[Zimbra] Zimbra 9 OSE by ZeXtras x CentOS 8 x Cloudflare
發表於 : 2021-01-18, 16:31
參考網站:https://imanudin.net/2020/07/19/how-to- ... -centos-8/
系統更新
快速設定script下載及執行(建議自行設定)
/etc/hosts, hostname, create local DNS using BIND and install dependencies
下載及安裝Zimbra by ZeXtras
官網:https://www.zextras.com/download-Zimbra-9/
type Y if asked license agreement and repository package
Select the packages to install. I do not install zimbra-imapd and zimbra-dnscache
Type Y if asked The system will be modified. Continue?
if get a message like follows, enter or type Yes and change the domain name
設定
Type 6 then press the enter key to change the password of the admin account. Type 4 then press the enter key. Insert the password you want
After inserting the password, Select, or ‘r’ for previous menu. If all has been configured, apply configuration and wait until Zimbra is finished installing.
檢查設定
relay設定
PMG
轉送連接埠 25
轉送網域 cystar.cf
外部SMTP 25
內部SMTP 26
傳輸
轉送網域cystar.cf
主機 192.168.1.xxx
網路 192.168.1.0/24
Zimbra
設定->伺服器->mail.cystar.cf->MTA
網路:
外部轉送MTA 192.168.1.xxx:26(PMG IP)
外部回復MTA 192.168.1.xxx:26(PMG IP)
信任網路:127.0.0.0/8 192.168.1.0/24
DNS(Cloudflare)
mail A紀錄不要使用proxy
Firewall
開放Port 7025 25
其他注意事項
設定IP反解
設定MX SPF紀錄
檢查其他造成垃圾信評分過高因素並排除
防火牆設定
參考資料:http://woshub.com/get-started-firewalld-linux-centos/
https://wiki.zimbra.com/wiki/Firewall_Configuration
建立服務群組
複製已存在xml並重新命名
修改zimbra.xml
允許服務通過防火牆
systemctl --zone=public --add-service=zimbra --permanent
systemctl --reload
系統更新
代碼: 選擇全部
yum install epel-release -y
yum update -y
yum upgrade -y代碼: 選擇全部
yum install wget -y/etc/hosts, hostname, create local DNS using BIND and install dependencies
代碼: 選擇全部
wget -c https://raw.githubusercontent.com/imanudin11/zimbra-auto-install/master/setup-zimbra-cento8.sh
chmod +x setup-zimbra-cento8.sh
./setup-zimbra-cento8.sh代碼: 選擇全部
[INFO] : Configuring /etc/hosts
Hostname. Example mail : mail
Domain name. Example imanudin.net : cystar.cf
IP Address : 192.168.1.xxx官網:https://www.zextras.com/download-Zimbra-9/
代碼: 選擇全部
cd /opt/
wget -c https://download.zextras.com/zcs-9.0.0_OSE_RHEL8_latest-zextras.tgz
tar -zxvf zcs-9.0.0_OSE_RHEL8_latest-zextras.tgz
cd zimbra-installer
./install.sh代碼: 選擇全部
Do you agree with the terms of the software license agreement? [N] Y
Use Zimbra's package repository [Y] Y代碼: 選擇全部
Install zimbra-ldap [Y] Y
Install zimbra-logger [Y] Y
Install zimbra-mta [Y] Y
Install zimbra-dnscache [Y] N
Install zimbra-snmp [Y] Y
Install zimbra-store [Y] Y
Install zimbra-apache [Y] Y
Install zimbra-spell [Y] Y
Install zimbra-memcached [Y] Y
Install zimbra-proxy [Y] Y
Install zimbra-drive [Y] Y
Install zimbra-imapd (BETA - for evaluation only) [N] N
Install zimbra-chat [Y] Yif get a message like follows, enter or type Yes and change the domain name
代碼: 選擇全部
DNS ERROR resolving MX for mail.cystar.cf
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes] Yes
Create domain: [mail.cystar.cf] cystar.cfType 6 then press the enter key to change the password of the admin account. Type 4 then press the enter key. Insert the password you want
代碼: 選擇全部
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-store: Enabled
+Create Admin User: yes
+Admin user to create: [email protected]
******* +Admin Password UNSET
+Anti-virus quarantine user: [email protected]
.....
.....
Address unconfigured (**) items (? - help) 6
Store configuration
1) Status: Enabled
2) Create Admin User: yes
3) Admin user to create: [email protected]
** 4) Admin Password UNSET
5) Anti-virus quarantine user: [email protected]
....
....
Select, or 'r' for previous menu [r] 4
Password for [email protected] (min 6 characters): [_47SUjFEQ] VeryS3cret代碼: 選擇全部
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes] Yes
Save config in file: [/opt/zimbra/config.5731]
Saving config in /opt/zimbra/config.5731...done.
The system will be modified - continue? [No] Yes
Operations logged to /tmp/zmsetup.20200501-161152.log代碼: 選擇全部
su - zimbra -c "zmcontrol status"
su - zimbra -c "zmcontrol -v"PMG
轉送連接埠 25
轉送網域 cystar.cf
外部SMTP 25
內部SMTP 26
傳輸
轉送網域cystar.cf
主機 192.168.1.xxx
網路 192.168.1.0/24
Zimbra
設定->伺服器->mail.cystar.cf->MTA
網路:
外部轉送MTA 192.168.1.xxx:26(PMG IP)
外部回復MTA 192.168.1.xxx:26(PMG IP)
信任網路:127.0.0.0/8 192.168.1.0/24
DNS(Cloudflare)
mail A紀錄不要使用proxy
Firewall
開放Port 7025 25
其他注意事項
設定IP反解
設定MX SPF紀錄
檢查其他造成垃圾信評分過高因素並排除
防火牆設定
參考資料:http://woshub.com/get-started-firewalld-linux-centos/
https://wiki.zimbra.com/wiki/Firewall_Configuration
建立服務群組
複製已存在xml並重新命名
代碼: 選擇全部
cp /usr/lib/firewalld/services/smtp.xml /etc/firewalld/services
mv smtp.xml zimbra.xml代碼: 選擇全部
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>zimbra</short>
<description>*描述 可略*</description>
<!-- 請依需求及模組開啟需要的port -->
<port protocol="tcp" port="25"/>
<port protocol="tcp" port="26"/>
<port protocol="tcp" port="80"/>
<port protocol="tcp" port="110"/>
<port protocol="tcp" port="143"/>
<port protocol="tcp" port="389"/>
<port protocol="tcp" port="443"/>
<port protocol="tcp" port="465"/>
<port protocol="tcp" port="587"/>
<port protocol="tcp" port="993"/>
<port protocol="tcp" port="995"/>
<port protocol="tcp" port="3443"/>
<port protocol="tcp" port="5222"/>
<port protocol="tcp" port="5223"/>
<port protocol="tcp" port="7071"/>
<port protocol="tcp" port="7025"/>
<port protocol="tcp" port="9071"/>
</service>systemctl --zone=public --add-service=zimbra --permanent
systemctl --reload