Skip to content

Latest commit

 

History

History
485 lines (380 loc) · 16.6 KB

installconfig.adoc

File metadata and controls

485 lines (380 loc) · 16.6 KB
Raw

Menu-Driven Configuration

The default configuration installs {product-short}-LDAP, {product-short}-MTA with anti-virus and anti-spam protection, the {product-short} mailbox server, SNMP monitoring tools (optional), {product-short}-spell (optional), the logger tool (optional), and the {product-short} proxy on one server.

The menu driven installation displays the components and their existing default values. You can modify the information during the installation process. The table below describes the menu options.

Main Menu options

Server Configured Menu Item Description

Main Menu

All

Common Configuration

Select the sub-menu for Common Configuration Options

zimbra-ldap

Select the sub-menu for Ldap configuration

zimbra-logger

Toggle whether zimbra-logger is enabled or not.

zimbra-mta

Select the sub-menu for Mta configuration. Postfix is the open source mail transfer agent (MTA) that receives email via SMTP and routes each message to the appropriate Zimbra mailbox server using Local Mail Transfer Protocol (LMTP). The Zimbra MTA also includes the anti-virus and anti-spam components.

zimbra-dnscache

Select the sub-menu for DNS Cache. Intended primarily on MTAs for optimized DNS and RBL lookups. Can also be installed on mailstores and proxy servers.

zimbra-snmp

Select the sub-menu for Snmp configuration. Installing the Zimbra-SNMP package is optional. If you choose to install Zimbra-SNMP for monitoring, the package should be run on every server (Zimbra server, Zimbra LDAP, Zimbra MTA) that is part of the Zimbra configuration. Zimbra uses swatch to watch the syslog output to generate SNMP traps.

zimbra-store

Select the sub-menu for Store configuration

zimbra-spell

Toggle whether zimbra-spell is enabled or not.

zimbra-proxy

Select the sub-menu for Proxy configuration

zimbra-connect

Installing the Zimbra-Connect package is optional. If you choose to install Zimbra-Connect for point-to-point text chat, it should be installed on every Zimbra Store Server that is part of the Zimbra configuration.

zimbra-drive

Installing the Zimbra-Drive package is optional. If you choose to install Zimbra-Drive for file sync-and-share, it should be installed on every Zimbra Store Server that is part of the Zimbra configuration. Please bear in mind you will need a third party server running ownCloud or Nextcloud.

Default Class of Service Configuration

This menu section lists major new features for the {product-name} release and whether the feature is enabled or not. When you change the feature setting during {product-name} installation, you change the default COS settings. Having this control, lets you decide when to introduce new features to your users.

s) Save config to file

At any time during the installation, you can save the configuration to file.

c) Collapse menu

Allows you to collapse the menu.

x) Expand menu

Expand menus to see the underlying options

q) Quit

Quit can be used at any time to quit the installation.

Common Configuration Options

The packages installed in common configuration include libraries, utilities, monitoring tools, and basic configuration files under Zimbra Core.

Server Configured Menu Item Description

Common Configuration - These are common settings for all servers

All

Hostname

The host name configured in the operating system installation

LDAP master host

The LDAP host name. On a single server installation, this name is the same as the hostname. On a multi server installation, this LDAP host name is configured on every server

LDAP port

The default port is 389

LDAP Admin password

This is the master LDAP password. This is the password for the Zimbra admin user and is configured on every server

All except Zimbra LDAP Server

LDAP Base DN

The base DN describes where to load users and groups. In LDAP form, it is cn=Users. Default is cn=zimbra.

All

Secure interprocess communications

The default is yes. Secure interprocess communications requires that connections between the mail store, and other processes that use Java, use secure communications. It also specifies whether secure communications should be used between the master LDAP server and the replica LDAP servers for replication.

Time Zone

Select the time zone to apply to the default COS. The time zone that should be entered is the time zone that the majority of users in the COS will be located in. The default time zone is PST (Pacific Time).

IP Mode

IPv4 or IPv6.

Default SSL digest

Sets the default message digest to use when generating certificate. Defaults is sha256.

Ldap configuration

Server Configured Menu Item Description

zimbra-ldap - These options are configured on the Zimbra LDAP server.

Zimbra LDAP Server

Status

The default is Enabled. For replica LDAP servers, the status can be changed to Disabled if the database is manually loaded after installation completes.

Create Domain

The default is yes. You can create one domain during installation. Additional domains can be created from the administration console.

Domain to create

The default domain is the fully qualified hostname of the server. If you created a valid mail domain on your DNS server, enter it here.

LDAP Root password

By default, this password is automatically generated and is used for internal LDAP operations.

LDAP Replication password

This is the password used by the LDAP replication user to identify itself to the LDAP master and must be the same as the password on the LDAP master server.

LDAP Postfix password

This is the password used by the postfix user to identify itself to the LDAP server and must be configured on the MTA server to be the same as the password on the LDAP master server.

LDAP Amavis password

This password is automatically generated and is the password used by the amavis user to identify itself to the LDAP server and must be the same password on the LDAP master server and on the MTA server.

LDAP Nginx password

This password is automatically generated and is used by the nginx user to identify itself to the LDAP server and must be the same password on the LDAP master server and on the MTA server.

Note
 This option is displayed only if the zimbra-proxy package is installed.

LDAP Bes Searcher password

This password is automatically generated and is used by the ldap BES user.

Zimbra Logger

Server Configured Menu Item Description

Zimbra mailbox server

zimbra-logger

The Logger package is installed on one mail server. If installed, it is automatically enabled. Logs from all the hosts are sent to the mailbox server where the logger package is installed. This data is used for generating statistics graphs and reporting and for message tracing.

MTA Server Configuration Options

Zimbra MTA server configuration involves installation of the Zimbra-MTA package. This also includes anti-virus and anti-spam components.

Server Configured Menu Item Description

zimbra-mta

Zimbra MTA Server

MTA Auth host

This is configured automatically if the MTA authentication server host is on the same server, but must be configured if the authentication server is not on the MTA. The MTA Auth host must be one of the mailbox servers.

Enable Spamassassin

Default is enabled.

Enable ClamAV

Default is enabled. To configure attachment scanning, see Scanning Attachments in Outgoing Mail

Notification address for AV alerts

Sets the notification address for AV alerts. You can either accept the default or create a new address. If you create a new address, remember to provision this address from the admin console.

Note
 If the virus notification address does not exist and your host name is the same as the domain name on the Zimbra server, the virus notifications remain queued in the Zimbra MTA server cannot be delivered.

Bind password for Postfix LDAP user

Automatically set. This is the password used by the postfix user to identify itself to the LDAP server and must be configured on the MTA server to be the same as the password on the LDAP master server.

Bind password for Amavis LDAP user

Automatically set. This is the password used by the amavis user to identify itself to the LDAP server and must be configured on the MTA server to be the same as the amavis password on the master LDAP server.
Note
 New installs of ZCS limit spam/ham training to the first MTA installed. If you uninstall or move this MTA, you will need to enable spam/ham training on another MTA, as one host should have this enabled to run zmtrainsa --cleanup. To do this on that host, do:
zmlocalconfig -e zmtrainsa_cleanup_host=TRUE

DNS Cache

Server Configured Menu Item Description

zimbra-dnscache (optional)

Zimbra mailbox server

Master DNS IP address(es)

IP addresses of DNS servers

Enable DNS lookups over TCP

yes or no

Enable DNS lookups over UDP

yes or no

Only allow TCP to communicate with Master DNS

yes or no

Snmp configuration

Server Configured Menu Item Description

zimbra-snmp (optional)

All

Enable SNMP notifications

The default is yes.

SNMP Trap hostname

The hostname of the SNMP Trap destination

Enable SMTP notification

The default is yes.

SMTP Source email address

From address to use in email notifications

SMTP Destination email address

To address to use in email notifications

Store configuration

zimbra-store

Zimbra Mailbox Server

Create Admin User

Yes or No. The administrator account is created during installation. This account is the first account provisioned on the {product-short} server and allows you to log on to the administration console.

Admin user to create

The user name assigned to the administrator account. Once the administrator account has been created, it is suggested that you do not rename the account as automatic {product-name} notifications might not be received.

Admin Password

You must set the admin account password. The password is case sensitive and must be a minimum of six characters. The administrator name, mail address, and password are required to log in to the administration console.

Anti-virus quarantine user

A virus quarantine account is automatically created during installation. When AmavisD identifies an email message with a virus, the email is automatically sent to this mailbox. The virus quarantine mailbox is configured to delete messages older than 7 days.

Enable automated spam training

Yes or No. By default, the automated spam training filter is enabled and two mail accounts are created - one for the Spam Training User and one for the Non-spam (HAM) Training User. See the next 2 menu items which will be shown if spam training is enabled.
These addresses are automatically configured to work with the spam training filter. The accounts created have randomly selected names. To recognize what the accounts are used for, you may want to change their names.
The spam training filter is automatically added to the cron table and runs daily.

Spam Training User

to receive mail notification about mail that was not marked as junk, but should have been.

Non-spam (HAM) Training User

to receive mail notification about mail that was marked as junk, but should not have been.

The default port configurations are shown

Zimbra Mailbox Server

SMTP host

Defaults to current server name

Web server HTTP port:

default 80

Web server HTTPS port:

default 443

Web server mode

Can be HTTP, HTTPS, Mixed, Both or Redirect.

  • Mixed mode uses HTTPS for logging in and HTTP for normal session traffic

  • Both mode means that an HTTP session stays HTTP, including during the login phase, and an HTTPS session remains HTTPS throughout, including the login phase.

  • Redirect mode redirects any users connecting via HTTP to an HTTPS connection.

  • All modes use SSL encryption for back-end administrative traffic.

IMAP server port

default 143

IMAP server SSL port

default 993

POP server port

default 110

POP server SSL port

default 995

Use spell checker server

default Yes (if installed)

Spell server URL

http://<example.com>:7780/aspell.php

If either or both of these next 2 options are changed to TRUE, the proxy setting on the mailbox store are enabled in preparation for setting up zimbra-proxy.

Zimbra Mailbox Server

*Configure for use with mail proxy.

default FALSE

*Configure for use with web proxy.

default FALSE

Enable version update checks.

{product-name} automatically checks to see if a new {product-name} update is available. The default is TRUE.

Enable version update notifications.

This enables automatic notification when updates are available when this is set to TRUE.

Note
 The software update information can be viewed from the Administration Console Tools Overview pane.

Version update notification email.

This is the email address of the account to be notified when updates are available. The default is to send the notification to the admin’s account.

Version update source email.

This is the email address of the account that sends the email notification. The default is the admin’s account.

Proxy configuration

Zimbra Proxy (Nginx-Zimbra) is a high-performance reverse proxy server that passes IMAP[S]/POP[S]/HTTP[S] client requests to other internal ZCS services.

It requires the separate package Zimbra Memcached which is automatically selected when the zimbra-proxy package is installed. One server must run zimbramemcached when the proxy is in use. All installed zimbra proxies can use a single memcached server.

Server Configured Menu Item Description

zimbra-proxy

mailbox server,
MTA server or
own independent server

Enable POP/IMAP Proxy

default TRUE

IMAP proxy port

default 143

IMAP SSL proxy port

default 993

POP proxy port

default 110

POP SSL proxy port

default 995

Bind password for nginx ldap user

default set

Enable HTTP[S] Proxy

default TRUE

HTTP proxy port

default 80

HTTPS proxy port

default 443

Proxy server mode

default https