2,187
edits
Difference between revisions of "Zimbra"
Jump to navigation
Jump to search
m
Updated to use Depreciated template
(→Zimbra Appliance: Added license bit) |
m (Updated to use Depreciated template) |
||
| (8 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Depreciated|category=Zimbra}} | |||
== Installation == | == Installation == | ||
The notes below are for the situation of installing a Zimbra server in a split-DNS scenario. Split DNS is required where you have a Zimbra server on an internal (private address range) network. Zimbra needs to be able to resolve its own MX DNS record, therefore if your server is known publicly by one IP address, but in fact has an internal address (and the public IP is NAT'ed to the internal IP) you'll need to use split DNS. The method below uses a DNS server installed locally on the Zimbra server, however you can also use a DNS server on your local network, if you have one available. | |||
=== DNS Records === | === DNS Records === | ||
Firstly, you need to own a public domain name, then get your ISP to create two DNS records... | Firstly, you need to own a public domain name, then get your ISP to create two DNS records... | ||
| Line 7: | Line 11: | ||
# '''A record''' - Standard DNS record | # '''A record''' - Standard DNS record | ||
#* EG <code> mail.sandfordit.com [A] -> 158.25.34.124 </code> | #* EG <code> mail.sandfordit.com [A] -> 158.25.34.124 </code> | ||
#* <code> 158.25.34.124 </code> is the static IP address assigned by your ISP. You'll need to set-up a NAT on your router (often oddly called a virtual server in domestic routers) to map incoming mail on TCP 25 to your email server's actual address (EG <code> 158.25.34.124:25 -> 192.168.1.150:25 </code>. | #* <code> 158.25.34.124 </code> is the static IP address assigned by your ISP. You'll need to set-up a NAT on your router (often oddly called a virtual server in domestic routers) to map incoming mail on TCP 25 to your email server's actual address (EG <code> 158.25.34.124:25 -> 192.168.1.150:25 </code>). | ||
Note, instead of an A record you can use a CNAME record if you prefer, though obviously the CNAME record will still need to point to a valid A record. Using a CNAME might be preferable, if for example you've multiple services running from a single public IP, that you might want to split out in the future to run on separate IP's, at which point you can replace the CNAME records with A records. | Note, instead of an A record you can use a CNAME record if you prefer, though obviously the CNAME record will still need to point to a valid A record. Using a CNAME might be preferable, if for example you've multiple services running from a single public IP, that you might want to split out in the future to run on separate IP's, at which point you can replace the CNAME records with A records. | ||
| Line 195: | Line 199: | ||
# Exit Zimbra user and create copy of directory | # Exit Zimbra user and create copy of directory | ||
#* EG <code> cp -rp /opt/zimbra /home/simons/zimbra_backup_100301 </code> | #* EG <code> cp -rp /opt/zimbra /home/simons/zimbra_backup_100301 </code> | ||
# Once completed, go back to zimbra user and start | |||
#* <code> su - zimbra </code> | |||
#* <code> zmcontrol start </code> | |||
<br>'''More elaborate scripted version'''<br> | <br>'''More elaborate scripted version'''<br> | ||
| Line 211: | Line 218: | ||
To restore, see http://www.zimbra.com/forums/administrators/15275-solved-yet-another-backup-script-community-version-24.html | To restore, see http://www.zimbra.com/forums/administrators/15275-solved-yet-another-backup-script-community-version-24.html | ||
I've modified the above script, to suit my own purposes. I've added an FTP option so that completed backup's are copied off to a remote FTP server (the copy isn't encrypted so should only be used within a private/secure network - [[Zimbra FOSS Full Backup]] | |||
=== Upgrade === | === Upgrade === | ||
| Line 262: | Line 271: | ||
# Upload CSR to certificate authority | # Upload CSR to certificate authority | ||
# Install received keys via GUI and restart server | # Install received keys via GUI and restart server | ||
=== Migrate Commercial Certificate To New Server === | |||
This is essentially an updated version of the old procedure that can be found here - http://wiki.zimbra.com/wiki/Transfer_SSL_certificates_between_servers for ZCS v7. | |||
# On your old server make a copy of the SSL folder | |||
#* EG <code>cp -r /opt/zimbra/ssl /home/user/sslbk </code> | |||
# Delete any back folders from within your copy so that only a zimbra folder exists | |||
#* EG <code> rm -rf /home/user/sslbk/zimbra.* </code> | |||
# Compress the folder into a file | |||
#* EG <code>tar cvzf sslbk.tgz /sslbk/ </code> | |||
# Copy the file to your new server | |||
#* EG <code> pscp user@oldmail.domain.com:/home/user/sslbk.tgz c:\temp\sslbk.tgz </code> | |||
#* EG <code> pscp c:\temp\sslbk.tgz user@newmail.domain.com:/home/user/ </code> | |||
# Backup the SSL folder | |||
#* <code> mv /opt/zimbra/ssl/ /opt/zimbra/ssl_old </code> | |||
# Uncompress file copied from old server | |||
#* <code> tar -xvf /home/user/sslbk.tgz </code> | |||
# Copy the folder into place and rename | |||
#* <code> cp -r sslbk/ /opt/zimbra/ssl </code> | |||
#* <code> mv /opt/zimbra/sslbk/ /opt/zimbra/ssl </code> | |||
# Deploy the certificate | |||
#* EG <code> /opt/zimbra/bin/zmcertmgr deploycrt comm /home/user/sslbk/zimbra/commercial/commercial.crt /home/user/sslbk/zimbra/commercial/commercial_ca.crt | |||
# Restart Zimbra | |||
#* <code> su - zimbra </code> | |||
#* <code> zmcontrol restart </code> | |||
# If services don't start properly, force java to accept your certificate | |||
#* EG <code> /opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /sslbk/zimbra/commercial/commercial.crt </code> | |||
=== Change Hostname === | |||
This is based on the article found here - http://wiki.zimbra.com/wiki/ZmSetServerName. I've used this procedure for Zimbra v7 FOSS installations on Ubuntu 8 32-bit and 10 64-bit (LTS). | |||
This procedure requires downtime, and because zimbra services need to be up to complete the change, if you can stop new mail being received by the server (by disabling through a firewall for example) do so. If you have to fall back to your backup, any mail received during the backup will be lost. | |||
# Ensure that new DNS records are already set-up and working. | |||
#* EG <code> dig domain.com mx </code> | |||
# Create a backup of your entire installation (if running as a VMware VM, take a snapshot as well) | |||
## Stop Zimbra (as zimbra user) | |||
##* <code> zmcontrol stop </code> | |||
## Create copy (as root) | |||
##* <code> mkdir /backup/opt </code> | |||
##* <code> mkdir /backup/opt/zimbra </code> | |||
##* <code> cp -r /opt/zimbra/ /backup/opt/zimbra/ </code> | |||
## Start Zimbra (as zimbra user) | |||
##* <code> zmcontrol start </code> | |||
# Perform rename to Zimbra installation | |||
#* EG <code> /opt/zimbra/libexec/zmsetservername -n mailsvr.domain.com </code> | |||
# Perform rename to operating system | |||
## Update the following files | |||
##* <code> /etc/hosts </code> | |||
##* <code> /etc/hostname </code> | |||
## Set the hostname (not FQDN) | |||
##* <code> hostname <servername> </code> | |||
# Reboot the server | |||
#* <code> shutdown -r now </code> | |||
Once your server is back up, run through the following to check everything is in working order... | |||
# <code> zmcontrol status </code> | |||
# <code> zmprov gacf | grep oldhostname </code> | |||
# <code> zmprov gs `zmhostname` | grep oldhostname </code> | |||
# <code> zmlocalconfig | grep oldhostname </code> | |||
# Plus I'd tail the <code> /var/log/zombra.log </code> while sending and receiving a few test emails to make sure everything is running sweetly. | |||
Any probs, refer to the Zimbra doc at the start of this for things to investigate. | |||
=== Install Zimlet === | === Install Zimlet === | ||
| Line 297: | Line 369: | ||
** EG <code> zmmailbox -z -m simon gfrl </code> | ** EG <code> zmmailbox -z -m simon gfrl </code> | ||
=== Message | === Message Sizes === | ||
To see the current max IMAP request size... | |||
* <code> zmlocalconfig | grep -i imap_max_request_size </code> | |||
To increase the size, to say 20MB... | |||
* <code> zmlocalconfig -e imap_max_request_size=20480 </code> | |||
Its also worth being aware of the following settings, which are altered through the admin console... | |||
* In Global Settings | General Information... | |||
** Maximum size of an uploaded file for Briefcase, Email messages, Calendar appointments and Tasks (KB) | |||
*** <code> zimbraFileUploadMaxSize </code> | |||
* In Global Settings | MTA... | |||
** Maximum message size (KB) | |||
*** <code> zimbraMtaMaxMessageSize </code> | |||
And there's also an additional setting, <code> zimbraMailContentMaxSize</code>, which also appears to affect the maximum size of attachments. To see what you're set to currently use... | |||
* <code> zmprov getConfig zimbraMailContentMaxSize </code> | |||
and so update to say 20 MB, use... | |||
* <code> zmprov modifyConfig zimbraMailContentMaxSize 20480000 </code> | |||
== Troubleshooting == | |||
=== Account Export Incomplete === | |||
When trying to export an entire (or partial) account's data (either via the web or Zimbra clients, or through a <code>/zmmailbox -z -m "user@domain.com" getRestURL -o user.tgz "//?fmt=tgz"</code>), the export can occasionally be incomplete, this can be due to two reasons (maybe more)... | |||
* '''Large account / export time-out''' | |||
** If you've a large account, and/or a slow server, the export process can time out. | |||
** This is due to known bug - http://bugzilla.zimbra.com/show_bug.cgi?id=56458 | |||
*''' Invalid tags ''' | |||
** This is essentially down to some database corruption. | |||
** To confirm that its the issue, tail your <code>/opt/zimbra/log/mailbox.log</code> file when creating an export and look out for the following errors (tag 68 is the problem tag ID in this example) | |||
*** <code> Code:mail.NO_SUCH_TAG Arg:(itemId, IID, "68")</code> | |||
*** <code> java.io.IOException: data error: java.io.IOException: tag error: com.zimbra.cs.mailbox.MailServiceException$NoSuchItemException: no such tag: 68</code> | |||
** To resolve... | |||
**# Confirm that the account doesn't have the tag | |||
**#* <code> zmmailbox -z -m "user@domain.com" gat </code> | |||
**# Get the user to create enough dummy tags to reach the problem ID number | |||
**# Reattempt the export - it may fail again, but on a higher tag ID (repeat the above until it succeeds) | |||
**# Delete the dummy tags, and retest | |||
The above is based on info gleamed from http://www.zimbra.com/forums/administrators/48724-no_such_tag-while-exporting.html | |||
== Documentation Links == | == Documentation Links == | ||
* '''[http://wiki.zimbra.com/index.php?title=Working_with_Zimlets Zimlets]''' | * '''[http://wiki.zimbra.com/index.php?title=Working_with_Zimlets Zimlets]''' | ||
* '''[http://wiki.zimbra.com/wiki/Zimbra_Desktop_FAQ#How_to_install_spell_checker_dictionaries.3F Zimbra Client Dictionary Install]''' | * '''[http://wiki.zimbra.com/wiki/Zimbra_Desktop_FAQ#How_to_install_spell_checker_dictionaries.3F Zimbra Client Dictionary Install]''' | ||