在亚马逊AWS redhat7下安装Zimbra8.7.3

原创
2017/02/19 15:13
阅读数 107

由于在阿里云上部署的邮件服务器被qq邮箱屏蔽,而云门户 (https://icloudportal.com) 的注册用户使用QQ邮箱的人又如此之多,所以尝试在aws上部署zimbra。

很无语国内的BTA,也不知到QQ邮箱过分牛,还是阿里云过分垃圾,还是两者打的不亦乐乎。好多人说阿里云部署的邮件服务器被QQ拒收(阿里云自己免费邮箱也一样被屏蔽):

<480003911@qq.com>: host mx3.qq.com[183.57.48.35] said: 550 Ip frequency

   limited.

   http://service.mail.qq.com/cgi-bin/help?subtype=1&&id=20022&&no=1000725 (in

   reply to end of DATA command)

其实这个ip发出邮件很少,继续无语。

 

AWS据说韩国区的速度最快,购买了预留实例后,开始在亚马逊AWS redhat7下安装Zimbra8.7.3:

 

1.首先启动aws ec2实例时需要正确设置安全组端口

需要开放的入站端口:

22(SSH)

80(HTTP)

443(HTTPS)

110(POP3)995(POP3S)

25(SMTP)

465(SMTPS)

143(IMAP)

993(IMAPS)

389(LDAP)

7071(ADMIN)

7780

7025

        +Web server HTTP port:                 8080                          

        +Web server HTTPS port:                8443                          

        +Web server mode:                      https                         

        +IMAP server port:                     7143                          

        +IMAP server SSL port:                 7993                          

        +POP server port:                      7110                          

        +POP server SSL port:                  7995  

 

2.设置机器名(hostname)

参考:https://aws.amazon.com/cn/premiumsupport/knowledge-center/linux-static-hostname-rhel7-centos7/

1)更新 /etc/hostname

sudo vi /etc/hostname

设置为:mail.ezing.cn

2)更新 /etc/hosts

sudo vi /etc/hosts

使用aws私有ip最后增加:172.31.23.114 mail.ezing.cn mail    

//由于aws没有独立公网ip,这里与阿里云安装zimbra不同的坑

3)更新 /etc/sysconfig/network

sudo vi /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=mail.ezing.cn

4)更新 /etc/cloud/cloud.cfg

sudo vi /etc/cloud/cloud.cfg

最后增加:preserve_hostname: true
5)sudo reboot

 

6.设置DNS

CNAME mail.ezing.cn

ec2-52-79-131-240.ap-northeast-2.compute.amazonaws.com

//由于aws没有独立公网ip,这里与阿里云安装zimbra不同的坑

 

3.禁止SELINUX

[ec2-user@mail ~]$  sudo vi /etc/sysconfig/selinux

 

修改配置enforcing 到 disabled

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

sudo reboot

 

4.停止系统已经默认安装的任何 MTA 服务

[ec2-user@mail ~]$  sudo systemctl stop postfix
[ec2-user@mail ~]$  sudo systemctl disable postfix
[ec2-user@mail ~]$  sudo systemctl stop sendmail
[ec2-user@mail ~]$  sudo systemctl disable sendmail

 

5.更新操作系统

[ec2-user@mail ~]$  sudo yum update -y

 

6.安装必须的包和库

[ec2-user@mail ~]$  sudo yum install perl perl-core ntpl nmap sudo libidn gmp libaio libstdc++ unzip sysstat sqlite -y

yum reinstall libstdc++ -y

 

sudo yum install wget -y

 

6.1https://wiki.zimbra.com/wiki/Split_DNS

yum install bind* -y

sudo vi /etc/named.conf

zone "mail.ezing.cn" {
    type master;
    file "db.mail.ezing.cn";
};

sudo vi /var/named/db.mail.ezing.cn

 

;
;       Addresses and other host information.
;
@       IN      SOA     mail.ezing.cn. hostmaster.mail.ezing.cn. (
                               10118      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum
;       Define the nameservers and the mail servers
        IN      NS      <internal address of server>
ezing.cn.         IN      MX      10 mail.ezing.cn.
mail.ezing.cn.    IN      A       172.31.23.114

 

 

 

现在服务器已经准备好安装Zimbra 8.7.3.

 

7.下载开源版Zimbra8.7.3

wget https://files.zimbra.com/downloads/8.7.3_GA/zcs-8.7.3_GA_1750.RHEL7_64.20170215042321.tgz

 

8.解压已经下载的tar文件:

tar xzf zcs-8.7.3_GA_1750.RHEL7_64.20170215042321.tgz

 

9.进入已经解压的 ZCS 开源版目录:

cd zcs-8.7.3_GA_1750.RHEL7_64.20170215042321

 

10.使用下面命令开始安装

sudo ./install.sh --platform-override

执行脚本后,你可以看到下面画面

sudo ./install.sh --platform-override

Operations logged to /tmp/install.log.HdFwGoNq

Checking for existing installation...

    zimbra-ldap...NOT FOUND

    zimbra-logger...NOT FOUND

    zimbra-mta...NOT FOUND

    zimbra-dnscache...NOT FOUND

    zimbra-snmp...NOT FOUND

    zimbra-store...NOT FOUND

    zimbra-apache...NOT FOUND

    zimbra-spell...NOT FOUND

    zimbra-convertd...NOT FOUND

    zimbra-memcached...NOT FOUND

    zimbra-proxy...NOT FOUND

    zimbra-archiving...NOT FOUND

    zimbra-core...NOT FOUND

 

 

----------------------------------------------------------------------

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.

SYNACOR, INC. ("SYNACOR") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU

FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING

THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY

THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS

AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.

 

License Terms for this Zimbra Collaboration Suite Software:

https://www.zimbra.com/license/zimbra-public-eula-2-6.html

----------------------------------------------------------------------

 

 

 

Do you agree with the terms of the software license agreement? [N] Y

 

 

 

 

Checking for installable packages

 

Found zimbra-core

Found zimbra-ldap

Found zimbra-logger

Found zimbra-mta

Found zimbra-dnscache

Found zimbra-snmp

Found zimbra-store

Found zimbra-apache

Found zimbra-spell

Found zimbra-memcached

Found zimbra-proxy

 

 

 

Use Zimbra's package repository [Y] Y

Importing Zimbra GPG key

Configuring package repository

 

Select the packages to install

 

Install zimbra-ldap [Y]

 

Install zimbra-logger [Y]

 

Install zimbra-mta [Y]

 

Install zimbra-dnscache [Y]N

 

Install zimbra-snmp [Y]

 

Install zimbra-store [Y]

 

Install zimbra-apache [Y]

 

Install zimbra-spell [Y]

 

Install zimbra-memcached [Y]

 

Install zimbra-proxy [Y]

Checking required space for zimbra-core

Checking space for zimbra-store

Checking required packages for zimbra-store

zimbra-store package check complete.

 

Installing:

    zimbra-core

    zimbra-ldap

    zimbra-logger

    zimbra-mta

    zimbra-dnscache

    zimbra-snmp

    zimbra-store

    zimbra-apache

    zimbra-spell

    zimbra-memcached

    zimbra-proxy

 

The system will be modified.  Continue? [N] Y

Installing packages

 

zimbra-core will be downloaded.

zimbra-ldap will be downloaded.

zimbra-logger will be downloaded.

zimbra-mta will be downloaded.

zimbra-dnscache will be downloaded.

zimbra-snmp will be downloaded.

zimbra-store will be downloaded.

zimbra-apache will be downloaded.

zimbra-spell will be downloaded.

zimbra-memcached will be downloaded.

zimbra-proxy will be downloaded.

Downloading packages. This will not modify the system. This may take some time.

 

Removing /opt/zimbra

Removing zimbra crontab entry...done.

Cleaning up zimbra init scripts...done.

Cleaning up /etc/security/limits.conf...done.

 

Finished removing Zimbra Collaboration Server.

 

Local packages  zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-dnscache zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-proxy selected for installation

Monitor /tmp/install.log.HdFwGoNq for package installation progress

Remote package installation started

Installing zimbra-core-components  zimbra-ldap-components zimbra-mta-components zimbra-dnscache-components zimbra-snmp-components zimbra-store-components zimbra-apache-components zimbra-spell-components zimbra-memcached zimbra-proxy-components....done

Local package installation started

Installing  zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-dnscache zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-proxy...done

Local package installation started

Installing  zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-dnscache zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-proxy...done

done

Operations logged to /tmp/zmsetup.20170218-220612.log

Installing LDAP configuration database...done.

Setting defaults...

 

DNS ERROR resolving MX for mail.ezing.cn

It is suggested that the domain name have an MX record configured in DNS

Change domain name? [Yes] Yes

Create domain: [mail.ezing.cn] ezing.cn

        MX: mail.ezing.cn (172.31.23.114)

 

        Interface: 127.0.0.1

        Interface: ::1

        Interface: 172.31.23.114

done.

Checking for port conflicts

 

Main menu

 

   1) Common Configuration:                                                  

   2) zimbra-ldap:                             Enabled                       

   3) zimbra-logger:                           Enabled                       

   4) zimbra-mta:                              Enabled                       

   5) zimbra-dnscache:                         Enabled                       

   6) zimbra-snmp:                             Enabled                       

   7) zimbra-store:                            Enabled                       

        +Create Admin User:                    yes                           

        +Admin user to create:                 admin@ezing.cn                

******* +Admin Password                        UNSET                         

        +Anti-virus quarantine user:           virus-quarantine.wircr9mi@ezing.cn

        +Enable automated spam training:       yes                           

        +Spam training user:                   spam.cdkp9bzo@ezing.cn        

        +Non-spam(Ham) training user:          ham.o1v4pmo4@ezing.cn         

        +SMTP host:                            mail.ezing.cn                 

        +Web server HTTP port:                 8080                          

        +Web server HTTPS port:                8443                          

        +Web server mode:                      https                         

        +IMAP server port:                     7143                          

        +IMAP server SSL port:                 7993                          

        +POP server port:                      7110                          

        +POP server SSL port:                  7995                          

        +Use spell check server:               yes                           

        +Spell server URL:                     http://mail.ezing.cn:7780/aspell.php

        +Enable version update checks:         TRUE                          

        +Enable version update notifications:  TRUE                          

        +Version update notification email:    admin@ezing.cn                

        +Version update source email:          admin@ezing.cn                

        +Install mailstore (service webapp):   yes                           

        +Install UI (zimbra,zimbraAdmin webapps): yes                           

 

   8) zimbra-spell:                            Enabled                       

   9) zimbra-proxy:                            Enabled                       

  10) Default Class of Service Configuration:                                

   s) Save config to file                                                    

   x) Expand menu                                                            

   q) Quit

Address unconfigured (**) items  (? - help) 7

 

 

Store configuration

 

   1) Status:                                  Enabled                       

   2) Create Admin User:                       yes                           

   3) Admin user to create:                    admin@ezing.cn                

** 4) Admin Password                           UNSET                         

   5) Anti-virus quarantine user:              virus-quarantine.wircr9mi@ezing.cn

   6) Enable automated spam training:          yes                           

   7) Spam training user:                      spam.cdkp9bzo@ezing.cn        

   8) Non-spam(Ham) training user:             ham.o1v4pmo4@ezing.cn         

   9) SMTP host:                               mail.ezing.cn                 

  10) Web server HTTP port:                    8080                          

  11) Web server HTTPS port:                   8443                          

  12) Web server mode:                         https                         

  13) IMAP server port:                        7143                          

  14) IMAP server SSL port:                    7993                          

  15) POP server port:                         7110                          

  16) POP server SSL port:                     7995                          

  17) Use spell check server:                  yes                           

  18) Spell server URL:                        http://mail.ezing.cn:7780/aspell.php

  19) Enable version update checks:            TRUE                          

  20) Enable version update notifications:     TRUE                          

  21) Version update notification email:       admin@ezing.cn                

  22) Version update source email:             admin@ezing.cn                

  23) Install mailstore (service webapp):      yes                           

  24) Install UI (zimbra,zimbraAdmin webapps): yes                           

 

Select, or 'r' for previous menu [r] 4

Password for admin@ezing.cn (min 6 characters): [SBmeBXtA]password

 

Store configuration

 

   1) Status:                                  Enabled                       

   2) Create Admin User:                       yes                           

   3) Admin user to create:                    admin@ezing.cn                

   4) Admin Password                           set                           

   5) Anti-virus quarantine user:              virus-quarantine.wircr9mi@ezing.cn

   6) Enable automated spam training:          yes                           

   7) Spam training user:                      spam.cdkp9bzo@ezing.cn        

   8) Non-spam(Ham) training user:             ham.o1v4pmo4@ezing.cn         

   9) SMTP host:                               mail.ezing.cn                 

  10) Web server HTTP port:                    8080                          

  11) Web server HTTPS port:                   8443                          

  12) Web server mode:                         https                         

  13) IMAP server port:                        7143                          

  14) IMAP server SSL port:                    7993                          

  15) POP server port:                         7110                          

  16) POP server SSL port:                     7995                          

  17) Use spell check server:                  yes                           

  18) Spell server URL:                        http://mail.ezing.cn:7780/aspell.php

  19) Enable version update checks:            TRUE                          

  20) Enable version update notifications:     TRUE                          

  21) Version update notification email:       admin@ezing.cn                

  22) Version update source email:             admin@ezing.cn                

  23) Install mailstore (service webapp):      yes                           

  24) Install UI (zimbra,zimbraAdmin webapps): yes                           

 

Select, or 'r' for previous menu [r] r

 

Main menu

 

   1) Common Configuration:                                                  

   2) zimbra-ldap:                             Enabled                       

   3) zimbra-logger:                           Enabled                       

   4) zimbra-mta:                              Enabled                       

   5) zimbra-dnscache:                         Enabled                       

   6) zimbra-snmp:                             Enabled                       

   7) zimbra-store:                            Enabled                       

   8) zimbra-spell:                            Enabled                       

   9) zimbra-proxy:                            Enabled                       

  10) Default Class of Service Configuration:                                

   s) Save config to file                                                    

   x) Expand menu                                                            

   q) Quit                                    

 

*** CONFIGURATION COMPLETE - press 'a' to apply

Select from menu, or press 'a' to apply config (? - help) a

Save configuration data to a file? [Yes] Y

Save config in file: [/opt/zimbra/config.21609]

Saving config in /opt/zimbra/config.21609...done.

The system will be modified - continue? [No] Y

Operations logged to /tmp/zmsetup.20170218-225402.log

Setting local config values...done.

Initializing core config...Setting up CA...done.

Deploying CA to /opt/zimbra/conf/ca ...done.

Creating SSL zimbra-store certificate...done.

Creating new zimbra-ldap SSL certificate...done.

Creating new zimbra-mta SSL certificate...done.

Creating new zimbra-proxy SSL certificate...done.

Installing mailboxd SSL certificates...done.

Installing MTA SSL certificates...done.

Installing LDAP SSL certificate...done.

Installing Proxy SSL certificate...done.

Initializing ldap...

 

11.启动zimbra服务

su - zimbra
zmcontrol start

12.使用浏览器访问控制面板

https://<your_zimbra_domain.com>:7071

或者通过ip访问

https://192.168.0.70:7071

 

 

如果忘记admin密码可以:

su - zimbra

 

zmprov sp <admin email address> <new password>

 

 

原创:金山

jinshan At  ezing.cn

https://icloudportal.com

展开阅读全文
打赏
0
0 收藏
分享
加载中
更多评论
打赏
0 评论
0 收藏
0
分享
返回顶部
顶部