iRedMail Admin Panel (Open Source Edition)
Home Page: https://www.iredmail.org/admin_panel.html
License: GNU General Public License v2.0
Don't forget to check out our lightweight email archiving software: https://spiderd.io/
Download packed stable release tarballs: https://dl.iredmail.org/yum/misc/
Installation Guide, Release Notes, Upgrade Tutorials: https://docs.iredmail.org/iredadmin-pro.releases.html
Please report bugs in our forum: https://forum.iredmail.org/
Hello,
I have just started with iRedMail, and I was thinking that maybe it would be safer to have a 2FA solution for the admin portal, as it seems to me like a potential security risk?
Thanks for the great products ๐
I've got a limit 200mails / mailbox in one domain as You see in domain level.
On User level that looks like this:
This is unclear - to clarify I propose:
Adding first checkbox:
[ ] override domain throttle settings
Bellow content should be visualy disabled (grayed or hidden) if the checkbox is unchecked.
The state of checkbox [ ] throttle outbound mails should be set from domain level throttling settings (and also other values).
What do You think about that?
When should you submit Swedish translation, have uploaded this several months ago?
When some employee is very ill or had an accident in work. There is a need to set autoresponder by admin when the employee could not do this by himself.
This would also help to debug "lost mails" (said by users) and "bad sieve filter settings" (described by admin) :-)
This is an proposal of enhancement, not a bug issue.
I looked into the SQL Pro source: line 127 in
/opt/www/iRedAdmin-Pro-SQL-4.3/controllers/mlmmj/newsletter.py looks like the problem area.
Hello i use iRedAdmin-Pro. I often feel the lack of an autoresponder option. Currently, to set this option, I need to know the employee's password and log in to the roundcube mailbox for him. If you can add such an option in the future. I think it will improve the work of many people.
Any ideas why this script doesn't work?
# python3 update_password_in_csv.py passwords.csv
Traceback (most recent call last):
File "update_password_in_csv.py", line 37, in <module>
from tools.ira_tool_lib import debug, logger, get_db_conn
File "/opt/iRedAPD-3.0/tools/../tools/__init__.py", line 71
except Exception, e:
^
SyntaxError: invalid syntax
# python3 -V
Python 3.6.8
# pip3 -V
pip 9.0.3 from /usr/lib/python3.6/site-packages (python 3.6)
Hello again,
i think everything that is send with the mlmmj in the iRedAdmin-Pro (SQL) should also send DKIM signed. But that is currently not done.
Also the message is using [email protected] even after fix the #2 issue - see headers:
Delivered-To: [email protected]
Received: by 2002:a6b:b60a:0:0:0:0:0 with SMTP id g10csp2016815iof;
Sat, 2 May 2020 06:44:30 -0700 (PDT)
X-Google-Smtp-Source: APiQypKQaZZweethc99+PtgLFcoslTHmTYPAcB5flksa9tqd0w/lYEpVmxWJacCzXPf+EOlXScMq
X-Received: by 2002:adf:df04:: with SMTP id y4mr9392290wrl.413.1588427070491;
Sat, 02 May 2020 06:44:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1588427070; cv=none;
d=google.com; s=arc-20160816;
b=tPVBoOs/b4QY50Q4FvrDanKk3Btwh6SPkf7NotLxg9M7AoO5h0MO9fV8XA6DDdjCwN
gUZfWYcWRh3ZaYY7ugo2QioLzp7taYynUlLWaKDVT4Vloabf9/ikssZSJMYeKdTG6Ee9
rE7p4s4pxPuNcJepKGDpmuK5/7Sb9MLFeb7at6f4mrch2EdBfu6qahd6nItxoDhsizpt
tjv0DtDIwhqDV9Y2J/Q58LbINNS1rwCO14VQmZ7OZSOqs33Ufa6+vGz/6VGmbreq8Yyo
7YUkL8Z822556hpY49jXuczq94d35knHxmkquxs5MER+1odmnOP7V0WPBAsAYjekJnQE
knkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=date:message-id:subject:to:from:mime-version;
bh=W9copRtJgcenAa7KuZzmxnlUmSB2q5TPIrA/+zNBd+0=;
b=IrpXRan9l7X0VPpg1dI+qlSyAIe85XOjaj2MX3uBJ7+xyHAEqFiY9AKv5Bhbc4ahkz
soIC1O1BDW/+6fVJPcGKDsjimiM32/jhNcFFHm5yUlVEp0gZsdOnJeMTc53K2zYND9Mg
8SJSk6Q6iMQZCBMEoErxXGFO0YY3kyBk9867evlJN4sHQj+psteysQOEIpgvfjQT73n+
7zxdaLqKHXrtf0/RYgNc9HpuJSCvWAqe5QUexdOwHBJmBLZi7O0F6Prsr9EB8kTJC1Eh
ENaqtlsijMidnJC/y4ZkBF+KNxfsgFwSpGwvryjQJxONsVk3zrUSKQxqVVQvckHW6dGH
JuPA==
ARC-Authentication-Results: i=1; mx.google.com;
spf=neutral (google.com: 123.456.789.123 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected];
dmarc=fail (p=REJECT sp=REJECT dis=QUARANTINE) header.from=senderdomain.example.com
Return-Path: <[email protected]>
Received: from mail.example.com (mail.example.com. [123.456.789.123])
by mx.google.com with ESMTPS id f11si5248644wrr.209.2020.05.02.06.44.30
for <[email protected]>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 02 May 2020 06:44:30 -0700 (PDT)
Received-SPF: neutral (google.com: 123.456.789.123 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=123.456.789.123;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 123.456.789.123 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected];
dmarc=fail (p=REJECT sp=REJECT dis=QUARANTINE) header.from=senderdomain.example.com
Received: from mail.example.com (localhost [127.0.0.1]) by mail.example.com (Postfix) with ESMTP id 49Dr2P67RPz42Pn for <[email protected]>; Sat,
2 May 2020 13:44:29 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mail.example.com
X-Spam-Flag: NO
X-Spam-Score: 2.128
X-Spam-Level: **
X-Spam-Status: No, score=2.128 tagged_above=2 required=6.2 tests=[FROM_FMBLA_NEWDOM=1.5, HEADER_FROM_DIFFERENT_DOMAINS=0.249, NO_DNS_FOR_FROM=0.379, NO_RELAYS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.example.com ([127.0.0.1]) by mail.example.com (mail.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XMybXgnUvC8q for <[email protected]>; Sat,
2 May 2020 13:44:29 +0000 (UTC)
Received: by mail.example.com (Postfix, from userid 2001) id 49Dr2P2HPtz42Pq; Sat,
2 May 2020 13:44:29 +0000 (UTC)
Content-Type: multipart/alternative; boundary="===============0686849023228782657=="
MIME-Version: 1.0
From: No Reply <[email protected]>
To: [email protected]
Subject: Subscription confirm: TSG News
Message-Id: <[email protected]>
Date: Sat,
2 May 2020 13:44:29 +0000 (UTC)
Else your DKIM/DMARC settings will hit and the mail will mark as SPAM.
Maybe also the X-Spam-xxx header fields should prevent from sending to outbound, but that should not be the question here.
The best situation I think is to set limit to not more than 10 receipients in CC/TO/ANSWERTO and not more than 100 in total.
Is it possible to set a limit of maximum receipients in one mail on domain/user level with iredadmin?
I would like to prevent peoples possible mistakes when putting many BCC mails in CC.
After an upgrade to version 1.8 I get the following error in my Apache logs:
mod_wsgi (pid=31017): Exception occurred processing WSGI script '/opt/www/iredadmin/iredadmin.py'.
Traceback (most recent call last):
File "/opt/www/iredadmin/iredadmin.py", line 8, in <module>
from libs import iredbase
File "/opt/www/iredadmin/libs/iredbase.py", line 18, in <module>
from . import iredutils
File "/opt/www/iredadmin/libs/iredutils.py", line 54
def is_auth_email(s) -> bool:
^
SyntaxError: invalid syntax
I am running my iRedMailAdmin on a Debian 9 server
Hi,
With Chrome (perhaps other browsers too), when we want to add a user, there is auto fill from browser which fill 2 fields : user and password.
Could you add in HTML an option to stop that ? Something like autocomplete="off"
Thanks
Best regards
https://packagist.org/packages/dsoares/rcguard
Could You add captcha after third login try (to roundcube client and admin panel) in default install?
Will iredadmin be supported for newly released Debian 12?
Default state of checkbox "Send email to new members for subscription confirm" when adding a members to maillist should be unselected if the maillist has disabled email subscription (mentioned in #22).
Now there is: 
First two options are exclusive.
My suggestion is:
Email subscription control (membership to maillist):
[x] allow subscription,
[x] allow unsubscription,
[x] subscription confirm
When updating a password via PUT api/user/<mail> also update the user's passwordlastchange attribute to current time.
KERNEL_NAME="$(uname -s | tr '[a-z]' '[A-Z]')" obviously doesn't work on FreeBSD (13.0-RELEASE-p4, current port tree). I replaced that with export KERNEL_NAME="$(uname -s | tr '[:lower:]' '[:upper:]')" to fix this.
On FreeBSD, the script checks for CMD_PIP3='/usr/local/bin/pip3' but the port devel/py-pip doesn't install that file but only /usr/local/bin/pip which is a symlink to /usr/local/bin/pip-3.8.
When worker end up working in company there is a need to archive his whole account (messages).
The need is required from that - some projects requires to archive 5 years max documentations.
Now the manual archiving is monkey work (downloading all mails by mail client all mails folder by folder).
I suggest to add an option to iredadmin: "Download account messages as an archive".
The end effect should be zipped user maildir.
File: summary.txt
Accounts managed by admin: [email protected]
------
- Domains: 1
- Mailboxes: 152
**- Disabled mailboxes: 44**
- Mailing lists: 1
- Mail aliases: 27
And create new File: domain.pl_disabledaccounts.txt
# Disabled mailboxes under domain far.org.pl
# Format: mail address, display name
[email protected], disabled1
[email protected], disabled2
is there a way by which user added in iredmail smtp server via ldap is by deafult enabled .
Reference:
https://forum.iredmail.org/post82395.html#p82395
Just deleting a domain should not cascade all references in vmail.forwardings that point to the deleted domain, since it doesn't matter if the forwarded domain is locally hosted or not.
Either remove that completely or make it a checkbox with a warning like "delete all forwardings pointing to that domain aswell?" so ppl have the choice to do so if they want
I want verify hash password that genearte in python in my Java code . but hash generate in java is not same python
python code
def generate_ssha512_password(p: str) -> str:
if isinstance(p, str):
p = p.encode()
p = p.strip()
salt = urandom(8)
pw = hashlib.sha512(p)
pw.update(salt)
return b64encode(pw.digest() + salt).decode()
def verify_ssha512_password(challenge_password: Union[str, bytes],
plain_password: Union[str, bytes]) -> bool:
if isinstance(challenge_password, bytes):
challenge_password = challenge_password.decode()
if isinstance(plain_password, str):
plain_password = plain_password.encode()
# everything after that 64 bytes is the salt.
if len(challenge_password) < 64:
return False
try:
challenge_bytes = b64decode(challenge_password)
digest = challenge_bytes[:64]
salt = challenge_bytes[64:]
hr = hashlib.sha512(plain_password)
hr.update(salt)
return digest == hr.digest()
except:
return False
verify_ssha512_password(
'0F2/psc+tkd8KrWmoT/LOusFk7cH6mic8nmF4v+qVmVtoxYgJXVEWEfAFfYYLRPQkwRGjgIN5FyWM9ZYdn58Tvs6lloA2SwW',
'Aa123!@#')
// is valid
java code
public static byte[] get_SHA_512_SecurePassword(String passwordToHash, byte[] salt) {
try {
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8));
return bytes;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return null;
}
private static boolean verify_ssha512_password(String challenge_password, String plain_password) throws UnsupportedEncodingException {
byte[] challenge_bytes = Base64.decodeBase64(challenge_password.getBytes(StandardCharsets.UTF_8));
byte[] digest = Arrays.copyOfRange(challenge_bytes, 0, 64);
byte[] salt = Arrays.copyOfRange(challenge_bytes, 64, challenge_bytes.length);
return get_SHA_512_SecurePassword(plain_password, salt).equals(digest);
}
public static void main(String[] args) throws UnsupportedEncodingException {
boolean valid=verify_ssha512_password("0F2/psc+tkd8KrWmoT/LOusFk7cH6mic8nmF4v+qVmVtoxYgJXVEWEfAFfYYLRPQkwRGjgIN5FyWM9ZYdn58Tvs6lloA2SwW", "Aa123!@#");
// is not valid
}salt bytes is like this
java salt ---> -5,58,-106,90,0,-39,44,22
python salt ---> 251,58,150,90,0,217,44,22
file: RedAdmin-Pro-LDAP-4.8/libs/ldaplib/maillist.py
line: 637
change
profiles.sort()
to
profiles.sort(key=lambda x: x['uid'], reverse=False)
something wrong with python3 with array sort.
I get this issue by upgrade to RedAdmin-Pro-LDAP-4.8 with old iredadmin version data.
hope this can help anyone get into this issue.
The cleanup statements check for quar_type = 'Q' and quar_type <> 'Q', neither match for quar_type IS NULL.
That has the effect, that those entries start to accumulate over time.
Please add option to edit sieve filters for users from iredAdminPro panel.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.