Centos7安装Zimbra-8.8开源邮件系统

之前安装了iRedMail,使用了一段时间感觉不太理想,可能对于我这种菜鸟来说不太友好吧,现在安装Zimbra试试

Zimbra有两个版本,一个是NETWORK EDITION网络版,像企业邮箱一样,你付钱使用就可以了,另一个就是OPEN SOURCE开源版,开源免费随便用。

一、准备工作

  • 保证系统纯净
  • 开放端口:
    80, 443, 25, 110, 143, 465, 995, 993, 587, 7025, 8443, 7071
    

     

  • 配置主机名:
    echo 'mail.echo.gg' > /etc/hostname
    

     

  • 配置hosts:
    echo '172.0.0.1 mail.echo.gg mail' >> /etc/hosts
    

     

这里的127.0.0.1为你的服务器外网IP地址

  • 安装依赖
    yum install perl perl-core ntpl nmap sudo libidn gmp libaio libstdc++ unzip sysstat sqlite -y
    

     

  • 下载Zimbra
    wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz
    

     

  • 解压
    tar -zxf zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz
    

     

二、安装Zimbra过程

[root@mail ~]# cd zcs-8.8.15_GA_3869.RHEL7_64.20190918004220
[root@mail zcs-8.8.15_GA_3869.RHEL7_64.20190918004220]# ./install.sh
Operations logged to /tmp/install.log.5GaXmCMn
Checking for existing installation...
    zimbra-drive...NOT FOUND
    zimbra-imapd...NOT FOUND
    zimbra-patch...NOT FOUND
    zimbra-mta-patch...NOT FOUND
    zimbra-proxy-patch...NOT FOUND
    zimbra-license-tools...NOT FOUND
    zimbra-license-extension...NOT FOUND
    zimbra-network-store...NOT FOUND
    zimbra-network-modules-ng...NOT FOUND
    zimbra-chat...NOT FOUND
    zimbra-talk...NOT FOUND
    zimbra-ldap...NOT FOUND
    zimbra-logger...NOT FOUND
    zimbra-mta...NOT FOUND
    zimbra-dnscache...NOT FOUND
    zimbra-snmp...NOT FOUND
    zimbra-store...NOT FOUND
    zimbra-apache...NOT FOUND
    zimbra-spell...NOT FOUND
    zimbra-convertd...NOT FOUND
    zimbra-memcached...NOT FOUND
    zimbra-proxy...NOT FOUND
    zimbra-archiving...NOT FOUND
    zimbra-core...NOT FOUND

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
SYNACOR, INC. ("SYNACOR") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.
License Terms for this Zimbra Collaboration Suite Software:
https://www.zimbra.com/license/zimbra-public-eula-2-6.html
 
Do you agree with the terms of the software license agreement? [N] y *同意许可
 
 
Use Zimbra's package repository [Y] y
Importing Zimbra GPG key
Configuring package repository
Checking for installable packages
Found zimbra-core (local)
Found zimbra-ldap (local)
Found zimbra-logger (local)
Found zimbra-mta (local)
Found zimbra-dnscache (local)
Found zimbra-snmp (local)
Found zimbra-store (local)
Found zimbra-apache (local)
Found zimbra-spell (local)
Found zimbra-memcached (repo)
Found zimbra-proxy (local)
Found zimbra-drive (repo)
Found zimbra-imapd (local)
Found zimbra-patch (repo)
Found zimbra-mta-patch (repo)
Found zimbra-proxy-patch (repo)
Select the packages to install
Install zimbra-ldap [Y] y
Install zimbra-logger [Y] y
Install zimbra-mta [Y] y
Install zimbra-dnscache [Y] y
Install zimbra-snmp [Y] y
Install zimbra-store [Y] y
Install zimbra-apache [Y] y
Install zimbra-spell [Y] y
Install zimbra-memcached [Y] y
Install zimbra-proxy [Y] y
Install zimbra-drive [Y] y
Install zimbra-imapd (BETA - for evaluation only) [N] y
Install zimbra-chat [Y] y
Checking required space for zimbra-core
Checking space for zimbra-store
Checking required packages for zimbra-store
zimbra-store package check complete.
Installing:
    zimbra-core
    zimbra-ldap
    zimbra-logger
    zimbra-mta
    zimbra-dnscache
    zimbra-snmp
    zimbra-store
    zimbra-apache
    zimbra-spell
    zimbra-memcached
    zimbra-proxy
    zimbra-drive
    zimbra-imapd
    zimbra-patch
    zimbra-mta-patch
    zimbra-proxy-patch
    zimbra-chat
The system will be modified.  Continue? [N] y
Beginning Installation - see /tmp/install.log.5GaXmCMn for details...
                      zimbra-core-components will be downloaded and installed.
                        zimbra-timezone-data will be installed.
                      zimbra-common-core-jar will be installed.
                     zimbra-common-mbox-conf will be installed.
               zimbra-common-mbox-conf-attrs will be installed.
                zimbra-common-mbox-conf-msgs will be installed.
              zimbra-common-mbox-conf-rights will be installed.
                       zimbra-common-mbox-db will be installed.
                     zimbra-common-mbox-docs will be installed.
               zimbra-common-mbox-native-lib will be installed.
                     zimbra-common-core-libs will be installed.
                                 zimbra-core will be installed.
                      zimbra-ldap-components will be downloaded and installed.
                                 zimbra-ldap will be installed.
                               zimbra-logger will be installed.
                       zimbra-mta-components will be downloaded and installed.
                                  zimbra-mta will be installed.
                  zimbra-dnscache-components will be downloaded and installed.
                             zimbra-dnscache will be installed.
                      zimbra-snmp-components will be downloaded and installed.
                                 zimbra-snmp will be installed.
                     zimbra-store-components will be downloaded and installed.
                   zimbra-jetty-distribution will be downloaded and installed.
                            zimbra-mbox-conf will be installed.
                             zimbra-mbox-war will be installed.
                         zimbra-mbox-service will be installed.
                   zimbra-mbox-webclient-war will be installed.
               zimbra-mbox-admin-console-war will be installed.
                      zimbra-mbox-store-libs will be installed.
                                zimbra-store will be installed.
                    zimbra-apache-components will be downloaded and installed.
                               zimbra-apache will be installed.
                     zimbra-spell-components will be downloaded and installed.
                                zimbra-spell will be installed.
                            zimbra-memcached will be downloaded and installed.
                     zimbra-proxy-components will be downloaded and installed.
                                zimbra-proxy will be installed.
                                zimbra-drive will be downloaded and installed (later).
                                zimbra-imapd will be installed.
                                zimbra-patch will be downloaded and installed (later).
                            zimbra-mta-patch will be downloaded and installed (later).
                          zimbra-proxy-patch will be downloaded and installed (later).
                                 zimbra-chat will be downloaded and installed (later).

Downloading packages (11):
   zimbra-core-components
   zimbra-ldap-components
   zimbra-mta-components
   zimbra-dnscache-components
   zimbra-snmp-components
   zimbra-store-components
   zimbra-jetty-distribution
   zimbra-apache-components
   zimbra-spell-components
   zimbra-memcached
   zimbra-proxy-components
      ...done
Removing /opt/zimbra
Removing zimbra crontab entry...done.
Cleaning up zimbra init scripts...done.
Cleaning up /etc/security/limits.conf...done.
Finished removing Zimbra Collaboration Server.
Installing repo packages (11):
   zimbra-core-components
   zimbra-ldap-components
   zimbra-mta-components
   zimbra-dnscache-components
   zimbra-snmp-components
   zimbra-store-components
   zimbra-jetty-distribution
   zimbra-apache-components
   zimbra-spell-components
   zimbra-memcached
   zimbra-proxy-components
      ...done
Installing local packages (27):
   zimbra-timezone-data
   zimbra-common-core-jar
   zimbra-common-mbox-conf
   zimbra-common-mbox-conf-attrs
   zimbra-common-mbox-conf-msgs
   zimbra-common-mbox-conf-rights
   zimbra-common-mbox-db
   zimbra-common-mbox-docs
   zimbra-common-mbox-native-lib
   zimbra-common-core-libs
   zimbra-core
   zimbra-ldap
   zimbra-logger
   zimbra-mta
   zimbra-dnscache
   zimbra-snmp
   zimbra-mbox-conf
   zimbra-mbox-war
   zimbra-mbox-service
   zimbra-mbox-webclient-war
   zimbra-mbox-admin-console-war
   zimbra-mbox-store-libs
   zimbra-store
   zimbra-apache
   zimbra-spell
   zimbra-proxy
   zimbra-imapd
      ...done
Installing extra packages (5):
   zimbra-drive
   zimbra-patch
   zimbra-mta-patch
   zimbra-proxy-patch
   zimbra-chat
      ...done
Running Post Installation Configuration:
Operations logged to /tmp/zmsetup.20200525-115204.log
Installing LDAP configuration database...done.
Setting defaults...
DNS ERROR resolving MX for mail.echo.gg
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes] yes
Create domain: [mail.echo.gg] echo.gg *这里输入有mx记录的域名
        MX: mail.echo.gg (173.82.151.36)
    Interface: 127.0.0.1
    Interface: ::1
    Interface: 173.82.151.36
    Interface: 2607:f130:0:d7::82a
    Interface: 2607:f130:0:d7::829
    Interface: 2607:f130:0:d7::828

done.
Checking for port conflicts
Main menu
   1) Common Configuration:
   2) zimbra-ldap:                             Enabled
   3) zimbra-logger:                           Enabled
   4) zimbra-mta:                              Enabled
   5) zimbra-dnscache:                         Enabled
   6) zimbra-snmp:                             Enabled
   7) zimbra-store:                            Enabled
        +Create Admin User:                    yes
        +Admin user to create:                 admin@echo.gg
         +Admin Password                        UNSET
        +Anti-virus quarantine user:           virus-quarantine.ygnij_yxj@echo.gg
        +Enable automated spam training:       yes
        +Spam training user:                   spam.kaqcacvdok@echo.gg
        +Non-spam(Ham) training user:          ham.gb5hyjt3fm@echo.gg
        +SMTP host:                            mail.echo.gg
        +Web server HTTP port:                 8080
        +Web server HTTPS port:                8443
        +Web server mode:                      https
        +IMAP server port:                     7143
        +IMAP server SSL port:                 7993
        +POP server port:                      7110
        +POP server SSL port:                  7995
        +Use spell check server:               yes
        +Spell server URL:                     http://mail.echo.gg:7780/aspell.php
        +Enable version update checks:         TRUE
        +Enable version update notifications:  TRUE
        +Version update notification email:    admin@echo.gg
        +Version update source email:          admin@echo.gg
        +Install mailstore (service webapp):   yes
        +Install UI (zimbra,zimbraAdmin webapps): yes
   8) zimbra-spell:                            Enabled
   9) zimbra-proxy:                            Enabled
  10) zimbra-imapd:                            Enabled
  11) Default Class of Service Configuration:
   s) Save config to file
   x) Expand menu
   q) Quit

Address unconfigured (**) items  (? - help) 7 *管理员密码没有设置,按7进入管理员设置菜单

Store configuration
   1) Status:                                  Enabled
   2) Create Admin User:                       yes
   3) Admin user to create:                    admin@echo.gg
** 4) Admin Password                           UNSET
   5) Anti-virus quarantine user:              virus-quarantine.ygnij_yxj@echo.gg
   6) Enable automated spam training:          yes
   7) Spam training user:                      spam.kaqcacvdok@echo.gg
   8) Non-spam(Ham) training user:             ham.gb5hyjt3fm@echo.gg
   9) SMTP host:                               mail.echo.gg
  10) Web server HTTP port:                    8080
  11) Web server HTTPS port:                   8443
  12) Web server mode:                         https
  13) IMAP server port:                        7143
  14) IMAP server SSL port:                    7993
  15) POP server port:                         7110
  16) POP server SSL port:                     7995
  17) Use spell check server:                  yes
  18) Spell server URL:                        http://mail.echo.gg:7780/aspell.php
  19) Enable version update checks:            TRUE
  20) Enable version update notifications:     TRUE
  21) Version update notification email:       admin@echo.gg
  22) Version update source email:             admin@echo.gg
  23) Install mailstore (service webapp):      yes
  24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] 4 *按4设置管理员密码
Password for admin@echo.gg (min 6 characters): [RKAlpEr3]  *这里填你的管理员邮箱密码
Store configuration
   1) Status:                                  Enabled
   2) Create Admin User:                       yes
   3) Admin user to create:                    admin@echo.gg
   4) Admin Password                           set
   5) Anti-virus quarantine user:              virus-quarantine.ygnij_yxj@echo.gg
   6) Enable automated spam training:          yes
   7) Spam training user:                      spam.kaqcacvdok@echo.gg
   8) Non-spam(Ham) training user:             ham.gb5hyjt3fm@echo.gg
   9) SMTP host:                               mail.echo.gg
  10) Web server HTTP port:                    8080
  11) Web server HTTPS port:                   8443
  12) Web server mode:                         https
  13) IMAP server port:                        7143
  14) IMAP server SSL port:                    7993
  15) POP server port:                         7110
  16) POP server SSL port:                     7995
  17) Use spell check server:                  yes
  18) Spell server URL:                        http://mail.echo.gg:7780/aspell.php
  19) Enable version update checks:            TRUE
  20) Enable version update notifications:     TRUE
  21) Version update notification email:       admin@echo.gg
  22) Version update source email:             admin@echo.gg
  23) Install mailstore (service webapp):      yes
  24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] r *设置完成,按r返回上级菜单
Main menu
   1) Common Configuration:
   2) zimbra-ldap:                             Enabled
   3) zimbra-logger:                           Enabled
   4) zimbra-mta:                              Enabled
   5) zimbra-dnscache:                         Enabled
   6) zimbra-snmp:                             Enabled
   7) zimbra-store:                            Enabled
   8) zimbra-spell:                            Enabled
   9) zimbra-proxy:                            Enabled
  10) zimbra-imapd:                            Enabled
  11) Default Class of Service Configuration:
   s) Save config to file
   x) Expand menu
   q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a *按a应用设置
Save configuration data to a file? [Yes] yes *yes保存配置到文件
Save config in file: [/opt/zimbra/config.26044] *直接回车,保存到配置到文件/opt/zimbra/config.26044
Saving config in /opt/zimbra/config.26044...done.
The system will be modified - continue? [No] yes *yes继续安装
Operations logged to /tmp/zmsetup.20200525-115204.log
Setting local config values...done.
Initializing core config...Setting up CA...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Creating SSL zimbra-imapd certificate...done.
Creating new zimbra-store SSL certificate...done.
Creating new zimbra-ldap SSL certificate...done.
Creating new zimbra-mta SSL certificate...done.
Creating new zimbra-proxy SSL certificate...done.
Installing mailboxd SSL certificates...done.
Installing imapd SSL certificates...done.
Installing MTA SSL certificates...done.
Installing LDAP SSL certificate...done.
Installing Proxy SSL certificate...done.
Initializing ldap...done.
Setting replication password...done.
Setting Postfix password...done.
Setting amavis password...done.
Setting nginx password...done.
Setting BES searcher password...done.
Creating server entry for mail.echo.gg...done.
Setting Zimbra IP Mode...done.
Saving CA in ldap...done.
Saving SSL Certificate in ldap...done.
Setting spell check URL...done.
Setting service ports on mail.echo.gg...done.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Checking current setting of zimbraReverseProxyAvailableLookupTargets
Querying LDAP for other mailstores
Searching LDAP for reverseProxyLookupTargets...done.
Adding mail.echo.gg to zimbraReverseProxyAvailableLookupTargets
Setting Master DNS IP address(es)...done.
Setting DNS cache tcp lookup preference...done.
Setting DNS cache udp lookup preference...done.
Setting DNS tcp upstream preference...done.
Updating zimbraLDAPSchemaVersion to version '1557224584'
Setting TimeZone Preference...done.
Disabling strict server name enforcement on mail.echo.gg...done.
Initializing mta config...done.
Setting services on mail.echo.gg...done.
Adding mail.echo.gg to zimbraMailHostPool in default COS...done.
Creating domain echo.gg...done.
Setting default domain name...done.
Creating domain echo.gg...already exists.
Creating admin account admin@echo.gg...done.
Creating root alias...done.
Creating postmaster alias...done.
Creating user spam.kaqcacvdok@echo.gg...done.
Creating user ham.gb5hyjt3fm@echo.gg...done.
Creating user virus-quarantine.ygnij_yxj@echo.gg...done.
Setting spam training and Anti-virus quarantine accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail.echo.gg...done.
Configuring SNMP...done.
Setting up syslog.conf...done.
Enabling IMAP protocol for zimbra-imapd service...done.
Enabling IMAPS protocol for zimbra-imapd service...done.
Starting servers...done.
Installing common zimlets...
        com_zextras_drive_open...done.
        com_zimbra_adminversioncheck...done.
        com_zimbra_mailarchive...done.
        com_zimbra_srchhighlighter...done.
        com_zimbra_phone...done.
        com_zimbra_email...done.
        com_zimbra_date...done.
        com_zimbra_viewmail...done.
        com_zimbra_bulkprovision...done.
        com_zimbra_tooltip...done.
        com_zimbra_url...done.
        com_zimbra_proxy_config...done.
        com_zimbra_clientuploader...done.
        com_zimbra_attachcontacts...done.
        com_zimbra_webex...done.
        com_zimbra_ymemoticons...done.
        com_zimbra_attachmail...done.
        com_zextras_chat_open...done.
        com_zimbra_cert_manager...done.
Finished installing common zimlets.
Restarting mailboxd...done.
Creating galsync account for default domain...done.


You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Server.
The only information that will be transmitted is:
        The VERSION of zcs installed (8.8.15_GA_3869_RHEL7_64)
        The ADMIN EMAIL ADDRESS created (admin@echo.gg)
Notify Zimbra of your installation? [Yes] no *通知Zimbra安装,填no
Notification skipped
Checking if the NG started running...done.
Setting up zimbra crontab...done.
Moving /tmp/zmsetup.20200525-115204.log to /opt/zimbra/log
Configuration complete - press return to exit
[root@mail zcs-8.8.15_GA_3869.RHEL7_64.20190918004220]#reboot *重启服务器

启动之后查看服务运行状态:

[root@mail ~]# su - zimbra
上一次登录:一 5月 25 21:03:30 CST 2020pts/0 上
[zimbra@mail ~]$ zmcontrol status
Host mail.echo.gg
        amavis                  Running
        antispam                Running
        antivirus               Running
        dnscache                Running
        imapd                   Running
        ldap                    Running
        logger                  Running
        mailbox                 Running
        memcached               Running
        mta                     Running
        opendkim                Running
        proxy                   Running
        service webapp          Running
        snmp                    Running
        spell                   Running
        stats                   Running
        zimbra webapp           Running
        zimbraAdmin webapp      Running
        zimlet webapp           Running
        zmconfigd               Running
[zimbra@mail ~]$ 

全部启动成功。如果有没启动成功的,请等一等再看,启动服务需要时间。

普通用户访问地址为:https://你的域名/
管理员访问地址为:https://你的域名:7071/

  • 管理员用户名:admin
  • 管理员密码:即安装时提示你设置的密码
    设置 Zimbra 浏览器访问 http 时转发到 https

    zmprov ms mail.echo.gg zimbraReverseProxyMailMode redirect
    

     

登录后可能会出现以下错误代码

Comando desconocido enviado al servidor. ZxChatRequest
method:   [unknown]
msg:   unknown document: ZxChatRequest
code:   service.UNKNOWN_DOCUMENT
detail:   soap:Sender
trace:   qtp366590980-81:1578342519951:6b913a7a36d1942d
request:   
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Header><context xmlns="urn:zimbra"><userAgent name="ZimbraWebClient - GC79 (Win)" version="8.8.15_GA_3890"/><session id="15"/><account by="name">user@echo.gg</account><format type="js"/><csrfToken>0_9b547fb6529d130720d8f70dcb8067bd8ac4e784</csrfToken></context></soap:Header><soap:Body><ZxChatRequest xmlns="urn:zimbraAccount"><type>16</type><clientVersion>13</clientVersion><action>register_session</action></ZxChatRequest></soap:Body></soap:Envelope>

解决办法

mv /opt/zimbra/lib/ext/openchat/zal.jar /tmp
cp -rp /opt/zimbra/lib/ext/zimbradrive/zal.jar /opt/zimbra/lib/ext/openchat/zal.jar
su - zimbra
zmmailboxdctl restart

为Zimbra添加 Let's Encrypt 证书
此证书为一键脚本转载自 https://www.chenxie.net/archives/2294.html

#!/bin/bash
#!/bin/bash
# Author: Alex Chen 
# Website: https://www.chenxie.net/
# Create time: 2019/11/29
# Description: This script is for zimbra ssl certificate deploy and renew by Let's Encrypt.
# Note: Support Zimbra8.7 and above

if [ $USER != "root" ]; then
    echo "Must be root."
    exit
fi

domain=`hostname`
time=`date +%Y-%m-%d\ %H:%M:%S`

echo ">>> [$time] Start renew..."

echo ">>> [$time] Check local letsencrypt directory..."
if [ -d /opt/software/letsencrypt ]; then
    rm -rf /opt/software/letsencrypt
fi
if [ ! -f /usr/bin/git ]; then
    yum install -y git
fi

echo ">>> [$time] Clone letsencrypt to local /opt/software/letsencrypt"
mkdir -p /opt/software/letsencrypt
git clone https://github.com/letsencrypt/letsencrypt /opt/software/letsencrypt/

echo ">>> [$time] Stop service."
su - zimbra -c 'zmproxyctl stop'
su - zimbra -c 'zmmailboxdctl stop'

echo ">>> [$time] Build certificate..."
cd /opt/software/letsencrypt/ && ./letsencrypt-auto certonly --standalone

echo ">>> [$time] SSL Certificate files below:"
ls -l /etc/letsencrypt/live/$domain/

echo ">>> [$time] Build root CA."
echo '''
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
-----END CERTIFICATE-----
''' >> /etc/letsencrypt/live/$domain/chain.pem

echo ">>> [$time] Prepare verify certificate."
if [ ! -d /opt/zimbra/ssl/letsencrypt ]; then
    mkdir /opt/zimbra/ssl/letsencrypt
fi
cp /etc/letsencrypt/live/$domain/* /opt/zimbra/ssl/letsencrypt/
chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*

echo ">>> [$time] Verify certificate."
su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem'

echo ">>> [$time] Start deploy..."
echo ">>> [$time] Backup Zimbra SSL directory"
cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")

echo ">>> [$time] Copy the private key under Zimbra SSL commercial path."
cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key
chown zimbra.zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key

echo ">>> [$time] Final SSL deployment"
su - zimbra  -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem'

echo ">>> [$time] Restart zimbra service."
su - zimbra -c 'zmcontrol restart'

echo ">>> [$time] Clean /opt/software/letsencrypt/"
rm -rf /opt/software/letsencrypt/

echo ">>> [$time] Done."

授予执行权限:

chmod +x zimbra-ssl-install-and-renew.sh

运行脚本:

./zimbra-ssl-install-and-renew.sh

剩下按照提示操作即可。

zimbra 开启smtp认证,防止伪造本域发件人发送垃圾邮件

zmprov modifyServer {{ you domain }} zimbraMtaTlsAuthOnly FALSE
zmcontrol  restart

查看对应配置

zmprov getServer {{ you domain }} |  grep  Auth

查看SMTP是否开启成功

[zimbra@mail log]$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail ESMTP Postfix
ehlo mail     
250-mail
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN      #SMTP认证相关参数
250-AUTH=LOGIN PLAIN     #SMTP认证相关参数
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

待更...

暂无评论

发送评论 编辑评论


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
颜文字
Emoji
小恐龙
花!
上一篇
下一篇