1、环境
网络:飞塔防火墙用于端口映射
系统:Centos7
ip地址:10.10.104.130(这里用的是本地服务器)
域名:mail.zimbra.com(我这里用的是阿里域名)
2、配置主机名(主机名和邮箱域名相同)
hostnamectl set-hostname mail.zimbra.com
echo "10.10.104.130 mail.zimbra.com" >> /etc/hosts
3、运行以下命令,禁用SELinux,然后停止SELinux运行:
setenforce 0
编辑SELinux配置文件,服务器重启之后仍然会保持禁用状态:
vi /etc/selinux/config
SELINUX=enforced
修改为:SELINUX=disabled
4、安装和更新zimbra所需要的包和库
yum -y install perl perl-core nmap sudo libidn gmp libaio libstdc++ unzip sysstat sqlite nc
yum -y update
5、关闭安装的MTA服务
systemctl stop postfix.service
systemctl disable postfix.service
6、设置阿里域名解析
阿里云域名解析配置
7、下载并解压zimbra(官网地址:https://www.zimbra.com/downloads/)
wget https://files.zimbra.com/downloads/8.6.0_GA/zcs-8.6.0_GA_1153.RHEL7_64.20141215151110.tgz
tar -zxvf zcs-8.6.0_GA_1153.RHEL7_64.20141215151110
mv zcs-8.6.0_GA_1153.RHEL7_64.20141215151110 /usr/local/zimbra
8、安装zimbra
cd /usr/local/zimbra
./install.sh --platform-override
Operations logged to /tmp/install.log.2744
Checking for existing installation...
zimbra-ldap...NOT FOUND
zimbra-logger...NOT FOUND
zimbra-mta...NOT FOUND
zimbra-dnscache...NOT FOUND
zimbra-snmp...NOT FOUND
zimbra-store...NOT FOUND
zimbra-apache...NOT FOUND
zimbra-spell...NOT FOUND
zimbra-convertd...NOT FOUND
zimbra-memcached...NOT FOUND
zimbra-proxy...NOT FOUND
zimbra-archiving...NOT FOUND
zimbra-core...NOT FOUND
PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.
License Terms for the Zimbra Collaboration Suite:
http://www.zimbra.com/license/zimbra-public-eula-2-5.html
Do you agree with the terms of the software license agreement? [N] y
Checking for prerequisites...
FOUND: NPTL
FOUND: nmap-ncat-6.40-7
FOUND: sudo-1.8.6p7-17
FOUND: libidn-1.28-4
FOUND: gmp-6.0.0-12
FOUND: libaio-0.3.109-13
FOUND: libstdc++-4.8.5-4
FOUND: unzip-6.0-15
FOUND: perl-core-5.16.3-286
Checking for suggested prerequisites...
FOUND: perl-5.16.3
FOUND: sysstat
FOUND: sqlite
Prerequisite check complete.
Checking for installable packages
Found zimbra-core
Found zimbra-ldap
Found zimbra-logger
Found zimbra-mta
Found zimbra-dnscache
Found zimbra-snmp
Found zimbra-store
Found zimbra-apache
Found zimbra-spell
Found zimbra-memcached
Found zimbra-proxy
Select the packages to install
Install zimbra-ldap [Y]
Install zimbra-logger [Y]
Install zimbra-mta [Y]
Install zimbra-dnscache [Y] n
Install zimbra-snmp [Y]
Install zimbra-store [Y]
Install zimbra-apache [Y]
Install zimbra-spell [Y]
Install zimbra-memcached [Y]
Install zimbra-proxy [Y]
Checking required space for zimbra-core
Checking space for zimbra-store
Checking required packages for zimbra-store
zimbra-store package check complete.
Installing:
zimbra-core
zimbra-ldap
zimbra-logger
zimbra-mta
zimbra-snmp
zimbra-store
zimbra-apache
zimbra-spell
zimbra-memcached
zimbra-proxy
The system will be modified. Continue? [N] y
Removing /opt/zimbra
Removing zimbra crontab entry...done.
Cleaning up zimbra init scripts...done.
Cleaning up /etc/ld.so.conf...done.
Cleaning up /etc/logrotate.d/zimbra...done.
Cleaning up /etc/security/limits.conf...done.
Finished removing Zimbra Collaboration Server.
Installing packages
zimbra-core......zimbra-core-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-ldap......zimbra-ldap-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-logger......zimbra-logger-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-mta......zimbra-mta-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-snmp......zimbra-snmp-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-store......zimbra-store-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-apache......zimbra-apache-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-spell......zimbra-spell-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-memcached......zimbra-memcached-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
zimbra-proxy......zimbra-proxy-8.6.0_GA_1153.RHEL7_64-20141215151110.x86_64.rpm...done
Operations logged to /tmp/zmsetup04082016-205457.log
Installing LDAP configuration database...done.
Setting defaults...
DNS ERROR resolving MX for mail.zimbra.com
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes]
Create domain: [mail.zimbra.com] zimbra.com **//输入域名后缀(如:mail.csdn.net就输入csdn.net)**
MX: mail.zimbra.com(XXX.XX.XXX.XXX) **//括号为公网ip**
Interface: 127.0.0.1
Interface: ::1
Interface: 10.10.104.130
done.
Checking for port conflicts
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-store: Enabled
+Create Admin User: yes
+Admin user to create: admin@zimbra.com
******* +Admin Password UNSET
+Anti-virus quarantine user: virus-quarantine.vhwa2pqsa7@zimbra.com
+Enable automated spam training: yes
+Spam training user: spam.jqlkpspj@zimbra.com
+Non-spam(Ham) training user: ham.jztdgrii_b@zimbra.com
+SMTP host: email.zimbra.com
+Web server HTTP port: 8080
+Web server HTTPS port: 8443
+Web server mode: https
+IMAP server port: 7143
+IMAP server SSL port: 7993
+POP server port: 7110
+POP server SSL port: 7995
+Use spell check server: yes
+Spell server URL: http://mail.zimbra.com:7780/aspell.php
+Enable version update checks: TRUE
+Enable version update notifications: TRUE
+Version update notification email: admin@zimbra.com
+Version update source email: admin@zimbra.com
+Install mailstore (service webapp): yes
+Install UI (zimbra,zimbraAdmin webapps): yes
7) zimbra-spell: Enabled
8) zimbra-proxy: Enabled
9) Default Class of Service Configuration:
s) Save config to file
x) Expand menu
q) Quit
Address unconfigured (**) items (? - help) 6 **//邮件服务器基本配置,这里我们只设置管理员密码**
Store configuration
1) Status: Enabled
2) Create Admin User: yes
3) Admin user to create: admin@zimbra.com
** 4) Admin Password UNSET
5) Anti-virus quarantine user: virus-quarantine.vhwa2pqsa7@zimbra.com
6) Enable automated spam training: yes
7) Spam training user: spam.jqlkpspj@zimbra.com
8) Non-spam(Ham) training user: ham.jztdgrii_b@zimbra.com
9) SMTP host: email.zimbra.com
10) Web server HTTP port: 8080
11) Web server HTTPS port: 8443
12) Web server mode: https
13) IMAP server port: 7143
14) IMAP server SSL port: 7993
15) POP server port: 7110
16) POP server SSL port: 7995
17) Use spell check server: yes
18) Spell server URL: http://mail.zimbra.com:7780/aspell.php
19) Enable version update checks: TRUE
20) Enable version update notifications: TRUE
21) Version update notification email: admin@zimbra.com
22) Version update source email: admin@zimbra.com
23) Install mailstore (service webapp): yes
24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] 4 **//管理员密码配置**
Password for admin@zimbra.com (min 6 characters): [5okG5xTdX] 123456
Store configuration
1) Status: Enabled
2) Create Admin User: yes
3) Admin user to create: admin@zimbra.com
4) Admin Password set
5) Anti-virus quarantine user: virus-quarantine.vhwa2pqsa7@zimbra.com
6) Enable automated spam training: yes
7) Spam training user: spam.jqlkpspj@zimbra.com
8) Non-spam(Ham) training user: ham.jztdgrii_b@zimbra.com
9) SMTP host: admin@zimbra.com
10) Web server HTTP port: 8080
11) Web server HTTPS port: 8443
12) Web server mode: https
13) IMAP server port: 7143
14) IMAP server SSL port: 7993
15) POP server port: 7110
16) POP server SSL port: 7995
17) Use spell check server: yes
18) Spell server URL: http://admin@zimbra.com :7780/aspell.php
19) Enable version update checks: TRUE
20) Enable version update notifications: TRUE
21) Version update notification email: admin@zimbra.com
22) Version update source email: admin@zimbra.com
23) Install mailstore (service webapp): yes
24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] r
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-store: Enabled
7) zimbra-spell: Enabled
8) zimbra-proxy: Enabled
9) Default Class of Service Configuration:
s) Save config to file
x) Expand menu
q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.11982]
Saving config in /opt/zimbra/config.11982...done.
The system will be modified - continue? [No] yes
Operations logged to /tmp/zmsetup04082016-205457.log
Setting local config values...done.
Initializing core config...Setting up CA...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Creating SSL zimbra-store certificate...done.
Creating new zimbra-ldap SSL certificate...done.
Creating new zimbra-mta SSL certificate...done.
Creating new zimbra-proxy SSL certificate...done.
Installing mailboxd SSL certificates...done.
Installing MTA SSL certificates...done.
Installing LDAP SSL certificate...done.
Installing Proxy SSL certificate...done.
Initializing ldap...done.
Setting replication password...done.
Setting Postfix password...done.
Setting amavis password...done.
Setting nginx password...done.
Setting BES searcher password...done.
Creating server entry for mail.zimbra.com...done.
Setting Zimbra IP Mode...done.
Saving CA in ldap ...done.
Saving SSL Certificate in ldap ...done.
Setting spell check URL...done.
Setting service ports on mail.zimbra.com...done.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Setting TimeZone Preference...done.
Initializing mta config...done.
Setting services on mail.zimbra.com...done.
Adding mail.zimbra.com to zimbraMailHostPool in default COS...done.
Creating domain zimbra.com...done.
Setting default domain name...done.
Creating domain zimbra.com...already exists.
Creating admin account admin@zimbra.com...done.
Creating root alias...done.
Creating postmaster alias...done.
Creating user spam.jqlkpspj@zimbra.com...done.
Creating user ham.jztdgrii_b@zimbra.com...done.
Creating user virus-quarantine.vhwa2pqsa7@zimbra.com...done.
Setting spam training and Anti-virus quarantine accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail.zimbra.com...done.
Configuring SNMP...done.
Setting up syslog.conf...done.
Starting servers...done.
Installing common zimlets...
com_zimbra_adminversioncheck...done.
com_zimbra_attachcontacts...done.
com_zimbra_attachmail...done.
com_zimbra_bulkprovision...done.
com_zimbra_cert_manager...done.
com_zimbra_clientuploader...done.
com_zimbra_date...done.
com_zimbra_email...done.
com_zimbra_mailarchive...done.
com_zimbra_phone...done.
com_zimbra_proxy_config...done.
com_zimbra_srchhighlighter...done.
com_zimbra_tooltip...done.
com_zimbra_url...done.
com_zimbra_viewmail...done.
com_zimbra_webex...done.
com_zimbra_ymemoticons...done.
Finished installing common zimlets.
Restarting mailboxd...done.
Creating galsync account for default domain...done.
You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Server.
The only information that will be transmitted is:
The VERSION of zcs installed (8.6.0_GA_1153_RHEL7_64)
The ADMIN EMAIL ADDRESS created (admin@zimbra.com)
Notify Zimbra of your installation? [Yes] no
Notification skipped
Setting up zimbra crontab...done.
Moving /tmp/zmsetup04082016-205457.log to /opt/zimbra/log
Configuration complete - press return to exit
重要:接下来移除文件 /etc/resolv.conf 第一行的 nameserver 127.0.0.1 然后reboot重启系统。
9、启动之后查看服务运行状态:
[root@mail ~]# su - zimbra <--切换到zimbra用户下
Last login: Thu Nov 28 21:30:21 CST 2019 on pts/0
[zimbra@mail ~]$
[zimbra@mail ~]$ zmcontrol status <--查看zimbra服务运行状态
Host mail.chenxie.net
amavis Running
antispam Running
antivirus Running
dnscache Running
imapd Running
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
10、公网邮件收发和账号登录配置
系统管理员:https://10.10.104.130:7071
客户端:https://10.10.104.130
11、配置SMTP认证
zimbra邮件系统安装完成后开启的是TLS认证功能,没有开始postfix的SMTP认证功能。open relay对公网上所有的用户开放,意味着垃圾邮件制造者可以使用我们的邮件服务器做中转站达到发送垃圾邮件的目的,我们的邮件服务器有可能会被反垃圾邮件联盟组织列入黑名单,导致互联网上的邮件服务器拒收我们的邮件,因此我们需要关闭服务器的open relay功能,启用SMTP认证,只给通过认证的用户进行邮件的转发。
测试服务器是否开始SMTP认证,在CMD命令行执行telnet 命令 如下:
[zimbra@mail root]$ telnet 10.10.104.130 25
Connecting to 10.10.104.130:25...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]' .
220 zimbra.net ESMTP Postfix
ehlo zimbra.com
250-zimbra.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit221 2.0.0 Bye
12.防火墙或者路由做端口映射(NAT)配置
在以上命令结果中,没有看到任何有关AUTH认证的参数,表明服务器是没有开启SMTP认证功能的。
开启smtp认证功能
zmprov modifyServer mail.zimbra.net zimbraMtaTlsAuthOnly FALSE
zmcontrol restart
批量添加用户
zmprov createAccount 邮箱@域名 密码 displayName ‘用户名’ (建议用英文名)
zmprov createAccount mary@zimbra.com admin123 displayName 'Mary'
zmprov createAccount tom@zimbra.com admin123 displayName 'Tom'