ZIMBRA Multi Server Installation on CentOS / RHEL

This article is meant to guide you through a Zimbra Multi server installation on CentOS / RHEL.

We will proceed in the following order:

  1. Install LDAP server(s)
  2. Install Zimbra Mailbox Server(s)
  3. Install MTA Server(s)
  4. Install Proxy(s)

Before starting with this guide, it is important to draw attention to one aspect:

SUDO:

You need root rights to give most of the commands shown in this guide. You can simply add “sudo” before any command (eg. sudo yum update). There is also the possibility to log in as root using the command: “ sudo su – ” and then entering the root password and in this case you no longer have to enter “sudo” before giving commands.
However it is good practice to avoid performing more actions as root than you need to. Sudo facilitates this by allowing you to run individual commands as root without having to log in as root and without needing an interactive root shell for tasks. If you feel too lazy you can go for “sudo su”, but you have been warned.

Step 1) Setting up the environment

We are now going to set up each server for Zimbra installation.

SubStep 1: Install CentOS / RHEL on all servers

Install the OS on your server and then perform an update:

sudo yum -y update

SubStep 2: Set hostnames

Log in as root user and then set hostnames on each server using the command:

hostnamectl set-hostname <hostname>

for example ldap.domain.com 

hostnamectl set-hostname ldap.domain.com

SubStep 3: Modify /etc/hosts with the proper hostname and IP address

We now need to edit hosts file on each server:

nano /etc/hosts

adding IP address and hostname adding the following line:

< ip-address> < hostname >  < name >

For example:

192.168.56.10 ldap.domain.com ldap

Do this on all servers

SubStep 4: Download latest Zimbra release locally on all servers

Download the latest Zimbra package:

wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

And then unpack:

tar xvf zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

Do it on all servers.

Step 2) Install Zimbra LDAP Server

We will start wit the installation of Zimbra on LDAP server, so what we have to do is to enter the zcs folder:

cd zcs-8.8.15_GA_3953.RHEL8_64.20200629025823.tgz

and then start the installation process:

sudo screen ./install.sh

You will be asked a couple of question, and then will have to select the proper packages:

Do you agree with the terms of the software license agreement? [N] y       
Use Zimbra's package repository [Y] y
Select the packages to install
Install zimbra-ldap [Y] Y       
Install zimbra-logger [Y] n
Install zimbra-mta [Y] n
Install zimbra-dnscache [N] n
Install zimbra-snmp [Y] Y 
Install zimbra-store [Y] n 
Install zimbra-apache [Y] n 
Install zimbra-spell [Y] n 
Install zimbra-memcached [Y] n 
Install zimbra-proxy [Y] n 
Install zimbra-chat [N] n 
Install zimbra-drive [N] n
Checking required space for zimbra-core
Installing:
    zimbra-core
    zimbra-ldap
    zimbra-snmp
The system will be modified.  Continue? [N] Y

The download of packages should now start. At the end you have to configure Ldap master host, hostname, and domain to create:

Common configuration
   1) Hostname:                                
   2) Ldap master host:                        
   3) Ldap port:                               389                           
   4) Ldap Admin password:                     set                           
   5) Store ephemeral attributes outside Ldap: no                            
   6) Secure interprocess communications:      yes                           
   7) TimeZone:                                UTC                           
   8) IP Mode:                                 ipv4                          
   9) Default SSL digest:                      sha256 
Ldap configuration
   1) Status:                                  Enabled                       
   2) Create Domain:                           yes                           
   3) Domain to create:                        
   4) Ldap root password:                      set                           
   5) Ldap replication password:               set                           
   6) Ldap postfix password:                   set                           
   7) Ldap amavis password:                    set                           
   8) Ldap nginx password:                     set                           
   9) Ldap Bes Searcher password:              set 

Once you finished, press to start the installation and configuration process.

*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes] 
Save config in file: [/opt/zimbra/config.31786] 
Saving config in /opt/zimbra/config.31786...done.
The system will be modified - continue? [No] Yes

Installation completed.

Step 3) Install Zimbra Mailbox Server

The second one we are going to install is Mailbox Server. We start installation like in the previous step. But we need to select different packages:

Do you agree with the terms of the software license agreement? [N] y       
Use Zimbra's package repository [Y] y
Select the packages to install
Install zimbra-ldap [Y] n      
Install zimbra-logger [Y] y 
Install zimbra-mta [Y] n 
Install zimbra-dnscache [N] n 
Install zimbra-snmp [Y] y 
Install zimbra-store [Y] y 
Install zimbra-apache [Y] y 
Install zimbra-spell [Y] y 
Install zimbra-memcached [Y] n 
Install zimbra-proxy [Y] n 
Install zimbra-chat [N] n 
Install zimbra-drive [N] n
Install zimbra-imapd (BETA - for evaluation only) [N] n
Checking required space for zimbra-core
Installing:
    zimbra-core
    zimbra-logger
    zimbra-snmp
    zimbra-store
    zimbra-apache
    zimbra-spell
    zimbra-drive

The system will be modified.  Continue? [N] Y

Now what we need to configure some settings.

Under Common configuration:

  • Hostname: mailbox.domain.com
  • Ldap master host: ldap.domain.com
  • Ldap Admin password: < password >

Under zimbra-store:

  • Admin Password: < password >
  • SMTP host: < hostname >
  • Configure for use with mail proxy: TRUE
  • Configure for use with web proxy: TRUE
  • Install UI (zimbra,zimbraAdmin webapps): yes
  • Install mailstore (service webapp): yes

Feel free to modify any other settings you see necessary and then start the installation process.

Step 4) Install Zimbra MTA Server

We are now looking at the installation of MTA server. In this case, after starting installation as usual, we will select the following packages:

Select the packages to install
Install zimbra-ldap [Y] n
Install zimbra-logger [Y] n
Install zimbra-mta [Y] y
Install zimbra-dnscache [Y] y
Install zimbra-snmp [Y] y
Install zimbra-store [Y] n
Install zimbra-apache [Y] n
Install zimbra-spell [Y] n
Install zimbra-memcached [Y] n
Install zimbra-proxy [Y] n
Install zimbra-chat [N] n
Install zimbra-drive [N] n
Checking required space for zimbra-core
Installing:
    zimbra-core
    zimbra-mta
    zimbra-snmp
    zimbra-dnscache

The system will be modified.  Continue? [N] y

At the end, on the configurations window, we need to set something as shown in the following steps.

Under 1) Common Configuration, set:

  • Hostname:
  • Ldap master host:
  • Ldap Admin password:
 1) Hostname:                                mta.domain.com
 2) Ldap master host:                        ldap.domain.com
 3) Ldap port:                               389                           
 4) Ldap Admin password:                     set                           
 5) LDAP Base DN:                            cn=zimbra                     
 6) Store ephemeral attributes outside Ldap: yes                           
 7) Value for zimbraEphemeralBackendURL:     ldap://default                
 8) Secure interprocess communications:      yes                           
 9) TimeZone:                                UTC                           
10) IP Mode:                                 ipv4                          
11) Default SSL digest:                      sha256  

Under 2) zimbra-mta set

  • Bind password for postfix ldap user:
  • Bind password for amavis ldap user:
Mta configuration
   1) Status:                                  Enabled                       
   2) Enable Spamassassin:                     yes                           
   3) Enable Clam AV:                          yes                           
   4) Enable OpenDKIM:                         yes                           
   5) Notification address for AV alerts:      admin@mta.domain.com
   6) Bind password for postfix ldap user:     set                           
   7) Bind password for amavis ldap user:      set 

Under zimbra-dnscache, you need to configure master DNS ip addresses separated by space like in the example below:

DNS Cache configuration
   1) Status:                                  Enabled                       
   2) Master DNS IP address(es):               8.8.4.4 1.1.1.1 8.8.8.8 
   3) Enable DNS lookups over TCP:             yes                           
   4) Enable DNS lookups over UDP:             yes                           
   5) Only allow TCP to communicate with Master DNS: no 

Once done, save the settings and type to begin Zimbra MTA setup.

Step 5) Install Zimbra Proxy Server

Start with Installation of Zimbra as shown above, then in order to install Zimbra Proxy server, you need to select the following packages :

Select the packages to install

Install zimbra-ldap [Y] n
Install zimbra-logger [Y] n
Install zimbra-mta [Y] n
Install zimbra-dnscache [N] n
Install zimbra-snmp [Y] y
Install zimbra-store [Y] n
Install zimbra-apache [Y] n
Install zimbra-spell [Y] n
Install zimbra-memcached [Y] y
Install zimbra-proxy [Y] y
Install zimbra-chat [N] n
Install zimbra-drive [N] n
Checking required space for zimbra-core

Installing:
    zimbra-core
    zimbra-snmp
    zimbra-memcached
    zimbra-proxy

The system will be modified.  Continue? [N] y

Fill all required information:


Common configuration

   1) Hostname:                                <proxy.domain.com>
   2) Ldap master host:                        <ldap.domain.com>
   3) Ldap port:                               389                                      
   4) Ldap Admin password:                     set                           
   5) LDAP Base DN:                            cn=zimbra                     
   6) Store ephemeral attributes outside Ldap: yes                           
   7) Value for zimbraEphemeralBackendURL:     ldap://default                
   8) Secure interprocess communications:      yes                           
   9) TimeZone:                                UTC                           
  10) IP Mode:                                 ipv4                          
  11) Default SSL digest:                      sha256  

Proxy configuration

   1) Status:                                  Enabled                       
   2) Enable POP/IMAP Proxy:                   TRUE                          
   3) Enable strict server name enforcement?   TRUE                          
   4) IMAP server port:                        7143                          
   5) IMAP server SSL port:                    7993                          
   6) IMAP proxy port:                         143                           
   7) IMAP SSL proxy port:                     993                           
   8) POP server port:                         7110                          
   9) POP server SSL port:                     7995                          
  10) POP proxy port:                          110                           
  11) POP SSL proxy port:                      995                           
  12) Bind password for nginx ldap user:       set                           
  13) Enable HTTP[S] Proxy:                    TRUE                          
  14) Web server HTTP port:                    8080                          
  15) Web server HTTPS port:                   8443                          
  16) HTTP proxy port:                         80                            
  17) HTTPS proxy port:                        443                           
  18) Proxy server mode:                       < > 

Under Common Configuration, you have to set:

  • Hostname:
  • Ldap master host:
  • Ldap Admin password:

Under Proxy Configuration, rember to choose the server mode according to your requirements. You can set  http, https, both, redirect or mixed.

Once you finished with this part, enable proxy console on port 9071 by running the following command, logging as Zimbra user:

sudo su - zimbra
/<path>/zimbra/libexec/zmproxyconfig -e -w -C -H <zmhostname>
  • This will enable admin console proxy port 9071 on the proxy server
  • Make sure mailbox server’s admin console is configured on port 7071 (default)

After making changes restart proxy service:

zmproxyctl restart

Remember that the service should bind to port 9071. You can confirm this with ss command:

sudo ss -tunelp | grep 9071

To access admin console over a proxy, the URL should be https://proxy.domain.com:9071/

Technical writer at Zextras. Linux and technology enthusiast. He describes himself as an atypical and polyhedric IT expert, thanks to a creative and open minded attitude, and to the experience gained over time as an IT technician, system engineer and developer.

Post your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Zimbra Single-Server Installation on Ubuntu LTS
Zimbra Multi-Server Installation on Ubuntu LTS