On a CentOS server, when sending mail from PHP scripts, mail failed to work. On checking postfix log file (/var/log/maillog), i see following error.
|
1 |
Aug 11 01:41:53 forums postfix/sendmail[44463]: fatal: open /etc/postfix/main.cf: Permission denied |
To fix this, disable selinux
|
1 |
setenforce 0 |
To permanantly disable SELinux, run
|
1 |
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config |
[…]
On an Ubuntu Server, i done following to setup email forwarding. Install postfix
|
1 |
apt -y install postfix |
Edit /etc/postfix/main.cf, add following
|
1 |
vi /etc/postfix/main.cf |
Add
|
1 2 3 4 5 6 7 |
virtual_mailbox_domains = YOUR-DOMAIN_HERE.com virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_maps = hash:/etc/postfix/vmailbox virtual_minimum_uid = 100 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_alias_maps = hash:/etc/postfix/virtual |
Create Virtual mailbox
|
1 |
vi /etc/postfix/vmailbox |
Add
|
1 |
user1@YOUR-DOMAIN_HERE.com YOUR-DOMAIN_HERE.com/user1 |
Create alias file, used for mail forwarding
|
1 |
vi /etc/postfix/virtual |
Add
|
1 |
admin@YOUR-DOMAIN_HERE.com YOU@gmail.com |
Wth above configuration, mail coming to [email protected]_HERE.com will get forwarded to [email protected] Email coming to [email protected]_HERE.com get delivered […]
iRedMail allow you to run your own mail server easily. It use postfix mail server for mail delivery. https://www.iredmail.org/ iredmail increase mail attachment size […]
Default mail attachment size in iredmail is 10 MB. To increase mail attachment size, login to server as user root, run following commands
|
1 2 3 |
postconf -e message_size_limit=104857600 postconf -e mailbox_size_limit=104857600 systemctl restart postfix |
Here 104857600 is 100 MB in bytes (100 * 1024 * 1024). Change this as required. Sending very large file using mail attachment is not recommended, it is better use file […]
On Zimbra mail server, webmail stopped working on Port 80/443. Admin interface worked properly on url https://hostname:7071/. There is no errors displayed under monitor tab of Zimbra Admin. To fix, run
|
1 2 3 4 5 6 |
su - zimbra zmprov ms `zmhostname` zimbraReverseProxySSLToUpstreamEnabled FALSE zmprov ms `zmhostname` zimbraMailMode both zmprov ms `zmhostname` zimbraReverseProxyMailMode both ./libexec/zmproxyconfig -e -w -o -a 8080:80:8443:443 -x both -H `zmhostname` zmcontrol restart |
After running this, netstat -lntp start showing nginx running on port 80 and 443
|
1 2 3 4 5 6 7 8 |
root@zim:~# netstat -lntp | egrep "80|443" tcp 0 0 127.0.0.1:10663 0.0.0.0:* LISTEN 10980/zmlogger: zmr tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 11354/nginx.conf tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 11098/java tcp 0 0 116.203.102.86:8080 0.0.0.0:* LISTEN 11098/java tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 11354/nginx.conf tcp6 0 0 :::7780 :::* LISTEN 11707/httpd root@zim:~# |
[…]
On CentOS 7 server with firewalld running, used following command to open ports used by Zimbra Mail Server.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
firewall-cmd --zone=public --permanent --add-service=http firewall-cmd --zone=public --permanent --add-service=https firewall-cmd --zone=public --permanent --add-service=ssh firewall-cmd --zone=public --permanent --add-port=110/tcp firewall-cmd --zone=public --permanent --add-port=11211/tcp firewall-cmd --zone=public --permanent --add-port=143/tcp firewall-cmd --zone=public --permanent --add-port=25/tcp firewall-cmd --zone=public --permanent --add-port=443/tcp firewall-cmd --zone=public --permanent --add-port=465/tcp firewall-cmd --zone=public --permanent --add-port=5222/tcp firewall-cmd --zone=public --permanent --add-port=5269/tcp firewall-cmd --zone=public --permanent --add-port=587/tcp firewall-cmd --zone=public --permanent --add-port=7025/tcp firewall-cmd --zone=public --permanent --add-port=7071/tcp firewall-cmd --zone=public --permanent --add-port=7072/tcp firewall-cmd --zone=public --permanent --add-port=7073/tcp firewall-cmd --zone=public --permanent --add-port=7110/tcp firewall-cmd --zone=public --permanent --add-port=7143/tcp firewall-cmd --zone=public --permanent --add-port=7993/tcp firewall-cmd --zone=public --permanent --add-port=7995/tcp firewall-cmd --zone=public --permanent --add-port=8443/tcp firewall-cmd --zone=public --permanent --add-port=993/tcp firewall-cmd --zone=public --permanent --add-port=995/tcp firewall-cmd --reload |
See Zimbra, firewall-cmd […]
After Zimbra mail server installed, webmail work on url https://SERVER-HOSTNAME-HERE/ If you access webmail with out HTTPS, it won’t work. To set HTTP to redirect to HTTPS, login to server as root, switch to user zimbra
|
1 |
su - zimbra |
Run
|
1 |
zmprov ms SERVER_HOSTNAME_HERE zimbraReverseProxyMailMode redirect |
Wait few minutes, HTTP link will redirect to HTTPS.
|
1 2 3 4 5 6 7 |
[root@correo ~]# netstat -lntp | grep 80 tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 22891/java tcp6 0 0 :::7780 :::* LISTEN 24005/httpd [root@correo ~]# su - zimbra Last login: Thu Aug 8 21:33:52 CST 2019 on pts/0 [zimbra@correo ~]$ zmprov ms correo.net.gt zimbraReverseProxyMailMode redirect [zimbra@correo ~]$ |
You need to wait few minutes […]
To install SSL certificate for Zimbra Mail Server, login to server, switch to user zimbra
|
1 |
su - zimbra |
Now create file commercial.key, paste your Private key.
|
1 |
vi /opt/zimbra/ssl/zimbra/commercial/commercial.key |
In commercial.crt, paste your SSL certificate.
|
1 |
vi /opt/zimbra/ssl/zimbra/commercial/commercial.crt |
Create commercial_ca.crt with content of your ca-bundle file.
|
1 |
vi /opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt |
Verify SSL cerificate
|
1 |
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.crt |
If SSL verified sucessfully, you can install it with command […]
https://www.gmass.co – Allow you to send mass email using Gmail and G Suite. OpenEMM – Install instructions. […]
DMARC is used to protect your email from email spoofing. DMARC use SPF and DKIM record to validate your email. DMARC is a TXT record added in your domain DNS. DMARC record look like
|
1 |
v=DMARC1;p=POLICY_HERE;pct=100;rua=mailto:postmaster@your-domain.com;ruf=mailto:admin@your-domain.com;rf=afrf |
p=POLICY_HERE This specifies what to do with incoming email that fails DMARC. Valid options are none, quarantine and reject. p=none […]