[SOLVED] Hosting Zimbra at home for remote family

[markeric]

I'm interested in hosting an OpenSource Zimbra install on a home computer. (Ubuntu, wait for 10.04 LTS?)

I would either use DyNS or a static IP (not setup yet). I would want SSL (self-signed is fine). It is intended for use by my family and my extended family. I would like the option of using the desktop zimbra software for everyone as well.

Questions:

• Is this possible? If possible, is it a bad idea?
• Are there any gotcha's I should be aware of?
• I believe I have to have a static IP for SSL certs to work. Is that true?
• Do others have a similar setup?
• Is there any documentation that would help with this?

Thanks!
-Mark E.

[Matuscak]

Sure, unless you have a really huge family, or a really slow internet connection, it shouldn't be a problem at all. I do it myself. Mine is running on CentOS on a VMware ESXi whitebox that I built.

It's probably good to make sure that your ISP allows servers, and you should make sure that they don't block inbound access to specific ports (Like HTTPS, HTTP, SMTP, IMAPS).

SSL doesn't really care about the underlying IP address, just the names that the client connects to and the server returns. If the client connects to marksmail.dyndns.org and your server says it marksmail.markeric.com, the client's browser will complain. Keep in mind that with self-signed certs, the client is going to get a warning from every different browser/PC combination they connect with until the exception is saved. I figured that was enough of a hassle that I purchased a commercial cert from GoDaddy. As I recall, the low end cert is something $10-15/year.

As for documentation, it's really just the normal Zimbra install.

[markeric]

Sure, unless you have a really huge family, or a really slow internet connection, it shouldn't be a problem at all. I do it myself. Mine is running on CentOS on a VMware ESXi whitebox that I built.

I thought about running it in a virtual machine too. I like the portability of it should I change/update my host OS. I use VirtualBox mainly. I expect it should work well enough still. Any thoughts on that?

I noticed CentOS isn't in the list of prepared binaries (Open Source Edition Downloads: Enterprise Messaging and Collaboration Software by Zimbra). Did you do a source install? How easy/difficult is that for a Zimbra-noob like me? Is there a guide for doing it that way?

Thanks for the response. I'm glad to hear that it's not an unreasonable goal.

-Mark E.

[raj]

Red Hat Enterprise Linux 5 - binary for - centos5
Red Hat Enterprise Linux 4 - binary for - centos4

Raj

[Matuscak]

I thought about running it in a virtual machine too. I like the portability of it should I change/update my host OS. I use VirtualBox mainly. I expect it should work well enough still. Any thoughts on that?

I don't know anything about VirtualBox, but I'm sold on virtualization in general. Pretty much all the server stuff I've set up in the last couple years has been virtualized.

I noticed CentOS isn't in the list of prepared binaries (Open Source Edition Downloads: Enterprise Messaging and Collaboration Software by Zimbra). Did you do a source install? How easy/difficult is that for a Zimbra-noob like me? Is there a guide for doing it that way?

You use the Red Hat binaries for CentOS. You need to specify a switch on the command line that says "Yeah, Yeah, I know it's not supported". FWIW, official CentOS support has been at the top of the wish list for quite some time.

[weigenmann]

Hello there,
Just my input to your project. I run my server as follows:
Operatings System: CentOS 5.4 x64
- Integrated Samba as Primary Domain Controller
- Use Samba binaries from SerNet | Home
- DHCP and Dynamic DNS (Bind)
- Split DNS (for zimbra)
- Use DynDNS.org for Domain registration and service Custom DNS
- ddclient to update dynamic DNS entries for accounts on DynDNS
- NoMachine NX server to remote control Linux (LAN/WAN) from a Windows PC. Server has no KB, Mouse or Monitor attached

Webserver: LAMP and Joomla 1.5
- implemented virtualhost configuration for webserver and zimbra

Zimbra: FOSS RedHat binaries x64
- zimlets: Samba / posix deployed
- for zimbra I reconfigured the following ports:
zimbraMailPort: 81
zimbraMailSSLPort: 4443
zimbraMailSSLProxyPort: 8443
zimbraMailMode: redirect - use https exclusively

Welcome to CAcert.org for free certificate
In zimbra - Generate the CSR for the commercial certificate authorizer
- User's still will have to download/install cacert's root certificate. Not included in Firefox nor Internet Explorer

Backup Zimbra: I have been using ZimbraColdBackup. Found herehttp://sourceforge.net/projects/zcstools/files/
- I run it as a cron job every night. Keep backups for seven days, then coldbackup deletes older ones.
- It is working well and I can afford the 2 - 3 minutes downtime.

ADSL2+ Modem/Router: NAT enabled. Port forwarding as necessary. port 22, 25, 80, 4443

ISP: My ISP allows for port 25 to be enable/disable - So, no problem there

I think that is it. It has been running since February 2008 and of course been upgraded both the OS and Zimbra. It did not happen overnight. All was done after a lot of reading and trial and error.

[markeric]

I don't know anything about VirtualBox, but I'm sold on virtualization in general. Pretty much all the server stuff I've set up in the last couple years has been virtualized.

I looked closer into vmware esxi and I think that really is the right way to go for an appliance like this. Thanks for the tip!

You use the Red Hat binaries for CentOS. You need to specify a switch on the command line that says "Yeah, Yeah, I know it's not supported". FWIW, official CentOS support has been at the top of the wish list for quite some time.

Cool. I'm a big Ubuntu fan (love "apt-get") so I had not looked at CentOS before.

I'm still nervous about CentOS (being non-debian). Not sure I want to go that route. hmmm. Just a fear of the unknown and fear of a big time sink.

Thanks!
-Mark E.

[markeric]

Hello there,
Just my input to your project. I run my server as follows:

Excellent! Thanks for the help and the detailed list.

I'll look further into those resources.

-Mark E.

[Hivos]

Questions:

• Are there any gotcha's I should be aware of?

Thanks!
-Mark E.

Only one I can think of: if you have a "consumer" internet connection, make sure port 25 is opened. In quite some countries port 25 is blocked by ISP's as a counter-measure to virus-infected windows pc's sending out spam.

Code:

telnet smtp.google.com 25

If you get a connection, you're fine. If not, contact your ISP.

[markeric]

Code:

telnet smtp.google.com 25

If you get a connection, you're fine. If not, contact your ISP.

Yes, it works for me. So hopefully that applies to inbound as well.

Thanks for the tip.
-Mark E.