Friday, May 29, 2015

iRedMail 0.9.1 tweaks on Security MailDir Disalbe hash timestmp

Install iRedMail is Easy.

To make it even safer:

  1. Change the default vmail folder location.


  2. By default, iRedMail will create domain and Email folder at:
    /var/vmail/vmail1/domain/hashed/user
    To change this, you have to modify [/iRedMail-0.9.1/conf/vhosts] before the installation.

    # iRedMail Default
    global:export STORAGE_NODE='vmail1'
    # Lambert's Tweak
    global:export STORAGE_NODE='vhosts'



  3. Select only necessary package during installation.

  4. Move [iRedMail-0.9.1/config] to a safe place after after installation.

  5. Run [mysql_secure_installation] after installation.


  6. Most of iRedMail parameters in file: [/opt/www/iRedAdmin-0.4.2/libs/default_settings.py].
    Please put your custom settings in file: [/opt/www/iRedAdmin-0.4.2/settings.py], it will overwrite the [default_settings.py].
  7. To disable account/maildir hash:

  8. It is RECOMMEND by iRedMail for better performance. But that is only based on if you have a lots of Email accounts.
    If you only hold few Email account, it is really over killed.
    # by Lambert
    # - hashed: domain.ltd/u/s/e/username-2015.05.29.12.05.33/
    # - non-hashed: domain.ltd/username-2015.05.29.12.05.33/
    MAILDIR_HASHED = False

  9. To disable account/maildir TIMESTAMP:

  10. It is RECOMMEND by iRedMail for safety reason. Because iRedMail does not delete the mailfolder when you del the account from Admin panel.
    They assuming a new user with same name could reade the previous account's Email.
    For me it is still over kill.
    # by Lambert
    # - hashed: domain.ltd/username-2009.09.04.12.05.33/
    # - non-hashed: domain.ltd/username/
    MAILDIR_APPEND_TIMESTAMP = False



  11. To make the virtual user's maildir cleaner, remove MailDir/ from account Email folder:

  12. Tweak dovecot under iRedMail.
    Please notice, by default dovecot in iRedMail does not include /etc/dovecot/conf.d folder.
    So to make it clean, better just make changes in file: [dovecot.conf]


    # by Lambert
    #mail_location = maildir:/%Lh/Maildir/:INDEX=/%Lh/Maildir/
    # iRedMail default MailDir style:
    ## /var/vmail/vhosts/milliondollarserver.com/lambert.lu/MailDir/new/
    mail_location = maildir:/%Lh/:INDEX=/%Lh/
    # Lambert's tweak to make it cleaner
    ## /var/vmail/vhosts/milliondollarserver.com/lambert.lu/new/



  13. Allow user to send email without authentication

  14. Reference: iRedMail docs: Allow user to send email without authentication

No comments:

Post a Comment