Please note - This post has been turned into a
wiki article. Updates, corrections, and clarifications made on the article may not be reflected here, so I recommend you use the wiki as your primary point of reference. - DWM
This one is for the newbies. . .of which I am one!
I tried to follow pacsteel's instructions to the letter, and I honestly don't know if it's me, or changes in the distro, or what, but I couldn't get it to work. What follows is my description of the steps--only slightly different--that worked in July, 2007. I would never have gotten here without pacsteel's pointers, so credit where credit is due, but hopefully this will help a few of you get over hurdles that killed me.
Part of my fun, though this is not a unique setup, is that I have my mail server on a DMZ inside my firewall, with an IP address that's neither public nor the subnet of my lan. My public mail IP address, which is resolved by the DNS "out there" in the world, is translated to Zimbra's own address via DNAT/SNAT by my firewall. This is for security, but it makes bits of the Zimbra configuration slightly fun.
For simplicity's sake I'm referring to this address as the "private ip address" from here on. By that I mean that my Zimbra box has only one IP address, it's on the DMZ, and can be seen by my LAN but not the public. When I say "public IP address" I'm not talking about another address on the Zimbra box, but rather the address that gets DNATed to my box and which is resolved in the world.
The DNS issue discussed throughout this thread is PARAMOUNT! If you don't have your DNS working properly, don't even bother trying to install Zimbra, because at least on my machine, trying to fix DNS after the fact resulted in an install that could do everything except send mail--even from a Zimbra user to himself!
So I'll say it again:
If you can't resolve your mailserver's own private IP address (NOT the public IP) using nslookup, fix it BEFORE you install Zimbra!
My server installation is Ubuntu 6.06 from the downloadable ubuntu-6.06.1-server-i386.iso. I installed only the basic server--NOT the LAMP server--with the following little "gotchas."
1) The installation wants to configure your LAN via DHCP. Cancel it before it gets that far, and manually configure it with a static IP address, netmask, and gateway. Don't put in a public DNS for your nameserver configuration; instead put in the same IP address that you just gave the machine for its own static IP (I know, this won't let you resolve names on the internet, but be patient, we'll get there).
2) When the installation asks for a hostname, give it only a one-word hostname (e.g. "mail" or "myserver") NOT the fully-qualified domain name (mail.mydomain.com).
The server will install and configure, and when it's done and reboots you'll be able to ping public IP addresses if you know them, but you won't be able to resolve any names to ping them. Don't worry, we'll fix this.
Now we have to make this machine into a nameserver so it'll resolve things. Pacsteel's instructions were for old-fashioned bind, but I went for bind9 right away; unfortunately the instructions for configuring bind9 on a clean install are hard to read and not always helpful. Anyway, make sure your CD is back in the drive, get to your root prompt (sudo bash) and do
Code:
apt-get update
apt-get install bind9
Once bind9 is installed, you have to configure the following files, which are in the directory /etc/bind (for brevity I've deleted the generic comment lines included by the distro):
/etc/bind/named.conf.options (this one is exactly as pacsteel said)
Code:
options {
directory "/var/cache/bind";
query-source address * port 53;
forwarders {
xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx;
};
auth-nxdomain no; # conform to RFC1035
}; the ip addresses on this file are public ip addresses of the DNS you use in the outside world. The line "query-source address * port 53" is to allow your machine to hit the DNS if oddball DNS ports are blocked. You can leave it commented if you don't need it.
Check /etc/resolv.conf and make sure it looks like this:
Code:
nameserver xxx.xxx.xxx.xxx
The IP address here should be the Zimbra box's private ip address.
Once you've fixed these two files and restarted bind
Code:
/etc/init.d/bind9 restart
you should be able to resolve names in the outside world. Try something like "ping google.com" and if you get an answer, you're on the way.
Now it's time to get the internal zone working. This involves the same two files pacsteel used, but with some minor syntax changes:
Append the following lines to /etc/bind/named.conf.local
Code:
zone "mydomain.com" {
type master;
file "/etc/bind/db.mydomain.com";
}; Note that you need to type the full pathname to your db.* file. Also, be sure you don't miss a semicolon ";" in any of these lines that have them because a missing semicolon breaks the file.
Now create your file /etc/bind/db.mydomain.com
Code:
;
; BIND data file for mydomain.com
;
$TTL 604800
@ IN SOA mail.mydomain.com. admin.mydomain.com. (
070725 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS mail
IN MX 10 mail
IN A xxx.xxx.xxx.xxx
mail IN A xxx.xxx.xxx.xxx The ip address here is again your Zimbra internal ip address; the string "admin.mydomain.com" is replaced with the email address you are using for administration, only with a "." instead of the "@" in the address. Be careful to increment the serial number one higher every time you modify this file or the changes won't stick.
Now reboot the machine (restarting bind wasn't enough to work for me) and try to resolve your mail server.
Code:
nslookup mydomain.com
If it returns your public IP address, your internal DNS is not working. If things are configured correctly it'll return the internal address.
Before you get to the install you also need to modify your /etc/hosts file. There are two possible structures. If you are using 4.5.7 or later, do it right:
Code:
127.0.0.1 localhost.localdomain localhost
xxx.xxx.xxx.xxx hostname.mydomain.com mail
If you're still on 4.5.6 (which should not be the case for most users) I had to use a slightly nonstandard hosts format to get the install to work:
Code:
127.0.0.1 localhost
xxx.xxx.xxx.xxx hostname.mydomain.com mydomain.com mail
ONLY IF this is working, it's now time to update your packages and install Zimbra. The lists of necessary packages are in several messages on this thread, but the easy thing to do is try to run the install and let Zimbra give you a list of what's missing. I used the Zimbra 4.65 for Ubuntu package zcs-4.5.6_GA_1044.UBUNTU6.tgz, which I moved into /tmp. Go to the /tmp directory, and type
and it'll create a whole directory /tmp/zcs with lots of files inside it. Then:
Code:
cd /tmp/zcs
./install.sh
It's not going to work the first time, but it'll give you a list of what you need to install. Write down all the filenames it says are missing. Your list may be slightly different than mine, but whatever it is, Zimbra won't tell you that you also need perl, so be sure and load it too. Just separate each filename with a space:
Code:
apt-get install libidn11 curl fetchmail libpcre3 libgmp3c2 libxml2 libstdc++6 openssl perl
Now re-run your Zimbra install and accept all the defaults except:
When it asks you for your domain, it's going to have your fully-qualified domain name (hostname.mydomain.com) rather than just the domain, and probably complain about not having an MX record. Change the hostname to just mydomain.com and it'll find the names through nslookup, and it'll be happy. The rest of the install should proceed without errors, except for asking you to set your administrative user's password (option 6 and then 4).
Finally, when the install is done and it has given you the last "press Enter to finish" you need to turn on crontab for the user zimbra or your logs won't work.
Code:
crontab -u zimbra -l
Now reboot the system, and when it comes back up,give it a couple minutes to start the rest of the Zimbra processes. If your installation is successful, you can go to
https://xxx.xxx.xxx.xxx:7071 (your internal ip address again) to get the administrative console, or
http://xxx.xxx.xxx.xxx to log in as a user.
Congratulations--one shiny new Zimbra installation on Ubuntu!
Bugzilla
Wiki
Source
Linear Mode
