Posts

Showing posts with the label Zimbra Mail Server

How to create auto Bcc for Recipient mails for Zimbra 8.6

Image
How to auto copy of all email from [email protected] to [email protected]. Every email recipient of [email protected] from email another, then automation bcc send to [email protected].   How to create auto Bcc for sender mails for Zimbra 8.6 To check "recipient BCC Maps" recipient_bcc_maps on your zimbra 8.6 $ postconf | egrep "recipient_bcc_maps" To configure recipient bbc maps on zimbra 8.6 # su - zimbra $ cd /opt/zimbra/postfix/conf/ To create recipient_bcc $ vim recipient_bcc Input the content as below [email protected] [email protected] To add recipient_bcc_maps in main.cf file $ vim /opt/zimbra/postfix/conf/main.cf To add the following line in below recipient_bcc_maps = lmdb:/opt/zimbra/postfix/conf/recipient_bcc To apply configure recipient_bcc_maps $ postmap /opt/zimbra/postfix/conf/recipient_bcc To restart the zimbra postfix $ postfix reload To check "Recipient BCC Maps" recipi

How to add spam filters on zimbra 8.6

Image
How to add spam filters on zimbra 8.6 Links to below you maybe likes: zimbra custom spamassassin rules How to create auto Bcc for Recipient mails for Zimbra 8.6 How to add spam filters on zimbra 8.6 How to create auto Bcc for sender mails for Zimbra 8.6 list accounts that has not logged in for the last x days in zimbra su - zimbra To check current setting $ zmprov gacf | grep zimbraMtaRestriction To add spam filters on zimbra 8.6 $ zmprov mcf zimbraMtaRestriction reject_invalid_hostname \ zimbraMtaRestriction reject_non_fqdn_hostname \ zimbraMtaRestriction reject_non_fqdn_sender \ zimbraMtaRestriction "reject_rbl_client dnsbl.njabl.org" \ zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org" \ zimbraMtaRestriction "reject_rbl_client bl.spamcop.net" \ zimbraMtaRestriction "reject_rbl_client dnsbl.sorbs.net" \ zimbraMtaRestriction "reject_rbl_client sbl.spamhaus.org" \ zimbraMtaRestriction "reject_rbl_client rela

How to create auto Bcc for sender mails for Zimbra 8.6

Image
How to auto copy of all email from [email protected] to [email protected]. Every email send from [email protected] to email another, then automation bcc to [email protected]. How to create auto Bcc for Recipient mails for Zimbra 8.6 To check "Sender BCC Maps" sender_bcc_maps on your zimbra 8.6 $ postconf | egrep "sender_bcc_maps" The output as below sender_bcc_maps = To configure sender bbc maps on zimbra 8.6 # su - zimbra $ cd /opt/zimbra/postfix/conf/ To create sender_bcc $ vim sender_bcc Input the content as below [email protected] [email protected] To add sender_bcc_maps in main.cf file $ vim /opt/zimbra/postfix/conf/main.cf To add the following line in below sender_bcc_maps = lmdb:/opt/zimbra/postfix/conf/sender_bcc To apply configure sender_bcc_maps $ postmap /opt/zimbra/postfix/conf/sender_bcc To restart the zimbra postfix $ postfix reload To check "Sender BCC Maps" sender_bc

zimbra duplicate emails issue

Image
How to remove zimbra duplicate emails in inbox. some trouble message with double message-id. The resolution enable zimbraMessageIdDedupeCacheSize attribute. The default, zimbra disable zimbraMessageIdDedupeCacheSize attribute. I'm running commands with account zimbra ( su - zimbra ) To find current value zmprov gcf zimbraMessageIdDedupeCacheSize The looks like as below zimbraMessageIdDedupeCacheSize: 3000  The modified value and zimbra mailbox service restart zmprov mcf zimbraMessageIdDedupeCacheSize 0 zmmailboxdctl restart The conclusion The solve problem, "zimbra duplicate message id", "zimbra duplicate emails". The commands use my post, support zimbra mail server version 8.6 8.5 8.0

zimbra DKIM (DomainKeys identified Mail)

Image
zimbra DKIM (Domainkeys identified Mail) include: Private-key insert header of email sending mail server. Public-key updated into DNS public. Links to below you maybe likes: zimbra custom spamassassin rules How to create auto Bcc for Recipient mails for Zimbra 8.6 How to add spam filters on zimbra 8.6 How to create auto Bcc for sender mails for Zimbra 8.6 list accounts that has not logged in for the last x days in zimbra Step 1: To configure zimbra DKIM To add DKIM data into domain not existing DKIM /opt/zimbra/libexec/zmdkimkeyutil -a -d huuphan.com The output as bellow DKIM Data added to LDAP for domain huuphan.com with selector 0E9F133A-9577-11E1-AD0E-2A2FBBAC6BCB  Public key to enter into DNS:  0E9F133A-9577-11E1-AD0E-2A2FBBAC6BCB._domainkey IN TXT "v=DKIM1;=rsa;  p=MIGfMA0GCXXXSSFWwfdfdfEEAA4GNADCBiQKBgQDY5CBg15nZ2vYnRmrNub6Jn6ghQ2DXQbQgOJ/E5IGziUYEuE2OnxkBm1h3jived21uHjpNy0naOZjLj0xLyyjclVy1chrhSbsGAhe8HLXUsdXyfRvNTq8NWLsUnMEsoomtJCJ  /4GSWYU1whOQ9oKZ

zmprov command create account attributes in zimbra

Image
How to zmprov command create account attributes in zimbra. zmprov command creating accounts, aliases, domain, cos, distribute lists and calendar resources. Links to below you maybe likes: zimbra custom spamassassin rules How to create auto Bcc for Recipient mails for Zimbra 8.6 How to add spam filters on zimbra 8.6 How to create auto Bcc for sender mails for Zimbra 8.6 list accounts that has not logged in for the last x days in zimbra Print all attribute names zmprov desc The syntax for modify attributes in zimbra Use + to add an attribute Use - to remove an attribute How to create account with attributes use zmprov command zmprov ca [email protected] 123456789 sn 'huupv' cn 'Huu, Phan Van' displayName 'Huu, Phan Van (IT)' zimbraMailHost mail.huuphan.local Account information     Account email: [email protected]     Password: 123456789     lastName: huupv     fullName: Huu, Phan Van     displayName: Huu, Phan Van (IT

zimbra ldap reset last login time

Image
How to change last login time for all accounts in zimbra ldap. I'm running scripts on zimbra ldap with zimbra account. To use zimbra  8.6 The explain scripts zimbra ldap reset last login time File /tmp/email the contain accounts email, you want change last login time. cat /tmp/email The output as bellow [email protected] [email protected] when you running script, then zimbraLastLogonTimestamp change the last login the current date DATE=$(date +%Y%m%d) The output as bellow 20170726 For example [email protected] with zimbraLastLogonTimestamp : 20170511135742.260Z to changed zimbraLastLogonTimestamp : 20170726000000.000Z My scripts zimbra ldap reset last login time #!/bin/bash #HuuPV rm -f /tmp/account_DN DATE=$(date +%Y%m%d) LDAP_HOST=$(/opt/zimbra/bin/zmlocalconfig ldap_host | cut -d\ '' -f3) LDAP_PASSWORD=$(/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | cut -d\ '' -f3) LDAP_USERDN=$(/opt/zimbra/bin/zmlocalcon

zimbra mail server security fail2ban

Image
zimbra mail server security with fail2ban. How to configure fail2ban for prevent "brute force attack" zimbra 8.6 on centos. How to improve zimbra mail server security with fail2ban . I'm running commands as root account. Links to below you maybe likes: zimbra custom spamassassin rules How to create auto Bcc for Recipient mails for Zimbra 8.6 How to add spam filters on zimbra 8.6 How to create auto Bcc for sender mails for Zimbra 8.6 list accounts that has not logged in for the last x days in zimbra To install fail2ban yum install fail2ban nano To backup file cp /etc/fail2ban/action.d/iptables-allports.conf /etc/fail2ban/action.d/iptables-allports.conf.backup cp /etc/fail2ban/filter.d/zimbra.conf /etc/fail2ban/filter.d/zimbra.conf.backup cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.conf.backup To create zimbra.conf file cat /etc/fail2ban/filter.d/zimbra.conf The content as below # Fail2Ban configuration file # # Author: # # $Revision: 1 $ # [Def

zimbra Qualys A+

Image
How to zimbra A+ in the Qualys SSL Labs Security Test. To help system zimbra security hardening. Let's go labs. in my post,i use zimbra account ( su - zimbra)  Zimbra without Proxy ( zimbra mailbox+zimbra ldap+zimbra MTA) Tune the cipher list ( you to check zimbraSSLExcludeCipherSuites before run command) zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_DSS_WITH_DES_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_DES_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_RSA_EXPORT_WITH_DES40_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_RS

zimbra reject authenticated sender login mismatch

Image
zimbra reject authenticated sender login mismatch, How To Improvement Sender Must Login/Enforcing a Match Between From Address and sasl username on Zimbra 8.6  To check zimbraMtaSmtpdRejectUnlistedSender and zimbraMtaSmtpdRejectUnlistedRecipient enable on server zimbra mta? zmprov gacf | egrep zimbraMtaSmtpdRejectUnlistedSender zmprov gacf | egrep zimbraMtaSmtpdRejectUnlistedRecipient The output as bellow zimbraMtaSmtpdRejectUnlistedSender: no zimbraMtaSmtpdRejectUnlistedRecipient: no To enabled zimbraMtaSmtpdRejectUnlistedSender and zimbraMtaSmtpdRejectUnlistedRecipient on server zimbra mta zmprov mcf zimbraMtaSmtpdRejectUnlistedRecipient yes zmprov mcf zimbraMtaSmtpdRejectUnlistedSender yes To open file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf and add reject_sender_login_mismatch after permit_mynetworks permit_mynetworks, reject_sender_login_mismatch To restart zmmtactl zmmtactl restart To test zimbra reject authenticated sender login mismatch

Zimbra error 421-4.7.0 gsmtp

Image
zimbra code error 421-4.7.0 This message does not have authentication information or fails to pass 421-4.7.0 authentication checks Gmail SMTP Error Codes Jun 22 11:17:56 mta postfix/smtp[16523]: B67511C61EE: host gmail-smtp-in.l.google.com[74.125.23.27] said: 421-4.7.0 This message does not have authentication information or fails to pass 421-4.7.0 authentication checks. To best protect our users from spam, the 421-4.7.0 message has been blocked. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126#authentication for more 421 4.7.0 information. f7si5281662plm.92 - gsmtp (in reply to end of DATA command) How to solve problem ( recommend of google) Sign messages with DKIM Publish an SPF record Publish a DMARC policy My opinion just "Sign messages with DKIM and Publish an SPF record" without Publish a DMARC policy. Ref to check DKIM and spf use dig command dig -t txt  C333XXX-11E4-B123-25B12331CXXXA1._domainkey domain-your.com Or ref to check website o

list accounts that has not logged in for the last x days in zimbra

Image
How to list accounts that has not logged in for the last x days in zimbra, list accounts last login time a month ago... after run script,The output /tmp/lastlogin_time syntax file as bellow Account zimbraAccountStatus displayName To use date command a month ago date -d "-1 month" +%Y%m%d The script zimbra_lastlogin.sh name, list accounts last login time a month ago To run script zimbra_lastlogin.s ./zimbra_lastlogin.sh The full script zimbra_lastlogin.sh list accounts that has not logged in for the last x days in zimbra #!/bin/bash #HuuPV author rm -f /tmp/lastlogin_time pastmonth=$(date -d "-1 month" +%Y%m%d) LDAP_HOST=$(/opt/zimbra/bin/zmlocalconfig ldap_host | cut -d\ '' -f3) LDAP_PASSWORD=`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | cut -d\ '' -f3` LDAP_USERDN=$(/opt/zimbra/bin/zmlocalconfig zimbra_ldap_userdn | cut -d\ '' -f3) LDAPSEARCH="/opt/zimbra/bin/ldapsearch -D "$LDAP_USERDN" -w$LDA

How to setting password policies in Zimbra

Image
How to setting password policies in zimbra? To help your system increase security, password strongest. To get all COS use zmprov command su - zimbra zmprov gac -v | grep Password | sort | uniq To display all attributes as below zimbraFeatureChangePasswordEnabled: TRUE zimbraMobilePolicyAllowSimpleDevicePassword: FALSE zimbraMobilePolicyAlphanumericDevicePasswordRequired: FALSE zimbraMobilePolicyDevicePasswordEnabled: TRUE zimbraMobilePolicyDevicePasswordExpiration: 0 zimbraMobilePolicyDevicePasswordHistory: 8 zimbraMobilePolicyMaxDevicePasswordFailedAttempts: 4 zimbraMobilePolicyMinDevicePasswordComplexCharacters: 0 zimbraMobilePolicyMinDevicePasswordLength: 4 zimbraMobilePolicyPasswordRecoveryEnabled: TRUE zimbraPasswordEnforceHistory: 0 zimbraPasswordLocked: FALSE zimbraPasswordLockoutDuration: 1h zimbraPasswordLockoutEnabled: FALSE zimbraPasswordLockoutFailureLifetime: 1h zimbraPasswordLockoutMaxFailures: 10 zimbraPasswordMaxAge: 0 zimbraPasswordMaxLength:

How to backup and restore for zimbra mailbox

Image
In this tutorial, How to " Backup and restore for zimbra mailbox ". How to backup mailbox for accounts? How to restore mailbox for accounts? The format list_account file as below: [email protected] [email protected] The script backup mailbox for all accounts #!/bin/bash FILE= /tmp/list_account DATE=$(date +"%a") ZMBOX=/opt/zimbra/bin/zmmailbox while read account do      echo "---Generating files from backup $account ---"      $ZMBOX -z -m $account -t 0 getRestURL "//?fmt=zip" > /tmp/$acount.$DATE.zip done < $FILE The script restore mailbox for all accounts #!/bin/bash FILE=/tmp/list_account DATE=$(date +"%a") ZMBOX= /opt/zimbra/bin/zmmailbox while read account do     echo "---Restoring files from backup $account---"     $ZMBOX -z -m $account -t 0 postRestURL "//?fmt=zip&resolve=reset" /tmp/$account.$DATE.zip done < $FILE Note: if you setup multi-server Zimbr

zimbra 8.6 cbpolicyd example

Image
Links to below you maybe likes: How to zimbra enforce spf checking for incomming email How to use cbpolicyd to configure 120 message from sender in last 30s. in order configure in zimbra cbpolicyd policies -->policy_members -->quotas -->quotas_limits To create zimbra-example.sql file BEGIN TRANSACTION; INSERT INTO "policies" (ID,Name,Priority,Description) VALUES(6,'Example CBPolicyd Policies', 0, 'Example CBPolicyd Policies'); INSERT INTO "policy_members" (ID,PolicyID,Source,Destination) VALUES(10,6, 'user@domain', '!%internal_domains'); INSERT INTO "quotas" (ID,PolicyID,Name,Track,Period,Verdict,Data) VALUES (14,10, 'Sender:user@domain','Sender:user@domain', 30, 'REJECT', 'Rejected from CBPolicyd: Too many messages from sender in last 30s'); INSERT INTO "quotas_limits" (ID,QuotasID,Type,CounterLimit) VALUES(16,14, 'MessageCount', 120); COMMIT; To

Log file zimbra script

Image
The function read /var/log/zimbra.log use bash script. To input 1. FILE1=/var/log/zimbra.log 2. FOLDER=/tmp/test 2. NUMBER=/tmp/test/number.txt file To output TEMP_LOG=$FOLDER/tmp_zimbra.log Function f_check_folder to check folder existing yes or no. f_check_folder () {         if [[ -d $FOLDER ]]; then                 if [[ ! -s $NUMBER ]]; then                         touch $NUMBER                         echo 0 > $NUMBER                 fi         else                 mkdir -p $FOLDER                 touch $NUMBER                 echo 0 > $NUMBER         fi } Function f_get_log read /var/log/zimbra.log file f_get_log () {         NUM=`cat $NUMBER`         SUM=`expr "$NUM" + 1`         tail -n +"$SUM" $FILE1 > $TEMP_LOG         echo `wc -l < $FILE1` > $NUMBER }

How to Manage Mailbox Folder using zmmailbox command in Zimbra

Image
How to Manage Mailbox Folder using zmmailbox command in Zimbra. zmmailbox command for mailbox manager. It's useful for admin. in this post will brief how to get all folder, empty, delete subfolder/folder in zimbra. How to get all folder using zmmailbox command. [zimbra@mail ~]$ zmmailbox -z -m  [email protected] gaf The output:         Id  View      Unread   Msg Count  Path ----------  ----  ----------  ----------  ----------          1  unkn           0           0  /         16  docu           0           0  /Briefcase         10  appo           0           0  /Calendar         14  mess           0           0  /Chats          7  cont           0           0  /Contacts          6  mess           0           0  /Drafts         13  cont           0           3  /Emailed Contacts          2  mess           8          11  /Inbox         320  mess           0           0  /Inbox/New_Sub_folder          4  mess           0           0  /Junk        321  mess 

How to check zimbra account status

Image
How to check zimbra account status? How to know zimbra account status pending. How to know zimbra account status active, closed, locked, maintenance. In my post, one bash script get all zimbra account status and zmaccts commands another. Links to below you maybe likes: zimbra custom spamassassin rules How to create auto Bcc for Recipient mails for Zimbra 8.6 How to add spam filters on zimbra 8.6 How to create auto Bcc for sender mails for Zimbra 8.6 list accounts that has not logged in for the last x days in zimbra Method 1: To bash script use zimbra ldap check zimbra account status. #!/bin/bash # sed ':a;N;$!ba;s/\n/ /g' file : command line # :a create a label 'a' # N append the next line to the pattern space # $! if not the last line, ba branch (go to) label 'a' # s substitute, /\n/ regex for new line, / / by a space, /g global match (as many times as it can) # sed will loop through step 1 to 3 until it reach the last line, getting all l

How to edit Undelivered Mail Returned to Sender on zimbra

Image
How to edit  The failure template is used when mail is returned to the sender, How to edit Undelivered Mail Returned to Sender. Links to below you maybe likes: zimbra custom spamassassin rules How to create auto Bcc for Recipient mails for Zimbra 8.6 How to add spam filters on zimbra 8.6 How to create auto Bcc for sender mails for Zimbra 8.6 list accounts that has not logged in for the last x days in zimbra The below command to login as zimbra user. To check bounce_template_file. $postconf |grep bounce_template_file To copy bounce.cf.default to bounce.cf $cd /opt/zimbra/postfix-2.11.1.2z/conf $cp bounce.cf.default bounce.cf To configure bounce.cf file $postconf -e bounce_template_file="/opt/zimbra/postfix-2.11.1.2z/conf/bounce.cf" $postconf |grep bounce_template_file To check bounce.cf file $postconf -b bounce.cf The content of bounce.cf file $cat bounce.cf To edit message red highlighted as below # # Do not edit this file. This file shows the default

How To Install CBPolicyd on Zimbra 8.6

Image
Step 1: To active cbpolicyd on zimbra 8.6 $su - zimbra $zmprov ms `zmhostname` +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicyd Step 2: To acctive cbpolicyd webui cd /opt/zimbra/httpd/htdocs/ && ln -s ../../cbpolicyd/share/webui vim /opt/zimbra/cbpolicyd/share/webui/includes/config.php To add " $DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb ";" in config.php file. The ouput: #$DB_DSN="mysql:host=localhost;dbname=cluebringer"; $DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb"; $DB_USER="root"; #$DB_PASS=""; $DB_TABLE_PREFIX=""; Step 3: To restart services su - zimbra -c "zmcontrol restart" su - zimbra -c "zmapachectl restart" Step 4: To access cbpolicyd webui. http://IP-OF-Zimbra:7780/webui/index.php