Skip to content
This repository was archived by the owner on Apr 14, 2025. It is now read-only.

Upgrading Guide

Jump to bottom
John Mertz edited this page Aug 23, 2024 · 4 revisions

WARNING:

As noted elsewhere, MailCleaner-Next is still too early in developement to use in production. Migration procedure is also not fully tested and documented. If you are going to Alpha test MailCleaner-Next, we would ask you to work from a new installation, without migrating your configuration, until this procedure is verified.

Upgrading from MailCleaner (Jessie)

Note: MailCleaner Next is still in Alpha status, it should not be used for production.

In order to have the best roll-out possible for new appliances, we are seeking Alpha testers for the Community release.

Why Upgrade?

The current release is based on Debian Jessie, which is now EOL. By upgrading, you will gain access to new, supported packages as well as the following benefitial changes (checks indicate completed changes):

  • Upgrades to core package versions:
    • Apache2 => 2.4.57
    • Exim => 4.98 (recompiled Debian package with extra features)
    • PHP => 8.2
    • Perl => 5.36
    • MariaDB (replaces MySQL) => 10.11.3
    • SpamAssassin (spamd) => 4.0.0
    • ClamAV => 1.0.3
    • Fail2Ban => v1.0.2
    • Many others from upstream Debian Bookworm repositories
  • Adoption of mostly upstream Debian versions of packages to provide easier upgrades and better security guarantees going forward.
  • Adoption of systemd for service management (mostly complete). Will provide faster startup times and better reactivity to service failures.
  • Changing to distinct user account for each service to isolate permissions and limit damage in the event of an exploit.
  • Migration from openssl to gnutls inside exim for better cipher compatibility and additional features (eg. DANE)
  • Migration from iptables to nftables (with ufw front-end) for improved firewall usability and performance
  • Complete overhaul of WebUI libraries for new PHP version and Zend framework
  • Lightly updated WebUI template with backwards-compatibility for custom templates.
  • Simplified first-start installation/configuration script.
  • Improved back-end image building tools for continuous development. Will allow for faster initialization of new machines. Will potentially allow for additional image formats and installation methods (TBD).

Other upgrades which will be rolled out down the road to the Next release only:

  • (Optional) New OCR module using TessoractOCR
  • (Enterprise) Enhancements to ESET Anti-Virus integration
  • (Enterprise) New MachineLearning module

How to Upgrade

Upon the official release, there will be a simplified, (semi-)automated migration process. Until then, you will need to run the steps below manually. Even when the official release is complete installing a new appliance will always be necesasry. There will be no in-place upgrades of an existing appliance. The new machine will be referred to as new-server below.

Ensure that your existing appliance is up-to-date by checking that /root/Updater4MC/updater4mc.sh completes without errors. This will be referred to as old-server below.

We are working on a single-command migration script to ingest and upgrade your existing data, but for now it is a manual process:

  • Stop MailCleaner on old_server:
/etc/init.d/mailcleaner stop
  • and new_server:
systemctl stop mailcleaner
  • Copy to the database and all quarantines from old_server to new_server:
rsync -av --delete --exclude 'spool/tmp' --exclude 'run' /var/mailcleaner/* root@new_server:/var/mailcleaner
  • Copy config file /etc/mailcleaner.conf from old_server to new_server
rsync -av --delete /etc/mailcleaner.conf root@new_server:/etc/mailcleaner.conf
  • Copy your network configuration
rsync -av --delete /etc/network root@new_server:/etc/network

  • Take old_server offline

  • Restart networking on new_server

systemctl restart networking
  • Now restart MailCleaner on new_server. Beware of IP address and network configuration.
systemctl start mailcleaner
  • Repair and resync databases:
/usr/mailcleaner/bin/check_db.pl -m --myrepair
/usr/mailcleaner/bin/check_db.pl -s --myrepair
/usr/mailcleaner/bin/resync_db.sh
  • Verify that everything is working by accessing the WebUI at the address of old_server (which now belongs to new_server), test sending/receiving emails, etc. In the event of a failure, you can take down new_server and then bring old_server back up so that it reclaims it's IP.'

Other considerations

There may be some additional files that you need to copy if you have customized your configuration. Specifically, you may have a custom set of template files in /usr/mailcleaner/www/user/htdocs/templates and /usr/mailcleaner/templates/*.

Administrator Shortcuts

User Shortcuts

Developer Shortcuts

Expand ▶ Pages above to view the Table of Contents for the article you are already reading, or to browse additional topics. You can also search for keywords in the Wiki.

Clone this wiki locally