The following guide is for installing ZCS on Ubuntu Server 8.04 LTS, and is a revision of my previous Ubuntu Server 6.06 installation guide here. Please verify which version you are using and follow the appropriate guide, as there are material differences between the two. I have tested this guide with the 32-bit version of Ubuntu only; others will need to verify if any tweaks are necessary for a 64-bit installation.

This installation is for a split-DNS setup, where the server resides on a DMZ and so needs to resolve to its own internal (DMZ subnet) IP address rather than the public IP address that is published to the world. This is a setting where a firewall/router supplies the translation from the public IP to the DMZ IP (DNAT–Destination Network Address Translation) so that translation is not known to the server itself. This configuration is desirable for security, but it makes bits of the Zimbra configuration more complex than they might otherwise be.

For simplicity’s sake I’m referring to Zimbra’s DMZ address as the “private ip address” from here on. By that I mean that the Zimbra box has only one IP address, it’s on the DMZ, and can be seen by my LAN but not the public. When I say “public IP address” I’m not talking about another address on the Zimbra box, but rather the address that gets DNATed to my box and which is resolved in the world.

Contents [hide] 1 Installing Ubuntu 8.04 LTS 2 DNS 3 Hosts Table 4 Installing ZCS 5 Directory Permissions on /tmp 6 Sending Mail from Terminal (optional)

Installing Ubuntu 8.04 LTS

Obtain your installation binary from Ubuntu at http://www.ubuntu.com/getubuntu/download. Be sure you download the LTS (Longterm Support) Server Edition, NOT the Desktop Edition. Burn the iso file to a CD and boot it in your server. There is an excellent, highly-detailed installation guide for this version at http://www.howtoforge.com/perfect-server-ubuntu8.04-lts. I highly recommend this guide, particularly if you are new to Linux or Ubuntu specifically. The following points need to be kept in mind as you install:

1) The installation (and the guide) want to configure your LAN via DHCP. Cancel it before it gets that far, and manually configure it with a static IP address, netmask, and gateway. Don’t put in a public DNS for your nameserver configuration; instead put in the same IP address that you just gave the machine for its own static IP (this won’t let you resolve names on the internet until we do some more configuration below, but it saves headaches later).

2) When the installation asks for a hostname, give it only a one-word hostname (e.g. “mail” or “myserver”) NOT the fully-qualified domain name (mail.mydomain.com). In the next screen where it asks for the domain name, give the “mydomain.com” part without the hostname.

3) Hard disk configuration is easy if you are using a single drive, but for a server, that’s not the most secure way to do things. Ideally you should have either a RAID-1 or a RAID 1+0 configuration for your disks to provide redundancy. Most ideally that would be hardware-RAID, but configuring it in Ubuntu is a challenge. Software RAID (native to Linux) on the other hand, is easy IF you set it up AT THE TIME YOU ARE PARTITIONING YOUR DISKS. See this howto http://www.howtoforge.com/how-to-install-ubuntu8.04-with-software-raid1 for setup instructions if you want to use software RAID. As to partitioning your drives, you can find a variety of opinions. I just make a small partition for swap (1.5-2x RAM) and the rest for the whole system. Others will recommend separate partitions for mailstore, system, etc. Use your own judgement here.

4) Once the base system has been installed, the installer will ask you for a username, and then a password for that user. This needs to be a non-root user, and unlike previous Ubuntu versions, the user “admin” is no longer accepted. Whatever you choose, that username and password will be what you use to log in at the command line later, and the same password will be the password for sudo commands. Be sure you remember what you put in here!

5) At the “Software Selection” screen, select the DNS Server and OpenSSH Server options for installation, but nothing else. This will allow remote administration (SSH), and will install bind9 which you will need for split DNS.

6) Run the following command to make sure you have all the necessary packages: sudo apt-get install bind9 dnsutils file libgmp3c2 libexpat1 libstdc++5 libltdl3 libperl5.8 perl curl libpcre3 libc6

With these items, your installation will complete and the system will reboot.

This guide shows how to install the Zimbra Collaboration Suite (ZCS) on Ubuntu 6.10 (Edgy Eft) and 6.06 (Dapper Drake) server systems. Zimbra is a full-featured, open source collaboration suite – email, group calendaring, contacts, and web document management and authoring. It has a feature-rich AJAX web interface and is compatible with clients such as Microsoft Outlook, Apple Mail, and Novell Evolution so that mail, contacts, and calendar items can be synchronised from these to the ZCS server. It can also be synchronized to many mobile devices. ZCS makes use of many existing open source projects such as Postfix, MySQL, and OpenLDAP.

I do not issue any guarantee that this will work for you!

To enable the root account, run

and specify a password for root.

Afterwards, become root by running

All following commands in this tutorial are executed as root (unless something else is written)!

Just run

to install the SSH daemon.

Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.110):

Then restart your network:

Then edit /etc/hosts. Make it look like this:

Now run

and reboot the system:

Afterwards, run

Both should show mail.example.com.

From now on you can use an SSH client such as PuTTY and connect from your workstation to your Ubuntu server and follow the remaining steps from this tutorial.

DNS

Proper DNS configuration is PARAMOUNT! If you don’t have your DNS working properly, don’t even bother trying to install Zimbra, because trying to fix DNS after the fact may result in an install that can do everything except send mail–even from a Zimbra user to himself! So I’ll say it again:

If you can’t resolve your mailserver’s own private IP address (NOT the public IP) using nslookup, fix it BEFORE you install Zimbra!

If your installation above was successful, when you sign on at the command line you’ll be able to ping public IP addresses if you know them, but you may not be able to resolve any names to ping them.

Now you have to configure the following files, which are in the directory /etc/bind (for brevity I’ve deleted the generic comment lines included by the distro). Note that the query-source address and forwarders lines are already there, they just need to be uncommented, and in the case of the forwarders, the ip addresses of your ISP’s DNS servers need to be added. Note also that the syntax needs to be EXACTLY as shown below–leave out one semicolon or bracket and the whole thing blows up:

/etc/bind/named.conf.options

options {
        directory "/var/cache/bind";

        query-source address * port 53;

        forwarders {
                xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx;
        };

        auth-nxdomain no;    # conform to RFC1035

};

the ip addresses on this file are public ip addresses of the DNS you use in the outside world. The line “query-source address * port 53” is to allow your machine to hit the DNS if oddball DNS ports are blocked. You can leave it commented if you don’t need it.

Check /etc/resolv.conf and make sure it looks like this:

nameserver xxx.xxx.xxx.xxx

The IP address here should be the Zimbra box’s private ip address.

Once you’ve fixed these two files and restarted bind

/etc/init.d/bind9 restart

you should be able to resolve names in the outside world. Try something like “ping google.com” and if you get an answer, you’re on the way.

Now it’s time to get the internal zone working. Append the following lines to /etc/bind/named.conf.local

        zone "mydomain.com"  {
                type master;
                file "/etc/bind/db.mydomain.com";
        };

Note that you need to type the full pathname to your db.* file. Also, be sure you don’t miss a semicolon “;” in any of these lines that have them because a missing semicolon breaks the file.

Now create your file /etc/bind/db.mydomain.com

;
; BIND data file for mydomain.com
;
$TTL    604800
@       IN      SOA     mail.mydomain.com. admin.mydomain.com. (
                         070725         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      mail
        IN      MX      10 mail
        IN      A       xxx.xxx.xxx.xxx
mail    IN      A       xxx.xxx.xxx.xxx

The ip address here is again your Zimbra internal ip address; the string “admin.mydomain.com” is replaced with the email address you are using for administration, only with a “.” instead of the “@” in the address. Be careful to increment the serial number one higher every time you modify this file or the changes won’t stick. Many users use the date they edit the file for the serial number, but as long as you start low and only get higher it really doesn’t matter.

Now you may need to reboot the machine (restarting bind9 alone doesn’t always work) and try to resolve your mail server.

nslookup mydomain.com

If it returns your public IP address, your internal DNS is not working. If things are configured correctly it’ll return the internal address.

Hosts Table

Before you get to the install you also need to modify your /etc/hosts file:

127.0.0.1       localhost.localdomain   localhost
10.3.2.244      mail.tractor-equip.net  mail

ONLY IF this is working, it’s now time to update your packages:

sudo bash (this will ask for your password, enter your administrator's pw, then you'll be at a root prompt)
apt-get upgrade
apt-get update

Now you’re ready to install Zimbra.

Installing ZCS

Several discussion groups have listed the dependencies not installed by the standard Linux install, but the easy thing to do is try to run the install and let Zimbra give you a list of what’s missing. Download the appropriate package for your Ubuntu installation (32 or 64 bit Ubuntu 8.04 LTS), copy it into your choice directory (I prefer /temp because /tmp is volatile and clears out every reboot), change to that directory, and type

tar -xzf zc*

and it’ll create a whole directory /temp/zcs with lots of files inside it. Then:

cd /temp/zcs
./install.sh

It’s not going to work the first time, but it’ll give you a list of missing dependencies. Write down all the package names it says are missing. Your list may be slightly different than mine, but whatever it is, load them. Just separate each package name with a space like this:

apt-get install libpcre3 libgmp3c2 libstdc++5

Now re-run your Zimbra install and accept all the defaults except:

When it asks you for your domain, it’s going to have your fully-qualified domain name (hostname.mydomain.com) rather than just the domain, and probably complain about not having an MX record. Change the hostname to just mydomain.com and it’ll find the names through nslookup, and it’ll be happy. The rest of the install should proceed without errors, except that toward the end it’s going to ask you to “Adress unconfigured items” but, if you’re doing this from the console and not from an SSH connection with a buffer, the actual item that’s unconfigured is off the screen and invisible. It’s the admin password, which is in menu item 3.

Finally, when the install is done and it has given you the last “press Enter to finish” you are almost done. I recommend at this point that you convert your webmail to use https rather than http. This is a security question, but it is also discretionary. If you choose to do this, then at the command prompt, type:

su - zimbra
zmtlsctl https

Now reboot the system, and when it comes back up,give it a couple minutes to start the rest of the Zimbra processes. If your installation is successful, you can go to https://xxx.xxx.xxx.xxx:7071 (your internal ip address again) to get the administrative console, or

https://xxx.xxx.xxx.xxx to log in as a user.

Congratulations–one shiny new Zimbra installation on Ubuntu!