Installing Let’s Encrypt on a Zimbra Server

Let’s Encrypt must be installed on one Linux machine to obtain the proper SSL Certificate, CA Intermediate, and Private Key. It is not required that it be on the same Zimbra Server, but it could save time and help to obtain the renewals, etc.

First Step is to stop the jetty or nginx service at Zimbra level

zmproxyctl stop
zmmailboxdctl stop

Second step is to Install git on the Server (apt-get install git/yum install git), and then do a git clone of the project on the folder we wantNote: On RedHat/CentOS 6 you will need to enable the EPEL repository before install.

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt

Let’s now run Let’s Encrypt in auto mode and use the certonly option, because for now the project can’t automatically install the cert on Zimbra servers.

root@zimbra86:~/tmp/letsencrypt# ./letsencrypt-auto certonly --standalone

If you need to have multiple hostnames on the same SSL, so a Multi-SAN, SSL, please run instead, where -d are your domains:

root@zimbra86:~/tmp/letsencrypt# ./letsencrypt-auto certonly --standalone -d xmpp.example.com -d conference.example.com

Continue reading “Installing Let’s Encrypt on a Zimbra Server” »

Share

DNS UDP Load Balancer using Nginx

The plan is to build a DNS- UDP load balancer DNS recursive server (actually forwarding service). The design logic is simple-

On client side a public recursive+forwarding DNS IP –> hits the Nginx Load Balancers  –> sends traffic to Google Public DNS/IBM Public DNS/Own recursive DNS/OpenDNS.

The configuration is quite simple on Nginx Load Balancer, the core configuration content is pretty straight forward:

# Load balance UDP-based DNS traffic across two servers
stream {
upstream dns_upstreams {
server 192.168.136.130:53;
server 192.168.136.131:53;
}

server {
listen 53 udp;
proxy_pass dns_upstreams;
proxy_timeout 1s;
proxy_responses 1;
error_log logs/dns.log;
}
}

Continue reading “DNS UDP Load Balancer using Nginx” »

Share

Bind DNS Auto Slave Using Webmin

The latest webmin has bug! In this tutorials I’m using webmin verison 1.801- that actually works. Don’t know if webmin team really knows are aware of the bug 🙁

So, let’s start. But before that, it’s assumed that you have webmin installed in both the servers.

Configuring Webmin Server Continue reading “Bind DNS Auto Slave Using Webmin” »

Share

Best free bandwidth monitoring software and tools to analyze network traffic usage

To keep an eye on the health of your network and diagnose problems that crop up, an essential activity is monitoring your bandwidth and knowing which traffic is consuming it.

Your ISP promises to provide you with a reliable pipe to the Internet of a certain volume; your chosen network hardware install is designed to provide a particular level of service within your facility. Are you getting your expected bandwidth and availability, or is something failing to deliver? Is there unexpected traffic consuming the bandwidth that you are getting?

Tools to monitor bandwidth can leverage various traffic-monitoring technologies. A host can observe all the packets passing by a particular network interface (that is, packet capture). Most managed network devices – and hosts – support SNMP, and so they can be queried to get performance statistics. If your network devices support a traffic monitoring protocol like NetFlow or sFlow, they can publish traffic data to your monitoring tool.

Which bandwidth monitoring tooling is right for you? There are several considerations. One factor is what monitoring technologies your installed hardware supports (eg, do they support SNMP? NetFlow? sFlow?). One is the size and complexity of your network; a simple tool that’s a great fit for a small office is completely inadequate for a large sophisticated network. Here we’ll look at the most popular and feature-rich free bandwidth monitoring tools.

Here’s a list of the best free bandwidth monitoring tools:

  • SolarWinds Real-Time Bandwidth Monitor
  • WhatsUpGold
  • SoftPerfect NetWorx
  • Manage Engine Bandwidth Monitor
  • PRTG
  • ntopng

Continue reading “Best free bandwidth monitoring software and tools to analyze network traffic usage” »

Share

Enable WIndows Photo Viewer in Windows 10

Default windows “Photo” app is clumsy at some point, missed the earlier “Photo Viewer” program. So, going back to root and after googling, here’s a small hack to enable “Windows Photo Viewer” in windows 10 edition.

  1. Download the photo.zip and unzip it. You’ll get a photo.reg file. The file is created from this forum http://www.tenforums.com/software-apps/8930-windows-photo-viewer-gone-2.html#post290818 
  2. Double-click on your new REG file to merge it with your Windows Registry. You will need to click through the User Account Control and a few other windows to allow the file to make changes to the Registry.
  3. Basically you are done.
  4. Next what you need is to right click on any JPEG/JPG/BMP/PNG/GIF file that you want open/view using legacy windows photo viewer and make it as default.

 

Share

Zimbra send http traffic to https or keeping both in mix

HTTP proxy can support protocol modes for HTTP or HTTPS only, both HTTP and HTTPS, mixed HTTP and HTTPS or HTTPS redirect from HTTP. Redirect is a popular configuration. This configuration must be made to the proxy servers.

HTTPS redirect from HTTP

zmprov ms proxy.server.name zimbraReverseProxyMailMode redirect

HTTP and HTTPS (support both)

zmprov ms proxy.server.name zimbraReverseProxyMailMode both

HTTPS only

zmprov ms proxy.server.name zimbraReverseProxyMailMode https

HTTP only

zmprov ms proxy.server.name zimbraReverseProxyMailMode http

“mixed” will cause only authentication to be sent over HTTPS

zmprov ms proxy.server.name zimbraReverseProxyMailMode mixed

Src:
https://wiki.zimbra.com/wiki/Enabling_Zimbra_Proxy_and_memcached#Protocol_Requirements_Including_HTTPS_Redirect

Share

Mount CD or DVD Rom in Linux

Finding out your CD/DVD names in Linux

Use the following command to find out the name Of DVD / CD-ROM / Writer / Blu-ray device on a Linux based system:

# lsblk

OR

# dmesg | egrep -i --color 'cdrom|dvd|cd/rw|writer'

Sample outputs (/dev/sr0):

[ 5.437164] sr0: scsi3-mmc drive: 24x/24x writer dvd-ram cd/rw xa/form2 cdda tray
[ 5.437307] cdrom: Uniform CD-ROM driver Revision: 3.20

Syntax to mount DVD / CDROM in Linux
The syntax is:

# mount -t iso9660 -o ro /dev/deviceName /path/to/mount/point

Create a mount point, type mkdir command as follows:

# mkdir -p /mnt/cdrom

Continue reading “Mount CD or DVD Rom in Linux” »

Share

Increase mail attachment in Zimbra 8.8

Postfix configuration (zimbraMtaMaxMessageSize and message_size_limit)

You can examine the current value of this parameter like this:

# su - zimbra
$ postconf message_size_limit
message_size_limit = 10240000

This configuration parameter is stored in the zimbra ldap directory, and propagated to postconf’s message_size_limit by zmmtaconfig, which is invoked by the zimbra postfix command. The following commands will set the message_size_limit to 2MB (adjust this value to suit your needs):

# su - zimbra
$ zmprov modifyConfig zimbraMtaMaxMessageSize 2048000
$ postfix reload

You can then confirm the changes with this command:

$ postconf | grep message_size_limit

IMAP Continue reading “Increase mail attachment in Zimbra 8.8” »

Share

LAMP on Ubuntu 16.04 using Tasksel

Quick Install Using Tasksel

Instead of installing Apache, MySQL, and PHP separately, tasksel offers a convenient way to get a LAMP stack running quickly. Install tasksel if not already installed by default.

sudo apt install tasksel

Use tasksel to install the LAMP stack.

sudo tasksel install lamp-server

Enter the prompt for a MySQL root password.

Share

Mail Sync between 2 mailservers using Imapsync

Imapsync is an IMAP transfer tool used for copying emails from one IMAP server to another IMAP server. This article will help you to install imapsync on Ubuntu, Debian, and LinuxMint systems and transfer all your Mailboxes and emails between two IMAP servers.

Step 1 – Install Imapsync
Imapsync package is available under EPEL package repository. First make sure you have added EPEL on your system or install it first.

$ sudo yum install epel-release

Now, install imapsync package using following command. Continue reading “Mail Sync between 2 mailservers using Imapsync” »

Share