How to Install Zimbra OSE on CentOS/RHEL | Zimbra

This guide will help you with installation and first configuration of Zimbra mail server on CentOS 7/RHEL 7 or CentOS 8/RHEL 8 for both production or test environment.

Before starting with this guide, it is important to draw your attention to one aspect:

You need root rights to give most of the commands shown in this guide. You can simply add “sudo” before any command (eg. sudo yum update). There is also the possibility to log in as root using the command: “ sudo su – ” and then enter the root password and in this case, you no longer have to enter “sudo” before giving commands.
However, it is good practice to avoid performing more actions as root than you need to. Sudo facilitates this by allowing you to run individual commands as root without having to log in as root and without needing an interactive root shell for tasks. If you feel too lazy you can go for “sudo su”, but you have been warned.

Requirements

• A clean minimal installation of CentOS/RHEL 7 or 8

It’s better to have a fresh new installation of OS, but in any case is important to consider that there are some services that are running anyway that may be in conflict with Zimbra, such as MTA, webserver, and mainly postfix. About this last one, in particular, we need to stop and uninstall it in order to have everything working fine:

sudo systemctl stop postfix
sudo systemctl disable postfix 
sudo yum remove postfix

• 8 GB of RAM
• At least 5 GB of disk space for software and logs
• FQDN (Fully Qualified Domain Name), for example “mail.domain.com”
• A & MX record for your Server

Step 1: Updating the System

In order to update the system, paying attention to the note above about SUDO, you need to type the following command:

sudo yum -y update

Step 2: Security Checking

Substep 2a: SELinux

Sometimes Security-Enhanced Linux could cause some problems, so it is better to check if it is enabled on your machine, and if it so, change the status to “permissive”.

First of all we need to check the SELinux status:

getenforce

If you find the response is “enforcing”, then type: 

sudo setenforce 0

And then again check the status

getenforce

Now you should see the status changed from “enforcing” to “permissive”

NOTE: In some cases, you may want to completely disable SELinux. Refer to the following article to see how to do it.

Substep 2b: Firewall

You will probably have your OS firewall running on your server. In this case, you should open some ports in order to let everything work. Here is how to do that:

sudo firewall-cmd --permanent --add-port={25,80,110,143,443,465,587,993,995,9071,7071}/tcp

success

sudo firewall-cmd --reload

success

Please note that Ports 7071 and 9071 are used for Admin and proxyed Admin.

Now we are ready for the next step

Step 3: Configure System Hostname

The first thing we have to do is to set hostname and FQDN to point to your server IP Address.

To set the hostname, just type:

hostnamectl set-hostname <hostname>

Where <hostname> is the name of your host (for example “mail.domain.com”)

Then we need to add the right IP in file hosts, so let’s type:

nano /etc/hosts

And then add the following line, leaving the others untouched:

<ip-address> <FQDN> <name>

Where <ip-address> is the IP address of your mail server and <FQDN> is the fully qualified domain name you want to use, for example:

192.168.0.11 mail.domain.com mail

Now save the changes you made and exit.

To verify that everything is right, let’s make a quick check on A and MX using the dig command (remember to replace “domain.com” with your own one:

dig -t A “mail.domain.com”

dig -t MX “domain.com”

Substep 3a: Add a Static IP Address

We need a static IP for our mail server, so if your server uses a DHCP dynamic IP Address, then we need to edit our network interface card and configure it to use a static IP Address.

There are different ways to do that. To see how it works, please refer to the following guide:

Different ways to set a Static IP Address on CentOS / RHEL

Step 4: Download and Install Zimbra

Now it’s time to finally install Zimbra. First of all let’s download the latest version, just typing the following command:

—————– For RHEL/CentOS 8 —————–

wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

 —————– For RHEL/CentOS 7 —————–

wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.RHEL7_64.20190918004220.tgz

Extract the downloaded .tgz file using the tar command (the name of the file could vary depending on the one you choose to download):

tar xvf zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

Then go to the extracted folder:

cd zcs-8.8.15_GA_3953.RHEL8_64.20200629025823

And now run the install script:

sudo screen ./install.sh

Note: To help prevent an upgrade (or install) session from terminating before it is completed, it is suggested and recommended to use the “screen” command. It is important when the upgrade includes restoring a configuration that has a large number of accounts. The syntax is very simple. Just type : < screen ./install.sh >

Once we run above install script then we will get text-based installation wizard:
Operations logged to /tmp/install.log.92OcKO6s
Checking for existing installation...
    zimbra-drive...NOT FOUND
    zimbra-imapd...NOT FOUND
    zimbra-patch...NOT FOUND
    zimbra-mta-patch...NOT FOUND
    zimbra-proxy-patch...NOT FOUND
    zimbra-license-tools...NOT FOUND
    zimbra-license-extension...NOT FOUND
    zimbra-network-store...NOT FOUND
    zimbra-network-modules-ng...NOT FOUND
    zimbra-chat...NOT FOUND
    zimbra-talk...NOT FOUND
    zimbra-ldap...NOT FOUND
    zimbra-logger...NOT FOUND
    zimbra-mta...NOT FOUND
    zimbra-dnscache...NOT FOUND
    zimbra-snmp...NOT FOUND
    zimbra-store...NOT FOUND
    zimbra-apache...NOT FOUND
    zimbra-spell...NOT FOUND
    zimbra-convertd...NOT FOUND
    zimbra-memcached...NOT FOUND
    zimbra-proxy...NOT FOUND
    zimbra-archiving...NOT FOUND
    zimbra-core...NOT FOUND
----------------------------------------------------------------------
PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
SYNACOR, INC. ("SYNACOR") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.
License Terms for this Zimbra Collaboration Suite Software:
https://www.zimbra.com/license/zimbra-public-eula-2-6.html 
----------------------------------------------------------------------
Do you agree with the terms of the software license agreement? [N] Y

Press “Y” to accept the license, then configure the Zimbra package repository and select all the Zimbra Components to install.

Zimbra Packages

Before installing them, here is a brief description of Zimbra packages:

• Zimbra Core: This package includes the libraries, utilities, monitoring tools, and basic configuration files. Zimbra Core is automatically installed on each server.
• Zimbra LDAP: User authentication is provided through OpenLDAP® software. Each account on the Zimbra server has a unique mailbox ID that is the primary point of reference to identify the account. The OpenLDAP schema has been customized for the Zimbra Collaboration Suite. The Zimbra LDAP server must be configured before the other servers. You can set up LDAP replication, configuring a master LDAP server and replica LDAP servers
• Zimbra MTA: Postfix is the open source mail transfer agent (MTA) that receives email via SMTP and routes each message to the appropriate Zimbra mailbox server using Local Mail Transfer Protocol (LMTP). The Zimbra MTA also includes the anti-virus and anti-spam components.
• Zimbra Store: The Zimbra store includes the components for the mailbox server, including Jetty, which is the servlet container the Zimbra software runs within. The Zimbra mailbox server includes the following components:
  • Data store. The data store is a MySQL® database.
  • Message store. The message store is where all email messages and file attachments reside.
  • Index store. Index and search technology is provided through Lucene. Index files are maintained for each mailbox.
• Zimbra SNMP: Installing the Zimbra SNMP package is optional. If you choose to install zimbra-SNMP for monitoring, this package should be installed on every Zimbra server.
• Zimbra Logger: Installing the Zimbra Logger package is optional and is installed on one mailbox server. The Zimbra Logger installs tools for syslog aggregation and reporting. If you do not install Logger, the server statistics the server statistics section of the administration console will not display.
  Note: The Logger package must be installed at the same time as the mailbox server.
• Zimbra Spell: Installing the Zimbra Spell package is optional. Aspell is the open source spell checker used on the Zimbra Web Client.
• Zimbra Apache: This package is installed automatically when Zimbra Spell or Zimbra Convertd is installed.
• Zimbra Proxy: Zimbra proxy can be configured as a POP and IMAP proxy server and for reverse proxy HTTP requests. This package is normally installed on the MTA server or on its own independent server. Zimbra proxy can be installed on more than one server. When the zimbra-proxy package is installed, the proxy feature is enabled. Installing the Zimbra Proxy is optional.
• Zimbra-memcached: Memcached is automatically selected when the zimbra-proxy is installed. At least one server must run zimbra-memcached when the proxy is in use. All installed zimbra-proxies can use a single memcached server.

Select the packages to install

In the end, type “Y” to modify the System. Now it will start downloading the Zimbra-related packages and it can take time depending upon your internet speed.

The system will be modified.  Continue? [N] Y

Once all the Zimbra packages are installed in the backend we are almost done.

First of all, we need to set the correct domain after getting DNS error to the primary domain that you added DNS entry for:

DNS ERROR resolving MX for mail.domain.com

It is suggested that the domain name has an MX record configured in DNS

Change domain name? [Yes]

Create domain: [mail.domain.com] domain.com

        MX: mail.domain.com (<ip-address>)

After that, we need to set the admin password. To do so, in main menu enter “7” and then “4” in the next one. After that, press “r” to go to previous menu and then press “a” to apply the changes.

1) Status:                                  Enabled
   2) Create Admin User:                       yes
   3) Admin user to create:                    admin@domain.com
** 4) Admin Password                           UNSET
   5) Anti-virus quarantine user:              virus-quarantine.7xi47__k@domain.com
   6) Enable automated spam training:          yes
   7) Spam training user:                      spam.wasleuiv@domain.com
   8) Non-spam(Ham) training user:             ham.wzmkmrkq@domain.com
   9) SMTP host:                               mail.domain.com
  10) Web server HTTP port:                    8080
  11) Web server HTTPS port:                   8443
  12) Web server mode:                         https
  13) IMAP server port:                        7143
  14) IMAP server SSL port:                    7993
  15) POP server port:                         7110
  16) POP server SSL port:                     7995
  17) Use spell check server:                  yes
  18) Spell server URL:                        http://domain.com:7780/aspell.php
  19) Enable version update checks:            TRUE
  20) Enable version update notifications:     TRUE
  21) Version update notification email:       admin@domain.com
  22) Version update source email:             admin@domain.com
  23) Install mailstore (service webapp):      yes
  24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] 4
Password for admin@domain.com (min 6 characters): [54mE0RmqN] enter admin password here

After that go back to the main menu (press “r”)

Main menu
   1) Common Configuration:
   2) zimbra-ldap:                             Enabled
   3) zimbra-logger:                           Enabled
   4) zimbra-mta:                              Enabled
   5) zimbra-dnscache:                         Enabled
   6) zimbra-snmp:                             Enabled
   7) zimbra-store:                            Enabled
   8) zimbra-spell:                            Enabled
   9) zimbra-proxy:                            Enabled
  10) Default Class of Service Configuration:
   s) Save config to file
   x) Expand menu
   q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a 

Installation is now complete.

Last Check

One last step will be to check if Zimbra services are running. To do so, you have to proceed this way:

First of all, let’s go out from the package folder:

cd ..

Now we have to access the Zimbra server by typing:

sudo su - zimbra

We can now make a check of Zimbra services to see if they are all running:

zmcontrol status

NOTE: If you were to reboot the system and do the same thing a few of these services may not be working, due to DNSMasq that might be yet to start to work completely when you send the command after the reboot. In this case just type:

zmcontrol restart

To stop and then restart all the services.

You could eventually start directly the ones that are not working, but stopping and restarting all of them is a faster way and gives also a more reliable result.

Step 5: Access Zimbra Admin Portal & Web Mail Client

In order to access the Zimbra Admin Portal, type the below URL in Web Browser:

https://<mail.domain.com>:7071/ or https://<ip-address>:7071

To access the Zimbra Mail Web Client, type the following URL in the browser

https://<mail.domain.com>

Note: For both URLs, we can use the user name as “admin” and the password that we set during the installation.