Zimbra Mail Server

Documentation for Installation & Configuration of Mail Server (Zimbra)

Confidential - 1 - Futurenet Technologies India Pvt. Ltd.

MMMMAIL AIL AIL AIL SSSSERVER ERVER ERVER ERVER

DDDDOCUMENTATIONOCUMENTATIONOCUMENTATIONOCUMENTATION

VA Tech Wabag Ltd.



Server Configuration:

Processor : Intel(R) Xeon(R) CPU 2.33GHz

Memory : 8 GB

IP Assigned : 192.223.1.8

: 172.1.1.2

Main Packages installed/Configured in Server:

E-Mail Server : zcs-5.0.10_GA_2609.RHEL5_64-20080922123753

Webmin : webmin-1.320-1

Bind : bind-9.3.4-6.0.2.P1.el5_2

Httpd : httpd-2.2.3-11.el5.

Spam filter : mailscanner-4.71.10-1

Firewall : iptables-1.3.5-1.2.1

Requirements: The following are the requirements for installation of Mail Server: � CentOS 5 DVD or CD ISO images which are available at

http://isoredirect.centos.org/centos/5/isos/i386/

� High-speed Internet connection

Preliminary Note � The hostname is chennai.bdwt.com with the IP address of 192.223.1.8. � The Gateway is 192.223.1.1 and primary DNS is 127.0.0.1 � Domain name is bdwt.com

Installation of Centos 5

STEP: 1

Insert your CentOS DVD into your system and boot from the disk. Hit Enter to start the installation.



STEP: 2

You will be prompted to test the CD Media. Choose Skip



STEP: 3

Click Next to start the installation

STEP: 4

Choose the language as English.



STEP: 5

Select US English for appropriate Keyboard and Click Next.

STEP: 6

A Pop up asks for initializing the partition (It will ERASE all data). Choose Yes.



STEP: 7

/ 50000 /boot 100 swap 14000 (depends on your physical RAM size Eg. 8GB ) To Create New Partition (For /boot):

Click New Button – Add partition pop up opens – Select Mounting point as /boot. File

System Type: ext 3. Size (MB) 100. Click OK to continue.

To Create New Partition (For /):

Click New Button – Add partition pop up opens – Select Mounting point as /. File

System Type: ext 3. Size (MB) 15000. Click OK to continue.

To Create New Partition (For swap):

Click New Button – Add partition pop up opens – Select the File System Type as:

swap. Size (MB) 14000. Click OK to continue.

STEP: 8

You will be prompted for removal of ALL Data .Choose Yes.



STEP: 9

Enter IP address information for your network under Network Devices. Use the edit button and enter information appropriate for your network. Don't forget to enter your gateway and name servers as well.

STEP: 10

Select your region and Time Zone appropriately.



STEP : 11

Enter a password for the root account.

STEP: 12 Choose the packages to install. Uncheck all boxes in the upper pane and check the box for the

CentOS Extra Packages in the lower pane. Click the radio button to Customize Now and click next.



STEP: 13

A pop up will occur verifying your IP address information. The next screen allows you to choose packages for your installation. Install the following packages:

Applications

� Editors � Text-based Internet

Development

� Development Libraries � Development Tools � Legacy Software Development

Servers

� DNS Name Server � FTP Server � MySQL Database and select optional packages � Check php-mysql and close this dialog box. � Server Configuration Tool � Web Server and select optional packages � tomcat5, tomcat5-admin � Tomcat5-webapps and close this dialog box.

Base System

� Administration Tools � Base � Legacy Software Support



STEP: 14

Once you have selected the packages click next and it will search for dependencies.

STEP: 15

It is now ready to begin the installation. Click Next to begin.



STEP: 16

The installation should only take a few minutes as we are installing the minimum software’s required.

STEP: 17

Click on Reboot once the installation is finished. Be sure to remove your installation disk.



STEP: 18

Once the system reboots you are presented with the first boot screen. This feature allows you to make changes to the firewall. Using the keyboard choose Firewall and click tab to move to the Run Tool button and hit enter.

STEP: 19

Under Security Level select disabled and choose disabled for SELinux as well. Choose OK.

STEP: 20

The last step is to shutdown some services that will interfere with ZCS.



chkconfig sendmail off chkconfig ip6tables off chkconfig iptables off service sendmail stop service iptables stop service ip6tables stop

STEP: 21

We need to install one package before we can continue:

yum install libtool-ltdl

yum install bind bind-chroot bind-libs bind-utils

NOTE: Be sure to use the ip address and hostname/FQDN that is appropriate for your installation.

STEP: 22

Create the /var/named/chroot/etc/named.conf file:

vim /var/named/chroot/etc/named.conf options {

directory "/etc";

pid-file "/var/run/named/named.pid";

};

zone "." {

type hint;

file "/etc/db.cache";

};

zone "bdwt.com" {

type master;

file "/var/named/bdwt.com.hosts";

};

The IP address for forwarders should be the IP address of your DNS server. Now you need to create your /var/named/chroot/var/named/bdwt.com.hosts file



vim /var/named/chroot/var/named/bdwt.com.hosts $ttl 38400

bdwt.com. IN SOA chennai.bdwt.com. helpdesk.bdwt.com. (

1223137471

10800

3600

604800

38400 )

bdwt.com. IN NS chennai.bdwt.com.

bdwt.com. IN A 66.148.120.22

chennai.bdwt.com. IN A 192.223.1.8

server1.bdwt.com. IN A 66.148.120.22

newserver.bdwt.com. IN A 66.148.120.22

chennai.bdwt.com. IN MX 10 chennai.bdwt.com.

newserver.bdwt.com. IN MX 10 newserver.bdwt.com.

server1.bdwt.com. IN MX 10 server1.bdwt.com.

STEP: 23

Change your resolv.conf to use your mail server's IP address as its primary DNS.

vim /etc/resolv.conf

namserver 192.223.1.8

nameserver 127.0.0.1

Add routing table in the server

vim /etc/rc.local

route add -net 192.168.16.0 netmask 255.255.255.0 gw 192.223.1.1




STEP: 24

Start named on your server

/etc/init.d/named start

Enable autostart for named.

chkconfig named on



To verify do the following:

nslookup zimbra.sfl.co.in

It should return something similar to this: Server : 127.0.0.1

Address : 127.0.0.1#53

Name : chennai.bdwt.com

Address : 192.223.1.8

Notice that the IP address returned is the same as the local machine. That means success.

Install and manage iSCSI Volume Install Required Package: iscsi-initiator-utils RPM package.

STEP:1 root@# yum install iscsi-initiator-utils STEP:2 Configure iSCSI

STEP:3 Open /etc/iscsi/iscsid.conf with vi text editor:

vi /etc/iscsi/iscsid.conf

Setup username and password: node.session.auth.username = My_ISCSI_USR_NAME node.session.auth.password = MyPassword discovery.sendtargets.auth.username = My_ISCSI_USR_NAME discovery.sendtargets.auth.password = MyPassword Where, * node.session.* is used to set a CHAP username and password for initiator authentication by the target(s). * discovery.sendtargets.* is used to set a discovery session CHAP username and password for the initiator authentication by the target(s). If there is no username & password for iscsi node goto step4.



STEP:4 To start the iscsi service:

/etc/init.d/iscsi start

STEP:5 Discover targets

iscsiadm -m discovery -t sendtargets -p 172.16.1.1

/etc/init.d/iscsi restart STEP:6 Format and Mount iSCSI Volume You can now partition and create a filesystem on the target using usual fdisk and mkfs.ext3 commands: # fdisk /dev/sdb1 # mkfs.ext3 /dev/sdb1 Mount new partition: # mount /dev/sdb1 /opt

STEP:7 Mount iSCSI drive automatically at boot time

# chkconfig iscsi on

Open /etc/fstab file and append the below line:

/dev/sdb1 /opt ext3 defaults 0 0

Save and close the file.



Installing ZCS.

Copy the Setup files from CD:

Step 1 : cd /root

Step 2 : mkdir software

Step 3 : mount /dev/hdb1 /mnt

Step 4 : cd /mnt Step 5 : cp - r * /root/software

Install the webmin

rpm -ivh webmin*.rpm

Installation of Zimbra Collaboration Suite 5.06 Open source edition:

Step 1 : cd /root/software/zimbra Step 2 : tar xvzf zcs-5.0.10_GA_2609.RHEL5_64-20080922123753.tgz

Step 3 : cd zcs-5.0.10_GA_2609.RHEL5_64-20080922123753

Step 4 : ./install.sh –platform-override ------------ The output should look something like: Checking for existing installation... zimbra-ldap...NOT FOUND zimbra-logger...NOT FOUND zimbra-mta...NOT FOUND zimbra-snmp...NOT FOUND zimbra-store...NOT FOUND zimbra-apache...NOT FOUND zimbra-spell...NOT FOUND zimbra-proxy...NOT FOUND zimbra-archiving...NOT FOUND zimbra-cluster...NOT FOUND zimbra-core...NOT FOUND Read through the license agreement and hit enter. The output should be similar to: Checking for prerequisites... NPTL...FOUND sudo...FOUND sudo-1.6.7p12-10 libidn...FOUND libidn-0.6.5-1.1



fetchmail...FOUND fetchmail-6.3.6-1.1 gmp...FOUND gmp-4.1.4-10 compat-libstdc++-296...FOUND compat-libstdc++-296-2.96-138 compat-libstdc++-33...FOUND compat-libstdc++-33-3.2.3-61 libtool-ltdl...FOUND libtool-ltdl-1.5.22-6.1 Prerequisite check complete. Checking for standard system perl... perl-5.8.8...FOUND start system perl-5.8.8 Checking for installable packages Found zimbra-core Found zimbra-ldap Found zimbra-logger Found zimbra-mta Found zimbra-snmp Found zimbra-store Found zimbra-apache Found zimbra-spell Found zimbra-proxy Next you need to select the packages to install. The defaults are listed in the brackets so you can just press enter for every question.

Step: 5

Press Enter to continue

Install zimbra-ldap [Y] Install zimbra-logger [Y] Install zimbra-mta [Y] Install zimbra-snmp [Y] Install zimbra-store [Y] Install zimbra-apache [Y] Install zimbra-spell [Y] Install zimbra-proxy [N] You will see a warning like this: ----- You appear to be installing packages on a platform different than the platform for which they were built This platform is CentOS5



Packages found: zimbra-core-5.0.6_GA_2313.RHEL5.20080522104341.rpm This may or may not work

Step: 6

Press Y and press enter to continue 2 times. Install anyway? [N] The system will be modified. Continue? [N]

Step: 7

Notice the asterisks next to the Admin Password. You need to set the Admin Password

before you complete the install. To do this enters 3 at the prompt and hit enter.

Now you choose 4. You will be prompted to change the password.

After you change the password hit enter.



To redirect the spam mails to [email protected] follow the instructions:

Select Option 6. Provide the email [email protected] and hit enter.

To redirect all non spam mails to [email protected] follow the instructions.

Select Option 7. Provide the email [email protected] and hit enter.

Press '' r '' which will take you back to the previous menu and Enter '' a '' at the prompt to save the configuration.



The installation will complete and you will be all set to access the administrative

web interface.

You can access the admin web interface through the URL

https://chennai.bdwt.com:7071.

The web interface is fairly easy to navigate. Create a New Domain:



Step 1 : Open putty and login to chennai.bdwt.com Step 2 : Type su zimbra

Step 3 : Type the following command

zmprov cd chennai.bdwt.com

Forwarding the mail to the particular servers:

Step 1 : Open putty and login to chennai.bdwt.com.

Step 2 : Type su zimbra Step 3 : Type the following command one by one. After you have added your domain you need to add an email account. Click on accounts, and type the account name as system and select the domain as chennai.bdwt.com

To Add the Master Account in postfix

Step 1 : Open putty and login to chennai.bdwt.com

Step 2 : Type the following commands.



Global configuration:

Step 1: Open the Admin Console and login as [email protected]

Step 2: Click Global Settings.

Step 3: Select MTA tab

Step 4: Under Network - Relay MTA for external delivery: Type

“server1.bdwt.com”: “25”

Step 5: Uncheck the Enable DNS lookup



Select the IMAP tab Check the Enable clear text login

Select the POP tab Check the Enable clear text login



Select the AS/AV tab Uncheck Block encrypted archives Uncheck Send notification to recipient

How to Create Alias:

Select the Alias and create a new alias Give the alias name and select the domain name and Target account name.

Click OK, after entering the details.



How to Create Distribution List:

Step 1: Select the distribution lists and create a new list Provide the list name and select domain name (eg: [email protected]) To find the members and add in the distribution list (eg:Find: a_jinjose ) Save the settings.

User restriction for distribution list group

Step 1 : Open putty and login to chennai.bdwt.com

Step 2 : Type the following commands.

Create a 'protected recipients' list (as user Zimbra) - This is your list of email addresses that may only receive email from 'permitted senders' for example. If the [email protected] id is present in wabagone file he can able to send mail only to [email protected] and he is not allowed to send mails to any other distribution list.

vim /opt/zimbra/postfix/conf/protected_recipients

Press ''insert key' and type the following

[email protected] wabagone

[email protected] wabagtwo

[email protected] wabagthree

[email protected] wabagfour

[email protected] wabagfive



Press '' Esc '' and ‘‘shift : '' '' wq '' To save and exit.

• Wabagone file:-

Add the users list to send a mail to [email protected].

vim /opt/zimbra/postfix/conf/wabagone

[email protected] OK


















[email protected] Ok

• Wabagtwo file:-

Add the user list to send a mail to [email protected]

vim /opt/zimbra/postfix/conf/wabagtwo










































• Wabagthree file:-


vim /opt/zimbra/postfix/conf/wabagthree






















• Wabagfour file:-


vim /opt/zimbra/postfix/conf/wabagfour




















• Wabagfive file:-




vim /opt/zimbra/postfix/conf/wabagfive





















Create a simple bash script to create postfix DB files (as user zimbra):

vim /opt/zimbra/postfix/conf/update_protected_recipients

[paste in contents below editing as required]

#!/bin/bash echo "rebuild permitted_senders..." postmap /opt/zimbra/postfix/conf/permitted_senders postmap /opt/zimbra/postfix/conf/wabagone postmap /opt/zimbra/postfix/conf/wabagtwo postmap /opt/zimbra/postfix/conf/wabagthree postmap /opt/zimbra/postfix/conf/wabagfour postmap /opt/zimbra/postfix/conf/wabagfive echo "rebuild protected_recipients..." postmap /opt/zimbra/postfix/conf/protected_recipients



• Make new script executable, and then run it

chmod 755 /opt/zimbra/postfix/conf/update_protected_recipients /opt/zimbra/postfix/conf/update_protected_recipients

You should now see permitted_senders.db and protected_recipients.db in the directory

• Add necessary settings to /opt/zimbra/postfix/conf/main.cf

vi /opt/zimbra/postfix/conf/main.cf

[add these items below “mynetworks” to the file - note permitted_senders_list must match

value in protected_recipients]

wabagone = check_sender_access hash:/opt/zimbra/postfix/conf/wabagone, reject wabagtwo = check_sender_access hash:/opt/zimbra/postfix/conf/wabagtwo, reject wabagthree = check_sender_access hash:/opt/zimbra/postfix/conf/wabagthree, reject wabagfour = check_sender_access hash:/opt/zimbra/postfix/conf/wabagfour, reject wabagfive = check_sender_access hash:/opt/zimbra/postfix/conf/wabagfive, reject smtpd_restriction_classes = wabagone, wabagtwo, wabagthree, wabagfour, wabagfive smtpd_recipient_restrictions = check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, permit

**Note this change to the main.cf won't survive upgrades. Be sure to save a

copy of your main.cf file**

Now add your new restriction to the top of postfix_recipient_restrictions.cf

vi /opt/zimbra/conf/postfix_recipient_restrictions.cf

[paste this into the first line of the file, above any other settings] check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients

Reload postfix to activate settings: postfix reload



Now that you have an email account setup you can access the user interface. Point your browser to http://chennai.bdwt.com/ .

Log in with your full email address and the password that you set for it. After logging you will get this screen.

Your Mail Server has been configured and to check, send some test emails to another email account and verify that it is working properly.

Documents

Zimbra Mail Server