Unlock an account:

zmprov ma admin@example.com  zimbraAccountStatus active

To modify selinux rules

policycoreutils-python is needed

To set up mail on a new port with SELinux semanage port -a -t smtp_port_t -p tcp 25000
to list existing smtp ports:
semanage port -l|grep smtp

To allow apache to send email when using SELinux:

semanage boolean -m –on httpd_can_sendmail

This will list all the SElinux type labels that have been associated with ports.
#/usr/sbin/semanage port -l

#/usr/sbin/semanage port -a -t ssh_port_t -p tcp 330

LDAP queries

ldapsearch -x -Z -v -H ‘ldap://zimbraserver.example.com’ -b ‘ou=people,dc=example,dc=com’  -D ‘uid=admin,ou=people,dc=example,dc=com’ -W

Locked status and error messages

1. Login as #root

2. Change to zimbra user#su zimbra

3. Copy this code $ vi /opt/zimbra/jetty-6.1.5/webapps/zimbra/WEB-INF/classes/messages/ZMsg.properties

4. Find this account.CHANGE_PASSWORD = Your password in no longer valid. Please choose a new password.
Domain Masquerading

If you want mail from user@domain.com or user@zimbra.domain.com to appear to come from user@example.com, you can set the canonical address for the entire domain.

zmprov md domain.com zimbraMailCatchAllAddress @domain.com zimbraMailCatchAllCanonicalAddress @example.com
zmprov md zimbra.domain.com zimbraMailCatchAllAddress @zimbra.domain.com zimbraMailCatchAllCanonicalAddress @example.com

Change webmail port

su – zimbra
zmprov ms mail.yourdomain.com zimbraMailPort 8888
zmprov ms mail.yourdomain.com zimbraMailSSLPort 8889
zmcontrol stop ; zmcontrol start

Change ssh port
zmprov ms www.harkness.se zimbraRemoteManagementPort 22

Adding a delimiter to Postfix
zmprov mcf zimbraMtaRecipientDelimiter –

Creating a user alias

zmprov aaa accountname@domain.com aliasname@domain.com

Import a self-signed certificate allowing connection to imap etc.

keytool -import -file /tmp/certificate.txt -alias mail.example.com -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit

Fixing logger not starting

Forwarding all mail for a particular domain to a new server
[zimbra@www ~]$ zmprov
prov> md lists2.example.com zimbraMailCatchAllAddress @mailinglists.example.com
prov> md lists2.example.com zimbraMailCatchAllForwardingAddress @mailinglists.example.com
prov> md lists2.example.com zimbraMailTransport smtp:mailman.example.com:25001
prov> quit

Changing Spam scores:
vi /opt/zimbra/conf/spamassassin/50_scores.cf

# make the Bayes scores unmutable (as discussed in bug 4505)
ifplugin Mail::SpamAssassin::Plugin::Bayes
score BAYES_00  0  0 -1.5   -1.9
score BAYES_05  0  0 -0.3   -0.5
score BAYES_20  0  0 -0.001 -0.001
score BAYES_40  0  0 -0.001 -0.001
score BAYES_50  0  0  3.0    1.8
score BAYES_60  0  0  3.5    2.5
score BAYES_80  0  0  4.7    4.0
score BAYES_95  0  0  6.2    6.0
score BAYES_99  0  0  9.8    9.5

Filtering Spam
vi /opt/zimbra/conf/salocal.cf.in
uri VOUCHER4 /jeanpatrique.co.uk/
score VOUCHER4 40
uri VOUCHER3 /agency3.co.uk/
score VOUCHER3 20
uri VOUCHER1 /worldofvouchers.com/
score VOUCHER1 20
body UAESPAM /BroadcastUAE/i
score UAESPAM 20
body LOCAL_RULE    /jeanpatrique/
score LOCAL_RULE   30.5

Routing mail (example sending newdomain.com mail to primarydomain.co.uk)

Configuring transport tables to relay emails to a different mail server. In this example I am forwarding all emails for otherdomain.com to smtp.otherdomain.com . You can add as many transport maps as you need. All commands should be run as a user ‘zimbra’. After 5.0.9, postfix_transport_maps has been modified a bit, so we’ll show both ways.

$ zmlocalconfig   |grep -i postfix_transport_maps

This will show you the current transport maps file configuration:

postfix_transport_maps = ldap:/opt/zimbra/conf/ldap-transport.cf

or for Zimbra 5.0.9 and higher (including 6.0):

postfix_transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf

Create your transport file (owner/group-owner should be zimbra):

vi /opt/zimbra/postfix/conf/transportfile
otherdomain.com     :[smtp.otherdomain.com]

You can also add multiple transport maps, for example:

mydomain.com     :[mail.otherdomain.com]
mydomain.org     :[mail.otherdomain.com]
hisdomain.net    :[mail.otherdomain.com]

In this example all emails for 3 different domains will go to mail.otherdomain.com, so destination will be changed, while user name will remain as in original email address.

Convert the transport file into maptype database file:

$ postmap /opt/zimbra/postfix/conf/transportfile

The file transportfile.db will be created in this directory. Define the new transport file (original, not *.db one) BEFORE the default one. Run:

$ zmlocalconfig -e postfix_transport_maps=”hash:/opt/zimbra/postfix/conf/transportfile ldap:/opt/zimbra/conf/ldap-transport.cf”

Or for Zimbra 5.0.9 and higher:

$ zmlocalconfig -e postfix_transport_maps=”hash:/opt/zimbra/postfix/conf/transportfile proxy:ldap:/opt/zimbra/conf/ldap-transport.cf”

Finally, make sure that the relay_domains parameter in main.cf contains all domains handled by the server, whether locally or relayed elsewhere:

$ vi /opt/zimbra/postfix/conf/main.cf
relay_domains = otherdomain.com, mydomain.com, mydomain.org, hisdomain.net, locallyhandleddomain.com, localaliaseddomain.com

Restart Zimbra:

zmcontrol stop
zmcontrol start

Regenerating Keys

To regenerate the ssh keys, on all hosts (as the zimbra user):

To deploy the keys, on all hosts (as the zimbra user):
Verifying sshd configuration

The authentication method assumes that sshd on the mta is running on port 22, and that RSA Authentication is enabled. You can test the ssh command with:
ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@MAIL.DOMAIN.COM