.tdi_3.td-a-rec{text-align:center}.tdi_3 .td-element-style{z-index:-1}.tdi_3.td-a-rec-img{text-align:left}.tdi_3.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_3.td-a-rec-img{text-align:center}}
Setting a Mail Server is one of key requirements when starting any business. This could mean using mail solutions with SaaS offering or deploying a complete mail solution in your own infrastructure. Zimbra is a popular open source mail solution designed for use in small to large enterprises. There is a commercial offering of you want extra features. In this tutorial we will discuss how you can install configure Zimbra Mail Server on CentOS 8|RHEL 8|Rocky Linux 8 Linux Server.
The main components of Zimbra Mail and Collaboration Server are:
- Zimbra Core: These are basic libraries, utilities, monitoring tools, and basic configuration files.
- Zimbra LDAP: This has the OpenLDAP LDAP directory server that provides authentication and configs store for users and other zimbra components.
- Zimbra MTA (mail routing server): Has Postfix mail transfer agent (MTA) that receives email via SMTP and routes each message to the appropriate Zimbra mailbox server using Local Mail Transfer Protocol (LMTP). It also includes the anti-virus and anti-spam components.
- Zimbra Store (Zimbra server): The mailbox server includes Data store, Message store and Index store for the mailboxes on the server. When a mail arrives, the Zimbra server schedules a thread to have the message indexed in the index store.
- Zimbra-SNMP: This is an optional component for for monitoring and it runs on every server (Zimbra server, Zimbra LDAP, Zimbra MTA). Swatch is used to watch the syslog output to generate SNMP traps.
- Zimbra Logger: This is an optional component for the mailbox server. It installs tools for syslog aggregation, reporting, and message tracing. This is required for the message trace feature.
See below system Architecture for how all the components work together to deliver a collaboration suite.
.tdi_2.td-a-rec{text-align:center}.tdi_2 .td-element-style{z-index:-1}.tdi_2.td-a-rec-img{text-align:left}.tdi_2.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_2.td-a-rec-img{text-align:center}}
Install Zimbra Mail Server on CentOS 8|RHEL 8|Rocky Linux 8
As of this article writing the latest Zimbra collaboration suite release is version 9 but not available in open source offering yet. This is the Zimbra Mail Server we’ll install in our CentOS 8|RHEL 8|Rocky Linux 8 server. Follow the steps below to install and configure Zimbra Mail Server on CentOS 8|RHEL 8|Rocky Linux 8 Linux system.
The minimum system requirements for this installation are:
- Memory: >=8GB
- vcpus: >=4
- Disk: /opt >10GB – Recommended to have /opt/zimbra as a separate partition.
- Mail Domain: FQDN with configured DNS entry for MX, e.g mail.geeksforgeeks.org
- DNS A record for MX entry
This is what I have on my Server:
$ free -h
total used free shared buff/cache available
Mem: 15Gi 169Mi 14Gi 16Mi 206Mi 14Gi
Swap: 0B 0B 0B
$ df -hT /opt
Filesystem Type Size Used Avail Use% Mounted on
/dev/sda1 ext4 151G 1020M 143G 1% /
Step 1: Update System, install dependencies
As we always do ensure the system is updated to the latest available OS release.
sudo dnf -y updateInstall few basic dependencies.
sudo dnf -y install dnf-utils
sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf config-manager --enable powertools
sudo dnf -y install bash-completion vim curl wget unzip openssh-clients telnet net-tools sysstat perl-core libaio nmap-ncat libstdc++.so.6 bind-utils tarSet server hostname to match Mail Server DNS name:
sudo hostnamectl set-hostname mail.geeksforgeeks.org --staticAlso configure correct timezone and NTP.
sudo dnf -y install chrony
sudo timedatectl set-timezone Africa/Nairobi
sudo systemctl enable --now chronyd
sudo chronyc sources
Confirm time is correctly set.
$ timedatectl
Local time: Sun 2020-07-05 14:47:26 EAT
Universal time: Sun 2020-07-05 11:47:26 UTC
RTC time: Sun 2020-07-05 11:47:25
Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
NTP service: active
RTC in local TZ: noPerform a system reboot to ensure the server can reboot after the upgrades.
sudo systemctl rebootStep 2: Configure DNS entries – A and MX
We’ll need to set two DNS records.
- An A record for the Mail Server
- An MX record
These are the values I’ll be setting for my Zimbra Server
mail.geeksforgeeks.org A 95.217.220.167
geeksforgeeks.org MX mail.geeksforgeeks.org
mail.geeksforgeeks.org MX mail.neveropen.techMy DNS provider is Cloudflare. Please consult your DNS provider on how to configure A and MX records.
Setting A record:
Set MX record for primary domain.
Also set MX record for Mail Server.
Give it few minutes to propagate then validate the settings on Zimbra server command line.
$ dig A mail.geeksforgeeks.org +short
95.217.220.155
$ dig MX geeksforgeeks.org +short
0 mail.geeksforgeeks.org.
$ dig MX mail.geeksforgeeks.org +short
0 mail.neveropen.tech.Step 3: Download Zimbra Collaboration Software
There are two editions of Zimbra Collaboration suite:
- Community Edition – Open Source
- Network Edition – Extra commercial features
In this guide we’ll install the open source edition of Zimbra on CentOS 8|RHEL 8|Rocky Linux 8 Linux server.
# CentOS 8 / RHEL 8
wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz
tar xvf zcs-8.8.15_*.tgz
# Rocky Linux 8
wget https://files.zimbra.com/downloads/8.8.15_BETA/Rocky_Linux_8/zcs-8.8.15_BETA_1012.RHEL8_64.20220326045238.tgz
tar xvf zcs-8.8.15_*.tgzStep 4: Install Zimbra Collaboration Suite
Add your Server IP and DNS name to /etc/hosts file.
$ sudo vim /etc/hosts
95.217.220.155 mail.neveropen.techEnsure locale is set correctly – Mine is for US English and UTF-8:
sudo localectl set-locale LANG=en_US.UTF-8
sudo localectl set-locale LANGUAGE=en_US
echo "export LC_ALL=en_US.UTF-8" >>~/.bashrc
logoutLog in back to the Zimbra server and cd to the directory where the ZCS archive tar file is saved.
cd zcs-8.8.15_*/In the directory you’ll see:
- README.txt – The readme file
- install.sh – install script
- bin/ – binaries used during install
- data/ – contains installation data
- packages/ – contains ZCS rpms
- docs/ – more documentation
We will begin the installation by running install.sh script.
sudo ./install.sh1. Type “Y” to accept license terms and start the installation.
Do you agree with the terms of the software license agreement? [N] Y2. Agree to use Zimbra package repository.
Use Zimbra's package repository [Y] y
Importing Zimbra GPG key
Configuring package repository
Checking for installable packages
Found zimbra-core (local)
Found zimbra-ldap (local)
Found zimbra-logger (local)
Found zimbra-mta (local)
Found zimbra-dnscache (local)
Found zimbra-snmp (local)
Found zimbra-store (local)
Found zimbra-apache (local)
Found zimbra-spell (local)
Found zimbra-memcached (repo)
Found zimbra-proxy (local)
Found zimbra-drive (repo)
Found zimbra-imapd (local)
Found zimbra-patch (repo)
Found zimbra-mta-patch (repo)
Found zimbra-proxy-patch (repo)3. Select the packages to install
Install zimbra-ldap [Y]
Install zimbra-logger [Y]
Install zimbra-mta [Y]
Install zimbra-dnscache [Y]
Install zimbra-snmp [Y]
Install zimbra-store [Y]
Install zimbra-apache [Y]
Install zimbra-spell [Y]
Install zimbra-memcached [Y]
Install zimbra-proxy [Y]
Install zimbra-drive [Y]
Install zimbra-imapd (BETA - for evaluation only) [N]
Install zimbra-chat [Y]
Checking required space for zimbra-core
Checking space for zimbra-store
Checking required packages for zimbra-store
zimbra-store package check complete.
Installing:
zimbra-core
zimbra-ldap
zimbra-logger
zimbra-mta
zimbra-dnscache
zimbra-snmp
zimbra-store
zimbra-apache
zimbra-spell
zimbra-memcached
zimbra-proxy
zimbra-drive
zimbra-patch
zimbra-mta-patch
zimbra-proxy-patch
zimbra-chat
The system will be modified. Continue? [N] YDownload and installation of Zimbra packages will start.x
Downloading packages (11):
zimbra-core-components
zimbra-ldap-components
zimbra-mta-components
zimbra-dnscache-components
zimbra-snmp-components
zimbra-jetty-distribution
zimbra-store-components
zimbra-apache-components
zimbra-spell-components
zimbra-memcached
zimbra-proxy-components
...done
Removing /opt/zimbra
Removing zimbra crontab entry...done.
Cleaning up zimbra init scripts...done.
Cleaning up /etc/security/limits.conf...done.
Finished removing Zimbra Collaboration Server.
Installing repo packages (11):
zimbra-core-components
zimbra-ldap-components
zimbra-mta-components
zimbra-dnscache-components
zimbra-snmp-components
zimbra-jetty-distribution
zimbra-store-components
zimbra-apache-components
zimbra-spell-components
zimbra-memcached
zimbra-proxy-components
...done
Installing local packages (26):
zimbra-common-core-jar
zimbra-common-core-libs
zimbra-common-mbox-conf
zimbra-common-mbox-conf-attrs
zimbra-common-mbox-conf-msgs
zimbra-common-mbox-conf-rights
zimbra-common-mbox-db
zimbra-common-mbox-docs
zimbra-common-mbox-native-lib
zimbra-timezone-data
zimbra-core
zimbra-ldap
zimbra-logger
zimbra-mta
zimbra-dnscache
zimbra-snmp
zimbra-mbox-admin-console-war
zimbra-mbox-conf
zimbra-mbox-war
zimbra-mbox-service
zimbra-mbox-store-libs
zimbra-mbox-webclient-war
zimbra-store
zimbra-apache
zimbra-spell
zimbra-proxy
...done
Installing extra packages (5):
zimbra-drive
zimbra-patch
zimbra-mta-patch
zimbra-proxy-patch
zimbra-chat
...done
Running Post Installation Configuration:
Operations logged to /tmp/zmsetup.20200705-161319.log
Installing LDAP configuration database...done.
Setting defaults...Set Mail Domain when you get DNS error to the primary domain that we added DNS entry for.
...
DNS ERROR resolving MX for mail.geeksforgeeks.org
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes]
Create domain: [mail.geeksforgeeks.org] geeksforgeeks.org
MX: mail.geeksforgeeks.org (95.217.220.155)Set Admin account password – 7>4
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-dnscache: Enabled
6) zimbra-snmp: Enabled
7) zimbra-store: Enabled
+Create Admin User: yes
+Admin user to create: [email protected]
******* +Admin Password UNSET
+Anti-virus quarantine user: [email protected]
+Enable automated spam training: yes
+Spam training user: [email protected]
+Non-spam(Ham) training user: [email protected]
+SMTP host: mail.geeksforgeeks.org
+Web server HTTP port: 8080
+Web server HTTPS port: 8443
+Web server mode: https
+IMAP server port: 7143
+IMAP server SSL port: 7993
+POP server port: 7110
+POP server SSL port: 7995
+Use spell check server: yes
+Spell server URL: //mail.geeksforgeeks.org:7780/aspell.php
+Enable version update checks: TRUE
+Enable version update notifications: TRUE
+Version update notification email: [email protected]
+Version update source email: [email protected]
+Install mailstore (service webapp): yes
+Install UI (zimbra,zimbraAdmin webapps): yes
8) zimbra-spell: Enabled
9) zimbra-proxy: Enabled
10) Default Class of Service Configuration:
s) Save config to file
x) Expand menu
q) Quit
Address unconfigured (**) items (? - help) 7
.....
Store configuration
1) Status: Enabled
2) Create Admin User: yes
3) Admin user to create: [email protected]
** 4) Admin Password UNSET
5) Anti-virus quarantine user: [email protected]
6) Enable automated spam training: yes
7) Spam training user: [email protected]
8) Non-spam(Ham) training user: [email protected]
9) SMTP host: mail.geeksforgeeks.org
10) Web server HTTP port: 8080
11) Web server HTTPS port: 8443
12) Web server mode: https
13) IMAP server port: 7143
14) IMAP server SSL port: 7993
15) POP server port: 7110
16) POP server SSL port: 7995
17) Use spell check server: yes
18) Spell server URL: //mail.geeksforgeeks.org:7780/aspell.php
19) Enable version update checks: TRUE
20) Enable version update notifications: TRUE
21) Version update notification email: [email protected]
22) Version update source email: [email protected]
23) Install mailstore (service webapp): yes
24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] 4
Password for [email protected] (min 6 characters): [8IFLmFH7Wr] <Enter-or-set-your-own-password>Return to previous menu and hit the a key to begin installation.
Select, or 'r' for previous menu [r] r
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-dnscache: Enabled
6) zimbra-snmp: Enabled
7) zimbra-store: Enabled
8) zimbra-spell: Enabled
9) zimbra-proxy: Enabled
10) Default Class of Service Configuration:
s) Save config to file
x) Expand menu
q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.9721]
Saving config in /opt/zimbra/config.9721...done.
The system will be modified - continue? [No] yesThe installer script will start to configure Zimbra Mail Server on CentOS 8 | RHEL 8. If the installation was successful you’ll receive an output similar to below.
Operations logged to /tmp/zmsetup.20200705-161319.log
Setting local config values...done.
Initializing core config...Setting up CA...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Creating SSL zimbra-store certificate...done.
Creating new zimbra-ldap SSL certificate...done.
Creating new zimbra-mta SSL certificate...done.
Creating new zimbra-proxy SSL certificate...done.
Installing mailboxd SSL certificates...done.
Installing MTA SSL certificates...done.
Installing LDAP SSL certificate...done.
Installing Proxy SSL certificate...done.
Initializing ldap...done.
Setting replication password...done.
Setting Postfix password...done.
Setting amavis password...done.
Setting nginx password...done.
Setting BES searcher password...done.
Creating server entry for mail.geeksforgeeks.org...done.
Setting Zimbra IP Mode...done.
Saving CA in ldap...done.
Saving SSL Certificate in ldap...done.
Setting spell check URL...done.
Setting service ports on mail.geeksforgeeks.org...done.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Checking current setting of zimbraReverseProxyAvailableLookupTargets
Querying LDAP for other mailstores
Searching LDAP for reverseProxyLookupTargets...done.
Adding mail.geeksforgeeks.org to zimbraReverseProxyAvailableLookupTargets
Setting Master DNS IP address(es)...done.
Setting DNS cache tcp lookup preference...done.
Setting DNS cache udp lookup preference...done.
Setting DNS tcp upstream preference...done.
Updating zimbraLDAPSchemaVersion to version '1571057268'
Setting TimeZone Preference...done.
Disabling strict server name enforcement on mail.geeksforgeeks.org...done.
Initializing mta config...done.
Setting services on mail.geeksforgeeks.org...done.
Adding mail.geeksforgeeks.org to zimbraMailHostPool in default COS...done.
Creating domain geeksforgeeks.org...done.
Setting default domain name...done.
Creating domain geeksforgeeks.org...already exists.
Creating admin account [email protected].
Creating root alias...done.
Creating postmaster alias...done.
Creating user [email protected].
Creating user [email protected].
Creating user [email protected].
Setting spam training and Anti-virus quarantine accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail.geeksforgeeks.org...done.
Configuring SNMP...done.
Setting up syslog.conf...done.
Starting servers...done.
Installing common zimlets...
com_zimbra_ymemoticons...done.
com_zimbra_attachcontacts...done.
com_zimbra_clientuploader...done.
com_zimbra_proxy_config...done.
com_zimbra_mailarchive...done.
com_zimbra_phone...done.
com_zimbra_attachmail...done.
com_zextras_chat_open...done.
com_zimbra_webex...done.
com_zextras_drive_open...done.
com_zimbra_url...done.
com_zimbra_adminversioncheck...done.
com_zimbra_srchhighlighter...done.
com_zimbra_bulkprovision...done.
com_zimbra_date...done.
com_zimbra_viewmail...done.
com_zimbra_tooltip...done.
com_zimbra_email...done.
com_zimbra_cert_manager...done.
Finished installing common zimlets.
Restarting mailboxd...done.
Creating galsync account for default domain...done.
You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Server.
The only information that will be transmitted is:
The VERSION of zcs installed (8.8.15_GA_3953_RHEL8_64)
The ADMIN EMAIL ADDRESS created ([email protected])
Notify Zimbra of your installation? [Yes]
Notify Zimbra of your installation? [Yes]
Notifying Zimbra of installation via http://www.zimbra.com/cgi-bin/notify.cgi?VER=8.8.15_GA_3953_RHEL8_64&[email protected]
Notification complete
Checking if the NG started running...done.
Setting up zimbra crontab...done.
Moving /tmp/zmsetup.20200705-161319.log to /opt/zimbra/log
Configuration complete - press return to exitConfirm Zimbra services status.
$ sudo su - zimbra -c "zmcontrol status"
Host mail.geeksforgeeks.org
amavis Running
antispam Running
antivirus Running
dnscache Running
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd RunningStep 5: Configure SSL Certificate
It is recommended to use SSL certificate signed by certified CA or free Let’s Encrypt Certificate. Checkout our guide below for the installation.
Step 6: Accessing Zimbra Admin Dashboard
If you have an active firewall, check our guide on opening ports:
Now that our installation of Zimbra on CentOS 8|RHEL 8|Rocky Linux 8 is complete let’s open the Admin console https://[ipaddress_or_hostname]:7071
Login with Username admin and Password configured earlier.
Confirm all Zimbra services are in running state under the “Monitor” section.
More guides on Zimbra:
- How To Restore Zimbra LDAP database from Backup
- How To Configure Microsoft Outlook for Zimbra
- How To Set Secure Password Policy on Zimbra
.tdi_4.td-a-rec{text-align:center}.tdi_4 .td-element-style{z-index:-1}.tdi_4.td-a-rec-img{text-align:left}.tdi_4.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_4.td-a-rec-img{text-align:center}}
