Published June 14, 2019 by

Restrict users to send mails to certain domains in Zimbra Mail server

This article, I have been explained how to restrict users to send emails to certain users or domains in the Zimbra mail server.

 Do the following activity as Zimbra user.

 1. Open file /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf and add this line at the top.
 check_sender_access lmdb:/opt/zimbra/conf/restricted_senders

2. Open file /opt/zimbra/conf/zmconfigd.cf and Find the section labeled SECTION mta and enter the following two lines directly below
 POSTCONF  smtpd_restriction_classes   local_only  
 POSTCONF  local_only                 FILE postfix_check_recipient_access.cf

3. Create a file "/opt/zimbra/conf/postfix_check_recipient_access.cf" and add the folloeing line
 check_recipient_access lmdb:/opt/zimbra/conf/local_domains, reject

4. Create a file "/opt/zimbra/conf/restricted_senders" and list all the users, whom you want to restrict. Follow this syntax:
 user@yourdomain.com      local_only

If you would like to restrict all users of a domain, enter the domain name instead of email ids. For example:
 yourdomain.com      local_only

5. Create a file "/opt/zimbra/conf/local_domains" and list all the domains where "restricted users" allowed to sent emails.
 yourdomain.com           OK   
 otheralloweddomain.com   OK

6. Finally, Run below commands for implement
 postmap /opt/zimbra/conf/restricted_senders  
 postmap /opt/zimbra/conf/local_domains   
 zmmtactl stop   
 zmmtactl start

Please try to sending email to allowed domain and not allowed domain. If you insert new user on number 4 or new domain on number 5, don’t forget to run again number 6.


Undo this configuration

Remove Step 2

and run below commands:
 postconf -e smtpd_restriction_classes=' '  
 zmmtactl reload

Read More

,

Published June 07, 2019 by

How to Take Backup of Zimbra Mail Server


Below shell script is a take a backup of you all email accounts in Zimbra
 #!/bin/bash  
   
 ################################################  
 # Zimbra backup script for open source edition #  
 ################################################  
   
 ZIMBRA_HOME=/opt/zimbra  
 ZIMBRA_BIN=$ZIMBRA_HOME/bin  
 ZIMBRA_BACKUP_DIR=$ZIMBRA_HOME/backup   
 BACKUP_DATE=`date +%G-%m-%d_%H-%M`   
   
 # set default option is 0 (unset)  
 VERBOSE=0   
   
 log()  
 {  
   # verbose option is turn on  
   if [ $VERBOSE -eq 1 ]; then  
     echo $1  
   fi  
 }  
   
 usage()   
 {  
   
   cat << EOF  
 zmbackup: zmbackup [-o path] -a|-u mailbox  
 EOF  
   
 }  
   
 backup_mailbox()  
 {  
   mbox=$1  
   log "start backup mailbox $mbox"  
   
   if [ ! -z $2 ]; then  
     $ZIMBRA_BIN/zmmailbox -z -m $mbox getRestURL "//?fmt=tgz" > $ZIMBRA_BACKUP_DIR/$2/$mbox-$BACKUP_DATE.tgz  
     log "backup mailbox $mbox successful"  
     log "backup to $ZIMBRA_BACKUP_DIR/$2"  
   
   else  
     $ZIMBRA_BIN/zmmailbox -z -m $mbox getRestURL "//?fmt=tgz" > $ZIMBRA_BACKUP_DIR/$mbox-$BACKUP_DATE.tgz   
     log "backup mailbox $mbox successful"  
     log "backup to $ZIMBRA_BACKUP_DIR"  
   fi  
 }   
   
 create_pack_backup()  
 {    
   log "search domain"  
   domains=`$ZIMBRA_BIN/zmprov gad`  
   
   for domain in $domains; do  
     log "start backup domain $domain"   
   
     # get all accounts from domain  
     mboxs=`$ZIMBRA_BIN/zmprov -l gaa $domain`  
   
     # check directory if -o is set  
     mkdir -p $ZIMBRA_BACKUP_DIR/$domain  
   
     # fetch account in tgz format  
     for mbox in $mboxs; do  
 #      $ZIMBRA_BIN/zmmailbox -z -m $mbox getRestURL "//?fmt=tgz" > $ZIMBRA_BACKUP_DIR/$domain/$mbox-$BACKUP_DATE.tgz  
       backup_mailbox $mbox $domain  
     done  
   
     # pack mailbox in domain  
     cd $ZIMBRA_BACKUP_DIR/$domain  
     tar czf $domain-$BACKUP_DATE.tgz `ls`  
     mv $domain-$BACKUP_DATE.tgz $ZIMBRA_BACKUP_DIR  
     cd $ZIMBRA_BACKUP_DIR  
     rm -rf $ZIMBRA_BACKUP_DIR/$domain  
       
     log "backup domain $domain successful"  
   
   done  
 }  
   
 # Option  
 # zmbackup [-ah] [-u mailbox] [-o path]   
 while getopts :aho:u:v OPTION; do  
   case $OPTION in  
     a )  
       AFLAG=1  
       ;;  
     h )  
       usage  
       ;;  
     o )  
       if [ -z $OPTARG ]; then  
         echo "-o option must specific path"  
         exit 1  
       else  
         ZIMBRA_BACKUP_DIR=${OPTARG:0:${#OPTARG}-1} # substring from 0 to strlen - 1  
       fi  
       ;;  
     u )   
       if [ -z $OPTARG ]; then  
         echo "-u option must specific mailbox"  
       else  
         UFLAG=$OPTARG  
       fi  
       ;;  
     v )  
       VERBOSE=1  
       ;;  
     # other option doesn't match  
     * )  
       usage  
       exit 1  
       ;;  
   esac  
 done  
   
 # if not specific -a or -u it error and exit the script  
 if [ -z $UFLAG ] && [[ $AFLAG -ne 1 ]]; then  
   echo "you must specific -a or -u option"  
   exit 1  
 fi  
   
 # if UFLAG has value but AFLAG is used  
 if [ ! -z $UFLAG ] && [[ $AFLAG -eq 1 ]]; then  
   echo "use -a or -u"  
   exit 1  
 # if declare UFLAG  
 elif [ ! -z $UFLAG ]; then  
   backup_mailbox $UFLAG  
 fi  
   
 # if AFLAG on  
 if [[ $AFLAG -eq 1 ]]; then  
   create_pack_backup  
 fi

For taking a backup run this above script with -a parameter
 ./zmbackup.sh -a

the backup file is stored in /opt/zimbra/backup
Read More

,

Published June 07, 2019 by

Redirect HTTP to HTTPS in Zimbra Mail Server


Using Below command we can forcefully redirect all HTTP request to HTTPS in Zimbra Mail Server.

 # su - zimbra  
 # zmprov ms myserver.yourdomain.com zimbraReverseProxyMailMode redirect  
 # zmcontrol restart

OR

 # su – zimbra  
 # zmtlsctl redirect  
 # zmcontrol restart

Read More

, ,

Published June 06, 2019 by

Install Rocket.Chat on Ubuntu or Debian

Rocket Chat is the leading open source team chat software solution. Free, unlimited and completely customizable with on-premises and SaaS cloud hosting.

You can consider rocket chat as an alternative to Skype and Slack chat solutions.

In this tutorial, we are learning how to install rocket chat on Ubuntu or Debian and configure let's encrypt SSL also we discuss how to take backup Rocket chat server.

 Install Rocket chat Server

 1. Update the system.
 sudo apt-get update

2. Install snap if it is not installed.
 sudo apt-get install snapd

3. Install Rocket Chat
 sudo snap install rocketchat-server

4. Check if Rocket Chat is running
 sudo service snap.rocketchat-server.rocketchat-server status

Then browse to http://localhost:3000 and setup Rocket Chat Server. 


Setup NGINX with Reverse Proxy and SSL

5. Install Nginx and enabled to start automatically on reboot
 sudo apt install nginx  
 sudo systemctl start nginx  
 sudo systemctl enable nginx
6. Set up NGINX Reverse Proxy

Remove the default site
 sudo rm /etc/nginx/sites-enabled/default

Create /etc/nginx/sites-available/rocketchat.conf file.
 vim /etc/nginx/sites-available/rocketchat.conf

add the necessary values to point to your domain name and to add the reverse proxy. Replace example.com with your actual domain name.
 server {  
   listen 80;  
   
   server_name example.com;  
   
   location / {  
     proxy_pass http://localhost:3000/;  
   }  
 }

Enable the new configuration by creating a link to it from /etc/nginx/sites-available/
 sudo ln -s /etc/nginx/sites-available/rocketchat.conf /etc/nginx/sites-enabled/

Test the configuration and reload the new configuration
 sudo nginx -t  
 sudo nginx -s reload

7. Generate SSL certificates using Certbot
 sudo apt-get install python-certbot-nginx  
 sudo certbot --nginx

Certbot will ask for information about the site. The responses will be saved as part of the certificate also Certbot will also ask if you would like to automatically redirect HTTP traffic to HTTPS traffic. It is recommended that you select this option.

Again Test the configuration and reload the new configuration
 sudo nginx -t  
 sudo nginx -s reload

Then browse to https://yourdomain.com and setup Rocket Chat Server. 
Read More

, , , , ,

Subscribe to: Posts (Atom)