Best Practices on Email Protection: SPF, DKIM and DMARC

Once we installed Zimbra Collaboration, we need to be aware of some additional configurations that will allow us to send emails to other Email systems with an improve Security, such Gmail, Hotmail, Yahoo!, etc. This Wiki article will show the different Email Protection resources that exists, depends of the volume of sent email, will be better to implement only one, or two, or maybe all of them, depends.

Sender Policy Framework (SPF) is an email validation system, designed to prevent unwanted emails using a spoofing system. To check this common security problem, SPF going to verify the source IP of the email and compare it with a DNS TXT record with a SPF content. 

Where needs to be configured?
SPF needs to be configured in the Public DNS Continue reading “Best Practices on Email Protection: SPF, DKIM and DMARC” »


Zimbra Increasing Attachment Size works for 8.5

Through zimbraGUI didn’t find it how to do it, but through console it appeared to be working with the following set of commands to modify postfix actually-

su zimbra 
zmprov mcf zimbraMtaMaxMessageSize 20971520 
zmprov mcf zimbraFileUploadMaxSize 20971520 
zmprov mcf zimbraMailContentMaxSize 52428800 
zmprov modifyConfig zimbraMtaMaxMessageSize 52428800 
postfix reload

Once theyre executed, restart the server (restarting zimbra won’t reflect the changes made, so need a fresh reboot of OS)


Using DKIM to Authenticate Email Message

Domain Keys Identified Mail (DKIM) defines a domain-level authentication mechanism that lets your organization take responsibility for transmitting an email message in a way that can be verified by a recipient. Your organization can be the originating sending site or an intermediary. Your organization’s reputation is the basis for evaluating whether to trust the message delivery.

You can add a DKIM digital signature to outgoing email messages, associating the message with a domain name of your organization. You can enable DKIM signing for any number of domains that are being hosted by ZCS. It is not required for all domains to have DKIM signing enabled for the feature to work.

DKIM defines an authentication mechanism for email using Continue reading “Using DKIM to Authenticate Email Message” »


Zimbra 8 Community edition on Scientific Linux 6 (64 Bit)

Install SL 6.3 (64 bit)

  • Installing SL6.3 (64bit)  with 'minimal' installation mode
  • Post installing, fix with the Static IP Address (Public IP and I assume the system is not behind firewall)
  • Double check with /etc/resolv.conf file parameters

Prerequisites for ZImbra installation

Let's firsy update-

yum update

Let's install some pckages as well

yum – y install sudo sysstat gmp libidn libstdc++ bind bind-chroot bind-libs bind-utils wget php perl nc sqlite

and few more packages-

yum install compat-libstdc++-33 sysstat

If anything missed out you'll know in the next steps, if anything left google it, chances are you'll be able to yum it :), however for this time being the environment is made. Now proceed to download Zimbra.

Make some backend job-

  • Make sure 'SELINUX' is disabled
  • The iptables service is stopped
  • 'postfix' service is stopped and disabled at runtime and on boot

Download ZImbra

My downloaded edition was-

Once downloaded, get inside the extracted folder. Continue reading “Zimbra 8 Community edition on Scientific Linux 6 (64 Bit)” »


Install Zimbra on Centos 5 Step by step

Zimbra is a suite of tools for Unix/Linux/MacOS systems, which includes a secure mail server, web mail, anti-spam/anti-virus controls, a Web management interface, integrated calendaring, mobile device sync, and more. In many ways, Zimbra is the Unix equivalent to Microsoft Exchange.
In this post, I will be installing Zimbra onto a CentOS virtual machine. The machine will need at least 1024mb of memory to run the default Zimbra services. I was unable to make it run without errors with any less memory.

Things to do after a clean installation of Centos 5.5:

  • Disable SELinux and
  • Disable Linux Firewall

The last step is to shutoff some services that will interfere with ZCS.

chkconfig sendmail off
chkconfig ip6tables off
chkconfig iptables off

We need one package before we can continue:

yum install libtool-ltdl

This completes the base installation of CentOS. On the next page we will setup Split DNS which is essential for ZCS. Go ahead and reboot, and fill up that coffee cup. Continue reading “Install Zimbra on Centos 5 Step by step” »


Step by Step Zimbra 6.x installation on CetOS 5.x

First you need to install a fresh CentOS operating system, keeping almost everything as default state. In this installation note I'm assuming few things-

  • There is either a LARGE '/' partion or a LARGE '/opt' partition. Zimbra by  default is installed on /opt directory
  • I'm also assuming that the server is not sitting beehind a firewall (for example if it's reched by port/ip forwarding from firewall, it won't work). But there are some  additional tasks that can allow you to run it behind a firewall. But unfortunately, I won't cover that up here.
  • SELinux and Linux firewall, should be disabled for the time being.
  • You can install webmin, and from there you can create your custom firewall policy/rule- but you can always do this later, after post installation of Zimbra

Now let's start.

Now we need to shutoff some services that will interfere with ZCS. Continue reading “Step by Step Zimbra 6.x installation on CetOS 5.x” »