Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


Channel Description:

The most recent posts in iRedMail.

older | 1 | .... | 1327 | 1328 | (Page 1329) | 1330 | 1331 | .... | 1394 | newer

    0 0
  • 10/16/18--11:01: Nginx iRedMail and nextcloud
  • ==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
    - iRedMail version (check /etc/iredmail-release): 0.9.8
    - Linux/BSD distribution name and version: Ubuntu 18.04
    - Store mail accounts in which backend (LDAP/MySQL/PGSQL): Mariadb
    - Web server (Apache or Nginx): Nginx
    - Manage mail accounts with iRedAdmin-Pro? No
    - [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
    ====
    I had a Ubuntu 14.04 server with iRedMail and Nexcloud both running with Apache. The server broke down so I decided to build a new one.
    So i installed a VM with Ubuntu 18.04, Nginx, Mariadb, iRedMail 0.9.8 and Nexcloud 14.0.3.
    My problem is that everything works out of the box with iRedMail - and thank you for ths great product/script.
    But when i try to install and enable Nextcloud I run into problems.
    I can choose to either have no Nextcloud or no iRedMail web apps.

    My setup of Nextcloud is through a nextcloud .conf file in /etc/nginx/sites-enables symlinked from sites-available.

    This setup seem to conflict with the way iRedMail is setup in nginx. When my nextcloud .conf file (through symlink) is present in sites-enables all the iRedMail web apps erros with a 404 not found. If i remove the nextcloud.conf all the iRedMail webapps works fine.

    Nextcloud is symlinked as /var/www/html/nextcloud

    How do I setup the nextcloud in the ioRedMail nginx configuration so they both works:

    My nextcloud.conf file is like this:
    <code>
    upstream php-handler {
        #server 127.0.0.1:9000;
        server unix:/var/run/php-fpm.socket;
    }

    server {
        listen 80;
        server_name my_server_address;
        # enforce https
        return 301 https://$server_name$request_uri;
    }

    server {
        listen 443 ssl;
        server_name http://my_server_address;

        ssl_certificate /etc/ssl/certs/rapidssl-combined.crt;
        ssl_certificate_key /etc/ssl/private/rapidssl_private.key;

        # Add headers to serve security related headers
        # Before enabling Strict-Transport-Security headers please read into this
        # topic first.
        #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;

        # Path to the root of your installation
        root /var/www/html;

        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }

        # The following 2 rules are only needed for the user_webfinger app.
        # Uncomment it if you're planning to use this app.
        # rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta
        # last;
        #rewrite ^/.well-known/host-meta.json
        # /nextcloud/public.php?service=host-meta-json last;

        location = /.well-known/carddav {
          return 301 $scheme://$host/nextcloud/remote.php/dav;
        }
        location = /.well-known/caldav {
          return 301 $scheme://$host/nextcloud/remote.php/dav;
        }
    location /.well-known/acme-challenge { }

        location ^~ /nextcloud {

            # set max upload size
            client_max_body_size 512M;
            fastcgi_buffers 64 4K;

            # Disable gzip to avoid the removal of the ETag header
            gzip off;

            # Uncomment if your server is build with the ngx_pagespeed module
                    # This module is currently not supported.
            #pagespeed off;

            location /nextcloud {
                rewrite ^ /nextcloud/index.php$uri;
            }

            location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
                deny all;
            }
            location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) {
                deny all;
            }

            location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
                fastcgi_split_path_info ^(.+\.php)(/.*)$;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_param HTTPS on;
                #Avoid sending the security headers twice
                fastcgi_param modHeadersAvailable true;
                fastcgi_param front_controller_active true;
                fastcgi_pass php-handler;
                fastcgi_intercept_errors on;
                fastcgi_request_buffering off;
            }

            location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
                try_files $uri/ =404;
                index index.php;
            }

            # Adding the cache control header for js and css files
            # Make sure it is BELOW the PHP block
            location ~* \.(?:css|js|woff|svg|gif)$ {
                try_files $uri /nextcloud/index.php$uri$is_args$args;
                add_header Cache-Control "public, max-age=7200";
                # Add headers to serve security related headers  (It is intended
                # to have those duplicated to the ones above)
                # Before enabling Strict-Transport-Security headers please read
                # into this topic first.
                # add_header Strict-Transport-Security "max-age=15768000;
                # includeSubDomains; preload;";
                add_header X-Content-Type-Options nosniff;
                add_header X-Frame-Options "SAMEORIGIN";
                add_header X-XSS-Protection "1; mode=block";
                add_header X-Robots-Tag none;
                add_header X-Download-Options noopen;
                add_header X-Permitted-Cross-Domain-Policies none;
                # Optional: Don't log access to assets
                access_log off;
            }

            location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
                try_files $uri /nextcloud/index.php$uri$is_args$args;
                # Optional: Don't log access to other assets
                access_log off;
            }
        }
    }
    </code>

    The Nginx error.log when nextcloud i working and i try to access Roundcube mailstates:

    2018/10/16 17:55:44 [error] 7961#7961: *94 "/var/www/html/mail/index.html" is not found (2: No such file or directory), client: 192.168.30.11, server: http://MY_SERVER ADDRESS, request: "GET /mail/ HTTP/1.1", host: MY_SERVER_ADDRESS

    So how do I get both working - should I symlink Roundcube til /var/www/html/mail or is the way i setup Nextcloud not compatible with iRedMail?


    0 0

    ==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
    - iRedMail version (check /etc/iredmail-release): 0.9.8 MARIADB edition
    - Linux/BSD distribution name and version: Ubuntu 18.04.1
    - Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
    - Web server (Apache or Nginx): Nginx
    - Manage mail accounts with iRedAdmin-Pro? No
    - [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
    ====

    Up front this was first attempt at installing an email server.  iRedMail made it easy.

    Observations: If I sent an email from Roundcube (internal) to a gmail account it would show mailed-by and signed-by my sending email domain and under the original tab in gmail it would show the DKIM as "Pass" with my mail domain.  Which is what I was hoping for.

    Problem: If I sent an email from Thunderbird or K9 Mail to a gmail account it would show mailed-by my sending email domain but not show "signed-by".  When I checked original tab under gmail it did not list DKIM at all.

    Solution:  Upgrade amavisd-new (1:2.11.0-1ubuntu1) to  amavisd-new (1:2.11.0-1ubuntu2).

    Why: amavisd-new (1:2.11.0-1ubuntu1) is bugged and DKIM signing is not work properly.

    How: 
    1) Check to see if you have the bugged version by issuing the following command:
    apt-cache policy amavisd-new. 
    If you have the bugged version continue on.

    2) Currently Bionic (18.04.1) does not have the new version available.  I recommend making a backup copy of the repo list by copy the sources.list by issuing the following command:
    cp /etc/apt/sources.list sources.list.bak
    I changed the reference of bionic to cosmic. 
    vi,vim,nano /etc/apt/sources.list 
    This allows us to use Ubuntu 18.10 - Cosmic Cuttlefish repos instead of 18.04 - Bionic Beaver

    I only upgrade a single package.  Issuing a normal upgrade command may cause issues.  So I issued the following command:  apt-get update
    The above command loads the new repos and then I excuted the following command:
    apt-get install --only-upgrade amavisd-new
    This updates the single package not the entire system.  Upon successful upgrade I changed the source.list back to bionic from cosmic.

    3) Reboot server or restart amavisd.

    Result: Emails from Roundcube (Server), Thunderbird (PC) and K9 Mail (Phone) all show a passed DKIM and show mailed-by and signed-by my sending email domain.

    Ps. Hope this saves someone a few/several hours of searching.

    Pps.  RedMail Developers please feel free to move to a better location if you determine there is a better location or cleanup the post.


    0 0

    ZhangHuangbin wrote:
    system-license wrote:

    If we use the above, will it block all users from logining in except from the specified IP? We are hoping allow the specified IP for the global admin login only and not all users. Is this possible?

    Oh, this is simpler.

    Add setting "GLOBAL_ADMIN_IP_LIST" in iRedAdmin-Pro config file "settings.py" like below, then restart uwsgi service.

    # List of IP addresses which global admins are allowed to login from.
    # e.g. ['127.0.0.1', '192.168.1.1']
    # Valid formats:
    #   - Single IP addess: 192.168.1.1
    #   - IP range:         192.168.1.1-30
    #   - Whole subnet:     192.168.1
    GLOBAL_ADMIN_IP_LIST = ['192.168.1.1', '192.168.2.1']

    Hi Huang Bin
    Would like to confirm if the above really apply to Global admin and not domain admin or mailbox user.
    The reason is because there is no parameter to identify the global admin name to be applied  for the access list. Thus we hope to double confirm on this.

    Thanks


    0 0

    Hi Zhang,

    Do we need to modify any files for Admin-Pro which can show unrestricted maillist instead of moderated when created with following command?

    python /opt/mlmmjadmin/tools/maillist_admin.py create list@domain.com disable_archive=yes only_subscriber_can_post=no only_moderator_can_post=no

    mail lists are created unrestricted but I think it's just check box selection that needs to be corrected on Admin-Pro panel.


    0 0

    Distro: Ubuntu 18.04
    iRedMail 0.9.8 / MariaDB / SOGo / RoundCube (installed both for fun)

    I have been having the same issue. I followed the process for your solution but it yielded no results. It will not sign when I send from SOGo or roundcube.

    When that didn't work I added this line to /usr/sbin/amavisd-new

        Amavis::load_policy_bank($_,$msginfo) for @bank_names;
    +  $msginfo->originating(c('originating'));
        $msginfo->dkim_signatures_valid(\@signatures_valid)  if @signatures_valid;

    Verified that /etc/amavis/conf.d/21-ubuntu_defaults

    $enable_dkim_signing = 1;

    I run: amavisd-new testkeys gives -> pass

    I am not sure what my next step would be. Any suggestions?


    0 0

    ZhangHuangbin wrote:

    What's the error message in Postfix log file?

    Actually I didn't check that but the problem is that I can send from localhost only but not other hosts..


    0 0

    iRedMail version 0.9.8 Linux/BSD distribution name and version: CentOS 7.4
    Store mail accounts in which backend  PGSQL
    Web server Nginx  Manage mail accounts with iRedAdmin-Pro? yes

    any issue related to printer click here https://www.brotherprintersupportnumber … r-support/


    0 0

    @spartan631, I am leaning towards a possible setup issue since the DKIM signing is not occurring on the internal or external email client.  I am off to work.  Hopefully in 10 to 12 hours I can respond back with a brief overview of how I setup my mail server and you can compare notes.


    0 0

    Dear All,
    I have deployed iredmail to my server.Currently I have seperate link to sogo to access emails.
    I have site . Now i want to integrate this into my site like zoho.
    For example, ,in my site. If user logins to my site, it automatically signs the email section.
      i want one option in nav bar Email, when user clicks into it , its all emails display there.
    user can send emails from there.
    On other menus i want to put icon of email, when user clicks that it send email from there.
    How i can achieve these features ?

    Thanks


    0 0
  • 10/17/18--04:54: Re: Problem with mlmmjadmin
  • after enabling debug mode and running

    /opt/mlmmjadmin/tools# python maillist_admin.py info ...

    the following entries appeared in the log file:

    /var/log# cat mlmmjadmin/mlmmjadmin.log
    Oct 17 14:54:11 mail mlmmjadmin DEBUG [127.0.0.1] API AUTH TOKEN: 206aa779...
    Oct 17 14:54:11 mail mlmmjadmin DEBUG [127.0.0.1] API AUTH TOKEN: 206aa779...
    Oct 17 14:54:11 mail mlmmjadmin DEBUG [127.0.0.1] API AUTH TOKEN: 206aa779...
    Oct 17 14:54:11 mail mlmmjadmin DEBUG [127.0.0.1] API AUTH TOKEN: 206aa779...


    0 0
  • 10/17/18--05:46: Re: Managesieve error
  • This is what I downgraded from:
    dovecot-pigeonhole-2.3.3-2.x86_64
    dovecot-2.3.3-2.x86_64
    dovecot-mysql-2.3.3-2.x86_64

    This is current:
    dovecot-mysql-2.2.32-2.el7.centos.x86_64
    dovecot-pigeonhole-2.2.32-2.el7.centos.x86_64
    dovecot-2.2.32-2.el7.centos.x86_64

    As far as I could tell everything was configured correctly, so I don't know what was causing the issue. It's working now, so I figure if it ain't broke don't fix it. I'll wait for official upgrades.


    0 0

    ==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
    - iRedMail version (check /etc/iredmail-release): current
    - Linux/BSD distribution name and version: CentOS 7.5
    - Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
    - Web server (Apache or Nginx): Nginx
    - Manage mail accounts with iRedAdmin-Pro? not yet
    - [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
    ====

    Hi IRM Users and Admins,

    I must be blind but I cannot find the VACATION tab in SOGo > Settings > Mail

    IMO it should be there.

    See https://sogo.nu/bugs/print_bug_page.php?bug_id=3793

    Can you point me to the right direction?

    Thank you very much!

    BR
    Irma


    0 0

    That would be helpful. I am also leaning towards a setup issue. No config files have really been touched. This was for the most part, a default install by the iRedMail. I am not sure how to troubleshoot this issue or where to start. I am halfway tempted to start fresh but down't want to transfer all the mailboxes.


    0 0

    /etc/sogo/sogo.conf

    change the value of SOGoVacationEnabled  to YES

    restart SOGo (Centos: service sogod restart)


    0 0
  • 10/17/18--11:43: connection refused
  • ==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
    - iRedMail version (check /etc/iredmail-release):  iRedMail-0.9.7
    - Linux/BSD distribution name and version:  ubuntu 16.04
    - Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
    - Web server (Apache or Nginx):Nginx
    - Manage mail accounts with iRedAdmin-Pro?
    - [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
    ====


    when I connect to smtp from another IP



    LOG



    ct 17 20:10:51 mail postfix/anvil[2196]: statistics: max connection rate 2/60s for (submission:158.69.206.170) at Oct 17 20:07:29
    Oct 17 20:10:51 mail postfix/anvil[2196]: statistics: max connection count 1 for (submission:158.69.206.170) at Oct 17 20:07:06
    Oct 17 20:10:51 mail postfix/anvil[2196]: statistics: max cache size 1 at Oct 17 20:07:06


    0 0

    @jstewart

    Thank you very much!

    in the meantime I found this

    https://docs.iredmail.org/why.no.sieve. … .sogo.html

    below the FAQ!

    Embarrassing for me.

    Will follow the hints and yours.

    Best Regards,

    Irma


    0 0

    Try to add:
           
            location ~ \.php$ {
                    include snippets/fastcgi-php.conf;
                    fastcgi_pass unix:/run/php/php7.2-fpm.sock;
            }

    that solved the issue for me.


    0 0

    bigweb wrote:

    Hi - we have very serious trouble - users can change password using icelandic characters (like Á, É, Í, Ó, Ö, Ú, Ý ), .

    Hi,
    From my experience,stick with good old lower ASCII codes, <= 128. Even using umlauts in the comments of config files renders them unusable, same with passwords.

    Peter


    0 0
  • 10/17/18--13:28: Re: Antispam policy
  • ZhangHuangbin wrote:

    Login to roundcube with Dovecot Master User account. you can manage any  user's sieve rules.

    Huh! I did miss something - what's ' Dovecot Master User account'?

    Peter


    0 0

    A quick run down of my current install.  At a later time I may try to expound upon this if needed.

    I followed the instructions for the Install iRedMail on Debian or Ubuntu Linux located at https://docs.iredmail.org/install.iredm … buntu.html

    I did need to adjust the informationat /etc/host as my vps defaulted to localhost and ubuntu
    to  vps.example.com vps localhost localhost.localdomain

    Note: vps is my hostname located at /etc/hostname and example.com is your actual domain name.   

    Continue following instructions, I chose to use MariaDB, you should be able to use whatever you prefer.
    Once I got down to the first mail domain option I chose mail.example.com.  Please note that I have CNAME record and MX record for the mail subdomain.  Also my email format is name@mail.example.com so keep that in mind when selecting the first mail domain.

    Once installation is complete I add my free Let's Encrypt Certificates that I use for NGINX, Postfix and Dovecot.

    In the iRedMail.tips file located at /root/iRedMail-0.9.8/iRedMail.tips (adjust accordingly) or the first email you receive as the postmaster user.  It gives you the information you need for you DKIM setup.  To be honest I saw the information but did not fully realize that it gave me the exact layout for the text name.  I my case I went to the DNS section of cloudflare or your registrars dns section added  a text record.  For name I used
    dkim._domainkey.mail.example.com.  Note the period after example.com would be necessary if I were directing to a different domain name.  My dns provider  automatically drops anything after mail on the text name if the period is not present.  I believe it automatically appends the  domain name of the registered name if the period is not added.  So in my case the text record name shows dkim._domainkey.mail as I did not add the period behind example.com

    The other information for DKIM in the tips file or your first email should look similar to the information below:
    "v=DKIM1; p="
      "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC042jxNjCAqYbIQyfEc1JBz6LQ"
      "aOC9BaqPU/d/ZfZ0yJ3ygHC/rfoBVtxuIAdV+fnBL3/Iqj6Gg3S5rY9IKeiKzUqA"
      "xHqTfxyehOzWqaK45NlVvljngC0ronFmnphUKQ9/USNoiuqE0fndrlwkYWzggU9D"
      "rhkpG+HDd6CzBzQZAQIDAQAB")

    I ended getting rid of all the "" and combining the above into string suchas:

    v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC042jxNjCAqYbIQyfEc1JBz6LQaOC9BaqPU/d/ZfZ0yJ3ygHC/rfoBVtxuIAdV+fnBL3/Iqj6Gg3S5rY9IKeiKzUqAxHqTfxyehOzWqaK45NlVvljngC0ronFmnphUKQ9/USNoiuqE0fndrlwkYWzggU9DrhkpG+HDd6CzBzQZAQIDAQAB

    Note the above starts off as v=DKIM1; p=MIG....  It looks different because of formatting.

    I add the full line above into the text content / value area for the text record.
    At this point other than upgrading amavisd-new package as mentioned in the first post and waiting on the DNS propagation to take place to reflect your changes and that is pretty much the extent of my install process. I did not mention above but I had already setup the DMARC and SPF information prior to the install.

    I use mxtoolbox to check the DKIM status to see if the DNS is updated.  In the example above, the domain information that I would use is mail.example.com with the selector being dkim.  At https://mxtoolbox.com/dkim.aspx  you will  enter dkim as the selector and specify mail.example.com as your domain (adjust example.com to your domain).  Please note it could be near instant or take 24 hours or more before the DNS updates so that is why I recommend checking whether your DKIM changes have been updated.

    Another way to check the DNS update is by issuing the following command:
    amavisd-new testkeys
    If the DNS is updated you should see something similar to:
    TESTING#1 mail.example.com: dkim._domainkey.mail.example.com => pass

    And for fun or trouble shooting you can issue the following command:
    amavisd-new showkeys
    this show you the following:
    ; key#1 1024 bits, i=dkim, d=mail.example.com, /var/lib/dkim/mail.example.com.pem
    dkim._domainkey.mail.example.com.    3600 TXT (
      "v=DKIM1; p="
      "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC042jxNjCAqYbIQyfEc1JBz6LQ"
      "aOC9BaqPU/d/ZfZ0yJ3ygHC/rfoBVtxuIAdV+fnBL3/Iqj6Gg3S5rY9IKeiKzUqA"
      "xHqTfxyehOzWqaK45NlVvljngC0ronFmnphUKQ9/USNoiuqE0fndrlwkYWzggU9D"
      "rhkpG+HDd6CzBzQZAQIDAQAB")

    Which is the information you used to create the text record for DKIM signing in your DNS.


older | 1 | .... | 1327 | 1328 | (Page 1329) | 1330 | 1331 | .... | 1394 | newer