Updating mailserver to 7.x

Question

Updating mailserver to 7.x

Closed this issue 4 years ago · 3 comments

I wanted to ask if anybody attempted to upgrade the mailserver to 7.0 and if there are any known issues.

Reason for that is that there are a few changes made (e.g. a user-script.sh) which can be configured to change (e.g. sed) the generated config.

This is an issue, if you use a single domain authenthication setup, since saslauthd_rimap (part of mailserver) is configured with "-r" by default, which means the username will either be passed trough, if it contains an @ (eg. user@example.com) or appended with the hosts own domain (eg user => user@mail01.example.com). This will lead to the Samba4/LDAP auth to fail for smtp (submission to be precise), since the server expects "user" as the username, not user@mail01.example.com.
See this issue.
Works fine for imap though, since only postfix adds the domain before attempting to auth against imap.

Also today I discovered the saslauthd is logging quiet a lot, including the users password. I do not like that.

I hardly think the maintainers of the mailserver will backport anything to the 6.2.0 release, so...

Answer 1 · 2020-09-18T14:00:56.000Z

I'm running 7.0+ for about 2 months now on my private domain (ldap with a single-user, relay host configuration, fetchmail) using the docker-compose override feature. There was no migration needed for any of the in-container configuration files if I recall correctly.

There are some docker-configuration changes that might be relevant to you:

filebeat has been moved to a separate docker container (and is not included in kopano-docker)
amavis is patched to use D_BOUNCE as default for junk mail, you might want to use the new SPAMASSASSIN_SPAM_TO_INBOX option to deliver these to users, see details here: docker-mailserver/docker-mailserver#1485
"maillogs:/var/log/mail" as new volume in the default configuration and there are new options for pflogsumm and logwatch, tough this is also backported to 6.2.1 and non-breaking

If you want to compare changes yourself: docker-mailserver/docker-mailserver@v6.2.0...v7.0.0

(If you feel less adventurous, you can try to rebuild the 6.2.0 version to replace the /etc/supervisor/conf.d/saslauth.conf with your patched version and use docker-compose override too, but I assume you already do that.)

Answer 2 · 2020-09-19T14:21:50.000Z

Hi @reneploetz,

would you be open to open a pr to update the mailserver container in this repo to the latest version (incl. your suggested changes)?

Answer 3 · 2020-09-19T14:59:40.000Z

@reneploetz Thanks for the insights.
I like a good adventure, but yeah, for now I did manually patch the saslauth.conf.

I'm propably going to update and test my homelab setup and see if anything comes up.
Going to reply as soon as I have something running and ran some tests.