User Tools
Table of Contents
Zimbra Troubleshooting Tips
See also Other Zimbra pages in this wiki
Check Status and Reboot
service zimbra stop && reboot
Check Zimbra status:
service zimbra status
Permissions
Repair any potential permissions problems with files under /opt/zimbra:
su - zimbra zmcontrol stop logout /opt/zimbra/libexec/zmfixperms --verbose --extended su - zimbra zmcontrol start
Message Tracking
https://wiki.zimbra.com/wiki/Postfix-Queue-ID-vs.-message-id-MTA
When a message enters the Postfix system [incoming or outgoing] it is immediately assigned a queue ID.
Postfix/ZCS will most likely have a message leave the Postfix queue for other processing: amavis, filters, etc. This will cause the message to get a new queue ID(s). This can also happen if you were to requeue your messages by doing something like: postsuper -r. You will need to note the message-id and ALL queue ID's to get the complete picture of what was happening for a particular email.
Find the Message ID in the message headers, then use it to find the associated Queue IDs:
egrep "1544469627.145884.1473273227065.JavaMail.zimbra@mydomain.com" /var/log/zimbra.log
Then:
egrep "1544469627.145884.1473273227065.JavaMail.zimbra@mydomain.com|225D286F6F|3C18086F7A|B590286F6F" /var/log/zimbra.log
DoSFilter
http://wiki.zextras.com/wiki/ZeXtras_Suite_and_the_Zimbra_DoSFilter
http://wiki.zimbra.com/wiki/DoSFilter
grep DoSFilter /opt/zimbra/log/mailbox.log grep DoSFilter /opt/zimbra/log/zmmailboxd.out
Get current values:
su - zimbra zmprov gcf zimbraHttpThrottleSafeIPs zmprov gcf zimbraHttpDosFilterMaxRequestsPerSec # Default 30 zmprov gcf zimbraHttpDosFilterDelayMillis # Default -1
Set additional safe IPs:
zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.2.0/24 zmprov mcf +zimbraHttpThrottleSafeIPs 192.168.0.66 zmmailboxdctl restart
zmconfigd is not running
Comment out the IPv6 line:
vim /etc/hosts #::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Then:
systemctl start zimbra
Root Mail
It didn't seem to matter what I did with /etc/aliases.
http://wiki.zimbra.com/index.php?title=How_to_%22fix%22_system%27s_sendmail_to_use_that_of_zimbra
/usr/sbin/alternatives --install /usr/sbin/sendmail mta /opt/zimbra/postfix/sbin/sendmail 25 \
--slave /usr/bin/mailq mta-mailq /opt/zimbra/postfix/sbin/mailq \
--slave /usr/bin/newaliases mta-newaliases /opt/zimbra/postfix/sbin/newaliases \
--slave /usr/share/man/man1/mailq.1.gz mta-mailqman /opt/zimbra/postfix/man/man1/mailq.1 \
--slave /usr/share/man/man1/newaliases.1.gz mta-newaliasesman /opt/zimbra/postfix/man/man1/newaliases.1 \
--slave /usr/share/man/man8/sendmail.8.gz mta-sendmailman /opt/zimbra/postfix/man/man1/sendmail.1 \
--slave /usr/share/man/man5/aliases.5.gz mta-aliasesman /opt/zimbra/postfix/share/man/man5/aliases.5 \
--initscript zimbra
/usr/sbin/alternatives --config mta
If mail sent to root does not flow into the admin mailbox, check:
tail -30 /var/log/maillog
You may see errors like:
Nov 5 10:06:29 zimbra postfix/smtp[7400]: BCAAD18289B: to=<root@zimbra.virtualarchitects.com>, relay=none, delay=0.06, delays=0.01/0.04/0/0, dsn=5.4.6, status=bounced (mail for zimbra.virtualarchitects.com loops back to myself)
You can also test like this:
echo foo | /usr/sbin/sendmail -f root root && tail -f /var/log/maillog
In our default Zimbra installation, we only had one domain virtualarchitects.com, but root's mail was aliased to “root@zimbra.virtualarchitects.com”. So I added an alias domain “zimbra.virtualarchitects.com” and an additional mail alias to admin of “root@zimbra.virtualarchitects.com”:
su - zimbra zmprov createAliasDomain zimbra.virtualarchitects.com virtualarchitects.com zmprov aaa admin@virtualarchitects.com root@zimbra.virtualarchitects.com
Changed SSH Port
Consider using firewall port forwarding (i.e 2222 → 22) instead of changing the SSH server on the Zimbra server.
If you changed the SSH port in /etc/ssh/sshd_config, you need to adjust Zimbra:
zmprov ms zimbra.virtualarchitects.com zimbraRemoteManagementPort 2222
Server Status
Monitoring: https://hazaq.me/zimbra/2018/02/02/Zimbra-Server-Status.html
Check /var/log/zimbra.log and /var/log/zimbra-stats.log:
ll /var/log/zimbra*
Are they empty with actual logged detail in dated files? It appears that the logrotate configuration is broken…
/usr/sbin/logrotate -d /etc/logrotate.conf
Run as root:
/opt/zimbra/libexec/zmsyslogsetup
Cron Job Errors
Use of uninitialized value $current_proto in string eq at /usr/lib64/perl5/Sys/Syslog.pm line 371. Use of uninitialized value $current_proto in string eq at /usr/lib64/perl5/Sys/Syslog.pm line 374.
vim /usr/lib64/perl5/Sys/Syslog.pm my $current_proto = 0;
Mail Delivered to MTA But Not to Mailbox
tail -30 /opt/zimbra/log/mailbox.log
If your Zimbra server only has a private IP address and is behind a NAT firewall, you may see errors in /var/log/maillog or /var/log.zimbra.log like:
postfix/lmtp ... status=deferred (connect to your.zimbra.fqdn[your.external.ip.addr]:7025: Connection refused)
See this link to change the way Zimbra resolves the local IP address: http://wiki.zimbra.com/index.php?title=Incoming_Mail_Problems
Assuming a single-server setup with a properly configured /etc/hosts file:
su - zimbra zmprov ms your.zimbra.fqdn zimbraMtaLmtpHostLookup native zmmtactl restart
Set Default CoS per Domain
Copy a CoS:
su - zimbra zmprov cpc <source CoS> <new CoS>
List classes of service:
zmprov gac
Get CoS ID:
zmprov gc <CoS name>|grep zimbraId
Modify the default CoS for a domain:
zmprov md <domain.tld> zimbraDomainDefaultCOSId <your-zimbraId>
Mail System Is Down
Sometimes, the Postfix MTA may not start properly.
Try deleting the .pid file and restarting Postfix:
cd /opt/zimbra/data/postfix/spool/pid/ service zimbra stop rm master.pid service zimbra start
Wait until Zimbra shuts down completely. Then wait again for it to start up.
The process ID file will be recreated when the MTA starts:
ll master.pid
