Zimbra is a suite of tools for Unix/Linux/MacOS systems, which includes a secure mail server, web mail, anti-spam/anti-virus controls, a Web management interface, integrated calendaring, mobile device sync, and more. In many ways, Zimbra is the Unix equivalent to Microsoft Exchange.
In this post, I will be installing Zimbra onto a CentOS virtual machine I created in a previous post. The machine will need at least 1024mb of memory to run the default Zimbra services. I was unable to make it run without errors with any less memory.
1) You will need to install some required packages to proceed with the setup and avoid errors further on:
- wget – download utility we will be using to download the latest version of Zimbra Open Source Edition.
- postfix – an open-source mail transfer agent (MTA) that routes and delivers electronic mail; installation of Zimbra will fail without this package, according to my professor
- ntp – a protocol designed to synchronize the clocks of computers over a network
You can install these packages with the following command:
yum install wget postfix ntp
2) Make sure your time and date are set correctly. You can check time/date by running ‘date’.
If you need to change them you use the same command followed by the current time and date in the format of MMDDhhmm. So for example, if it’s currently April 30 5:55pm, the command would be:
date 04301755
3) Another step that may be important, and that my professor always told the class to complete, is to disable SElinux due to the various errors it may cause considering its stringent security policies. To disable it, use your favorite editor (mine is nano!) and change the SELINUX value in /etc/sysconfig/selinux to the following:
SELINUX=disabled
Then reboot your system.
4) In addition, you may want to turn off your firewall temporarily while installing and setting up Zimbra. I will make a post later about how to configure your firewall so that Zimbra’s required ports are accessible but everything else is secured. To turn off the firewall in CentOS, run:
service iptables stop
5) To find the latest version of Zimbra OSE, visit the following link:
http://www.zimbra.com/downloads/os-downloads.html
I will be using the 32bit x86 version, Red Hat Enterprise Linux 5 (as instructed by my professor). Since I’m installing it on a remote machine, I’m going to use wget to download the software:
wget http://files2.zimbra.com/downloads/6.0.6_GA/zcs-6.0.6_GA_2324.RHEL5.20100406144520.tgz
6) Extract files from the downloaded archive:
tar -xf zcs-6.0.6_GA_2324.RHEL5.20100406144520.tgz
7) Run the install script with a platform-override argument (since we’re installing on CentOS and not Red Hat) and then follow the instructions by installing whatever external packages the setup tells you are required and selecting options that correspond to your configuration (I used the default option at practically every step):
cd zcs-6.0.6_GA_2324.RHEL5.20100406144520 ./install.sh --platform-override
8) If you had any errors during installation, see step 9. Otherwise, if you’ve reached the configuration menu part of the installation, all you’re required to do is to set up the administrator password, as will be denoted by the many * symbols. There are other options you can tinker with if you have more complex needs, but the defaults worked fine for me.
* If you can’t see all the configuration options because the terminal scrolled down too far, you can usually scroll up with the shift+pageup key combination.
9) During installation, I had the following errors:
a)
ERROR: Installation can not proceed. Please fix your /etc/hosts file to contain: 127.0.0.1 localhost.localdomain localhost Zimbra install grants mysql permissions only to localhost and localhost.localdomain users. But Fedora/RH installs leave lines such as these in /etc/hosts: 127.0.0.1 myhost.mydomain.com myhost localhost.localdomain localhost This causes MySQL to reject users coming from 127.0.0.1 as users from myhost.mydomain.com. You can read more details at: http://bugs.mysql.com/bug.php?id=11822
This error is self-explanatory. Using an editor like vi or nano, edit /etc/hosts to match the error’s suggested fix. Here’s an example of my /etc/hosts file.
127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 130.245.127.62 rsheyd.oslab.cs.sunysb.edu rsheyd
b)
Checking for port conflicts
Port conflict detected: 25 (zimbra-mta)
Port conflicts detected! - Any key to continue
That means that some service is using a port Zimbra needs open for one of its services (in this case zimbra-mta). You can proceed with the installation despite the port conflict, but you will need to fix it later to avoid errors.
After you’ve finished Zimbra installation you can check what ports your system is currently using by running:
netstat -tulpn
In my case, postfix, which I installed earlier as per professor’s instruction, was using port 25. According to him it’s needed for Zimbra to function correctly but should be turned off. I’m not exactly sure how that works, but in any case, to turn it off you have to use the following command.
service postfix stop
And to prevent it from starting the next time you reboot your system, run:
chkconfig postfix off
If you don’t clear up the port conflict, there will be MTA-related errors when you try sending emails in Zimbra.
As a side note, postfix is already included in Zimbra-MTA so you may not need to install it separately to begin with, but I haven’t tried installing Zimbra without it.
*Some people may have sendmail blocking port 25 instead. Apply the same steps to sendmail as I did to postfix.
10) Zimbra has pretty basic spam protection as soon as you install it. In addition, its spam protection improves as you receive mail and mark spam as junk mail, due to heuristics and spam-learning algorithms. Google it if you want to know more =).
However, emails that may contain attachments which may be viruses are NOT filtered out by default. In order to filter out attachment formats which may be malicious you have to access the global settings in your administration console, which is accessed using the ‘admin’ account and the password you set during installation, at hostname:7071. In my case, that was: https://rsheyd.oslab.cs.sunysb.edu:7071/.
In Global Settings there should be an attachments tab, which lists all possible malicious attachment formats. I recommend selecting all of them and adding them to the blacklist since none of them are commonly attached files like PDFs, documents, photos, etc. Most are executable files used to infect a client’s computer with viruses.
In my next post I will talk about restricting access to Zimbra and your CentOS machine with iptables (firewall).
Helpful links:
http://library.linode.com/email/zimbra/install-zimbra-centos-5
http://www.zimbra.com/docs/ne/latest/single_server_install/
* Post any questions in my comments and I’ll try my best to answer them!
codeRoman 
YOU’RE THE BEST
Hello,
I completed the steps for the Zimbra installation and got an error after setting up the password for administrator.
The error said “address error rerun /opt/zimbra/libexec/zmsetup.pl.
I corrected the error but do not know how to run zimbra again. I tried reinstalling but that did not work.
I’m not sure what you mean by run zimbra.
In terms of starting Zimbra after it’s installed, it automatically starts at boot, or you can run ‘service zimbra start’. After a failed installation, I was never able to get it fixed, so in my case I just started with a new VM. My professor also mentioned that if Zimbra fails during installation that you may have to revert to a previous snapshot.
Hi
Its nice effort by you to help us people. thanks. I am done with installing zimbra and at boot also it says starting zimbra but I didnt get the part, how to setup administrator password. plz help me with that
Glad to help =). Personally, I couldn’t get past the install process without setting up the admin password, so I’m surprised you were able to.
A google search brought me here, which has the instructions on resetting Zimbra admin’s password:
http://wiki.zimbra.com/wiki/Admin_Password_Reset
thanks I wrote su – zimbra and it asked for password but I dont even know what is the password
make sure you’re logged into your root account, in which case you don’t need the password
After successful installation, how can i access the zimbra administrative site through browser.
You can either access it from the regular login page for users (there should be an administration console link somewhere on the page; I forget where) or access it directly through port 7071 through https, like in the following link:
https://server.domain.com:7071
Dear Sir,
Zimbra mail server not install and configure please solve error.
Error :-
Initializing ldap…failed. (28160)
ERROR
Configuration failed
Please address the error and re-run /opt/zimbra/libexec/zmsetup.pl to
complete the configuration.
Errors have been logged to /tmp/zmsetup.07262011-160821.log
From a quick google search it sounds like it could be that the IP address of your machine and in /etc/hosts don’t match.
Is it possible to install Zimbra on local IP or intranet?
I managed to install Zimbra and i cannot access http://localhost(local IP):7071
This is not working for me.
The Installation is completed and its running with no errors at all but i haven’t got a registered domain to access and i have to loginto Administator webinterface.
Thank you very much.
Yes, local ip should be fine. Make sure you’re using secure http when trying to access the web interface:
https://local-ip:7071
That might be the issue. Let me know if it still doesn’t work.
what man
I’m trying to install zimbra on CENTOS..
Actually I did all installation, but i Got this error when I try to up the service..
Failed to start LSB: Zimbra mail service
I am also getting same error. Please help me if you resolved this issue.
Try some of the fixes here and let us know if it works: sathisharthars.wordpress.com/2013/11/14/troubleshooting-postfix-starting-problem-in-zimbra-mail-server