之前安装了iRedMail,使用了一段时间感觉不太理想,可能对于我这种菜鸟来说不太友好吧,现在安装Zimbra试试
Zimbra有两个版本,一个是NETWORK EDITION网络版,像企业邮箱一样,你付钱使用就可以了,另一个就是OPEN SOURCE开源版,开源免费随便用。
一、准备工作
- 保证系统纯净
- 开放端口:
80, 443, 25, 110, 143, 465, 995, 993, 587, 7025, 8443, 7071 - 配置主机名:
echo 'mail.echo.gg' > /etc/hostname - 配置hosts:
echo '172.0.0.1 mail.echo.gg mail' >> /etc/hosts
这里的127.0.0.1为你的服务器外网IP地址
- 安装依赖
yum install perl perl-core ntpl nmap sudo libidn gmp libaio libstdc++ unzip sysstat sqlite -y - 下载Zimbra
wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz - 解压
tar -zxf zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz
二、安装Zimbra过程
[root@mail ~]# cd zcs-8.8.15_GA_3869.RHEL7_64.20190918004220 [root@mail zcs-8.8.15_GA_3869.RHEL7_64.20190918004220]# ./install.sh Operations logged to /tmp/install.log.5GaXmCMn Checking for existing installation... zimbra-drive...NOT FOUND zimbra-imapd...NOT FOUND zimbra-patch...NOT FOUND zimbra-mta-patch...NOT FOUND zimbra-proxy-patch...NOT FOUND zimbra-license-tools...NOT FOUND zimbra-license-extension...NOT FOUND zimbra-network-store...NOT FOUND zimbra-network-modules-ng...NOT FOUND zimbra-chat...NOT FOUND zimbra-talk...NOT FOUND zimbra-ldap...NOT FOUND zimbra-logger...NOT FOUND zimbra-mta...NOT FOUND zimbra-dnscache...NOT FOUND zimbra-snmp...NOT FOUND zimbra-store...NOT FOUND zimbra-apache...NOT FOUND zimbra-spell...NOT FOUND zimbra-convertd...NOT FOUND zimbra-memcached...NOT FOUND zimbra-proxy...NOT FOUND zimbra-archiving...NOT FOUND zimbra-core...NOT FOUND PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE. SYNACOR, INC. ("SYNACOR") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT. License Terms for this Zimbra Collaboration Suite Software: https://www.zimbra.com/license/zimbra-public-eula-2-6.html Do you agree with the terms of the software license agreement? [N] y *同意许可 Use Zimbra's package repository [Y] y Importing Zimbra GPG key Configuring package repository Checking for installable packages Found zimbra-core (local) Found zimbra-ldap (local) Found zimbra-logger (local) Found zimbra-mta (local) Found zimbra-dnscache (local) Found zimbra-snmp (local) Found zimbra-store (local) Found zimbra-apache (local) Found zimbra-spell (local) Found zimbra-memcached (repo) Found zimbra-proxy (local) Found zimbra-drive (repo) Found zimbra-imapd (local) Found zimbra-patch (repo) Found zimbra-mta-patch (repo) Found zimbra-proxy-patch (repo) Select the packages to install Install zimbra-ldap [Y] y Install zimbra-logger [Y] y Install zimbra-mta [Y] y Install zimbra-dnscache [Y] y Install zimbra-snmp [Y] y Install zimbra-store [Y] y Install zimbra-apache [Y] y Install zimbra-spell [Y] y Install zimbra-memcached [Y] y Install zimbra-proxy [Y] y Install zimbra-drive [Y] y Install zimbra-imapd (BETA - for evaluation only) [N] y Install zimbra-chat [Y] y Checking required space for zimbra-core Checking space for zimbra-store Checking required packages for zimbra-store zimbra-store package check complete. Installing: zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-dnscache zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-memcached zimbra-proxy zimbra-drive zimbra-imapd zimbra-patch zimbra-mta-patch zimbra-proxy-patch zimbra-chat The system will be modified. Continue? [N] y Beginning Installation - see /tmp/install.log.5GaXmCMn for details... zimbra-core-components will be downloaded and installed. zimbra-timezone-data will be installed. zimbra-common-core-jar will be installed. zimbra-common-mbox-conf will be installed. zimbra-common-mbox-conf-attrs will be installed. zimbra-common-mbox-conf-msgs will be installed. zimbra-common-mbox-conf-rights will be installed. zimbra-common-mbox-db will be installed. zimbra-common-mbox-docs will be installed. zimbra-common-mbox-native-lib will be installed. zimbra-common-core-libs will be installed. zimbra-core will be installed. zimbra-ldap-components will be downloaded and installed. zimbra-ldap will be installed. zimbra-logger will be installed. zimbra-mta-components will be downloaded and installed. zimbra-mta will be installed. zimbra-dnscache-components will be downloaded and installed. zimbra-dnscache will be installed. zimbra-snmp-components will be downloaded and installed. zimbra-snmp will be installed. zimbra-store-components will be downloaded and installed. zimbra-jetty-distribution will be downloaded and installed. zimbra-mbox-conf will be installed. zimbra-mbox-war will be installed. zimbra-mbox-service will be installed. zimbra-mbox-webclient-war will be installed. zimbra-mbox-admin-console-war will be installed. zimbra-mbox-store-libs will be installed. zimbra-store will be installed. zimbra-apache-components will be downloaded and installed. zimbra-apache will be installed. zimbra-spell-components will be downloaded and installed. zimbra-spell will be installed. zimbra-memcached will be downloaded and installed. zimbra-proxy-components will be downloaded and installed. zimbra-proxy will be installed. zimbra-drive will be downloaded and installed (later). zimbra-imapd will be installed. zimbra-patch will be downloaded and installed (later). zimbra-mta-patch will be downloaded and installed (later). zimbra-proxy-patch will be downloaded and installed (later). zimbra-chat will be downloaded and installed (later). Downloading packages (11): zimbra-core-components zimbra-ldap-components zimbra-mta-components zimbra-dnscache-components zimbra-snmp-components zimbra-store-components zimbra-jetty-distribution zimbra-apache-components zimbra-spell-components zimbra-memcached zimbra-proxy-components ...done Removing /opt/zimbra Removing zimbra crontab entry...done. Cleaning up zimbra init scripts...done. Cleaning up /etc/security/limits.conf...done. Finished removing Zimbra Collaboration Server. Installing repo packages (11): zimbra-core-components zimbra-ldap-components zimbra-mta-components zimbra-dnscache-components zimbra-snmp-components zimbra-store-components zimbra-jetty-distribution zimbra-apache-components zimbra-spell-components zimbra-memcached zimbra-proxy-components ...done Installing local packages (27): zimbra-timezone-data zimbra-common-core-jar zimbra-common-mbox-conf zimbra-common-mbox-conf-attrs zimbra-common-mbox-conf-msgs zimbra-common-mbox-conf-rights zimbra-common-mbox-db zimbra-common-mbox-docs zimbra-common-mbox-native-lib zimbra-common-core-libs zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-dnscache zimbra-snmp zimbra-mbox-conf zimbra-mbox-war zimbra-mbox-service zimbra-mbox-webclient-war zimbra-mbox-admin-console-war zimbra-mbox-store-libs zimbra-store zimbra-apache zimbra-spell zimbra-proxy zimbra-imapd ...done Installing extra packages (5): zimbra-drive zimbra-patch zimbra-mta-patch zimbra-proxy-patch zimbra-chat ...done Running Post Installation Configuration: Operations logged to /tmp/zmsetup.20200525-115204.log Installing LDAP configuration database...done. Setting defaults... DNS ERROR resolving MX for mail.echo.gg It is suggested that the domain name have an MX record configured in DNS Change domain name? [Yes] yes Create domain: [mail.echo.gg] echo.gg *这里输入有mx记录的域名 MX: mail.echo.gg (173.82.151.36) Interface: 127.0.0.1 Interface: ::1 Interface: 173.82.151.36 Interface: 2607:f130:0:d7::82a Interface: 2607:f130:0:d7::829 Interface: 2607:f130:0:d7::828 done. Checking for port conflicts Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-dnscache: Enabled 6) zimbra-snmp: Enabled 7) zimbra-store: Enabled +Create Admin User: yes +Admin user to create: admin@echo.gg +Admin Password UNSET +Anti-virus quarantine user: virus-quarantine.ygnij_yxj@echo.gg +Enable automated spam training: yes +Spam training user: spam.kaqcacvdok@echo.gg +Non-spam(Ham) training user: ham.gb5hyjt3fm@echo.gg +SMTP host: mail.echo.gg +Web server HTTP port: 8080 +Web server HTTPS port: 8443 +Web server mode: https +IMAP server port: 7143 +IMAP server SSL port: 7993 +POP server port: 7110 +POP server SSL port: 7995 +Use spell check server: yes +Spell server URL: http://mail.echo.gg:7780/aspell.php +Enable version update checks: TRUE +Enable version update notifications: TRUE +Version update notification email: admin@echo.gg +Version update source email: admin@echo.gg +Install mailstore (service webapp): yes +Install UI (zimbra,zimbraAdmin webapps): yes 8) zimbra-spell: Enabled 9) zimbra-proxy: Enabled 10) zimbra-imapd: Enabled 11) Default Class of Service Configuration: s) Save config to file x) Expand menu q) Quit Address unconfigured (**) items (? - help) 7 *管理员密码没有设置,按7进入管理员设置菜单 Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@echo.gg ** 4) Admin Password UNSET 5) Anti-virus quarantine user: virus-quarantine.ygnij_yxj@echo.gg 6) Enable automated spam training: yes 7) Spam training user: spam.kaqcacvdok@echo.gg 8) Non-spam(Ham) training user: ham.gb5hyjt3fm@echo.gg 9) SMTP host: mail.echo.gg 10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes 18) Spell server URL: http://mail.echo.gg:7780/aspell.php 19) Enable version update checks: TRUE 20) Enable version update notifications: TRUE 21) Version update notification email: admin@echo.gg 22) Version update source email: admin@echo.gg 23) Install mailstore (service webapp): yes 24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r] 4 *按4设置管理员密码 Password for admin@echo.gg (min 6 characters): [RKAlpEr3] *这里填你的管理员邮箱密码 Store configuration 1) Status: Enabled 2) Create Admin User: yes 3) Admin user to create: admin@echo.gg 4) Admin Password set 5) Anti-virus quarantine user: virus-quarantine.ygnij_yxj@echo.gg 6) Enable automated spam training: yes 7) Spam training user: spam.kaqcacvdok@echo.gg 8) Non-spam(Ham) training user: ham.gb5hyjt3fm@echo.gg 9) SMTP host: mail.echo.gg 10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes 18) Spell server URL: http://mail.echo.gg:7780/aspell.php 19) Enable version update checks: TRUE 20) Enable version update notifications: TRUE 21) Version update notification email: admin@echo.gg 22) Version update source email: admin@echo.gg 23) Install mailstore (service webapp): yes 24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r] r *设置完成,按r返回上级菜单 Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-dnscache: Enabled 6) zimbra-snmp: Enabled 7) zimbra-store: Enabled 8) zimbra-spell: Enabled 9) zimbra-proxy: Enabled 10) zimbra-imapd: Enabled 11) Default Class of Service Configuration: s) Save config to file x) Expand menu q) Quit *** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) a *按a应用设置 Save configuration data to a file? [Yes] yes *yes保存配置到文件 Save config in file: [/opt/zimbra/config.26044] *直接回车,保存到配置到文件/opt/zimbra/config.26044 Saving config in /opt/zimbra/config.26044...done. The system will be modified - continue? [No] yes *yes继续安装 Operations logged to /tmp/zmsetup.20200525-115204.log Setting local config values...done. Initializing core config...Setting up CA...done. Deploying CA to /opt/zimbra/conf/ca ...done. Creating SSL zimbra-imapd certificate...done. Creating new zimbra-store SSL certificate...done. Creating new zimbra-ldap SSL certificate...done. Creating new zimbra-mta SSL certificate...done. Creating new zimbra-proxy SSL certificate...done. Installing mailboxd SSL certificates...done. Installing imapd SSL certificates...done. Installing MTA SSL certificates...done. Installing LDAP SSL certificate...done. Installing Proxy SSL certificate...done. Initializing ldap...done. Setting replication password...done. Setting Postfix password...done. Setting amavis password...done. Setting nginx password...done. Setting BES searcher password...done. Creating server entry for mail.echo.gg...done. Setting Zimbra IP Mode...done. Saving CA in ldap...done. Saving SSL Certificate in ldap...done. Setting spell check URL...done. Setting service ports on mail.echo.gg...done. Setting zimbraFeatureTasksEnabled=TRUE...done. Setting zimbraFeatureBriefcasesEnabled=TRUE...done. Checking current setting of zimbraReverseProxyAvailableLookupTargets Querying LDAP for other mailstores Searching LDAP for reverseProxyLookupTargets...done. Adding mail.echo.gg to zimbraReverseProxyAvailableLookupTargets Setting Master DNS IP address(es)...done. Setting DNS cache tcp lookup preference...done. Setting DNS cache udp lookup preference...done. Setting DNS tcp upstream preference...done. Updating zimbraLDAPSchemaVersion to version '1557224584' Setting TimeZone Preference...done. Disabling strict server name enforcement on mail.echo.gg...done. Initializing mta config...done. Setting services on mail.echo.gg...done. Adding mail.echo.gg to zimbraMailHostPool in default COS...done. Creating domain echo.gg...done. Setting default domain name...done. Creating domain echo.gg...already exists. Creating admin account admin@echo.gg...done. Creating root alias...done. Creating postmaster alias...done. Creating user spam.kaqcacvdok@echo.gg...done. Creating user ham.gb5hyjt3fm@echo.gg...done. Creating user virus-quarantine.ygnij_yxj@echo.gg...done. Setting spam training and Anti-virus quarantine accounts...done. Initializing store sql database...done. Setting zimbraSmtpHostname for mail.echo.gg...done. Configuring SNMP...done. Setting up syslog.conf...done. Enabling IMAP protocol for zimbra-imapd service...done. Enabling IMAPS protocol for zimbra-imapd service...done. Starting servers...done. Installing common zimlets... com_zextras_drive_open...done. com_zimbra_adminversioncheck...done. com_zimbra_mailarchive...done. com_zimbra_srchhighlighter...done. com_zimbra_phone...done. com_zimbra_email...done. com_zimbra_date...done. com_zimbra_viewmail...done. com_zimbra_bulkprovision...done. com_zimbra_tooltip...done. com_zimbra_url...done. com_zimbra_proxy_config...done. com_zimbra_clientuploader...done. com_zimbra_attachcontacts...done. com_zimbra_webex...done. com_zimbra_ymemoticons...done. com_zimbra_attachmail...done. com_zextras_chat_open...done. com_zimbra_cert_manager...done. Finished installing common zimlets. Restarting mailboxd...done. Creating galsync account for default domain...done.You have the option of notifying Zimbra of your installation. This helps us to track the uptake of the Zimbra Collaboration Server. The only information that will be transmitted is: The VERSION of zcs installed (8.8.15_GA_3869_RHEL7_64) The ADMIN EMAIL ADDRESS created (admin@echo.gg) Notify Zimbra of your installation? [Yes] no *通知Zimbra安装,填no Notification skipped Checking if the NG started running...done. Setting up zimbra crontab...done. Moving /tmp/zmsetup.20200525-115204.log to /opt/zimbra/log Configuration complete - press return to exit [root@mail zcs-8.8.15_GA_3869.RHEL7_64.20190918004220]#reboot *重启服务器
启动之后查看服务运行状态:
[root@mail ~]# su - zimbra
上一次登录:一 5月 25 21:03:30 CST 2020pts/0 上
[zimbra@mail ~]$ zmcontrol status
Host mail.echo.gg
amavis Running
antispam Running
antivirus Running
dnscache Running
imapd Running
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
[zimbra@mail ~]$ 全部启动成功。如果有没启动成功的,请等一等再看,启动服务需要时间。
普通用户访问地址为:https://你的域名/
管理员访问地址为:https://你的域名:7071/
- 管理员用户名:admin
- 管理员密码:即安装时提示你设置的密码
设置 Zimbra 浏览器访问 http 时转发到 httpszmprov ms mail.echo.gg zimbraReverseProxyMailMode redirect
登录后可能会出现以下错误代码
Comando desconocido enviado al servidor. ZxChatRequest
method: [unknown]
msg: unknown document: ZxChatRequest
code: service.UNKNOWN_DOCUMENT
detail: soap:Sender
trace: qtp366590980-81:1578342519951:6b913a7a36d1942d
request:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Header><context xmlns="urn:zimbra"><userAgent name="ZimbraWebClient - GC79 (Win)" version="8.8.15_GA_3890"/><session id="15"/><account by="name">user@echo.gg</account><format type="js"/><csrfToken>0_9b547fb6529d130720d8f70dcb8067bd8ac4e784</csrfToken></context></soap:Header><soap:Body><ZxChatRequest xmlns="urn:zimbraAccount"><type>16</type><clientVersion>13</clientVersion><action>register_session</action></ZxChatRequest></soap:Body></soap:Envelope>
解决办法
mv /opt/zimbra/lib/ext/openchat/zal.jar /tmp
cp -rp /opt/zimbra/lib/ext/zimbradrive/zal.jar /opt/zimbra/lib/ext/openchat/zal.jar
su - zimbra
zmmailboxdctl restart
为Zimbra添加 Let’s Encrypt 证书
此证书为一键脚本转载自 https://www.chenxie.net/archives/2294.html
#!/bin/bash
#!/bin/bash
# Author: Alex Chen
# Website: https://www.chenxie.net/
# Create time: 2019/11/29
# Description: This script is for zimbra ssl certificate deploy and renew by Let's Encrypt.
# Note: Support Zimbra8.7 and above
if [ $USER != "root" ]; then
echo "Must be root."
exit
fi
domain=`hostname`
time=`date +%Y-%m-%d\ %H:%M:%S`
echo ">>> [$time] Start renew..."
echo ">>> [$time] Check local letsencrypt directory..."
if [ -d /opt/software/letsencrypt ]; then
rm -rf /opt/software/letsencrypt
fi
if [ ! -f /usr/bin/git ]; then
yum install -y git
fi
echo ">>> [$time] Clone letsencrypt to local /opt/software/letsencrypt"
mkdir -p /opt/software/letsencrypt
git clone https://github.com/letsencrypt/letsencrypt /opt/software/letsencrypt/
echo ">>> [$time] Stop service."
su - zimbra -c 'zmproxyctl stop'
su - zimbra -c 'zmmailboxdctl stop'
echo ">>> [$time] Build certificate..."
cd /opt/software/letsencrypt/ && ./letsencrypt-auto certonly --standalone
echo ">>> [$time] SSL Certificate files below:"
ls -l /etc/letsencrypt/live/$domain/
echo ">>> [$time] Build root CA."
echo '''
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
-----END CERTIFICATE-----
''' >> /etc/letsencrypt/live/$domain/chain.pem
echo ">>> [$time] Prepare verify certificate."
if [ ! -d /opt/zimbra/ssl/letsencrypt ]; then
mkdir /opt/zimbra/ssl/letsencrypt
fi
cp /etc/letsencrypt/live/$domain/* /opt/zimbra/ssl/letsencrypt/
chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*
echo ">>> [$time] Verify certificate."
su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem'
echo ">>> [$time] Start deploy..."
echo ">>> [$time] Backup Zimbra SSL directory"
cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")
echo ">>> [$time] Copy the private key under Zimbra SSL commercial path."
cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key
chown zimbra.zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key
echo ">>> [$time] Final SSL deployment"
su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem'
echo ">>> [$time] Restart zimbra service."
su - zimbra -c 'zmcontrol restart'
echo ">>> [$time] Clean /opt/software/letsencrypt/"
rm -rf /opt/software/letsencrypt/
echo ">>> [$time] Done."
授予执行权限:
chmod +x zimbra-ssl-install-and-renew.sh
运行脚本:
./zimbra-ssl-install-and-renew.sh
剩下按照提示操作即可。
zimbra 开启smtp认证,防止伪造本域发件人发送垃圾邮件
zmprov modifyServer {{ you domain }} zimbraMtaTlsAuthOnly FALSE
zmcontrol restart
查看对应配置
zmprov getServer {{ you domain }} | grep Auth
查看SMTP是否开启成功
[zimbra@mail log]$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail ESMTP Postfix
ehlo mail
250-mail
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN #SMTP认证相关参数
250-AUTH=LOGIN PLAIN #SMTP认证相关参数
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
待更…