Installation v8 (Zimbra)
Zimbra FOSS Installation Guide
Note that if you are installing on a server with a private address that is to be NAT'ed to a publicly accessible address you'll need ensure that you've got Split-DNS set-up, and I'd recommend a quick read through the DNS requirements regardless.
Pre-Requisites
- Working Ubuntu LTS Server installation - see Ubuntu Installation for further install info together with https://www.zimbra.com/downloads/zimbra-collaboration-open-source/ (will redirect you to a trail registration page that you need to complete 1st, have never been contacted by them)
- Base install with OpenSSH Server
- DNS Server - Only required if you need to use Split DNS and need to provide resolution of the internal IP address of the server (EG you don't have an existing local DNS Server under your control that you can add your Zimbra server in to)
- Internet/public IP address
- Can be shared with other services so long as there's no TCP port conflicts and you have a router that can perform the appropriate NAT'ing
- See http://wiki.zimbra.com/wiki/Ports#External_Access for required TCP ports
- Can be shared with other services so long as there's no TCP port conflicts and you have a router that can perform the appropriate NAT'ing
- MX (Mail Exchange) DNS record pointing to public IP address
- Additionally an internal only MX record pointing to the server's internal/private IP address - only if you need to use SplitDNS
Server Specification[1]
| Specification | CPU | Memory | Free Disk | Comments |
|---|---|---|---|---|
| Minimum | 1 x 2.0 GHz | 4 GB | 10 GB | Below Zimbra minimum spec, but workable for a small number of accounts (eg <10 active mailboxes) |
| Recommended | 2 x 2.0 GHz | 8 GB | 10 GB | Recommended minimum production spec advised by Zimbra |
Note: Free Disk does not include allocation for mail storage So you will need additional free space for users data.
Memory seems to be the main choke point for Zimbra, and will run a bit faster if you can spare a bit more. The less RAM the server has, less data can be cached into memory, and so the more disk IO that is required, and consequently the higher demand there will be on getting good IO throughput from the servers disks.[2]
Procedure
- Locate the appropriate download URL at https://www.zimbra.com/try/zimbra-collaboration-open-source/, aand copy the link to the download
- Download the target of the link to your server
- Uncompress the package
tar xzf zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954.tgz
- Change directory into the folder and start the install (needs to be run as root, using sudo works)
- EG
cd zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954 ./install.sh- Accept the EULA, update your
/etc/hostsfile if required and restart
- EG
- When prompted accept using Zimbra's package repository
- Accept the default packages except
zimbra-dnscache(unless you know of any others you specifically want to exclude as well) - Answer
Yto theThe system will be modified. Continue?query- The install will proceed, note that some steps take longer and the install script might appear to hang occasionally
- Once the packages are installed the installer may complain about your domain not having a DNS record -
DNS ERROR resolving MX for ...- Change the domain to your publicly registered domain (without server hostname, so
sandfordit.comrather thanmail.sandfordit.com - If this fails to resolve the error, there is a problem with your network/DNS setup
- If this is a new server that you don't want to receive inbound email immediately create a low priority MX record temporarily
- Change the domain to your publicly registered domain (without server hostname, so
- At the end of the base install, address the unconfigured item (ie an admin password)
- Write the config to disk and allow the system to be configured
Once the install is completed, login to administer the exchange server using a URL similar to https://your-mail-svr:7071
Post Install Config
Enforce HTTPS for Clients
To enforce user connections using Zimbra Desktop or the web client to HTTPS use the following command as the zimbra user (EG su -zimbra )
zmtlsctl https
Requires a restart to take effect...
zmcontrol restart
For more info see http://wiki.zimbra.com/wiki/CLI_zmtlsctl_to_set_Web_Server_Mode
High CPU Workaround
Zimbra seems to have some reoccurring issues with regular high CPU spikes, some as often as every minute, caused by background maintenance tasks. With the increasing prevalence of virtualisation, this appears to be being noticed more frequently by users, and can a reoccurring thread in the forums. The following can aid in reducing this, which look to limit and reduce the logging retention and failed process checking that occurs. The config changes are relatively aggressive, so you may wish to alter less from the default.
| Command | Comments | Default |
|---|---|---|
zmlocalconfig -e zmmtaconfig_interval=600 |
Increase service failure watchdog interval to 600 secs (10 mins) | 60
|
zmprov mcf zimbraLogRawLifetime 7d |
Reduce raw log retention to 7 days | 31d
|
zmprov mcf zimbraLogSummaryLifetime 30d |
Reduce summary log retention to 30 days | 730d
|
zmprov ms <hostname> -zimbraServiceEnabled logger |
Toggles/disables the logger service - I don't do this myself, seems too drastic Replace |
Enabled |
Additionally its common to tune down the frequency of scheduled tasks (edit config file with crontab -e , some lines in table below truncated with ...)
| Original | Change to | Comments |
|---|---|---|
*/2 * * * * /opt/zimbra/libexec/zmstatuslog |
*/60 * * * * /opt/zimbra/libexec/zmstatuslog |
Reduce status logging to hourly (from every 2 mins)
Will cause a bigger CPU spike on the hour. |
00,10,20,30,40,50 * * * * /opt/zimbra/libexec/zmlogprocess ... |
*/15 * * * * /opt/zimbra/libexec/zmlogprocess ... |
Reduce log processing to every 15 mins |
Reduce AV Memory Usage
Anti-virus spawns a number of threads so that it can concurrently process incoming and outgoing email. If your server isn't expected to under much load and/or you're not too worried about mail queueing waiting to be scanned you can reduce the number of instances of amavisd that get spawned.
The default is 10 processes. Reducing the number of process may reduce the amount of RAM used by AV scanning may allow other components of the system to use more RAM, effectively improving the responsiveness of the server, at the expense of reducing the speed of email delivery. However,you may find that each process is now using more RAM so overall usage hasn't decreased.
Log in to your server and as the zimbra user edit /opt/zimbra/conf/amavisd.conf.in and change the $max_servers config line. No less than 2 is recommended, eg
$max_servers = 5;
References
- ↑ Zimbra System Requirements for v8.5 - https://www.zimbra.com/open-source-email-overview/ (will redirect you to a trail registration page, no financial info or commitment required)
- ↑ Zimbra Performance Tuning - http://wiki.zimbra.com/wiki/Performance_Tuning_Guidelines_for_Large_Deployments