系統更新
代碼: 選擇全部
yum install epel-release -y
yum update -y
yum upgrade -y代碼: 選擇全部
yum install wget -y/etc/hosts, hostname, create local DNS using BIND and install dependencies
代碼: 選擇全部
wget -c https://raw.githubusercontent.com/imanudin11/zimbra-auto-install/master/setup-zimbra-cento8.sh
chmod +x setup-zimbra-cento8.sh
./setup-zimbra-cento8.sh代碼: 選擇全部
[INFO] : Configuring /etc/hosts
Hostname. Example mail : mail
Domain name. Example imanudin.net : cystar.cf
IP Address : 192.168.1.xxx官網:https://www.zextras.com/download-Zimbra-9/
代碼: 選擇全部
cd /opt/
wget -c https://download.zextras.com/zcs-9.0.0_OSE_RHEL8_latest-zextras.tgz
tar -zxvf zcs-9.0.0_OSE_RHEL8_latest-zextras.tgz
cd zimbra-installer
./install.sh代碼: 選擇全部
Do you agree with the terms of the software license agreement? [N] Y
Use Zimbra's package repository [Y] Y代碼: 選擇全部
Install zimbra-ldap [Y] Y
Install zimbra-logger [Y] Y
Install zimbra-mta [Y] Y
Install zimbra-dnscache [Y] N
Install zimbra-snmp [Y] Y
Install zimbra-store [Y] Y
Install zimbra-apache [Y] Y
Install zimbra-spell [Y] Y
Install zimbra-memcached [Y] Y
Install zimbra-proxy [Y] Y
Install zimbra-drive [Y] Y
Install zimbra-imapd (BETA - for evaluation only) [N] N
Install zimbra-chat [Y] Yif get a message like follows, enter or type Yes and change the domain name
代碼: 選擇全部
DNS ERROR resolving MX for mail.cystar.cf
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes] Yes
Create domain: [mail.cystar.cf] cystar.cfType 6 then press the enter key to change the password of the admin account. Type 4 then press the enter key. Insert the password you want
代碼: 選擇全部
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-store: Enabled
+Create Admin User: yes
+Admin user to create: [email protected]
******* +Admin Password UNSET
+Anti-virus quarantine user: [email protected]
.....
.....
Address unconfigured (**) items (? - help) 6
Store configuration
1) Status: Enabled
2) Create Admin User: yes
3) Admin user to create: [email protected]
** 4) Admin Password UNSET
5) Anti-virus quarantine user: [email protected]
....
....
Select, or 'r' for previous menu [r] 4
Password for [email protected] (min 6 characters): [_47SUjFEQ] VeryS3cret代碼: 選擇全部
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes] Yes
Save config in file: [/opt/zimbra/config.5731]
Saving config in /opt/zimbra/config.5731...done.
The system will be modified - continue? [No] Yes
Operations logged to /tmp/zmsetup.20200501-161152.log代碼: 選擇全部
su - zimbra -c "zmcontrol status"
su - zimbra -c "zmcontrol -v"PMG
轉送連接埠 25
轉送網域 cystar.cf
外部SMTP 25
內部SMTP 26
傳輸
轉送網域cystar.cf
主機 192.168.1.xxx
網路 192.168.1.0/24
Zimbra
設定->伺服器->mail.cystar.cf->MTA
網路:
外部轉送MTA 192.168.1.xxx:26(PMG IP)
外部回復MTA 192.168.1.xxx:26(PMG IP)
信任網路:127.0.0.0/8 192.168.1.0/24
DNS(Cloudflare)
mail A紀錄不要使用proxy
Firewall
開放Port 7025 25
其他注意事項
設定IP反解
設定MX SPF紀錄
檢查其他造成垃圾信評分過高因素並排除
防火牆設定
參考資料:http://woshub.com/get-started-firewalld-linux-centos/
https://wiki.zimbra.com/wiki/Firewall_Configuration
建立服務群組
複製已存在xml並重新命名
代碼: 選擇全部
cp /usr/lib/firewalld/services/smtp.xml /etc/firewalld/services
mv smtp.xml zimbra.xml代碼: 選擇全部
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>zimbra</short>
<description>*描述 可略*</description>
<!-- 請依需求及模組開啟需要的port -->
<port protocol="tcp" port="25"/>
<port protocol="tcp" port="26"/>
<port protocol="tcp" port="80"/>
<port protocol="tcp" port="110"/>
<port protocol="tcp" port="143"/>
<port protocol="tcp" port="389"/>
<port protocol="tcp" port="443"/>
<port protocol="tcp" port="465"/>
<port protocol="tcp" port="587"/>
<port protocol="tcp" port="993"/>
<port protocol="tcp" port="995"/>
<port protocol="tcp" port="3443"/>
<port protocol="tcp" port="5222"/>
<port protocol="tcp" port="5223"/>
<port protocol="tcp" port="7071"/>
<port protocol="tcp" port="7025"/>
<port protocol="tcp" port="9071"/>
</service>systemctl --zone=public --add-service=zimbra --permanent
systemctl --reload