Zimbra

looky · #1 (**permalink**) 06-06-2007, 05:56 AM

Hi,

I have to add additional AV scanner (SMS SMTP Symantec) to work with zimbra.
I know that ClamAV is a good solution but this is rather political decision.

I would like to add this 3rd party scanner before zimbra MTA version 4.5.5_GA_838.RHEL4.

I think that 3rd party scanner will listen on port 25 for incoming emails, than forward it directly to 7075 (smtp zimbra port).
Zimbra port mapping between ports 25 -> 7075 should be disabled.

My question is where (file .conf or from command line) I can disable this zimbra port mapping(25->7075)?

Thanks for help.

mmorse · #2 (**permalink**) 06-06-2007, 08:28 AM

Old material:

Quote:

Originally Posted by KevinH

The MTA runs on 7075 and is mapped to port 25 via iptables. So you can try working with 7075 and see if that avoids your ISP's filtering.
-kevin

Quote:

You'll see the mappings if you run (as root)
iptables -t nat -L
(syntax varies)

The iptables rules are installed with the script /opt/zimbra/bin/zmiptables - the option to remove the rules is -u.

To turn them all off you would run (as root):
/opt/zimbra/bin/zmiptables -u
/opt/zimbra/bin/zmiptables -i
Questions Before I Start

So I think you would be able to:
-so turn them all off
-modify the script to your liking
-turn back on

dijichi2 · #3 (**permalink**) 06-06-2007, 08:34 AM

when you say add additional scanner, you mean disable the existing one and replace it? to add additional scan engine like symantec, amavisd should pick it up automatically - have a look through /opt/zimbra/conf/amavisd.conf.

didn't iptables mappings disappear back in the 3.x days?

mmorse · #4 (**permalink**) 06-06-2007, 08:40 AM

I think he means a separate box-physically infront of the zimbra mta.
ie: Not turn off ClamAV, but it doesn't make his boss/whoever happy to just use ClamAV alone (at least that's how I interprit 'political' reasons)

Can this symantec product act as an MTA? (pass the traffic through it)

old crap:
iptables-that was compiled from a bunch of (old) threads by kevinH & marc -didn't actually test anything myself
-yup, I don't have any iptables script/iptables running on any of my builds, I did kinda wonder-but posted anyway

Newer/2006 threads:
Move SMTP To Different Port
SMTP Submission Port

mmorse · #5 (**permalink**) 06-06-2007, 09:27 AM

lol: http://www.zimbra.com/blog/archives/...es_depend.html
so what is this port 7075 issue then?

looky · #6 (**permalink**) 06-08-2007, 08:46 AM

Finally I found solution. And it is very easy to change the port for SMTP in zimbra.

Example-> change smtp to port 26
1. zmprov mcf SERVERNAME zimbraSmtpPort 26
2. zmprov mc SERVERNAME zimbraSmtpPort 26
3. modify /opt/zimbra/postfix/config/master.cf
from: smtp inet n - n - - smtpd
to: 26 inet n - n - - smtpd
4. zmcontrol stop;zmcontrol start

In this example I modify config (step 1) and server (step 2).Maybe it can by modyfied only one of this variable but in this case everything works.

If zimbra smtp works on other than 25 port, I can configure SMS SMTP Symantec or any 3rd party AV to listen on port 25 and forward mail from it to zimbra on 26 port on the same host.

Thank You very much for help. Your responses gave me a clue, how to resolve my problem. Keep up good work!

dijichi2 · #7 (**permalink**) 06-08-2007, 08:50 AM

Hi, just take note that step 3 will be overwritten at next upgrade, you will have to alter it by hand again!

Zimbra

Downloads

Product Information

Toolbox

Why Join?