Had some time to spare today so a bit quicker then anticipated here is step 2 in the migration from Courier to Dovecot. In this step we move away from Courier-Auth to the Dovecot built in authentication module for the Postfix SASL SMTP authentication.

Read on for more information on step 2 for the migration.

Finally I’ve started the official migration of my production server from the Courier programs to Dovecot. I’ve done it several times on a test server but that is nothing compared to doing it or real on a server where there are a lot more emails and users working on.

I already ran into some problems that I haven’t seen one any of my test runs, which shows that it was good to do this upgrade myself for real before posting the full writeup. I’m posting the migration in several independent steps which you can do at your own leisure and speed. After each step you will have a fully functioning mailserver where only a small part of the setup has been changed. In this manner everything should be manageable and hopefully will not pose to many issues.

In the first step we are going to replace the Courier IMAP server with the Dovecot IMAP server. The instructions will work for Leopard and Snow Leopard. The next step will be about replacing Courier Auth with the Dovecot Auth module.

But no time to waste, read the first step in migrating from Courier to Dovecot.

A new version of Dovecot has been released. As far as I can tell it’s just a bug fix release and not a security fix. I think that if you are not affected then you are not required to upgrade and can skip this one. But sometimes it’s better to be safe then sorry.

• deliver: Don’t crash when a message with Auto-submitted: header gets rejected.
• lib-storage: Fixed header searches to work correctly when there are multiple headers with same name.
• dict client: Disconnect from dict server after 1 second of idling.
• dict: If process crashed, it wasn’t automatically restarted
• dict file: If dict file’s group permissions equal world permissions, don’t try to change its gid.
• maildir: Fixed a memory leak when copying with hardlinks.
• maildir: Expunging last messages may have assert-crashed if their filenames had just changed.

For all who are using to a 5.1.x version. This is a bug fix release and it is up to you if you want to upgrade. Check all the fixes and changes that are listed on the release notes to see what issues are resolved and if you are affected. Most of them are about replication and partitioning, none of which we actually use in our setup.

I’ve compiled this version and did some simple tests on my test servers and it worked without any problems.

Read the documentation on how to ugrade MySQL.

I’ve installed the updates on all my test machines running Snow Leopard 10.6.3 and Leopard 10.5.8 and I’ve noticed the following problems:

Leopard

On Leopard there are the small known issues with postfix. To correct it perform the following steps after the updates:

Re-install postfix by going into your latest source directory you’ve used the last time and run

sudo make install

Next, comment out or delete the following line from ‘/etc/postfix/main.cf‘:

inet_interfaces = localhost

Restart postfix (reloading config does not work) with:

sudo postfix stop

Postfix should restart automatically (if not run sudo postfix start).

Snow Leopard

Could not detect any postfix problems which I find suspicious but I can’t find the same postfix problems on Snow Leopard. If you can confirm this please leave a comment.

To read more on the updates read the Apple Knowledge Base article on this update.

I had someone reporting a problem with php which got replaced, but he used the default apache installation. So if you use the default apache and did not compile it please check your version of php. It might have been updated.

Thank you Wietse, I was waiting for this update as it fixes the problem we had on Snow Leopard woth the nameserver include. I was told by another user that Wietse was going to release a fix and here it is. Now we can compile Postfix without editing the source code. All the bugs fixed are:

• Bugfix (introduced Postfix 2.6) in the XFORWARD implementation, which sends remote SMTP client attributes through SMTP-based content filters. The Postfix SMTP client did not skip “unknown” SMTP client attributes, causing a syntax error when sending an “unknown” client PORT attribute.
• Robustness: skip LDAP queries with non-ASCII search strings, instead of failing with a database lookup error.
• Safety: Postfix processes now log a warning when a matchlist has a #comment at the end of a line (for example mynetworks or relay_domains).
• Portability: OpenSSL 1.0.0 changes the priority of anonymous cyphers.
• Portability: Mac OS 10.6.3 requires instead of .
• Portability: Berkeley DB 5.x is now supported.

No functionality has been removed, but it is a good idea to review the RELEASE_NOTES file for the usual minor incompatibilities or limitations.

Next up: updating the documentation to reflect the fact that you don’t need to update the source code.

For instructions on how to upgrade Postfix please read Upgrading Postfix.

For all who are using to a 5.1.x version. This is a security and bug fix release and it is up to you if you want to upgrade. There is a three security issues mentioned in the release notes. Check all the fixes and changes that are listed on the release notes to see what issues are resolved and if you are affected.

I’ve compiled this version and did some simple tests on my test servers and it worked without any problems.

Read the documentation on how to ugrade MySQL.

MySQL released new versions of the 5.0.x community version of their database server. There are security issue releated to this release so if you still use 5.0.x I would advise you to get this version. Also note that this version is getting EOL, I would advise you to plan an upgrade to a 5.1 release.

Read more about the specifics for this release here: Changes in MySQL 5.0.91

Sorry, I missed this completely. The PHP announcement mailing list isn’t as reliable as I would like to have seen.

The PHP team released 5.2.13 on the 25th of feb 2010 as a security release. Some of the bigger items where:

• Fixed safe_mode validation inside tempnam() when the directory path does not end with a /).
• Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak.
• Improved LCG entropy.

Read everything on this release in the 5.2.13 Release notes. I’ve tested it on one of my test machines without any issues.

The other release was 5.3.2 on the 4th of march 2010 as a regular maintenance release. It includes the fixes from 5.2.13 as described above. Read the 5.3.2 Release notes for everything that is covered in this release. Again tested this on one of my test machines without any problem.

For instructions on how to upgrade your PHP installation please read: Upgrading PHP.

For all who are using to a 5.1.x version. This is mostly a bug fix release and it is up to you if you want to upgrade. There is a single security issue mentioned in the release notes. Check all the fixes and changes that are listed on the release notes to see what issues are resolved and if you are affected.

I’ve compiled this version and did some simple tests on my test servers and it worked without any problems.

Please note that I’ve made some changes to the startup scripts to make sue that you are indeed running the updated version as indicated in my earlier post.

Read the documentation on how to ugrade MySQL.