停止服务器上现有的 MTA 服务
默认情况下,CentOS 7 将 Postfix 安装为 MTA(邮件传输代理)。
在继续安装 Zimbra Collaboartion Suite (ZCS) 之前,我们需要禁用它。
停止并禁用 postfix.service。
[root@zimbra-01 ~]# systemctl stop postfix.service [root@zimbra-01 ~]# systemctl disable postfix.service Removed symlink /etc/systemd/system/multi-user.target.wants/postfix.service. [root@zimbra-01 ~]# systemctl mask postfix.service Created symlink from /etc/systemd/system/postfix.service to /dev/null.
更多: zhilu jiaocheng
为 Zimbra 邮件服务器安装必备软件包
使用 yum 命令安装所需的软件包。
[root@zimbra-01 ~]# yum install -y libidn gmp perl perl-core ntpl nmap sudo sysstat sqlite libaio libstdc++ wget unzip
在 CentOS 7 上安装 Zimbra 邮件服务器
Zimbra Collaboration Suite 开源版可从 Zimbra 官方下载页面下载。
[root@zimbra-01 ~]# cd /tmp [root@zimbra-01 tmp]# wget https://files.zimbra.com/downloads/8.8.12_GA/zcs-8.8.12_GA_3794.RHEL7_64.20190329045002.tgz
提取下载的 TAR 文件。
[root@zimbra-01 tmp]# tar xvf zcs-8.8.12_GA_3794.RHEL7_64.20190329045002.tgz
转到 Zimbra Collaboration Suite 安装目录并开始安装。
[root@zimbra-01 tmp]# cd zcs-8.8.12_GA_3794.RHEL7_64.20190329045002/
[root@zimbra-01 zcs-8.8.12_GA_3794.RHEL7_64.20190329045002]# ./install.sh
Operations logged to /tmp/install.log.3sG1LbQb
...
Do you agree with the terms of the software license agreement? [N] Y
Use Zimbra's package repository [Y] Y
Importing Zimbra GPG key
Configuring package repository
...
Select the packages to install
Install zimbra-ldap [Y] Y
Install zimbra-logger [Y] Y
Install zimbra-mta [Y] Y
Install zimbra-dnscache [Y] N
Install zimbra-snmp [Y] Y
Install zimbra-store [Y] Y
Install zimbra-apache [Y] Y
Install zimbra-spell [Y] Y
Install zimbra-memcached [Y] Y
Install zimbra-proxy [Y] Y
Install zimbra-drive [Y] Y
Install zimbra-imapd (BETA - for evaluation only) [N] N
Install zimbra-chat [Y] Y
Checking required space for zimbra-core
Checking space for zimbra-store
Checking required packages for zimbra-store
zimbra-store package check complete.
Installing:
zimbra-core
zimbra-ldap
zimbra-logger
zimbra-mta
zimbra-snmp
zimbra-store
zimbra-apache
zimbra-spell
zimbra-memcached
zimbra-proxy
zimbra-drive
zimbra-patch
zimbra-mta-patch
zimbra-proxy-patch
zimbra-chat
The system will be modified. Continue? [N] Y
...
DNS ERROR resolving MX for zimbra-01.onitroad.com
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes] Yes
Create domain: [zimbra-01.onitroad.com] onitroad.com
MX: zimbra-01.onitroad.com (192.168.1.6)
Interface: 127.0.0.1
Interface: ::1
Interface: 192.168.1.6
done.
Checking for port conflicts
sh: netstat: command not found
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-snmp: Enabled
6) zimbra-store: Enabled
+Create Admin User: yes
+Admin user to create: admin@onitroad.com
*** +Admin Password UNSET
+Anti-virus quarantine user: virus-quarantine.kfw6kh_swc@onitroad.com
+Enable automated spam training: yes
+Spam training user: spam.7ohtsxbil@onitroad.com
+Non-spam(Ham) training user: ham.wbopzrgn@onitroad.com
+SMTP host: zimbra-01.onitroad.com
+Web server HTTP port: 8080
+Web server HTTPS port: 8443
+Web server mode: https
+IMAP server port: 7143
+IMAP server SSL port: 7993
+POP server port: 7110
+POP server SSL port: 7995
+Use spell check server: yes
+Spell server URL: http://zimbra-01.onitroad.com:7780/aspell.php
+Enable version update checks: TRUE
+Enable version update notifications: TRUE
+Version update notification email: admin@onitroad.com
+Version update source email: admin@onitroad.com
+Install mailstore (service webapp): yes
+Install UI (zimbra,zimbraAdmin webapps): yes
7) zimbra-spell: Enabled
8) zimbra-proxy: Enabled
9) Default Class of Service Configuration:
s) Save config to file
x) Expand menu
q) Quit
Address unconfigured (**) items (? - help)
可以看到,Zimbra邮件服务器没有设置Admin用户密码。
要设置 Zimbra 的管理员密码,请按 6 和 <ENTER>。
Address unconfigured (**) items (? - help) 6 Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@onitroad.com ** 4) Admin Password UNSET 5) Anti-virus quarantine user: virus-quarantine.kfw6kh_swc@onitroad.com 6) Enable automated spam training: yes 7) Spam training user: spam.7ohtsxbil@onitroad.com 8) Non-spam(Ham) training user: ham.wbopzrgn@onitroad.com 9) SMTP host: zimbra-01.onitroad.com 10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes 18) Spell server URL: http://zimbra-01.onitroad.com:7780/aspell.php 19) Enable version update checks: TRUE 20) Enable version update notifications: TRUE 21) Version update notification email: admin@onitroad.com 22) Version update source email: admin@onitroad.com 23) Install mailstore (service webapp): yes 24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r]
现在按 4 和 <ENTER>。
在密码提示处设置 Zimbra Admin 用户的新密码。
Select, or 'r' for previous menu [r] 4 Password for admin@onitroad.com (min 6 characters): [sICqjq5vZM] jackli1234 Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@onitroad.com 4) Admin Password set 5) Anti-virus quarantine user: virus-quarantine.kfw6kh_swc@onitroad.com 6) Enable automated spam training: yes 7) Spam training user: spam.7ohtsxbil@onitroad.com 8) Non-spam(Ham) training user: ham.wbopzrgn@onitroad.com 9) SMTP host: zimbra-01.onitroad.com 10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes 18) Spell server URL: http://zimbra-01.onitroad.com:7780/aspell.php 19) Enable version update checks: TRUE 20) Enable version update notifications: TRUE 21) Version update notification email: admin@onitroad.com 22) Version update source email: admin@onitroad.com 23) Install mailstore (service webapp): yes 24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r]
按 r 和 <ENTER> 返回上一级菜单。
Select, or 'r' for previous menu [r] r Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-snmp: Enabled 6) zimbra-store: Enabled 7) zimbra-spell: Enabled 8) zimbra-proxy: Enabled 9) Default Class of Service Configuration: s) Save config to file x) Expand menu q) Quit *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help)
按 a 和 <ENTER> 应用更改。
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.15688]
Saving config in /opt/zimbra/config.15688...done.
The system will be modified - continue? [No] Yes
Operations logged to /tmp/zmsetup.20190817-132218.log
Setting local config values...done.
Initializing core config...Setting up CA...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Creating SSL zimbra-store certificate...done.
Creating new zimbra-ldap SSL certificate...done.
Creating new zimbra-mta SSL certificate...done.
Creating new zimbra-proxy SSL certificate...done.
Installing mailboxd SSL certificates...done.
Installing MTA SSL certificates...done.
Installing LDAP SSL certificate...done.
Installing Proxy SSL certificate...done.
Initializing ldap...done.
Setting replication password...done.
Setting Postfix password...done.
Setting amavis password...done.
Setting nginx password...done.
Setting BES searcher password...done.
Creating server entry for zimbra-01.onitroad.com...done.
Setting Zimbra IP Mode...done.
Saving CA in ldap...done.
Saving SSL Certificate in ldap...done.
Setting spell check URL...done.
Setting service ports on zimbra-01.onitroad.com...done.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Checking current setting of zimbraReverseProxyAvailableLookupTargets
Querying LDAP for other mailstores
Searching LDAP for reverseProxyLookupTargets...done.
Adding zimbra-01.onitroad.com to zimbraReverseProxyAvailableLookupTargets
Updating zimbraLDAPSchemaVersion to version '1537783098'
Setting TimeZone Preference...done.
Disabling strict server name enforcement on zimbra-01.onitroad.com...done.
Initializing mta config...done.
Setting services on zimbra-01.onitroad.com...done.
Adding zimbra-01.onitroad.com to zimbraMailHostPool in default COS...done.
Creating domain onitroad.com...done.
Setting default domain name...done.
Creating domain onitroad.com...already exists.
Creating admin account admin@onitroad.com...done.
Creating root alias...done.
Creating postmaster alias...done.
Creating user spam.7ohtsxbil@onitroad.com...done.
Creating user ham.wbopzrgn@onitroad.com...done.
Creating user virus-quarantine.kfw6kh_swc@onitroad.com...done.
Setting spam training and Anti-virus quarantine accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for zimbra-01.onitroad.com...done.
Configuring SNMP...done.
Setting up syslog.conf...done.
Starting servers...done.
...
Restarting mailboxd...done.
Creating galsync account for default domain...done.
You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Server.
The only information that will be transmitted is:
The VERSION of zcs installed (8.8.12_GA_3794_RHEL7_64)
The ADMIN EMAIL ADDRESS created (admin@onitroad.com)
Notify Zimbra of your installation? [Yes] No
Notifying Zimbra of installation via http://www.zimbra.com/cgi-bin/notify.cgi?VER=8.8.12_GA_3794_RHEL7_64&MAIL=admin@onitroad.com
ERROR: Notification failed
Checking if the NG started running...done.
Setting up zimbra crontab...done.
Moving /tmp/zmsetup.20190817-132218.log to /opt/zimbra/log
Configuration complete - press return to exit
Zimbra Collaboration Suite 已安装在我们的 CentOS 7 服务器上。
验证 Zimbra 邮件服务器的 DNS 设置
以 root 用户身份使用 ssh 连接 zimbra-01.onitroad.com。
在配置私有邮件服务器之前,必须有一个权威 DNS 服务器。
此 DNS 服务器需要回答 MX(邮件交换)查询,因此应将电子邮件重定向到我们的 Zimbra 邮件服务器。
如果我们有 DNS 服务器,则可以其中添加 MX 和 zimbra-01.onitroad.com 的 A 记录。
为了验证我们是否为 Zimbra 邮件服务器正确配置了 DNS 设置,我们可以使用 dig 命令。
[root@zimbra-01 ~]# dig -t MX onitroad.com ; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.2 <<>> -t MX onitroad.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65089 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;onitroad.com. IN MX ;; ANSWER SECTION: onitroad.com. 3600 IN MX 0 zimbra-01.onitroad.com. ;; AUTHORITY SECTION: onitroad.com. 3600 IN NS dns-01.onitroad.com. ;; ADDITIONAL SECTION: zimbra-01.onitroad.com. 3600 IN A 192.168.1.6 ;; Query time: 1 msec ;; SERVER: 192.168.1.6#53(192.168.1.6) ;; WHEN: Mon Aug 12 18:02:16 PKT 2019 ;; MSG SIZE rcvd: 96
从上面的输出中,我们可以看到,我们的 Zimbra 邮件服务器的 MX 和 A 记录已正确定义。
除了 DNS 设置之外,我们还需要将其包含在我们的本地 DNS 解析器中。
[root@zimbra-01 ~]# echo "192.168.1.6 zimbra-01.onitroad.com zimbra-01" >> /etc/hosts
Zimbra 协作套件 (ZCS) 是一个协作软件套件,包括带有 Web 客户端的邮件和聊天服务器。
Zimbra 有两个版本,一个是 Zimbra 网络版(商业版),另一个是 Zimbra 开源版(社区支持版)。
在本文中,我们将在 CentOS 7 上安装 Zimbra 邮件服务器。
要配置 Zimbra 邮件服务器,我们将安装 Zimbra Collaboration Suite 软件,然后我们将配置 Zimbra 邮件服务器。
我们还将使用 Zimbra Collaboration Suite (ZCS) 配置 XMPP 聊天服务器。
Zimbra Collaboration Suite (ZCS) 是一个大型软件,具有许多特性和功能。
Zimbra 协作套件 - 安装后配置
Zimbra Collaboration Suite 使用禁用密码创建操作系统用户 zimbra。
Zimbra Collaborative Suite 使用 ssh 密钥与该用户连接。
因此,我们需要如下配置 ssh 密钥。
[root@zimbra-01 ~]# sudo -u zimbra -i [zimbra@zimbra-01 ~]$ zmupdateauthkeys Updating keys for zimbra-01.onitroad.com Fetching key for zimbra-01.onitroad.com Updating keys for zimbra-01.onitroad.com Updating /opt/zimbra/.ssh/authorized_keys
为了在管理控制台上显示服务器统计信息,必须按如下方式修改 syslog 配置文件。
以 root 用户身份连接并执行以下命令。
[root@zimbra-01 ~]# /opt/zimbra/libexec/zmsyslogsetup updateSyslog: Updating /etc/rsyslog.conf...done.
启用使用 ClamAV 防病毒软件自动扫描电子邮件附件。
[root@zimbra-01 ~]# su - zimbra [zimbra@zimbra-01 ~]$ zmprov mcf zimbraAttachmentsScanURL clam://localhost:3310/ [zimbra@zimbra-01 ~]$ zmprov mcf zimbraAttachmentsScanEnabled TRUE
在 Linux 防火墙中允许 Zimbra 管理面板的服务端口。
[root@zimbra-01 ~]# firewall-cmd --permanent --add-port=7071/tcp success [root@zimbra-01 ~]# firewall-cmd --reload success
在客户端浏览器中打开 URL https://zimbra-01.onitroad.com:7071/。
注意:由于自签名 SSL 证书,浏览器会显示警告,我们必须忽略它才能继续,或者我们可以让网络中的 CA(证书颁发机构)对 SSL 证书进行数字签名。
使用管理员用户凭据登录。
我们现在位于 Zimbra 管理面板的仪表板,此处提供了许多选项。
我们可以自行探索。
我们现在在这里添加一个电子邮件帐户。
单击添加帐户。
添加有关电子邮件用户帐户的信息,然后单击完成。
再次在 Zimbra 管理控制台的仪表板上,单击注销。
在 Linux 防火墙中允许 Zimbra Web 邮件服务端口。
[root@zimbra-01 ~]# firewall-cmd --permanent --add-service=https success [root@zimbra-01 ~]# firewall-cmd --reload success
使用客户端浏览器打开 URL https://zimbra-01.onitroad.com。
使用新创建的电子邮件用户登录。
我们已经以 jackli 用户登录。
同样,我们可以为我们的用户配置基于桌面的电子邮件客户端,如 Outlook、Thunderbird 等。
但是,在此之前,我们需要在 CentOS 7 服务器的防火墙中允许相关服务。
[root@zimbra-01 ~]# firewall-cmd --permanent --add-service={pop3,pop3s,imap,imaps,smtp,smtps}
success
[root@zimbra-01 ~]# firewall-cmd --reload
success
同样,要配置 XMPP 聊天客户端,我们必须在 Linux 防火墙中允许 XMPP 服务端口。
[root@zimbra-01 ~]# firewall-cmd --add-service=xmpp-client success [root@zimbra-01 ~]# firewall-cmd --reload success
我们已成功安装 Zimbra Collaboration Suite 以在 CentOS 7 上配置邮件和聊天服务器。
日期:2020-09-17 00:16:42 来源:oir作者:oir