This is an old revision of the document!
See also Other Zimbra pages in this wiki
service zimbra stop && reboot
Check Zimbra status:
service zimbra status
Repair any potential permissions problems with files under /opt/zimbra
:
su - zimbra zmcontrol stop logout /opt/zimbra/libexec/zmfixperms --verbose --extended su - zimbra zmcontrol start
https://wiki.zimbra.com/wiki/Postfix-Queue-ID-vs.-message-id-MTA
When a message enters the Postfix system [incoming or outgoing] it is immediately assigned a queue ID.
Postfix/ZCS will most likely have a message leave the Postfix queue for other processing: amavis, filters, etc. This will cause the message to get a new queue ID(s). This can also happen if you were to requeue your messages by doing something like: postsuper -r
. You will need to note the message-id and ALL queue ID's to get the complete picture of what was happening for a particular email.
Find the Message ID
in the message headers, then use it to find the associated Queue ID
s:
egrep "1544469627.145884.1473273227065.JavaMail.zimbra@mydomain.com" /var/log/zimbra.log
Then:
egrep "1544469627.145884.1473273227065.JavaMail.zimbra@mydomain.com|225D286F6F|3C18086F7A|B590286F6F" /var/log/zimbra.log
http://wiki.zextras.com/wiki/ZeXtras_Suite_and_the_Zimbra_DoSFilter
http://wiki.zimbra.com/wiki/DoSFilter
grep DoSFilter /opt/zimbra/log/mailbox.log grep DoSFilter /opt/zimbra/log/zmmailboxd.out
Get current values:
su - zimbra zmprov gcf zimbraHttpThrottleSafeIPs zmprov gcf zimbraHttpDosFilterMaxRequestsPerSec zmprov gcf zimbraHttpDosFilterDelayMillis
Set additional safe IPs:
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.0.65 zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.0.66 zmmailboxdctl restart
Comment out the IPv6 line:
vim /etc/hosts #::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Then:
systemctl start zimbra
It didn't seem to matter what I did with /etc/aliases
.
http://wiki.zimbra.com/index.php?title=How_to_%22fix%22_system%27s_sendmail_to_use_that_of_zimbra
/usr/sbin/alternatives --install /usr/sbin/sendmail mta /opt/zimbra/postfix/sbin/sendmail 25 \ --slave /usr/bin/mailq mta-mailq /opt/zimbra/postfix/sbin/mailq \ --slave /usr/bin/newaliases mta-newaliases /opt/zimbra/postfix/sbin/newaliases \ --slave /usr/share/man/man1/mailq.1.gz mta-mailqman /opt/zimbra/postfix/man/man1/mailq.1 \ --slave /usr/share/man/man1/newaliases.1.gz mta-newaliasesman /opt/zimbra/postfix/man/man1/newaliases.1 \ --slave /usr/share/man/man8/sendmail.8.gz mta-sendmailman /opt/zimbra/postfix/man/man1/sendmail.1 \ --slave /usr/share/man/man5/aliases.5.gz mta-aliasesman /opt/zimbra/postfix/share/man/man5/aliases.5 \ --initscript zimbra /usr/sbin/alternatives --config mta
If mail sent to root
does not flow into the admin
mailbox, check:
tail -30 /var/log/maillog
You may see errors like:
Nov 5 10:06:29 zimbra postfix/smtp[7400]: BCAAD18289B: to=<root@zimbra.virtualarchitects.com>, relay=none, delay=0.06, delays=0.01/0.04/0/0, dsn=5.4.6, status=bounced (mail for zimbra.virtualarchitects.com loops back to myself)
You can also test like this:
echo foo | /usr/sbin/sendmail -f root root && tail -f /var/log/maillog
In our default Zimbra installation, we only had one domain virtualarchitects.com
, but root's mail was aliased to “root@zimbra.virtualarchitects.com”. So I added an alias domain “zimbra.virtualarchitects.com” and an additional mail alias to admin
of “root@zimbra.virtualarchitects.com”:
su - zimbra zmprov createAliasDomain zimbra.virtualarchitects.com virtualarchitects.com zmprov aaa admin@virtualarchitects.com root@zimbra.virtualarchitects.com
Consider using firewall port forwarding (i.e 2222 → 22) instead of changing the SSH server on the Zimbra server.
If you changed the SSH port in /etc/ssh/sshd_config
, you need to adjust Zimbra:
zmprov ms zimbra.virtualarchitects.com zimbraRemoteManagementPort 2222
Check /var/log/zimbra.log
and /var/log/zimbra-stats.log
:
ll /var/log/zimbra*
Are they empty with actual logged detail in dated files? It appears that the logrotate
configuration is broken…
/usr/sbin/logrotate -d /etc/logrotate.conf
Run as root:
/opt/zimbra/libexec/zmsyslogsetup
Use of uninitialized value $current_proto in string eq at /usr/lib64/perl5/Sys/Syslog.pm line 371. Use of uninitialized value $current_proto in string eq at /usr/lib64/perl5/Sys/Syslog.pm line 374.
vim /usr/lib64/perl5/Sys/Syslog.pm my $current_proto = 0;
If your Zimbra server only has a private IP address and is behind a NAT firewall, you may see errors in /var/log/maillog
or /var/log.zimbra.log
like:
postfix/lmtp ... status=deferred (connect to your.zimbra.fqdn[your.external.ip.addr]:7025: Connection refused)
See this link to change the way Zimbra resolves the local IP address: http://wiki.zimbra.com/index.php?title=Incoming_Mail_Problems
Assuming a single-server setup with a properly configured /etc/hosts
file:
su - zimbra zmprov ms your.zimbra.fqdn zimbraMtaLmtpHostLookup native zmmtactl restart
Copy a CoS:
su - zimbra zmprov cpc <source CoS> <new CoS>
List classes of service:
zmprov gac
Get CoS ID:
zmprov gc <CoS name>|grep zimbraId
Modify the default CoS for a domain:
zmprov md <domain.tld> zimbraDomainDefaultCOSId <your-zimbraId>
Sometimes, the Postfix MTA may not start properly.
Try deleting the .pid
file and restarting Postfix:
cd /opt/zimbra/data/postfix/spool/pid/ service zimbra stop rm master.pid service zimbra start
The process ID file will be recreated when the MTA starts:
ll master.pid