Zimbra Collaboration Server 8 is amazing, it\u2019s a fresh up take away from the rough hands of Microsoft Exchange. And most importantly, the opensource version has everything that I need. I\u2019ve used it commercially and do recommend it to any clients as it\u2019s just a great platform.<\/p>\n
Installation of Zimbra is very easy. I\u2019ve left the comments from my notes to make it easier to understand.
\nThe installation is from a CentOS 6.3 minimal install after doing my routine secure, hardening and updates.<\/p>\n
yum -y update<\/p>\n
yum -y install wget setuptool system-config-network system-config-firewall ntsysv nscd perl nc sudo sysstat<\/p>\n
yum install system-config-network-tui
\nyum install system-config-firewall-tui
\nyum install nc
\nyum install sudo
\nyum install mysql mysql-server mysql-devel
\nyum install sysstat
\nyum install wget
\nyum install bind bind-utils<\/p>\n
<\/p>\n
setup # disable services iptables, sendmail
\nservice iptables stop
\nservice sendmail stop<\/p>\n
chkconfig sendmail off
\nchkconfig netfs off
\nchkconfig rpcbind off
\nchkconfig rpcgssd off
\nchkconfig rpcidmapd off
\nchkconfig fcoe off
\nchkconfig iptables off
\nchkconfig ip6tables off
\nchkconfig iscsi off
\nchkconfig iscsid off<\/p>\n
<\/p>\n
# Disable Startup Services
\nservice postfix stop
\nchkconfig postfix off
\nservice sendmail stop
\nchkconfig sendmail off
\n# Install nc package
\nyum -y install nc sysstat
\n# Disable Selinux (unfortunately, Zimbra does not yet fully support Selinux)
\nsetenforce 0
\nnano \/etc\/selinux\/config
\n# Modify
\nSELINUX=disabled
\n# Fix hosts file
\nnano \/etc\/hosts
\n# Append
\nipaddress hostname.domain.com hostname<\/p>\n
echo “0 4 * * * root ntpdate time.stdtime.gov.tw” >> \/etc\/crontab<\/p>\n
<\/p>\n
# Installing Zimbra Opensource
\nwget http:\/\/files2.zimbra.com\/downloads\/8.0.2_GA\/zcs-8.0.2_GA_5569.RHEL6_64.20121210115059.tgz
\ntar -zxvf zcs-8.0.2_GA_5569.RHEL6_64.20121210115059.tgz
\ncd zcs-8.0.2_GA_5569.RHEL6_64.20121210115059
\n# Centos isn’t officially supported but RHEL 6 is so we platform-override
\n# # THIS WILL TAKE A WHILE ##
\n# This is run in screen as it may take a while #
\n# depending on your machine, go grab a coffee #
\n# You can close the screen with ctrl+A+D and
\n# continue with your other operations #
\n# If you get disconnected or want to #
\n# return to the screen simply use $screen -R #
\n# Configuration steps following this are very self explanatory #
\n#
\nscreen .\/install.sh –platform-override<\/p>\n
tep4. Install Zimbra 8
\n# cd zcs-8.0.0_GA_5434.RHEL6_64.20120907144639
\n# .\/install.sh –platform-override
\nQ1. Do you agree with the terms of the software license agreement? [N] Y
\nQ2. Do you agree with the terms of the software license agreement? [N] Y
\nQ3. Install zimbra-ldap [Y] Enter
\nQ4. Install zimbra-logger [Y] Enter
\nQ5. Install zimbra-mta [Y] Enter
\nQ6. Install zimbra-snmp [Y] Enter
\nQ7. Install zimbra-store [Y] Enter
\nQ8. Install zimbra-apache [Y] Enter
\nQ9. Install zimbra-spell [Y] Enter
\nQ10. Install zimbra-memcached [N] Enter
\nQ11. Install zimbra-proxy [N] Enter
\nQ12. Install anyway? [N] Y
\nQ13.The system will be modified. Continue? [N] Y
\nQ14. Address unconfigured (**) items (? – help) 3
\nQ15. Select, or ‘r’ for previous menu [r] 4
\nQ16. Password for admin@zimbra.iwant-in.net (min 6 characters): [KFAYdeL6]
\nQ17. Select, or ‘r’ for previous menu [r] r
\nQ18. Select from menu, or press ‘a’ to apply config (? – help) a
\nQ19. Save configuration data to a file? [Yes] Enter
\nQ20. Save config in file: [\/opt\/zimbra\/config.8480] Enter
\nQ21. The system will be modified – continue? [No] Yes
\nQ22. Notify Zimbra of your installation? [Yes] No
\nQ23. Configuration complete – press return to exit Enter<\/p>\n
# Optimization on Lower Memory<\/p>\n
su zimbra<\/p>\n
zmcontrol status<\/p>\n
su zimbra
\nzmlocalconfig -e tomcat_java_heap_memory_percent=40
\nzmlocalconfig -e mysql_memory_percent=10
\nzmlocalconfig -e mysql_table_cache=250
\nzmlocalconfig -e mailboxd_java_heap_memory_percent=10
\nzmlocalconfig -e zmmtaconfig_interval=7200
\nzmmtactl restart<\/p>\n
# Using -l option connects to LDAP Server Instead, Fixes the issue with connecting through soap
\n# Disable Logger Service, Stats and SNMP
\n# THIS IS ONLY FOR MY LOW MEMORY SETUP. Not recommended for production use.<\/p>\n
zmprov -l ms mail.domain.com -zimbraServiceEnabled snmp
\nzmprov -l ms mail.domain.com -zimbraServiceEnabled logger
\nzmprov -l ms mail.domain.com -zimbraServiceEnabled stats
\nzmcontrol stop
\nzmcontrol start
\nzmlocalconfig -e zmmtaconfig_interval=7200
\nzmprov -l mcf zimbraLogRawLifetime 7d
\nzmprov -l mcf zimbraLogSummaryLifetime 30d
\nzmmtactl restart<\/p>\n
nano \/opt\/zimbra\/conf\/my.cnf in:
\n# Modify
\n# thread_cache_size = 110
\n# max_connections = 110<\/p>\n
thread_cache_size = 20
\nmax_connections = 20<\/p>\n
nano \/opt\/zimbra\/conf\/amavisd.conf.in
\n# Modify
\n# $max_servers = 10;
\n$max_servers = 2;<\/p>\n
# Configure Iptables Firewall
\n# enable zimbra ports
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 25 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 110 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 143 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 389 -j ACCEPT # -s 10.10.3.0\/24
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 443 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 465 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 993 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 995 -j ACCEPT
\n$iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 7071 -j ACCEPT # -s 10.10.3.0\/24<\/p>\n
And that\u2019s it. Do check out the Zimbra website for a full list of features, unfortunately it is quite memory and cpu intensive and<\/p>\n
it\u2019s not comparable to the simple postfix squirelmail setups that some may be used to.<\/p>\n
But the feature range is amazing and definitely worth a look into for those on the fence.<\/p>\n
<\/p>\n
Adding my own WildCard SSL Certificate to Zimbra Collabration Server 8
\nInstallation of Zimbra is a breeze, on my CentOS 6.3 Minimal install it took less than 5 minutes of interaction.<\/p>\n
To get the SSL certificate installed took a little more tweaking then the install but after some trial and error the final list of commands were very short.<\/p>\n
cp \/opt\/zimbra\/ssl\/zimbra\/ca.pem \/opt\/zimbra\/ssl\/zimbra\/ca.pem.bak
\necho \/dev\/null > \/opt\/zimbra\/ssl\/zimbra\/ca.pem
\nnano \/opt\/zimbra\/ssl\/zimbra\/ca\/ca.pem
\n# Insert our ca.pem here, only the certificate not the key
\nnano \/opt\/zimbra\/ssl\/zimbra\/commercial\/commercial.key
\n# Insert the .key file contents
\nnano \/opt\/zimbra\/ssl\/zimbra\/commercial\/commercial_ca.crt
\n# Insert the .crt file contents<\/p>\n
# Now we’ll deploy our crt, telling Zimbra it’s a commercial cert (although it’s not)
\n\/opt\/zimbra\/bin\/zmcertmgr deploycrt comm \/opt\/zimbra\/ssl\/zimbra\/ca\/ca.pem<\/p>\n
# Verify the installed cert
\n\/opt\/zimbra\/bin\/zmcertmgr viewdeployedcrt<\/p>\n
# Force SSL with a redirect
\nzmtlsctl redirect<\/p>\n
# Restart
\nzmcontrol stop
\nzmcontrol start<\/p>\n
<\/p>\n
At command prompt type<\/p>\n
su zimbra<\/p>\n
zmcontrol status<\/p>\n
To start the zimbra services type:
\nzmcontrol start<\/p>\n
Open a browser and log in at http:\/\/mail.server.com<\/p>\n
For admin panel type: http:\/\/mail.server.com:7071<\/p>\n
<\/p>\n
Change Zimbra Web Client Logo and Title
\nLogo Path –> \/opt\/zimbra\/jetty\/webapps\/zimbra\/skins\/_base\/logos
\nLogo Files –> AppBanner.png
\nTitle Defined Path –> \/opt\/zimbra\/jetty\/webapps\/zimbra\/WEB-INF\/classes\/messages\/ZmMsg.properties
\nTitle Desc –> zimbraTitle = IWANT-IN WebMail
\nzimbraLabel = IWANT-IN WebMail\\uff1a<\/p>\n
<\/p>\n
# su – zimbra<\/p>\n
Depois, basta executar:<\/p>\n
$ zmprov -l -v mcf zimbraXMPPEnabled TRUE
\n$ zmprov -v mc default zimbraFeatureIMEnabled TRUE
\n$ zmprov -v mc default zimbraFeatureInstantNotify TRUE
\n$ zmcontrol stop
\n$ zmcontrol start<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Zimbra Collaboration Server 8 is amazing, it\u2019s a fresh up take away from the rough hands of Microsoft Exchange. And most importantly, the opensource version has everything that I need. I\u2019ve used it commercially and do recommend it to any clients as it\u2019s just a great platform.<\/p>\n
Installation of Zimbra is very easy. I\u2019ve left […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2056"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2056"}],"version-history":[{"count":4,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2056\/revisions"}],"predecessor-version":[{"id":2476,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/2056\/revisions\/2476"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2056"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2056"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2056"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}