centos6.8安装并配置zimbra
一、对域名设置MX记录
二、安装准备
1、关闭selinux
vi /etc/selinux/config
SELINUX=disabled
2、iptables防火墙端口设置
# iptables -I INPUT -s 0.0.0.0/0 -p udp --dport 11211 -j DROP
iptables -I INPUT -s zabbix服务器IP地址 -p tcp --dport 10050 -j ACCEPT
iptables -I INPUT -s 公司出网IP -p tcp --dport 9800 -j ACCEPT
iptables -I INPUT -s 公司出网IP -p tcp --dport 7071 -j ACCEPT
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 25 -j ACCEPT
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 465 -j ACCEPT
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 587 -j ACCEPT
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 993 -j ACCEPT
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 995 -j ACCEPT
有其他端口需要加入,请根据所需加入防火墙
3、关闭postfix服务,避免25端口被占用
# service postfix stop
# chkconfig postfix off
4、配置主机名
# vi /etc/sysconfig/network
HOSTNAME=mail.uglyliu.com
5、配置hosts
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 #::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.16.50.95 mail.uglyliu.com mail
6、空间要求
Zimbra会安装到/opt目录,请确保/opt目录有至少5G的可用容量
7、系统参数配置
vi /etc/sysctl.conf
net.ipv4.tcp_tw_recycle = 1
三、安装zimbra
前面域名和服务器配置好了的话,执行./install.sh脚本顺利的话,5分钟安装完,然后就可以使用https://mail.uglyliu.com访问邮件服务器了
yum -y install nc libaio unzip tar xf zcs-8.8.6_GA_1906.RHEL7_64.20171130041047.tgz cd zcs-8.8.6_GA_1906.RHEL7_64.20171130041047 && ./install.sh [root@mail zcs-8.6.0_GA_1153.RHEL6_64.20141215151155]# ./install.sh Operations logged to /tmp/install.log.1575 Checking for existing installation... zimbra-ldap...NOT FOUND zimbra-logger...NOT FOUND zimbra-mta...NOT FOUND zimbra-dnscache...NOT FOUND zimbra-snmp...NOT FOUND zimbra-store...NOT FOUND zimbra-apache...NOT FOUND zimbra-spell...NOT FOUND zimbra-convertd...NOT FOUND zimbra-memcached...NOT FOUND zimbra-proxy...NOT FOUND zimbra-archiving...NOT FOUND zimbra-core...NOT FOUND PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE. ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT. License Terms for the Zimbra Collaboration Suite: http://www.zimbra.com/license/zimbra-public-eula-2-5.html Do you agree with the terms of the software license agreement? [N] y Checking for prerequisites... FOUND: NPTL FOUND: nc-1.84-22 FOUND: sudo-1.8.6p3-15 FOUND: libidn-1.18-2 FOUND: gmp-4.3.1-7 FOUND: libaio-0.3.107-10 FOUND: libstdc++-4.4.7-11 FOUND: unzip-6.0-2 Checking for suggested prerequisites... FOUND: perl-5.10.1 FOUND: sysstat FOUND: sqlite Prerequisite check complete. Checking for installable packages Found zimbra-core Found zimbra-ldap Found zimbra-logger Found zimbra-mta Found zimbra-dnscache Found zimbra-snmp Found zimbra-store Found zimbra-apache Found zimbra-spell Found zimbra-memcached Found zimbra-proxy Select the packages to install Install zimbra-ldap [Y] y Install zimbra-logger [Y] y Install zimbra-mta [Y] y Install zimbra-dnscache [Y] n Install zimbra-snmp [Y] y Install zimbra-store [Y] y Install zimbra-apache [Y] y Install zimbra-spell [Y] y Install zimbra-memcached [Y] y Install zimbra-proxy [Y] y Checking required space for zimbra-core Checking space for zimbra-store Checking required packages for zimbra-store zimbra-store package check complete. Installing: zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-dnscache zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-memcached zimbra-proxy The system will be modified. Continue? [N] y Removing /opt/zimbra Removing zimbra crontab entry...done. Cleaning up zimbra init scripts...done. Cleaning up /etc/ld.so.conf...done. Cleaning up /etc/security/limits.conf...done. Finished removing Zimbra Collaboration Server. Installing packages zimbra-core......zimbra-core-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-ldap......zimbra-ldap-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-logger......zimbra-logger-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-mta......zimbra-mta-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-dnscache......zimbra-dnscache-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-snmp......zimbra-snmp-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-store......zimbra-store-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-apache......zimbra-apache-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-spell......zimbra-spell-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-memcached......zimbra-memcached-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done zimbra-proxy......zimbra-proxy-8.6.0_GA_1153.RHEL6_64-20141215151155.x86_64.rpm...done Operations logged to /tmp/zmsetup07282015-135443.log Installing LDAP configuration database...done. Setting defaults... DNS ERROR resolving MX for mail.uglyliu.com It is suggested that the domain name have an MX record configured in DNS Change domain name? [Yes] yes Create domain: [mail.uglyliu.com] uglyliu.com MX: mail.corp.net (172.16.50.95) Interface: 172.16.50.95 Interface: 127.0.0.1 Interface: ::1 done. Checking for port conflicts Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-dnscache: Enabled 6) zimbra-snmp: Enabled 7) zimbra-store: Enabled +Create Admin User: yes +Admin user to create: admin@corp.net ******* +Admin Password UNSET +Anti-virus quarantine user: virus-quarantine.zjw4edgp@corp.net +Enable automated spam training: yes +Spam training user: spam.esltmqcu@corp.net +Non-spam(Ham) training user: ham.tjpi5o5qf@corp.net +SMTP host: mail.uglyliu.com +Web server HTTP port: 8080 +Web server HTTPS port: 8443 +Web server mode: https +IMAP server port: 7143 +IMAP server SSL port: 7993 +POP server port: 7110 +POP server SSL port: 7995 +Use spell check server: yes +Spell server URL: http://mail.uglyliu.com:7780/aspell.php +Enable version update checks: TRUE +Enable version update notifications: TRUE +Version update notification email: admin@corp.net +Version update source email: admin@corp.net +Install mailstore (service webapp): yes +Install UI (zimbra,zimbraAdmin webapps): yes 8) zimbra-spell: Enabled 9) zimbra-proxy: Enabled 10) Default Class of Service Configuration: s) Save config to file x) Expand menu q) Quit Address unconfigured (**) items (? - help) 7 Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@corp.net ** 4) Admin Password UNSET 5) Anti-virus quarantine user: virus-quarantine.zjw4edgp@corp.net 6) Enable automated spam training: yes 7) Spam training user: spam.esltmqcu@corp.net 8) Non-spam(Ham) training user: ham.tjpi5o5qf@corp.net 9) SMTP host: mail.corp.net 10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes 18) Spell server URL: http://mail.corp.net:7780/aspell.php 19) Enable version update checks: TRUE 20) Enable version update notifications: TRUE 21) Version update notification email: admin@corp.net 22) Version update source email: admin@corp.net 23) Install mailstore (service webapp): yes 24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r] 4 Password for admin@corp.net (min 6 characters): [RxKIO9HeN] admin123 //设置管理员admin的密码 Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@corp.net 4) Admin Password set 5) Anti-virus quarantine user: virus-quarantine.zjw4edgp@corp.net 6) Enable automated spam training: yes 7) Spam training user: spam.esltmqcu@corp.net 8) Non-spam(Ham) training user: ham.tjpi5o5qf@corp.net 9) SMTP host: mail.corp.net 10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes 18) Spell server URL: http://mail.corp.net:7780/aspell.php 19) Enable version update checks: TRUE 20) Enable version update notifications: TRUE 21) Version update notification email: admin@corp.net 22) Version update source email: admin@corp.net 23) Install mailstore (service webapp): yes 24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r] r Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-dnscache: Enabled 6) zimbra-snmp: Enabled 7) zimbra-store: Enabled 8) zimbra-spell: Enabled 9) zimbra-proxy: Enabled 10) Default Class of Service Configuration: s) Save config to file x) Expand menu q) Quit *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) a Save configuration data to a file? [Yes] yes Save config in file: [/opt/zimbra/config.11407] Saving config in /opt/zimbra/config.11407...done. The system will be modified - continue? [No] yes Operations logged to /tmp/zmsetup07282015-135443.log Setting local config values...done. Initializing core config...Setting up CA...done. Deploying CA to /opt/zimbra/conf/ca ...done. Creating SSL zimbra-store certificate...done. Creating new zimbra-ldap SSL certificate...done. Creating new zimbra-mta SSL certificate...done. Creating new zimbra-proxy SSL certificate...done. Installing mailboxd SSL certificates...done. Installing MTA SSL certificates...done. Installing LDAP SSL certificate...done. Installing Proxy SSL certificate...done. Initializing ldap...done. Setting replication password...done. Setting Postfix password...done. Setting amavis password...done. Setting nginx password...done. Setting BES searcher password...done. Creating server entry for mail.corp.net...done. Setting Zimbra IP Mode...done. Saving CA in ldap ...done. Saving SSL Certificate in ldap ...done. Setting spell check URL...done. Setting service ports on mail.corp.net...done. Setting zimbraFeatureTasksEnabled=TRUE...done. Setting zimbraFeatureBriefcasesEnabled=TRUE...done. Setting Master DNS IP address(es)...done. Setting DNS cache tcp lookup preference...done. Setting DNS cache udp lookup preference...done. Setting DNS tcp upstream preference...done. Setting TimeZone Preference...done. Initializing mta config...done. Setting services on mail.corp.net...done. Adding mail.corp.net to zimbraMailHostPool in default COS...done. Creating domain corp.net...done. Setting default domain name...done. Creating domain corp.net...already exists. Creating admin account admin@corp.net...done. Creating root alias...done. Creating postmaster alias...done. Creating user spam.esltmqcu@corp.net...done. Creating user ham.tjpi5o5qf@corp.net...done. Creating user virus-quarantine.zjw4edgp@corp.net...done. Setting spam training and Anti-virus quarantine accounts...done. Initializing store sql database...done. Setting zimbraSmtpHostname for mail.corp.net...done. Configuring SNMP...done. Setting up syslog.conf...done. Starting servers...done. Installing common zimlets... com_zimbra_webex...done. com_zimbra_phone...done. com_zimbra_ymemoticons...done. com_zimbra_attachcontacts...done. com_zimbra_clientuploader...done. com_zimbra_linkedinimage...done. com_zimbra_proxy_config...done. com_zimbra_tooltip...done. com_zimbra_viewmail...done. com_zimbra_attachmail...done. com_zimbra_mailarchive...done. com_zimbra_adminversioncheck...done. com_zimbra_cert_manager...done. com_zimbra_date...done. com_zimbra_bulkprovision...done. com_zimbra_url...done. com_zimbra_email...done. com_zimbra_srchhighlighter...done. Finished installing common zimlets. Restarting mailboxd...done. Creating galsync account for default domain...done. You have the option of notifying Zimbra of your installation. This helps us to track the uptake of the Zimbra Collaboration Server. The only information that will be transmitted is: The VERSION of zcs installed (8.6.0_GA_1153_RHEL6_64) The ADMIN EMAIL ADDRESS created (admin@corp.net) Notify Zimbra of your installation? [Yes] No Setting up zimbra crontab...done. Moving /tmp/zmsetup07282015-135443.log to /opt/zimbra/log Configuration complete - press return to exit [root@mail zcs-8.6.0_GA_1153.RHEL6_64.20141215151155]#
四、zimbra基本命令
# su – zimbra 1. 启动zimbra zmcontrol start 2. 停止zimbra zmcontrol stop 3. 查看zimbra服务状态 zmcontrol status 4. 列出所有用户: [zimbra@mail ~]$ zmprov -l gaa 5. 列出指定用户详细信息: [zimbra@mail ~]$ zmprov -l ga liuhuihuang@uglyliu.com 6. 列出所有的邮件组列表: [zimbra@mail ~]$ zmprov gadl 7. 导出某个邮件组的所有成员列表: [zimbra@mail ~]$ zmprov gdlm groupname@uglyliu.com 或 [zimbra@mail ~]$ zmprov gdl groupname@uglyliu.com | grep zimbraMailForwardingAddress: | awk {'print $2'} 8. 忘记admin管理员密码重置: [zimbra@mail ~]$ zmprov sp admin@uglyliu.com 123456 9. 创建邮件组 [zimbra@mail~]$ zmprov cdl groupname@uglyliu.com 10. 给某个邮件组加用户: [zimbra@mail ~]$ zmprov adlm groupname@uglyliu.com liuhuihuang@uglyliu.com 11. 从某个邮件组中移除用户: [zimbra@mail ~]$ zmprov rdlm groupname@uglyliu.com liuhuihuang@uglyliu.com
#默认情况下(即只创建群组,并添加用户,没有用zmprov授权),所有用户都可以向该域名下创建的所有群组发邮件,明确授权某些用户可以发邮件之后,其它用户将不能向该群组发邮件
#为了使用授权命令,需要启用Milter Server
启用方法:管理控制台----> 全局设定 -----> MTA ------> Milter Server启用
1.授权user1,user4用户向group1@uglyliu.com发邮件
zmprov grr dl group1@uglyliu.com usr user1@uglyliu.com sendToDistList
zmprov grr dl group1@uglyliu.com usr user4@uglyliu.com sendToDistList
2.取消user1向群组group1@zijan.com发邮件权限
zmprov rvr dl group1@uglyliu.com usr user1@uglyliu.com sendToDistList
注意:授权向群组发邮件的用户与该用户在不在改群组中没有关系
3.查看某个群组的授权用户
zmprov gg -t dl 邮件组地址