Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Integration of zimbra server with ironport

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-28-2011, 02:26 AM
Junior Member
  
Posts: 5
Default Integration of zimbra server with ironport
hi can any one help me to give some direction to integrate ironport with zimbra hosted installation for multiple domain
Reply With Quote
  #2 (permalink)  
Old 08-25-2011, 01:00 AM
Starter Member
  
Posts: 2
Default
You just need to add all hosted domain name in the RAT table of Ironport.

And then...

edit Ironport smtp routes table to send hosted domain messages to the right zimbra server

To route outbound messages, please add your zimbra's IP into your Ironport's HAT table >> Relaylist

Dont' forget to commit the settings on your Ironport
Reply With Quote
  #3 (permalink)  
Old 09-03-2011, 04:21 PM
Special Member
  
Posts: 146
Default
You can use also a integration schemes like Cisco IronPort (MX position) - Exim (simple real time backup and advance route driver) - Zimbra (end user agent).

Zimbra and IronPort integration (single and bundle solutions) is simple and can be implemented in two good ways. Ironport works like simple mailgateway and can route (route section) a messages wherever you show (configure) for each of your internal domain - Manfred Zhu described it in the above post . Zimbra can also route to external smtp server all messages (external and internal Zimbra messages too). It's very importnat, because, if you use a IronPort e-mail encryption feature (RES) for internal and external users you cann add to your Zimbra config external smtp server (GUI: Global settings - MTA - Network, Mta for external route). Do not forget to Zimbra mail to route the internal interface of the IronPort. You must define in Zimbra GUI a internal (inside) IP/hostname to IronPort service.

But I prefer Zimbra integration with IronPort and exim, because the exim has more powerful in my ability to control the messages, than in the Zimbra postfix. But if you want, you don't need use exim solution!
Simple way is use a Zimbra like a classic webmail (colaborate) and pop/imap server and IronPort like incomming and outgoing smtp server (IronPort can be external and internal smtp server, with support auth internal users with any ldap to send e-mails). In my opinion this way is not sufficiently secure.




Simple route with Zimbra, IronPort (your MX) and Exim (exim can backup all incomming and outgoing messages, it's easy and free):


(incomming external message from outside users) -> IronPort -> Exim (live backup solution) -> Zimbra (local user).

(outgoing internal message to outside users) Zimbra (local user) -> Exim -> Ironport -> external user

(outgoing internal message to internal users) Zimbra (local user)-> Exim -> Ironport -> Exim -> Zimbra (local user) or Zimbra (local user)->Exim ->Ironport ->Zimbra (local user)


To identify and authenticate your internal users for IronPort and Zimbra, you can use the Zimbra (Open) ldap or external ldap server, like OpenLdap / Sun One Directory. - It's depends on your model solutions.



QUARANTINE:

Basic problem with IronPort Spam messages and Zimbra (Unify your SYSTEM Spam quarantine, without IronPort quarantine store): Global filters for all users..
Best way: Disable your SPAM quarantine in IronPort and tag (define header or subject like [**SPAM**] or [**SUSPECTED SPAM**] ) all spam messages and suspected messages with deliver options. Zimbra users can add a system filters in zimbra client and store SPAM messages in local Zimbra folders. I don't know yet how to set the global system filters configuration of the Zimbra.

If you don't want disable a IronPort SPAM quarantine, you can also configure the IronPort in such a way as to send e-mails with links to spam messages to your internal users (eg. once a hour / day / week).
__________________
# ZCS 7.1.3 SLES11 SP1
Last edited by soba@ukw.edu.pl; 09-04-2011 at 03:49 AM..
Reply With Quote
  #4 (permalink)  
Old 09-04-2011, 02:21 AM
Moderator
  
Posts: 2,207
Default
Follow the "Global filters for all users" link in previous post to get a solution to filter spam messages to the spam folder, server wide.
Reply With Quote
  #5 (permalink)  
Old 09-04-2011, 03:28 AM
Special Member
  
Posts: 146
Default
This is the best way to create more powerfull and scalability mailbox solution for more than 1k users (see attached file).

This is the modular system and if you want to replace or add a component (such as other external SPAM and antivirus or cryptographic solutions) you can do it easily (use external exim routers or internal Zimbra postfix / amavisd routers).

For a more scalable your mail solution you can buy and use a Zimbra Appliance (with VMware ESXi).

Simple external live e-mail backup with exim solution:
Users can add a external imap server in Zimbra client and get the all backup incomming and outgoing messages with exim server infrastructure. You can also get the backup messages with standard client, like MS Outloock or Thunderbird (use the imap cconnectiom to exim server).
Attached Files
File Type: pdf MTA-UKW.pdf (374.7 KB, 74 views)
Last edited by soba@ukw.edu.pl; 09-04-2011 at 11:44 AM..
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.