichiayi.com', 1, 1);
 +</code>++
 +  * 設定 aliases - mail forwarding (收信轉寄給其他信箱) 的方式 - https://docs.iredmail.org/sql.user.mail.forwarding.html ++SQL 語法|<code sql>
 +INSERT INTO forwardings (address, forwarding, domain, dest_domain, is_forwarding, active)
 + VALUES ('[email protected]', '[email protected]', 'ichiayi.com', 'ichiayi.com', 1, 1);
 +</code>++
 +  * 設定多個 domain 的 DKIM - https://docs.iredmail.org/sign.dkim.signature.for.new.domain.html
 +  * 設定預設 domain 的處理方式 - ++主要是修改 dovecot.conf 內的 auth_default_realm |<code |h vi /etc/dovecot/dovecot.conf>
 +:
 +auth_default_realm = mail.ichiayi.com
 +:
 +</code>++
 +  * 解決 outlook 寄信無法使用 STARTTLS(port:587) 需要設定提供 SMTPS(port:465) - https://docs.iredmail.org/enable.smtps.html
 +  * 調整限制附件大小設定
 +    * 參考 - https://docs.iredmail.org/change.mail.attachment.size.html
 +    * Exp. 20M =>  20*1024*1024=20971520 因為 MIME 的編碼特性, 所以要再 * 1.5 會比較接近 => 20971520 * 1.5= 31457280<code sh>
 +postconf -e message_size_limit=31457280
 +systemctl restart postfix
 +</code>
 +  * 自動刪除 Trash 的信件方式
 +    * 參考 - https://forum.iredmail.org/topic10062-iredmail-support-auto-delete-emails-in-users-trash.html
 +    * ++建立清除信件命令|<code h| /root/dovecot_expunge.sh>
 +#!/bin/bash
 +#
 +DOVEADM="/usr/bin/doveadm";
 +
 +$DOVEADM expunge -A mailbox Trash savedbefore 3d
 +$DOVEADM expunge -A mailbox Junk  savedbefore 30d
 +</code>++
 +    * ++執行命令|<code sh>
 +chmod a+x /root/dovecot_expunge.sh
 +</code>++
 +    * ++設定 crontab 設定|<code h| /etc/crontab>
 +:
 +# delete iRedMail emails in Trash older than 3 days and in Junk older than 30 days.
 +30 3 * * * root /root/dovecot_expunge.sh > /tmp/dovecot_expunge.log
 +</code>++
 +    * ++重新啟動 crond |<code sh>
 +service crond restart
 +</code>++
 +  * 特定 SMTP 認證帳號寄信可以不需要檢查 From 與 SMTP 認證帳號相同設定方式
 +    * 出現的錯誤訊息類似:<file>
 +SMTPRecipientsRefused: {'xxx@xxx': (554, '5.7.1 <xxx@xxx>: Recipient address rejected: Sender is not same as SMTP authenticate username')}
 +</file>
 +    * 參考 - https://docs.iredmail.org/errors.html#recipient-address-rejected-sender-is-not-same-as-smtp-authenticate-username
 +    * 修改 /opt/iredapd/settings.py 最後加入以下設定 ++Exp. 增加 SMTP 的 [email protected] 認證就不需要檢查 From 是否一致 |<file>
 +:
 +# https://docs.iredmail.org/errors.html#recipient-address-rejected-sender-is-not-same-as-smtp-authenticate-username
 +ALLOWED_LOGIN_MISMATCH_SENDERS = ['[email protected]']
 +
 +</file>++
 +    * 重新啟動 iredapd 服務 <code sh>systemctl restart iredapd</code>
 +  * 關閉 ClamAV 防毒軟體的作法 (2019/5/27 寄信附件含 PDF 會出現  Win.Exploit.CVE_2019_0903-6966169-0 誤判問題)
 +    * 參考 - https://forum.iredmail.org/topic3149-iredmail-support-disable-clamav-and-turn-off.html
 +    * 修改 /etc/amavisd/amavisd.conf ++ @bypass_virus_checks_maps 由 0 改成 1 關閉掃毒功能|<file>
 +:
 +# controls running of anti-virus/spam code: 0 -> enabled, 1 -> disabled.
 +@bypass_virus_checks_maps = (1);
 +:
 +</file>重新啟動 amavisd 服務<code sh>
 +systemctl restart amavisd
 +</code>++
 +
 +
 +
 +
 +==== 修改主機名稱的處理方式 ====
 +  * 除修改 /etc/hosts 之外還有其他服務設定檔都要一起修改
 +  * 參考 - https://docs.iredmail.org/change.server.hostname.html
 +    * /etc/hosts
 +    * /etc/sysconfig/network
 +    * /var/spool/postfix/etc/hosts
 +    * /etc/postfix/main.cf
 +    * /etc/amavisd/amavisd.conf
 +
 +==== SSL 憑證設定 ====
 +  * 設定 SSL 憑證 : https://docs.iredmail.org/use.a.bought.ssl.certificate.html
 +    * 取得免費的 LetsEncrypt ssl 憑證 參考 - [[tech/ssl_letsencrypt]]
 +      * Exp. 取得的憑證存放在 /etc/letsencrypt/live/mail.ichiayi.com/
 +    * 設定 Postfix (SMTP server) ++執行命令|<code sh>
 +postconf -e smtpd_tls_cert_file='/etc/letsencrypt/live/mail.ichiayi.com/cert.pem'
 +postconf -e smtpd_tls_key_file='/etc/letsencrypt/live/mail.ichiayi.com/privkey.pem'
 +postconf -e smtpd_tls_CAfile='/etc/letsencrypt/live/mail.ichiayi.com/fullchain.pem'
 +systemctl restart postfix 
 +</code>++
 +    * 設定 Dovecot (POP3/IMAP server) ++參考設定內容|<code h /etc/dovecot/dovecot.conf>
 +ssl = required
 +ssl_cert = </etc/letsencrypt/live/mail.ichiayi.com/cert.pem
 +ssl_key = </etc/letsencrypt/live/mail.ichiayi.com/privkey.pem
 +ssl_ca = </etc/letsencrypt/live/mail.ichiayi.com/fullchain.pem
 +</code>++ ++執行命令|<code sh>
 +systemctl restart dovecot
 +</code>++
 +    * 設定 WebMail(nginx) ++參考執行命令|<code sh>
 +cd /etc/pki/tls/
 +mv cert.pem cert.pem.old
 +ln -s /etc/letsencrypt/live/mail.ichiayi.com/fullchain.pem cert.pem
 +cd certs/
 +mv iRedMail.crt iRedMail.crt.old
 +ln -s /etc/letsencrypt/live/mail.ichiayi.com/cert.pem iRedMail.crt
 +cd ../private/
 +mv iRedMail.key iRedMail.key.old
 +ln -s /etc/letsencrypt/live/mail.ichiayi.com/privkey.pem iRedMail.key
 +service nginx restart
 +</code>++
 +    * 確認設定的 SSL 憑證有正式運作
 +      * IMAP ++執行命令|<code sh>
 +openssl s_client -showcerts -connect mail.ichiayi.com:993
 +</code>++
 +      * POP3 ++執行命令|<code sh>
 +openssl s_client -showcerts -connect mail.ichiayi.com:995
 +</code>++
 +      * SMTP ++執行命令|<code sh>
 +openssl s_client -showcerts -connect mail.ichiayi.com:587 -starttls smtp
 +</code>++
 +      * Web ++執行命令|<code sh>
 +openssl s_client -showcerts -connect mail.ichiayi.com:443
 +</code>++
 +
 +
 +<note>
 +  * 如果 SSL 憑證與 Mail Server 在不同主機上, 每次憑證更新後可透過 rsync 方式來進行跨主機同步
 +  * Exp. SSL 憑證存在 192.168.11.234 主機上, 可在 Mail Server ++執行以下的同步語法:|<code sh>
 +rm -rf /etc/letsencrypt/archive/mail.ichiayi.com.old
 +mv /etc/letsencrypt/archive/mail.ichiayi.com /etc/letsencrypt/archive/mail.ichiayi.com.old
 +rsync -zavl [email protected]:/etc/letsencrypt/archive/mail.ichiayi.com/ /etc/letsencrypt/archive/mail.ichiayi.com/
 +
 +rm -rf /etc/letsencrypt/live/mail.ichiayi.com.old
 +mv /etc/letsencrypt/live/mail.ichiayi.com /etc/letsencrypt/live/mail.ichiayi.com.old
 +rsync -zavl [email protected]:/etc/letsencrypt/live/mail.ichiayi.com/ /etc/letsencrypt/live/mail.ichiayi.com/
 +
 +systemctl restart postfix 
 +systemctl restart dovecot
 +</code>++
 +</note>
 +
 +==== 白名單與黑名單設定 ====
 +  * 設定 greylisting 白名單的方式 - https://docs.iredmail.org/manage.iredapd.html#greylisting
 +    - iredapd.greylisting_whitelist 資料表先增加白名單網域 Exp. ik2.com ++SQL 語法|<code sql>
 +insert into iredapd.greylisting_whitelist_domains (domain) values ('ik2.com');
 +</code>++
 +    - 執行spf_to_greylist_whitelists.py 讓白名單生效 ++執行命令|<code sh>
 +/opt/iredapd/tools/spf_to_greylist_whitelists.py
 +</code>++
 +  * 設定 spam 白名單與黑名單
 +    * 參考網址 - https://docs.iredmail.org/amavisd.wblist.html
 +    - 新增白名單: Exp. 來自 [email protected] 加入白名單 ++執行命令|<code sh>
 +python /opt/iredapd/tools/wblist_admin.py --add --whitelist [email protected]
 +</code>++
 +    - 新增黑名單: Exp. 來自 [email protected] 加入黑名單 ++執行命令|<code sh>
 +python /opt/iredapd/tools/wblist_admin.py --add --blacklist [email protected]
 +</code>++
 +    - 顯示目前設定的白名單與黑名單 ++執行命令|<code sh>
 +python /opt/iredapd/tools/wblist_admin.py --list --whitelist
 +python /opt/iredapd/tools/wblist_admin.py --list --blacklist
 +</code>++
 +  * fail2ban 的白名單設定
 +    * 參考 - https://www.ichiayi.com/wiki/tech/fail2ban_unban
 +    * 參考 - https://forum.iredmail.org/topic10045-iredmail-support-solved-fail2ban-problems.html
 +    * 將要列入的 IP 寫在 /etc/fail2ban/jail.local 內的 ignoreip    =  後面 ++看範例.|<code>
 +:
 +maxretry    = 5
 +ignoreip    = 127.0.0.1 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 60.248.245.172/32
 +</code>++
 +    * 重新載入設定 ++執行命令|<code sh>service fail2ban reload</code>++
 +
 +===== 郵件移轉 (imapsync) =====
 +  * 是透過新舊 Mail Server 的 imap 協定來將舊 Mail Server 內的信件移轉至新 Mail Server 內
 +  * 安裝 imapsync <code sh>
 +yum install imapsync
 +</code> 
 +  * 假設要移轉 jonathan 的信件, 要知道新舊主機 jonathan 的密碼, 將密碼寫入 /root/sync_info/jonathan 檔案內, 然後執行以下的語法 <code sh>
 +imapsync --host1 mail.ichiayi.com --user1 jonathan --passfile1 /root/sync_info/jonathan --host2 192.168.11.236 --user2 jonathan --passfile2 /root/sync_info/jonathan
 +</code>
 +
 +<note>
 +  * 執行後, 會在執行目錄底下產生 LOG_imapsync 目錄, 裡面會有執行過程的紀錄檔案 Exp. 2018_09_07_11_35_30_testalbert.txt
 +  * 記錄檔內出現 Err 的項目表示同步時出現異常的信件匣, 需要另外處理 Exp.<code>
 +Err 1/2: Could not create folder [from Albert/&ZbBbomI2--Data/INDIA/ABC.] from [from Albert/&ZbBbomI2--Data/INDIA/ABC.]: 38252 NO [CANNOT] Character not allowed in mailbox name: '.' (0.001 + 0.000 secs).
 +:
 +</code>
 +</note>
 +===== 更新版本程序 =====
 +  * 參考 - https://docs.iredmail.org/iredmail.releases.html
 +  * Exp. 目前版本是 0.9.8 預計更新到最新版 0.9.9 -> 參考 https://docs.iredmail.org/upgrade.iredmail.0.9.8-0.9.9.html
 +  - Upgrade iRedAPD -> 5.0.2 - https://docs.iredmail.org/upgrade.iredapd.html <code sh>
 +su - root
 +mkdir -p 0.9.9
 +cd 0.9.9
 +wget -O iRedAPD-5.0.2.tar.gz https://github.com/iredmail/iRedAPD/archive/5.0.2.tar.gz
 +tar zxf iRedAPD-5.0.2.tar.gz
 +cd iRedAPD-5.0.2/tools/
 +bash upgrade_iredapd.sh
 +</code>查看更新紀錄<code sh>tail -500 /var/log/iredapd/iredapd.log</code>
 +  - Upgrade iRedAdmin -> 1.3 - https://docs.iredmail.org/migrate.or.upgrade.iredadmin.html <code sh>
 +cd /root/0.9.9
 +wget https://dl.iredmail.org/yum/misc/iRedAdmin-1.3.tar.gz
 +tar zxvf iRedAdmin-1.3.tar.gz
 +cd iRedAdmin-1.3/tools/
 +bash upgrade_iredadmin.sh
 +</code>
 +  - Upgrade mlmmjadmin -> 3.1.2 - https://docs.iredmail.org/upgrade.mlmmjadmin.html <code sh>
 +cd /root/0.9.9
 +wget https://github.com/iredmail/mlmmjadmin/archive/3.1.2.tar.gz
 +tar zxf 3.1.2.tar.gz
 +cd mlmmjadmin-3.1.2/tools/
 +bash upgrade_mlmmjadmin.sh
 +</code>
 +  - Upgrade Roundcube webmail -> 1.4.11 - https://github.com/roundcube/roundcubemail/wiki/Upgrade <code sh>
 +cd /root/0.9.9
 +wget https://github.com/roundcube/roundcubemail/releases/download/1.4.11/roundcubemail-1.4.11-complete.tar.gz
 +tar xf roundcubemail-*.tar.gz
 +cd roundcubemail-*
 +bin/installto.sh /var/www/roundcubemail
 +</code> 如果無法執行 /bin/installto.sh 可能要檢查 /etc/php.ini 內是否關閉 system 的命令使用
 +  - Upgrade netdata -> 1.12.0 - https://docs.iredmail.org/upgrade.netdata.html <code sh>
 +wget https://github.com/netdata/netdata/releases/download/v1.12.0/netdata-v1.12.0.gz.run
 +chmod +x netdata-*.gz.run
 +./netdata-*.gz.run --accept
 +</code>
 +  - Fix improper Nginx config files for Roundcube <code sh>
 +vi /etc/nginx/templates/roundcube.tmpl</code><file>
 +:
 +location ~ ^/mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
 +:
 +location ~ ^/mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
 +:
 +location ~ ^/mail/plugins/.*/config.inc.php.* { deny all; }
 +:
 +location ~ ^/mail/plugins/enigma/home($|/.*) { deny all; }
 +:
 +</file><code sh>
 +vi /etc/nginx/templates/roundcube-subdomain.tmpl</code><file>
 +:
 +location ~ ^/(bin|config|installer|logs|SQL|temp|vendor)/.* { deny all; }
 +:
 +location ~ ^/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)$ { deny all; }
 +:
 +location ~ ^/plugins/.*/config.inc.php.* { deny all; }
 +:
 +location ~ ^/plugins/enigma/home($|/.*) { deny all; }
 +:
 +</file>
 +  - Improve mlmmj script used for appending footer text<code sh>
 +cd /usr/bin/
 +wget -O mlmmj-amime-receive https://raw.githubusercontent.com/iredmail/iRedMail/master/samples/mlmmj/mlmmj-amime-receive
 +chown mlmmj:mlmmj mlmmj-amime-receive
 +chmod 0550 mlmmj-amime-receive
 +</code>
 +  - Fix address mapping issue for mlmmj mailing list<code sh>
 +vi /etc/amavisd/amavisd.conf</code><file>
 +:
 +$policy_bank{'MLMMJ'} = {
 +    ...
 +    forward_method => 'smtp:[127.0.0.1]:10028',
 +};
 +:
 +</file><code sh>vi /etc/postfix/master.cf</code><file>
 +:
 +127.0.0.1:10028 inet n  -        smtpd
 +    -o syslog_name=postfix/10028
 +    -o content_filter=
 +    -o mynetworks_style=host
 +    -o mynetworks=127.0.0.1
 +    -o local_recipient_maps=
 +    -o relay_recipient_maps=
 +    -o strict_rfc821_envelopes=yes
 +    -o smtp_tls_security_level=none
 +    -o smtpd_tls_security_level=none
 +    -o smtpd_restriction_classes=
 +    -o smtpd_delay_reject=no
 +    -o smtpd_client_restrictions=permit_mynetworks,reject
 +    -o smtpd_helo_restrictions=
 +    -o smtpd_sender_restrictions=
 +    -o smtpd_recipient_restrictions=permit_mynetworks,reject
 +    -o smtpd_end_of_data_restrictions=
 +    -o smtpd_error_sleep_time=0
 +    -o smtpd_soft_error_limit=1001
 +    -o smtpd_hard_error_limit=1000
 +    -o smtpd_client_connection_count_limit=0
 +    -o smtpd_client_connection_rate_limit=0
 +    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
 +
 +</file><code sh>
 +systemctl restart postfix 
 +systemctl restart amavisd 
 +</code>
 +  - Fixed: SOGo backup script ((如果安裝時有更改目錄 Exp. /maildata/backup, 就依照更改的目錄執行))<code sh>
 +cd /var/vmail/backup/
 +wget -O backup_sogo.sh https://raw.githubusercontent.com/iredmail/iRedMail/master/tools/backup_sogo.sh
 +chown root backup_sogo.sh
 +chmod 0400 backup_sogo.sh
 +</code>
 +  - MySQL/MariaDB special 
 +    - SQL structure changes in vmail database <code sh>
 +cd /root/0.9.9
 +wget -O iredmail.mysql https://raw.githubusercontent.com/iredmail/iRedMail/master/update/0.9.9/iredmail.mysql
 +mysql vmail < iredmail.mysql
 +</code>
 +    - Dovecot: read mailbox format from SQL<code sh>
 +vi /etc/dovecot/dovecot-mysql.conf</code><file>
 +:
 +user_query = SELECT \
 +            ...
 +            LOWER(CONCAT(mailbox.storagebasedirectory, '/', mailbox.storagenode, '/', mailbox.maildir)) AS home, \
 +            CONCAT(mailbox.mailboxformat, ':~/', mailbox.mailboxfolder, '/') AS mail, \
 +            ...
 +:
 +</file><code sh>
 +systemctl restart dovecot
 +</code>
 +  - 更新 /etc/iredmail-release 內容為 0.9.9 <code sh>
 +vi /etc/iredmail-release</code><file>
 +0.9.9
 +#0.9.8 MARIADB edition.
 +:
 +</file>
 +===== 其他議題 =====
 +==== 關閉 netdata ====
 +  * 如要移除請參考 - https://forum.iredmail.org/topic15606-how-to-removeuninstall-netdata.html
 +  * 關閉的語法 <code sh>
 +systemctl stop netdata
 +systemctl disable netdata
 +</code>
 +
 +==== 關閉 SPF 的方式 ====
 +  * 參考 - https://forum.iredmail.org/topic2699-iredmail-support-how-to-remove-or-disable-spf-andor-dkim.html
 +  * 關閉的語法 <code sh>
 +vi /etc/mail/spamassassin/init.pre
 +</code><file>
 +:
 +#loadplugin Mail::SpamAssassin::Plugin::SPF
 +:
 +</file><code sh>
 +systemctl restart amavisd
 +</code>
 +
 +==== 出現 postfix/amavis/smtp[6831]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused 問題 ====
 +  * 2020/08 之後開始出現這問題, 快速解決方式是將 amavisd 服務啟動<code sh>
 +systemctl start amavisd
 +systemctl enable amavisd
 +</code>
 +
 +==== 忘記 iRedAdmin 登入的管理者密碼處理方式 ====
 +  * 可以直接透過資料庫加上一位現有的信箱用戶當管理者 Exp. [email protected]
 +  * 登入 iRedMail 的資料庫<cli>
 +mysql -u root -p
 +USE vmail;
 +select isadmin,isglobaladmin from mailbox where username = '[email protected]';
 +UPDATE mailbox SET isadmin=1, isglobaladmin=1 WHERE  username = '[email protected]';
 +INSERT INTO domain_admins (username, domain) VALUES ('[email protected]', 'ALL');
 +</cli> 
 +  * 看詳細過程<cli>
 +mysql -u root -p
 +MariaDB [(none)]> USE vmail;
 +Reading table information for completion of table and column names
 +You can turn off this feature to get a quicker startup with -A
 +
 +Database changed
 +MariaDB [vmail]> select isadmin,isglobaladmin from mailbox where username = '[email protected]';
 ++---------+---------------+
 +| isadmin | isglobaladmin |
 ++---------+---------------+
 +|       0 |             0 |
 ++---------+---------------+
 +1 row in set (0.00 sec)
 +
 +MariaDB [vmail]> UPDATE mailbox SET isadmin=1, isglobaladmin=1 WHERE  username = '[email protected]';
 +Query OK, 1 row affected (0.00 sec)
 +Rows matched: 1  Changed: 1  Warnings: 0
 +
 +MariaDB [vmail]>  INSERT INTO domain_admins (username, domain) VALUES ('[email protected]', 'ALL');
 +Query OK, 1 row affected (0.00 sec)
 +MariaDB [vmail]> exit
 +Bye
 +</cli>
 +  * 使用這位帳號密碼登入 iRedAdmin 就可以進行 Web 的管理
 +
 +
 +===== 備份與還原 =====
 +===== 參考網址 =====
 +  * https://docs.iredmail.org/install.iredmail.on.rhel.html
 +  * https://www.iredmail.org/download.html
 +  * https://www.digitalocean.com/community/questions/setting-up-iredmail-with-digital-ocean
 +  * https://serverfault.com/questions/853102/nginx-could-not-build-map-hash-you-should-increase-map-hash-bucket-size-64
 +  * https://www.howtoforge.com/community/threads/postfix-554-relay-access-denied.55720/
 +  * https://www.howtoforge.com/postfix-do-not-list-domain-example.com-in-both-mydestination-and-virtual_mailbox_domains#error-postfix-do-not-list-domain-examplecom-in-both-mydestination-and-virtualmailboxdomains
 +  * http://blog.xuite.net/tolarku/blog/233356505-DNS+%E8%A8%AD%E5%AE%9A+spf+%E8%A8%98%E9%8C%84+-+Sender+Policy+Framework
 +  * https://forum.iredmail.org/topic4097-iredmail-support-change-default-login-domain.html
 +  * https://support.plesk.com/hc/en-us/articles/213961665-How-to-verify-that-SSL-for-IMAP-POP3-SMTP-works-and-the-proper-certificate-is-installed-using-Linux
 +  * https://forum.iredmail.org/topic11159-iredmail-support-how-to-reset-the-postmaster-password-for-iredadmin.html
 +
 +{{tag>mail}}