Category Archives: Zimbra

Zimbra Operating How to

Zimbra Operating How to
Quote; Zimbra is open source server and client software for messaging and collaboration – email, group calendaring, contacts, and web document management and authoring. The Zimbra server is available for Linux, Mac OS X, appliances, and virtualization platforms. The Zimbra Web 2.0 Ajax client runs on Firefox, Safari, and IE, and features easy integration / mash-ups of web portals, business applications, and VoIP using web services.
http://www.zimbra.com

—————————- OVERVIEW —————————-
zimbra resides in the /opt/zimbra directory, this directory can be migrated between servers as long as the architecture is the same (32bit vs 64bit)

Required Ports
Remote Queue Manager 22
Postifix 25
HTTP 80
POP3 110
IMAP 143
LDAP 389
HTTPS 443
Mailbox IMAP 993
Mailbox POP SSL 995
Mailbox LMTP 7025

—————————- INSTALLATION —————————-
./install.sh installs the zimbra
./install.sh -u uninstalls zimbra
./install.sh -s reinstalls the configuration files but does not touch the data

configuration file /opt/zimbra/config.xxxxx contains all passwords and needs to be backed up for disaster recovery and /opt/zimbra/conf/ localconfig.xml

—————————- UPGRADE PROCEDURE —————————-
1. become zimbra user – sudo bash followed by su – zimbra
2. backup, GUI or command line – zmbackup –a all –t /tmp/ -s mail.domain.com
3. check the status of the backup – tail /opt/zimbra/log/mailbox.log
4. check zimbra services – zmcontrol status
5. stop zimbra services – zmcontrol stop
6. check for any hanging processes – ps waux | grep zimbra
7. kill any processes that were not stopped – kill -9 procID
(any leftover processes that were not stopped with “zmcontrol stop” command should be investigated as they can possibly indicate more serious issues)
8. run installer – ./install.sh
9. check logs – tail /opt/zimbra/log/mailbox.log
10. backup, GUI or command line – zmbackup –a all –t /tmp/ -s mail.domain.com
11. check the status of the backup – tail /opt/zimbra/log/mailbox.log

—————————- BACKUP and RESTORE —————————-
BACKUP
zmschedulebackup – command to schedule backups
/etc/crontab – has a list of all zimbra crons

zmbackupquery – lists all backups, status of the backup
tail /opt/zimbra/log/mailbox.log – to check the log for the backup
zmbackup -f -a all -s mail.domain.com – (-f full, -a account, -s server); this will perform a full backup on all domains on server domain.com

RESTORE
In disaster recovery restore LDAP info first

zmbackupquery – to find out the label
zmrestore -lb labelhere -a // <![CDATA[

var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy68589 = 'admin' + '@' + 'domain' + '.' + 'com';
document.write( '' );
document.write( addy68589 );
document.write( '' );
// ]]>
admin@domain.com This email address is being protected from spam bots, you need Javascript enabled to view it -ca -pre restored_
(this will restore the admin mailbox with a new name, restored_ // <![CDATA[

var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy68589 = 'admin' + '@' + 'domain' + '.' + 'com';
document.write( '' );
document.write( addy68589 );
document.write( '' );
// ]]>
admin@domain.com This email address is being protected from spam bots, you need Javascript enabled to view it )

ldap password – less /opt/zimbra/config.7835
reset ldap password –
> zmcontrol start
> zmldappasswd -r newpass
> zmldappasswd newpass

—————————- USEFUL COMMANDS —————————-
most of commands are issued as a zimbra user,

zmdumpenv -p – to find out all information about the server
zmlicense -p – to see the license

zmzimletctl listzimlets all – lists all zimlets

zmprov sp // <![CDATA[

var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy68589 = 'admin' + '@' + 'domain' + '.' + 'com';
document.write( '' );
document.write( addy68589 );
document.write( '' );
// ]]>
admin@domain.com This email address is being protected from spam bots, you need Javascript enabled to view it password – reset admin password
zmprov ca – create account
zmprov aaa – addaccount alias
zmprov -h – help
cd /opt/zimbra/libexec/ ./zmfixperms – fix permissions
(su –root, chown -R zimbra:zimbra /opt/zimbra, cd /opt/zimbra/libexec, ./zmfixperms)

—————————- LOGS —————————-
/opt/zimbra/conf/log4j.properties.in – change level of logging

/opt/zimbra/logger/db/data/mail.domain.com.err – logger
/var/log/zimbra.log – Mail delivery, Postfix
/opt/zimbra/log/audit.log – logs connection and SOAP requests
/opt/zimbra/log/clamd.log – checks if messages are deferred (not delivered)
/opt/zimbra/log/freshclam.log – clam av log
/opt/zimbra/log/httpd_access.log – log for aspell only
/opt/zimbra/log/mailbox.log – MAIN LOG; mailbox delivery and storage, socket connection, jettylog, jabber
/opt/zimbra/log/zmmailboxd.out – java log file

—————————- TROUBLESHOOTING —————————-
Slowness reasons
– Postfix queue backup
– MySQL slowquerries (myslow.log)
– Process CPU utilization
– Client responsive time by protocol
– Disk utilities
– Database connections – poll latency
– Cache hitrates
– Database connections in use
– InnoDB buffer pool hit rate
– JVM heap activity
– Thread dump

Charts
zmstat-chart -s /opt/zimbra/zmstat/2008-03-16/ -d /tmp/charts/

Commands
Iostat
sar

—————————- Customizing —————————-
exhaustive how to:

http://files.zimbra.com/docs/skins/index.html

1. location of static logos
/opt/zimbra/jetty/webapps/zimbra/skins/_base/logos
2. Customizing login page:
/opt/zimbra/jetty/webapps/zimbra/WEB-INF/classes/messages/ZmMsg.properties
set the following:
clientLoginNotice = Service provided by <a target=”_new” href=”http://www.domain.com”>domain Inc</a>
splashScreenCopyright =
zimbraLoginTitle = Log In
zimbraLoginMetaDesc = domain.com
3. favicon.ico
/opt/zimbra/jetty/webapps/zimbra/img/logo/favicon.ico
/opt/zimbra/jetty/webapps/zimbraAdmin/img/logo/favicon.ico

—————————- MISC —————————-
1. cat /opt/zimbra/log/audit.log | grep “authentication failed” | wc -l
(for brute force attacks, possibly setup a cron job and have it mailed)
2. any script that has an extension .init (/opt/zimbra/libexec) will reinstall the service – Use it with caution

Zimbra CLI Commands

 
Check consistency of appointments and attendees in the Zimbra calendar
Start, stop, status of the Zimbra servers. Also can use to find the Zimbra version installed.
Start, stop, the conversion server or find the status of the converted attachments conversion/indexing
Start, stop, reload, or find the status of the mailbox components (mailboxd, MySQL, convert)
Performs all provisioning tasks in Zimbra LDAP, including creating accounts, domains, distribution lists and aliases
Ability to write Python scripts that access Zimbra Java libraries. It sets the ZCS class path and starts the Jython interpreter.
Outputs an XML configuration that describes the current state of the data gathered from zmstat-chart to generate charts on the administration console.
Start, stop, or find the status of the Swatch process, which is used in monitoring
Set the Web server mode to the communication protocol options: HTTP, HTTPS or mixed
Provides mechanism to process timezone changes from the command line
If you use non-ASCII characters in the CLI, in order for the characters to display correctly, you must change this setting to the desired UTF-8 before running the CLI command. To change this, type
Important: The default locale on the zimbra user system account is LANG=C. This setting is necessary for starting ZCS services. Changing the default LANG=C setting may cause performance issues with amavisd-new and the IM services may fail to start.
 

Recipient address rejected: unverified address: Address verification in progress

Pada zimbra fasilitas ini di pergunakan untuk mengecek apakah email valid atau tidak dan pada saat verifikasi apabila lebih dari 6 detik maka akan muncul pesan seperti ini "Recipient address rejected: unverified address: Address verification in progress"  ini tidak berarti benar – benar di reject tetapi masih dalam progress dan untuk memastikanya mesti dlihat pada log  /var/log/mail.info atau sesuai settingan zimbra anda.

Untuk memastikan email address valid atau tidak bisa melalui web semisal = http://network-tools.com/

Add white list user in zimbra

Today my user complain because he can'not send email fromnetwork in their  apartment, after check the log i found

Helo command rejected: need fully-qualified hostname

For easy way I just add to the white list in:

 /opt/zimbra/conf/salocal.cf.in

whitelist_from *@yahoo.net

And restart the services

zmmtactl restart && zmamavisdctl restart
 

Done

UnInstalling Zimbra on Linux

Uninstall Directions for Linux/All Other Operating Systems

As root:
1) Run the commands:
su – zimbra
zmcontrol stop
exit
(you should be root after you run exit)

2a) Run the command: ps -ef | grep -i zimbra
If you see running processes
2b) Kill any lingering processes: kill -9 <pid>

3a) Run the command: df
If you see "amavisd"
3b) run command: umount /opt/zimbra/amavisd<-new-blah>/tmp

4) cd /<tmp_tar_install_dir>/zcs/

5) Run the command: ./install.sh -u

6) Run the following commands to complete the unistall:
rm -rf /opt/zimbra
rm -rf /var/log/*zimbra*
rm -rf /tmp/*zimbra*
rm -rf /tmp/hsperfdata*
rm -rf /tmp/install.*
rm -rf /tmp/*swatch*
rm -rf /tmp/log*

Ensure that you removed ALL the files owned by the user zimbra AND that contain the name "zimbra" in:
/var/log/
/tmp/

7) Run the following commands to delete the users and groups:
userdel zimbra
userdel postfix
groupdel zimbra
groupdel postfix

8) Remove the line "/dev/shm /opt/zimbra/amavisd-new-2.4.1/tmp tmpfs defaults,users,size=150m,mode=777 0 0" from /etc/fstab.

9) Remove the Zimbra logging lines below from /etc/syslog.conf:
local0.* -/var/log/zimbra.log
auth.* -/var/log/zimbra.log
mail.* -/var/log/zimbra.log

10) Remove logrotate config file for Zimbra (CentOS, RHEL)
rm -f /etc/logrotate.d/zimbra

11) Remove the Zimbra lines below from /etc/prelink.conf (CentOS, RHEL)
# added for Zimbra
-l /opt/zimbra/lib
-l /opt/zimbra/sleepycat/lib
-l /opt/zimbra/openldap/lib
-l /opt/zimbra/cyrus-sasl/lib
-l /opt/zimbra/mysql/lib

12) Remove Zimbra entries in /etc/rc* (CentOS, RHEL)
chkconfig –del zimbra
 


Other methods:(assuming you didn't already try the above)
(dijichi2) if you get stuck and really want to just purge it from the system, try:
rpm -e `rpm -qa |grep zimbra`
rm -rf /opt/zimbra
delete zimbra entries from /etc/sudoers
delete zimbra entries from root and zimbra crontabs


On Ubuntu servers dpkg may think that Zimbra is still installed. Check by running dpkg –list (-l) or dpkg -q zimbra* and see if zimbra items are still listed. You can remove them by running:
dpkg –remove zimbra-apache zimbra-ldap zimbra-mta zimbra-spell zimbra-core zimbra-logger zimbra-snmp zimbra-store or

sudo rm -r /opt/zimbra

sources

Error zimbra (Failed to start slapd)

zmcontrol start
Host mail.mydomain.com
Starting ldap…Done.
FAILED
Failed to start slapd. Attempting debug start to determine error.
daemon: bind(7) failed errno=99 (Cannot assign requested address)
slap_open_listener: failed on ldap://mail.mydomain.com:389

Today I find this error in my server, i need few hour to get solved the problem.

The problem is hardisk space full.

Check mailbox overquota “zimbra admin”

Untuk melihat user email yang over quota dari webadmin zimbra bisa di lakukan dengan pertama login ke halaman admin seperti biasa dan selanjutnya melihat ke menu:

  1. Server Status
  2. Monitoring
  3. Server Statistics
  4. Mailbox Quota

 

 

Untuk melihat gambar lebih jelas silahkan di klick image di atas.

Change password zimbra user using zmprov

zmprovToday I was so sad cause the internet connection from home is too late, and when my user mail need help to change the password I have difficulties to access the administrator page from web. And I try to change the password directly from the server command. Ciayooo that is easy to do it…

Login to server as # root , than do su zimbra and follow the command below :

Create one account with a password that is assigned to the default COS:
zmprov ca name@domain.com password
Create one account with a password that is assigned to a specified COS. You must know the COS ID number. To find a COS ID, type gc <COSname>.:
zmprov ca name@domain.com <password> zimbraCOSid <cosIDnumberstring>
Create one account when the password is not authenticated internally:
zmprov ca name@domain.com
Change the administrator’s password. Use this command to change any password. Enter the address of the password to be changed:
zmprov sp admin@domain.com password
To list all COSs and their attribute values:
zmprov gac -v
To list all COSs and their attribute values:
zmprov gaa domain.com
To list all user accounts and their configurations:
zmprov gaa -v domain.com

sources