1、Zimbra邮件系统安装配置1.YUM源配置由于Zimbra安装时需要依赖很多红帽子系统安装光盘的安装包,我们最好是将RHEL安装好之后,搭建本地yum源。方便以后软件的安装。 编辑vim /etc/yum.repos.d/rhel-source.repo 添加以下配置内容: rhel-media-resourcename=RHEL Media Resourcebaseurl=file:/media/Serverenabled=1gpgcheck=1gpgkey=file:/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:/etc/pki/rpm-gp
2、g/RPM-GPG-KEY-redhat-release 将RHEL系统安装光盘上传到服务器或是插入光驱: ISO镜像文件挂在方法: mount -o loop ISO镜像文件路径 /media/ 通过光驱挂在系统光盘: mount /dev/cdrom /media/ 注意点:如果系统光盘挂载的路径不通,需要更改baseurl= file:/后面的值,Server是必须写的。 Yum源测试方法:2.DNS服务器安装配置:2.1.安装DNS:yum源仓库建立成功之后,通过yum安装DNS方法:yum install bind 根据提示输入Y,确定安装或证书验证。2.2.配置DNS由于我们没有安
3、装bind-chroot,Bind的所有配置文件都在/etc/下面,区域文件都在/var/named下面。2.2.1.修改DNS配置文件编辑/etc/named.conf 删除以下两行:listen-on port 53 127.0.0.1; ;listen-on-v6 port 53 :1; ;修改以下配置:allow-query localhost; ;修改成allow-query any; ;2.2.2.添加区域配置:添加区域配置:在/etc/named.rfc1912.zones添加域名的区域配置: 内容如下:zone IN type master; file .zone; 将/var
4、/named/下的named.localhost文件复制一份,文件名更改为.zone。 将文件修改成如下配置:$TTL 3600 IN SOA . . ( 20141212 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS .ns IN A 192.168.10.10email IN A 192.168.10.15 IN MX 10 .启动DNS服务:/etc/init.d/named restart第一次启动可能会很慢,需要产生证书文件等操作。变更配置之后需要重启named服务。添加防火墙规则编辑/etc/sy
5、sconfig/iptables文件,在蓝色标记下添加绿色标记的规则。*filter:INPUT ACCEPT 0:0:FORWARD ACCEPT 0:0:OUTPUT ACCEPT 0:0-A INPUT -m state -state ESTABLISHED,RELATED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 22 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p
6、 tcp -dport 53 -j ACCEPT-A INPUT -m state -state NEW -m udp -p udp -dport 53 -j ACCEPT-A INPUT -j REJECT -reject-with icmp-host-prohibited-A FORWARD -j REJECT -reject-with icmp-host-prohibitedCOMMIT2.2.3.DNS服务器测试在Linux或Windows下运行nslookup,执行以下操作:测试 (FQDN)是否可以解析 Server: 127.0.0.1Address: 127.0.0.1#53N
7、ame: Address: 192.168.10.15测试是否有邮件交换记录 set type=mx Server: 127.0.0.1Address: 127.0.0.1#53 mail exchanger = 10 .3.Zimbra安装配置3.1.软件版本: 此次配置文档中使用的Zimbra软件版本8.0.7,操作系统版本为RHEL 6.4 X64。3.2.系统环境准备更改Linux 主机名称:修改/etc/sysconfig/network文件,HOSTNAME更改为DNS中为该服务器配置的名称HOSTNAME=修改/etc/hosts文件,添加以下内容:192.168.10.15 关
8、闭Linux服务器自带的Postfix,执行以下命令:/etc/init.d/postfix stop禁止Postfix开机自动运行:chkconfig postfix off安装之前在安装Zimbra的服务器上执行2.2.3的操作。3.3.Zimbra安装:解压Zimbra安装包: tar zxf zcs-NETWORK-8.0.7_GA_6021.RHEL6_64.20140408123937.tgz 注意Zimbra的存放路径。进入解压后的目录,执行以下命令: rootemail Zimbra# ./install.sh会出现三次接受软件版权协议,均选择YDo you agree wit
9、h the terms of the software license agreement? N Y注意以下软件依赖问题是否解决:若没有请使用yum安装。Checking for prerequisites. FOUND: NPTL FOUND: nc-1.84-22 FOUND: sudo-1.8.6p3-7 FOUND: libidn-1.18-2 FOUND: gmp-4.3.1-7 FOUND: libaio-0.3.107-10 FOUND: /usr/lib64/libstdc+.so.6Checking for suggested prerequisites. FOUND: pe
10、rl-5.10.1 FOUND: sysstat FOUND: sqlitePrerequisite check complete.以下为Zimbra系统安装的组件:Select the packages to installInstall zimbra-ldap Y YInstall zimbra-logger Y Install zimbra-mta Y YInstall zimbra-snmp Y YInstall zimbra-store Y YInstall zimbra-apache Y YInstall zimbra-spell Y YInstall zimbra-convert
11、d Y YInstall zimbra-memcached N YInstall zimbra-proxy N Y选择继续:The system will be modified. Continue? N Y下面出现报错:由于DNS中有的邮件交换记录,没有的邮件交换记录。如果你是为这个域名做邮箱服务,需要在DNS中添加的邮件交换记录。如果是为这个域名做邮箱服务,只需在这将域名更改为。Setting defaults.No results returned for A lookup of Checked nameservers: 192.168.10.10No results returned
12、for AAAA lookup of Checked nameservers: 192.168.10.10DNS ERROR resolving It is suggested that the hostname be resolvable via DNSChange domain name? Yes Create domain: MX: (192.168.10.15) Interface: 192.168.10.15 Interface: 127.0.0.1 Interface: :1Zimbra安装完成:3.4.Zimbra配置:在每行前面有星号表示,需要更改配置。Main menu 1)
13、 Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-store: Enabled +Create Admin User: yes +Admin user to create: * * +Admin Password UNSET +Anti-virus quarantine user: * +Enable automated spam training: yes +Spam training user: * +Non-spam(Ham) training user: * +SMTP host: +Web server HTTP por
14、t: 80 +Web server HTTPS port: 443 +Web server mode: https +IMAP server port: 7143 +IMAP server SSL port: 7993 +POP server port: 7110 +POP server SSL port: 7995 +Use spell check server: yes +Spell server URL: :7780/aspell.php +Enable version update checks: TRUE +Enable version update notifications: T
15、RUE +Version update notification email: * +Version update source email: * * +License filename: UNSET 4) zimbra-mta: Enabled 5) zimbra-snmp: Enabled 6) zimbra-logger: Enabled 7) zimbra-spell: Enabled 8) zimbra-proxy: Enabled 9) zimbra-convertd: Enabled 10) Enable VMware HA: no 11) Default Class of Se
16、rvice Configuration: 12) Enable default backup schedule: yes r) Start servers after configuration yes s) Save config to file x) Expand menu q) Quit 更改Zimbra系统管理员密码:Address unconfigured (*) items (? - help) 3Select, or r for previous menu r 4Password for * (min 6 characters): ubRjkzp9 输入Admin的密码如有Zim
17、bra的License文件,填入Zimbra License文件的绝对路径。Select, or r for previous menu r 23Enter the name of the file that contains the license: /root/ZCSLicense.xml同意以上配置,保存配置文件。* CONFIGURATION COMPLETE - press a to applySelect from menu, or press a to apply config (? - help) aSave configuration data to a file? Yes
18、YSave config in file: /opt/zimbra/config.5297 Saving config in /opt/zimbra/config.5297.done.The system will be modified - continue? No yes3.5.设置防火墙规则:编辑/etc/sysconfig/iptables文件,将绿色标记的规则加入到蓝色标记中:*filter:INPUT ACCEPT 0:0:FORWARD ACCEPT 0:0:OUTPUT ACCEPT 0:0-A INPUT -m state -state ESTABLISHED,RELATED
19、 -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 25 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 80 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 110 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 389 -j ACCEPT-A INPUT -m st
20、ate -state NEW -m tcp -p tcp -dport 443 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 465 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 993 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 995 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 5222 -j ACCE
21、PT-A INPUT -m state -state NEW -m tcp -p tcp -dport 7071 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 873 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 7110 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 7780 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 22 -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -j REJECT -reject-with icmp-host-prohibited-A FORWARD -j REJECT -reject-with icmp-host-prohibitedCOMMIT3.6.邮件收发测试:用admin登录查看是否有收到的系统邮件。如用MUA客户端测试邮件收发情况:在MTA Trusted Networks中添加MTA客户端所在网段。重启服务。
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1