Category Archives: Zimbra

Try again: Unable to connect to the MTA

Saat kemaren saya setting email zimbra setelah usai install dan test server saya mendapatkan error Try again: Unable to connect to the MTA.

Setelah melakukan penelusuran hingga larut malam saya putuskan tidur dulu karena badan dah lemah gemulai. Dan setelah bangun pagi , saya lanjutkan dan ternyata masalahnya domainya tidak bisa query ke dns server, di karenakan di dns server saya pasang firewall config server sebagai aplikasi tambahan untuk cpanel.

Solusinya adalah ip server email saya whitelest dari config server setelah itu saya coba send email dan berjalan lancar.

Zimbra Operating How to

Zimbra Operating How to
Quote; Zimbra is open source server and client software for messaging and collaboration – email, group calendaring, contacts, and web document management and authoring. The Zimbra server is available for Linux, Mac OS X, appliances, and virtualization platforms. The Zimbra Web 2.0 Ajax client runs on Firefox, Safari, and IE, and features easy integration / mash-ups of web portals, business applications, and VoIP using web services.
http://www.zimbra.com

—————————- OVERVIEW —————————-
zimbra resides in the /opt/zimbra directory, this directory can be migrated between servers as long as the architecture is the same (32bit vs 64bit)

Required Ports
Remote Queue Manager 22
Postifix 25
HTTP 80
POP3 110
IMAP 143
LDAP 389
HTTPS 443
Mailbox IMAP 993
Mailbox POP SSL 995
Mailbox LMTP 7025

—————————- INSTALLATION —————————-
./install.sh installs the zimbra
./install.sh -u uninstalls zimbra
./install.sh -s reinstalls the configuration files but does not touch the data

configuration file /opt/zimbra/config.xxxxx contains all passwords and needs to be backed up for disaster recovery and /opt/zimbra/conf/ localconfig.xml

—————————- UPGRADE PROCEDURE —————————-
1. become zimbra user – sudo bash followed by su – zimbra
2. backup, GUI or command line – zmbackup –a all –t /tmp/ -s mail.domain.com
3. check the status of the backup – tail /opt/zimbra/log/mailbox.log
4. check zimbra services – zmcontrol status
5. stop zimbra services – zmcontrol stop
6. check for any hanging processes – ps waux | grep zimbra
7. kill any processes that were not stopped – kill -9 procID
(any leftover processes that were not stopped with “zmcontrol stop” command should be investigated as they can possibly indicate more serious issues)
8. run installer – ./install.sh
9. check logs – tail /opt/zimbra/log/mailbox.log
10. backup, GUI or command line – zmbackup –a all –t /tmp/ -s mail.domain.com
11. check the status of the backup – tail /opt/zimbra/log/mailbox.log

—————————- BACKUP and RESTORE —————————-
BACKUP
zmschedulebackup – command to schedule backups
/etc/crontab – has a list of all zimbra crons

zmbackupquery – lists all backups, status of the backup
tail /opt/zimbra/log/mailbox.log – to check the log for the backup
zmbackup -f -a all -s mail.domain.com – (-f full, -a account, -s server); this will perform a full backup on all domains on server domain.com

RESTORE
In disaster recovery restore LDAP info first

zmbackupquery – to find out the label
zmrestore -lb labelhere -a // <![CDATA[

var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy68589 = 'admin' + '@' + 'domain' + '.' + 'com';
document.write( '' );
document.write( addy68589 );
document.write( '' );
// ]]>
admin@domain.com This email address is being protected from spam bots, you need Javascript enabled to view it -ca -pre restored_
(this will restore the admin mailbox with a new name, restored_ // <![CDATA[

var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy68589 = 'admin' + '@' + 'domain' + '.' + 'com';
document.write( '' );
document.write( addy68589 );
document.write( '' );
// ]]>
admin@domain.com This email address is being protected from spam bots, you need Javascript enabled to view it )

ldap password – less /opt/zimbra/config.7835
reset ldap password –
> zmcontrol start
> zmldappasswd -r newpass
> zmldappasswd newpass

—————————- USEFUL COMMANDS —————————-
most of commands are issued as a zimbra user,

zmdumpenv -p – to find out all information about the server
zmlicense -p – to see the license

zmzimletctl listzimlets all – lists all zimlets

zmprov sp // <![CDATA[

var prefix = 'ma' + 'il' + 'to';
var path = 'hr' + 'ef' + '=';
var addy68589 = 'admin' + '@' + 'domain' + '.' + 'com';
document.write( '' );
document.write( addy68589 );
document.write( '' );
// ]]>
admin@domain.com This email address is being protected from spam bots, you need Javascript enabled to view it password – reset admin password
zmprov ca – create account
zmprov aaa – addaccount alias
zmprov -h – help
cd /opt/zimbra/libexec/ ./zmfixperms – fix permissions
(su –root, chown -R zimbra:zimbra /opt/zimbra, cd /opt/zimbra/libexec, ./zmfixperms)

—————————- LOGS —————————-
/opt/zimbra/conf/log4j.properties.in – change level of logging

/opt/zimbra/logger/db/data/mail.domain.com.err – logger
/var/log/zimbra.log – Mail delivery, Postfix
/opt/zimbra/log/audit.log – logs connection and SOAP requests
/opt/zimbra/log/clamd.log – checks if messages are deferred (not delivered)
/opt/zimbra/log/freshclam.log – clam av log
/opt/zimbra/log/httpd_access.log – log for aspell only
/opt/zimbra/log/mailbox.log – MAIN LOG; mailbox delivery and storage, socket connection, jettylog, jabber
/opt/zimbra/log/zmmailboxd.out – java log file

—————————- TROUBLESHOOTING —————————-
Slowness reasons
– Postfix queue backup
– MySQL slowquerries (myslow.log)
– Process CPU utilization
– Client responsive time by protocol
– Disk utilities
– Database connections – poll latency
– Cache hitrates
– Database connections in use
– InnoDB buffer pool hit rate
– JVM heap activity
– Thread dump

Charts
zmstat-chart -s /opt/zimbra/zmstat/2008-03-16/ -d /tmp/charts/

Commands
Iostat
sar

—————————- Customizing —————————-
exhaustive how to:

http://files.zimbra.com/docs/skins/index.html

1. location of static logos
/opt/zimbra/jetty/webapps/zimbra/skins/_base/logos
2. Customizing login page:
/opt/zimbra/jetty/webapps/zimbra/WEB-INF/classes/messages/ZmMsg.properties
set the following:
clientLoginNotice = Service provided by <a target=”_new” href=”http://www.domain.com”>domain Inc</a>
splashScreenCopyright =
zimbraLoginTitle = Log In
zimbraLoginMetaDesc = domain.com
3. favicon.ico
/opt/zimbra/jetty/webapps/zimbra/img/logo/favicon.ico
/opt/zimbra/jetty/webapps/zimbraAdmin/img/logo/favicon.ico

—————————- MISC —————————-
1. cat /opt/zimbra/log/audit.log | grep “authentication failed” | wc -l
(for brute force attacks, possibly setup a cron job and have it mailed)
2. any script that has an extension .init (/opt/zimbra/libexec) will reinstall the service – Use it with caution

Zimbra CLI Commands

 
Check consistency of appointments and attendees in the Zimbra calendar
Start, stop, status of the Zimbra servers. Also can use to find the Zimbra version installed.
Start, stop, the conversion server or find the status of the converted attachments conversion/indexing
Start, stop, reload, or find the status of the mailbox components (mailboxd, MySQL, convert)
Performs all provisioning tasks in Zimbra LDAP, including creating accounts, domains, distribution lists and aliases
Ability to write Python scripts that access Zimbra Java libraries. It sets the ZCS class path and starts the Jython interpreter.
Outputs an XML configuration that describes the current state of the data gathered from zmstat-chart to generate charts on the administration console.
Start, stop, or find the status of the Swatch process, which is used in monitoring
Set the Web server mode to the communication protocol options: HTTP, HTTPS or mixed
Provides mechanism to process timezone changes from the command line
If you use non-ASCII characters in the CLI, in order for the characters to display correctly, you must change this setting to the desired UTF-8 before running the CLI command. To change this, type
Important: The default locale on the zimbra user system account is LANG=C. This setting is necessary for starting ZCS services. Changing the default LANG=C setting may cause performance issues with amavisd-new and the IM services may fail to start.