Zimbra. Implement, Administer and Manage. Get your organization up and running with Zimbra, fast. Marty Resnick David Touitou BIRMINGHAM - MUMBAI

Size: px

Start display at page:

Download "Zimbra. Implement, Administer and Manage. Get your organization up and running with Zimbra, fast. Marty Resnick David Touitou BIRMINGHAM - MUMBAI"

Jonathan Wiggins
5 years ago
Views:

2 Zimbra Implement, Administer and Manage Get your organization up and running with Zimbra, fast Marty Resnick David Touitou BIRMINGHAM - MUMBAI

3 Zimbra Implement, Administer and Manage Copyright 2007 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: September 2007 Production Reference: Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN Cover Image by Vinayak Chittar (vinayak.chittar@gmail.com)

4 Credits Author Marty Resnick Project Manager Abhijeet Deobhakta Co-author David Touitou Project Coordinator Sagara Naik Reviewer David Touitou Senior Acquisition Editor David Barnes Development Editor Mithil Kulkarni Technical Editor Ajay.S Editorial Manager Dipali Chittar Indexer Hemangini Bari Monica Ajmera Proofreader Cathy Cumberlidge Damian Carvill Production Coordinator Shantanu Zagade Cover Designer Shantanu Zagade

5 About the Author Marty Resnick has been in the Information Technology field for over 10 years. As owner of Techmaking, Inc. Marty's main focus has been on helping small-medium sized businesses create enterprise-level infrastructures on an SMB budget. With a strong emphasis on open-source technologies, Marty has helped businesses accomplish their goals effectively, efficiently, and securely. Marty has received a Masters of Computer Information Science from Boston University, also, is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Auditor (CISA).

6 Zimbra Implement, Administer and Manage Get your organization up and running with Zimbra, fast Marty Resnick David Touitou BIRMINGHAM - MUMBAI

7 Zimbra Implement, Administer and Manage Copyright 2007 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: September 2007 Production Reference: Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN Cover Image by Vinayak Chittar (vinayak.chittar@gmail.com)

8 Credits Author Marty Resnick Project Manager Abhijeet Deobhakta Co-author David Touitou Project Coordinator Sagara Naik Reviewer David Touitou Senior Acquisition Editor David Barnes Development Editor Mithil Kulkarni Technical Editor Ajay.S Editorial Manager Dipali Chittar Indexer Hemangini Bari Monica Ajmera Proofreader Cathy Cumberlidge Damian Carvill Production Coordinator Shantanu Zagade Cover Designer Shantanu Zagade

9 About the Author Marty Resnick has been in the Information Technology field for over 10 years. As owner of Techmaking, Inc. Marty's main focus has been on helping small-medium sized businesses create enterprise-level infrastructures on an SMB budget. With a strong emphasis on open-source technologies, Marty has helped businesses accomplish their goals effectively, efficiently, and securely. Marty has received a Masters of Computer Information Science from Boston University, also, is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Auditor (CISA).

10 About the Co-author David Touitou has been working in the IT field for 15 years now. He started (fixing Novell Netware 3.12 servers) even before graduation. He has gone through tiny local companies around Paris to big ones (the leader in BI), also from web design to infrastructure management. His previous job was to design and manage the R&D datacentre of a software vendor (800 servers, 39 racks in 2003, multi-vendors VPN with the rest of the world), while doing some high-level support in networking for the developing teams. As CTO (and owner) of Network Studio, he is still working around datacentres, designing and managing infrastructure for customers (from SMB to the EU Council). His company were one of the first to spread the Zimbra word in France (beginning of 2006) and currently have several customers with several thousands of Zimbra licences up and running.

11 About the Co-author David Touitou has been working in the IT field for 15 years now. He started (fixing Novell Netware 3.12 servers) even before graduation. He has gone through tiny local companies around Paris to big ones (the leader in BI), also from web design to infrastructure management. His previous job was to design and manage the R&D datacentre of a software vendor (800 servers, 39 racks in 2003, multi-vendors VPN with the rest of the world), while doing some high-level support in networking for the developing teams. As CTO (and owner) of Network Studio, he is still working around datacentres, designing and managing infrastructure for customers (from SMB to the EU Council). His company were one of the first to spread the Zimbra word in France (beginning of 2006) and currently have several customers with several thousands of Zimbra licences up and running.

12 Zimbra Implement, Administer and Manage Get your organization up and running with Zimbra, fast Marty Resnick David Touitou BIRMINGHAM - MUMBAI

13 Zimbra Implement, Administer and Manage Copyright 2007 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: September 2007 Production Reference: Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN Cover Image by Vinayak Chittar (vinayak.chittar@gmail.com)

14 Credits Author Marty Resnick Project Manager Abhijeet Deobhakta Co-author David Touitou Project Coordinator Sagara Naik Reviewer David Touitou Senior Acquisition Editor David Barnes Development Editor Mithil Kulkarni Technical Editor Ajay.S Editorial Manager Dipali Chittar Indexer Hemangini Bari Monica Ajmera Proofreader Cathy Cumberlidge Damian Carvill Production Coordinator Shantanu Zagade Cover Designer Shantanu Zagade

15 About the Author Marty Resnick has been in the Information Technology field for over 10 years. As owner of Techmaking, Inc. Marty's main focus has been on helping small-medium sized businesses create enterprise-level infrastructures on an SMB budget. With a strong emphasis on open-source technologies, Marty has helped businesses accomplish their goals effectively, efficiently, and securely. Marty has received a Masters of Computer Information Science from Boston University, also, is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Auditor (CISA).

16 Zimbra Implement, Administer and Manage Get your organization up and running with Zimbra, fast Marty Resnick David Touitou BIRMINGHAM - MUMBAI

17 Zimbra Implement, Administer and Manage Copyright 2007 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: September 2007 Production Reference: Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN Cover Image by Vinayak Chittar (vinayak.chittar@gmail.com)

18 Credits Author Marty Resnick Project Manager Abhijeet Deobhakta Co-author David Touitou Project Coordinator Sagara Naik Reviewer David Touitou Senior Acquisition Editor David Barnes Development Editor Mithil Kulkarni Technical Editor Ajay.S Editorial Manager Dipali Chittar Indexer Hemangini Bari Monica Ajmera Proofreader Cathy Cumberlidge Damian Carvill Production Coordinator Shantanu Zagade Cover Designer Shantanu Zagade

19 About the Author Marty Resnick has been in the Information Technology field for over 10 years. As owner of Techmaking, Inc. Marty's main focus has been on helping small-medium sized businesses create enterprise-level infrastructures on an SMB budget. With a strong emphasis on open-source technologies, Marty has helped businesses accomplish their goals effectively, efficiently, and securely. Marty has received a Masters of Computer Information Science from Boston University, also, is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Auditor (CISA).

20 About the Co-author David Touitou has been working in the IT field for 15 years now. He started (fixing Novell Netware 3.12 servers) even before graduation. He has gone through tiny local companies around Paris to big ones (the leader in BI), also from web design to infrastructure management. His previous job was to design and manage the R&D datacentre of a software vendor (800 servers, 39 racks in 2003, multi-vendors VPN with the rest of the world), while doing some high-level support in networking for the developing teams. As CTO (and owner) of Network Studio, he is still working around datacentres, designing and managing infrastructure for customers (from SMB to the EU Council). His company were one of the first to spread the Zimbra word in France (beginning of 2006) and currently have several customers with several thousands of Zimbra licences up and running.

21 About the Co-author David Touitou has been working in the IT field for 15 years now. He started (fixing Novell Netware 3.12 servers) even before graduation. He has gone through tiny local companies around Paris to big ones (the leader in BI), also from web design to infrastructure management. His previous job was to design and manage the R&D datacentre of a software vendor (800 servers, 39 racks in 2003, multi-vendors VPN with the rest of the world), while doing some high-level support in networking for the developing teams. As CTO (and owner) of Network Studio, he is still working around datacentres, designing and managing infrastructure for customers (from SMB to the EU Council). His company were one of the first to spread the Zimbra word in France (beginning of 2006) and currently have several customers with several thousands of Zimbra licences up and running.

22 About the Reviewer David Touitou has been working in the IT field for 15 years now. He started (fixing Novell Netware 3.12 servers) even before graduation. He has gone through tiny local companies around Paris to big ones (the leader in BI), also from web design to infrastructure management. His previous job was to design and manage the R&D datacentre of a software vendor (800 servers, 39 racks in 2003, multi-vendors VPN with the rest of the world), while doing some high level support in networking for the developping teams. As CTO (and owner) of Network Studio, he is still working arround datacentres, designing and managing infrastructure for customers (from SMB to the EU Council). His company were one of the first to spread the Zimbra word in France (beginning of 2006) and currently have several customers with several thousands of Zimbra licences up and running.

23 About the Reviewer David Touitou has been working in the IT field for 15 years now. He started (fixing Novell Netware 3.12 servers) even before graduation. He has gone through tiny local companies around Paris to big ones (the leader in BI), also from web design to infrastructure management. His previous job was to design and manage the R&D datacentre of a software vendor (800 servers, 39 racks in 2003, multi-vendors VPN with the rest of the world), while doing some high level support in networking for the developping teams. As CTO (and owner) of Network Studio, he is still working arround datacentres, designing and managing infrastructure for customers (from SMB to the EU Council). His company were one of the first to spread the Zimbra word in France (beginning of 2006) and currently have several customers with several thousands of Zimbra licences up and running.

24 Table of Contents Preface 1 Chapter 1: Introducing Zimbra 7 More than Just 8 Introducing Zimbra 8 What's in a Name? 10 Building Better Collaboration 11 Front-End 12 Back-End 14 The Benefits of Zimbra 16 Summary 18 Chapter 2: Installing Zimbra 19 Before the Installation 19 Hardware 20 Software 20 Editing the HOSTS File 21 Configuring DNS 22 Turning Off Sendmail 25 Installing on Red Hat Enterprise Linux 4 26 Installing the Red Hat Operating System 26 Installing Zimbra Collaboration Suite 35 Installing on SUSE ES 9 40 Preparing SUSE ES 9 for Zimbra 41 Installing on MAC OS X 49 Preparing MAC OS X Server for Zimbra 49 Installing the Zimbra Collaboration Suite 51 Post-Installation Steps 58 Configuring the Firewall 58

25 Table of Contents Uninstalling Zimbra 59 Summary 60 Chapter 3: Administrating Zimbra 61 An Overview of the Administration Console 62 A. Content Pane 63 B. Search Bar 63 C. Monitoring 64 D. Configuration 64 E. Addresses 64 F. Shortcuts 65 G. Tools 65 Server Management 65 Creating a New Domain 66 Configuring Global Settings 70 Class of Service 72 User Management 74 Creating User Accounts 74 Creating an Alias 77 Creating a Distribution List 78 Administering Zimbra from the Command Line 80 Managing Services with zmcontrol 80 Creating Accounts with zmprov 81 Summary 82 Chapter 4: The Zimbra Web Client 83 The Web Client System Requirements 83 A Bird's Eye View of the Web Client 85 Working with 87 Checking 88 Composing 93 Tags 96 Conversations 100 Managing Contacts 101 Sharing Address Books 103 Managing Schedules 106 Adding Appointments 107 Creating Multiple Calendars 110 Sharing Calendars 110 The Zimbra Documents 112 Creating Documents Pages 113 Sharing Documents 114 [ ii ]

26 Table of Contents Saving Time with the Zimbra Assistant 115 Saving Even More Time with Keyboard Shortcuts 116 Sending an with Shortcuts 116 Summary 117 Chapter 5: Securing Zimbra 119 Built-In Security 120 Web Client Security 120 Mail Transfer Agent 121 Anti-Spam 121 Anti-Virus 124 Securing the Operating System 125 Host-Based Firewall 126 Services 127 Updates and Patching 127 Securing the Network 128 Creating a Demilitarized Zone 129 Firewalls 129 Virtual Private Networks 129 Summary 130 Chapter 6: Customizing Zimbra 131 Exploring User Options 131 General Options 133 Mail Options 134 Mail Filters 136 Address Book 138 Calendar 139 Shortcuts 140 Configuring POP Accounts 142 Configuring Mail Identities 143 Building Searches 144 Building Our Search 145 Using a Saved Search 146 Summary 147 Chapter 7: Zimbra and Outlook 149 The PST Import Wizard 150 The Zimbra Connector for Outlook 153 A Look at Zimbra Integration 156 Contacts 156 Appointments 157 Sharing Outlook Folders 158 [ iii ]

27 Table of Contents Summary 160 Chapter 8: Zimbra on the Road 161 Preparing the Zimbra Server for Zimbra Mobile 162 Configuring Windows Mobile to Sync with Zimbra 164 Configuring Palm OS to Sync with Zimbra 166 Summary 167 Chapter 9: The World of Zimlets 169 An Overview of Zimlets 170 Mouse-Over Zimlet Example 171 The Date Zimlet 171 The Yahoo! Maps Zimlet 172 Managing Zimlets 173 Managing Zimlets through the Administrator Console 173 Assigning Zimlets to a COS 176 Assigning Zimlets to an Account 177 A Look at Configuring the RSS Zimlet 179 The RSS Zimlet in Action 179 Allowing RSS Feeds for Additional Sites 180 Summary 181 Chapter 10: Backup and Restore 183 Managing Backups 184 Restoring Mailboxes 187 Using the Command Line for Backups 190 Summary 192 Chapter 11: Keeping an Eye on Zimbra 193 The Need for Monitoring 193 Availability 194 Scalability 196 Security 198 Working with Mail Queues 200 Monitoring Log Files 201 Summary 202 Index 203 [ iv ]

28 Preface Zimbra is an open-source server and client software for messaging and collaboration , group calendaring, contacts, and web document management and authoring. The Zimbra server is available for Linux, Mac OS X, appliances, and virtualization platforms. The Zimbra Web 2.0 Ajax client runs on Firefox, Safari, and IE, and features easy integration/mash-ups of web portals, business applications, and VoIP using web services. The book will show readers how to install and configure Zimbra for use with the Web Client, Outlook, and Mobile devices. Readers will learn about Zimbra Collaboration Suite architecture, and get an overview of the Administration Console of Zimbra Collaboration Suite. It will show how to set up users, how to use Zimbra as your main server, security, spam, and virus issues. It'll wrap up by looking at some Zimlets Zimbra mash-ups as well as backing up and managing performance. A compact Administrators Guide, it is friendly, and contains plenty of step-by-step instructions for installation and configuration of Zimbra, as well as useful references and checklists. What This Book Covers Chapter 1 provides a brief introduction to the Zimbra Collaboration Suite. Chapter 2 will guide you through installing the Zimbra Collaboration Suite. The chapter will help you install Zimbra on Red Hat Enterprise Linux 4, SUSE ES 9, and on MAC OS X. It will also provide you with some post-installation scripts and help you uninstall the Zimbra Collaboration Suite, if necessary. Chapter 3 introduces the basic functions of administering the Zimbra Collaboration Suite. You will learn about how to create and modify user accounts, and server settings.

29 Preface Chapter 4 will focus on Zimbra AJAX Web Client, which is the recommended client to take advantage of all the features and functionality that Zimbra has to offer. You will get to learn about Web Client System Requirements, working with , managing and sharing contacts, managing and sharing calendars, creating and sharing notebook pages, using the Zimbra Assistant, and an introduction to using keyboard shortcuts in Zimbra. Chapter 5 discusses the importance and methods that could be used to secure your Zimbra environment. You will learn about Zimbra's built-in security tools including: Web Client security, anti-spam, and anti-virus. The chapter will then focus on securing ports, disabling unnecessary services, and being sure to keep the system patched and updated on a regular basis. Lastly, you will be looking at securing the network with a discussion on creating a demilitarized zone (DMZ), configuring firewalls, and the use of Virtual Private Networks (VPN). Chapter 6 will take an indepth look at customizing Zimbra from a user perspective. This chapter begins with a look at user options and then moves creating mail identities and aliases for users. Lastly, you will look at the power of the built-in Search Builder. Chapter 7 will focus on using Zimbra on the desktop. Specifically, you will be looking at how to integrate Zimbra with Microsoft Outlook. Chapter 8 will discuss how to configure the Zimbra server for allowing mobile access, as well as, how to configure some of the most popular "smart phones" to act as a Zimbra Mobile client. Specifically, this chapter will discuss preparing the Zimbra server for Zimbra Mobile, configuring Windows Mobile and PalmOS to sync with Zimbra. This chapter also focuses on configuring the Zimbra server to allow users at both the Class of Service (COS) and user level, permission to sync with the Zimbra server with their mobile devices. Chapter 9 will take a brief look at the third-party applications and "mash-ups" called Zimlets that are an effective set of tools and programs, which add more functionality to the Zimbra Web Client. Chapter 10 explores the various ways the systems administrator could make sure that all mailboxes (including all of their information) are backed up on a regular and consistent basis. Chapter 11 discusses the implementation and maintenance of the Zimbra Collaboration Suite and looks at a few built-in tools Zimbra provides. It also deals with working with and monitoring mail queues, and viewing three key log files for additional troubleshooting information. [ 2 ]

30 What You Need for This Book Preface Hardware For a production server running ZCS, and assuming that this is a standalone box running no other network services and servicing 100 users, you will need the following: A current 32-bit processor of at least 2.0 GHZ (Intel or AMD) For MAC OS X users, the processor should be G5 or better, Intel Core Solo, or Intel Core Duo. At least 2GB of RAM. (However, 4GB is recommended.) 10GB free disk space for software and logs. Software Zimbra Collaboration Suite Network Edition supports the following operating systems: Red Hat Enterprise Linux 4 (AS or ES), 32 and 64 bits MAC OS X SUSE Enterprise Server 9 and OpenSUSE 10 rpath (beta) Who This Book is for Administrators working with Zimbra on Linux, or Mac OS X. Administrators who want to set it up for use in small to mid-size businesses. Conventions In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning. There are three styles for code. Code words in text are shown as follows: "We can include other contexts through the use of the include directive." [ 3 ]

31 Preface Any command-line input and output is written as follows: ~]$ zmprov ca password ~]$ zmprov sac employees New terms and important words are introduced in a bold-type font. Words that you see on the screen, in menus or dialog boxes for example, appear in our text like this: "clicking the Next button moves you to the next screen". Important notes appear in a box like this. Tips and tricks appear like this. Reader Feedback Feedback from our readers is always welcome. Let us know what you think about this book, what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of. To send us general feedback, simply drop an to feedback@packtpub.com, making sure to mention the book title in the subject of your message. If there is a book that you need and would like to see us publish, please send us a note in the SUGGEST A TITLE form on or suggest@packtpub.com. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on Customer Support Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase. [ 4 ]

32 Preface Errata Although we have taken every care to ensure the accuracy of our contents, mistakes do happen. If you find a mistake in one of our books maybe a mistake in text or code we would be grateful if you would report this to us. By doing this you can save other readers from frustration, and help to improve subsequent versions of this book. If you find any errata, report them by visiting com/support, selecting your book, clicking on the Submit Errata link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata are added to the list of existing errata. The existing errata can be viewed by selecting your title from Questions You can contact us at questions@packtpub.com if you are having a problem with some aspect of the book, and we will do our best to address it. [ 5 ]

34 Introducing Zimbra As time goes by, it is increasingly more difficult to imagine what life was like before . How did people communicate? I mean truly, how did businesses function? Recently, I was working on an server at a client's site that had experienced some major hardware failure. Now, this was a small business and there were no cluster servers or hot backup or any of the like, so our only option was to bring the server up with whatever usable backup the company had. The entire ordeal took over two business days to complete, and it was amazing to see how employees were lost without their . Employees were actually wondering how to communicate with their customers without the use of . People were making grand plans for using Overnight Mail to send pictures and electronic catalogues out to customers, and trying to figure out how to print and send sales quotes through the fax system, as they could no longer just attach them to an . Thankfully, the server was resurrected and I could just sense a huge sigh of relief from the entire company as life was back to normal. For the past 15 or so years, has become a vital tool for all businesses. No matter how large or small an organization, the ability to send and receive s has become as much a part of our everyday business routines as making a phone call or sending a fax. However, like most tools and technologies, business leaders are constantly looking at new ways to enhance their current systems and ultimately support the needs of the organization. For in the end, isn't it the goal of technology to align itself with the goals of the business and help facilitate growth? All that being said, having just the ability to send and receive s may not be enough.

35 Introducing Zimbra More than Just Over the last few years, the collaboration market space has become increasingly more competitive. Collaboration Suites focus on creating a messaging infrastructure that not only includes , but focuses on facilitating communication and collaboration through , calendar sharing, document sharing, and contact sharing. One thing to keep in mind though, is that the idea of a Collaboration Suite is not new. In fact, these suites have been around for almost as long as hit the mainstream market. In the late 1980s, a joint effort between Lotus Development Corporation and Iris Associates produced the first mainstream collaboration suite called Lotus Notes. Not only was Notes a vehicle to send and receive s, it also allowed for group calendaring (not only being able to use your own calendar but also sharing it with co-workers and handle meeting requests), NNTP news support (the ancestor of the well known web-fora), and instant messaging between clients. As Lotus Notes evolved, it became a cleaner and more robust system. However, it also began experiencing some tough competition from other vendors that were seeing the benefits and the marketability of true Collaboration Suites. In 1997, Microsoft released version 5.0 of its popular Microsoft Exchange suite that, like Notes, was also more than just . Along with services, it offered web-based access and included Microsoft Scheduler+ for group calendaring and scheduling. Through the years, both Notes and Exchange have undergone major version upgrades and continue to add additional functionality with every new release. Collaboration Suites seem to be coming from all directions and offer many of the same functionalites as the big players. Although many of these Collaboration Suites have hit the market over the last several years, one has taken the Collaboration Suite market by storm and as of this writing, has over 8 million paid mailbox (plus 12 million for ComCast alone) subscribers and continues to grow at an unprecedented pace. This suite is called Zimbra Collaboration Suite or ZCS. Introducing Zimbra The Zimbra Collaboration Suite (ZCS) was developed to provide a reliable, scalable, and cost effective messaging infrastructure that includes: Integrated anti-spam and anti-virus Web and Desktop based clients Comprehensive calendaring Contact management Document sharing [ 8 ]

36 Multi-domain support Over-the-air synchronization to mobile devices Comprehensive search functionality of headers, message body, and attachments Ability to categorize messages using user-defined "Tags" Chapter 1 ZCS is currently offered in three different editions to allow for flexibility to businesses of differing needs. Below is a sampling of the differences between the editions. For a more comprehensive matrix of the different product editions, please check the Zimbra website at ZCS Product Edition Comparison Open Source Edition Network Standard Edition Network Professional Edition AJAX interface included included included HTML "light" interface included included included Mail and Address Book included included included Search Basic and Advanced included included included Tags included included included Calendaring included included included Zimlets mash ups included included included Attachment Search included included Document Sharing included included included Online Backup and Restore included included Clustering included included Multi-domain Support included included included Domain-level administration included included Outlook/MAPI sync Apple isync included included Zimbra Mobile optional optional Archiving and Discovery optional optional IM will be in 5.0 will be in 5.0 will be in 5.0 Tasks management in WebUI will be in 5.0 will be in 5.0 will be in 5.0 BlackBerry compatibility optional in 5.0 optional in 5.0 izimbra will be in 5.0 will be in 5.0 will be in 5.0 [ 9 ]

37 Introducing Zimbra As you can see, all of the editions are designed to facilitate collaboration. However, the Network Professional Edition was created as an Enterprise-level tool that gives the organization full access to all of the features Zimbra has to offer. For most organizations, the key benefit of the Network Professional Edition versus the Open Source and Network Standard Editions is the ability to integrate with Microsoft Outlook. Integration with Microsoft Outlook, as well as all of the other features ZCS has to offer, makes ZCS a true replacement for any of the more costly collaboration suite solutions including Microsoft Exchange. Each edition has a different pricing structure, with the Open Source Edition being distributed under open source licensing terms, and the Network Standard and Professional editions offering per user pricing. Specific pricing for each edition may be found at the Zimbra website. This book will be focusing on the Network Professional Edition, as it encompasses all of the Zimbra features. That being the case, it is recommended readers have access to the Network Professional Edition software. A free trial of the suite may be downloaded from ZCS was first developed as an open source project, built on open source tools and technologies. With its start as an open source project, Zimbra has developed strong relationships with other open source companies such as Red Hat and MySQL. Zimbra also has been a strong contributor to other open source projects such as the Open Ajax Alliance. What does all this mean to the organization? Because the ZCS code has been made publicly available, the code has been exposed to public view and has been scrutinized by many developers and users in the open source community. This makes the code more secure and reliable. Also, by being open source, Zimbra is constantly being enhanced by a vast amount of developers in the open source community, providing opportunities for a global research and development team. What's in a Name? So where does the name Zimbra come from? At first glance, most people believe Zimbra is a name with some deeper meaning in another language, as that seems to be the trend with many open source projects. For example, the Linux distribution Ubuntu is an African word meaning "humanity to others", and the popular Content Management System, Joomla!, is a Swahili word meaning "as a whole". Unfortunately, the name Zimbra really has no meaning. So for those of you looking for some ammunition for your next cocktail party, the name Zimbra really comes from a song called "I Zimbra" by the Talking Heads. [ 10 ]

38 Chapter 1 The Talking Heads, a popular rock band in the late 70s and early 80s, found a poem from a Dadaist poet named Hugh Ball. The poem was called "Gadji beri bimba" and included a lot of words that seemingly meant absolutely nothing, The last line of the poem read "E glassala tuffm I zimbra" and that is where the name Zimbra comes from. Building Better Collaboration The Zimbra Collaboration Suite architecture can be broken into two parts: the Front- End architecture and the Back-End architecture. The back-end of ZCS consists of a server built on Java technology. Java was selected as the programming language for many reasons including; integration with other web technologies, combining many open source sub components into a single process, and enhancing the I/O performance necessary for a messaging infrastructure. The back-end also includes additional components to make ZCS an enterprise-level collaboration suite. The Message Store utilizes the Linux file system creating one file per message. Mapping one file per message takes advantage of the efficiency of the file system for storing and retrieving messages. The operating system will now also be responsible for garbage collecting, security, compressing, indexing, and caching. By utilizing native operating system processes and utilities, ZCS is able to take advantage of better efficiency and lower administrative overhead. The Metadata SQL Store does not store the message itself, but stores information about each message for better manageability within ZCS. The information stored includes: the location of the message, any tags associated with the message, the state of the message (read or unread), and any other information required by ZCS for message handling. The Metadata SQL Store leverages the features of MySQL, an open source relational database system, allowing for efficient and reliable handling of the data, increased performance through caching, portability, and transparency when installing and administering ZCS. Zimbra Search is key to the ZCS infrastructure as it gives users the ability to search for messages utilizing any piece of meta-data that is stored in the Metadata SQL Store. Zimbra also utilizes a "Search Builder" available through the Web client for constructing advanced search criteria. Although searches are built on the client, the actual processing is done on the server, allowing for faster and more comprehensive searches. Zimbra Search utilizes Apache Lucene, a full-text search engine, to create and manage indexes, as well as Verity to extract text from attachments. allowing for enhanced search capabilities. [ 11 ]

39 Introducing Zimbra Journaling is used similar to the way a database uses transaction logs. Journaling is used to consistently write message data to the Message Store, Metadata SQL Store, and the Zimbra Search Engine. Journaling is the foundational piece to Zimbra's ability for hot-backup, individual mailbox and point-in-time restores (smart recovery), and replication. Front-End On the front-end, Zimbra makes strong use of web services and technologies to communicate with the Zimbra server. The front-end clients include: Other Wireless Client Internet (external AS/AV) Zimbra Collaboration Client Zimbra AJAX Toolkit Web browser (Firefox, IE, Satari) Outlook Apple, Evolution Zimlets Zimbra MAPI Plug-in Zimbra Sync Plug-ins Standard Clients: Thunder, Lightning, Sunbird.. Over the Air Sync SMTP XML (JSON) HTTP/S XML HTTP/S XML HTTP/S IMAP, POP, ICAL, RSS,... Postfix MTA (AS/AV) Protocol Gateway SMTP LMTP Zimbra Collaboration Server Zimlet Generic WS Proxy Tomcat Zimlet JSPs J2SE JRE (Linux, MacOS,...) Internet/ Intranet web services Non-XML app s & data Zimbra Collaboration Client is a web-based client that utilizes a web browser and AJAX technologies to interface with the Zimbra Server. The web client also takes advantage of XML, HTTP(s), and JavaScript Object Notation (JSON) technologies to enhance performance and add additional functionality. Later chapters will explore the functionality and use of the web-client. Currently, (end of July 2007) the web-client is supported on Internet Explorer 6 SP2 and 7, Firefox 1.0.7, 1.5, and 2, and Safari (beta, version 3.0 is not supported at all). A toaster is available to bring message alert to the desktop. [ 12 ]

40 [ 13 ] Chapter 1 Microsoft Outlook is used via a Zimbra MAPI plug-in (often called ZCO : Zimbra Connector for Outlook) that is installed on the client PC. This client allows for the direct synchronization of , calendar, and contacts between OUTLOOK and the Zimbra Server. Microsoft Outlook synchronization also supports cached mode, if the client is disconnected, and utilizes SSL and TLS providing a secure connection without the use of a VPN. Some ZCS features will not be accessible in Microsoft Outlook including the Search Builder and Zimlets. isync ZCS provides an installable plug-in (similar to Outlook) to integrate ZCS into the Apple Desktop. The plug-in facilitates synchronization with Apple Mail (using IMAP), Apple Address Book, ical, and ical Events. The plug-in also provides for SSL and TLS, so no VPN connection is required. Evolution another ZCS plug-in provides for synchronization with Novell Evolution and Ximian, using the Evolution Data Server (EDS). Again, a secure connection is provided by using SSL and TLS; so no VPN connection is required. This connector is not yet included in Zimbra's distribution and you'll have to build it yourself. Other Clients since ZCS uses standard mail protocols, POP3, and IMAP, any client that utilizes those protocols could communicate with the ZCS server. However, using these clients will not take full advantage of what ZCS has to offer and virtually turns your ZCS implementation into a more traditional server, as opposed to a true collaboration server. Zimbra Mobile provides "over-the-air" synchronization of , calendar, and contacts to most mobile devices. No additional software is necessary to be installed on the mobile device, with the exception of Blackberry devices. Zimbra Mobile is included with the ZCS Network Standard and Professional Editions, but at the time as this writing, requires additional licensing fees. Zimlets enables developers and administrators to integrate information from disparate sources into the ZCS web-client. Out-of-the-box Zimlets also add additional functionality and business tools to the web-client including integration with Amazon, Wikipedia, Asterisk VoIP, Salesforce.com, Evite, and allows for RSS feeds to be delivered directly to the web-client. The ability to develop custom Zimlets provides almost limitless possibilities to the customization of ZCS, and adding tools for business users. Zimbra Desktop Offline Client is currently in alpha release. It will allow users to access their , calendar, contacts, and documents while on the road, or in places without a network connection, through the familiar AJAX-based user interface of Zimbra Web. When users come back online, all the changes made offline, such as composing, replying to, deleting, editing or moving messages, appointments, contacts or documents, will synchronize with the Zimbra server and mobile devices.

41 Introducing Zimbra Zimbra Archiving and Discovery allows you to comply with SOX, HIPAA, FRCP or corporate governance within Zimbra: no need for legacy solution. Back-End Although we looked briefly at some of the key features that make up the Zimbra architecture, this section will explore the application packages and components that make up the Zimbra Collaboration Suite. Attachment Indexing & Redering Zimbra Collaboration Server Zimbra Journaling and Replication Zimbra Message Store J2SE JRE Zimlets Lucene Index Meta-data SQL Store Underlying file system: local disk, NAS, SAN,... JDBC JNDI Other Enterprise Messaging Server (e.g., Exchange TM) Open LDAP LDAP Enterprise Directory Zimbra Core includes all of the libraries, monitoring tools, utilities, and basic configuration files required by the Zimbra Collaboration Suite. Zimbra LDAP utilizes OpenLDAP to provide user authentication. Each account created on the server is handled by the Zimbra LDAP component and is assigned its own unique mailbox ID. Zimbra MTA Zimbra utilizes Postfix as its mail transfer agent (MTA). Postfix handles messages that are received via SMTP and routes the messages to the appropriate mailbox. Zimbra MTA also includes Clam Anti-Virus and SpamAssassin, providing anti-virus and anti-spam protection. [ 14 ]

42 Chapter 1 Zimbra Store when someone mentions the Zimbra Server, this is the component they are most likely referring to. The Zimbra Store installs all of the necessary components for the mail server including Apache Tomcat, to run the Zimbra software. Zimbra store includes: 1. Data Store a MySQL database that stores the mapping between users and the mailbox ID. The Data Store also includes the information from the Metadata SQL Store and also includes the calendar and contacts of each user. 2. Message Store as discussed earlier, is the file system where messages are actually stored. 3. Index Store where the Zimbra Search Engine is located, which utilizes Apache Lucene technology. 4. HTML Conversion converts all incoming attachments to HTML for indexing. Zimbra SNMP an optional package that may be utilized to add the server to monitoring and management tools utilizing SNMP. Zimbra Logger another optional, but recommended, package that is used for syslog aggregation, server statistics, reporting, and most importantly message tracing. Without Zimbra Logger being installed, the administrator will not be able to use the message trace feature. Also, without Zimbra Logger, the server statistics section of the admin console will not be displayed. The Zimbra Logger must be setup once (even for a multi-server infrastructure): all logs from all servers are sent to this single instance. Zimbra Spell an optional package that utilizes the open source project Aspell to offer spell checking within the web-based client. All these components can be set up on a single server (that's what we'll do later in the book) or on several different servers. One server can be dedicated to each component (one for MTA, one for LDAP, one for Store+Spell+Logger) or you can set up several servers per component: x servers running as MTA, another bunch running as LDAP, and as many Store as needed. Zimbra was designed with this in mind "from the start" (another way of "fixing "). It allows high scalability and ease of administration (example: you can "hot-move" a mailbox from one Store server to another). Zimbra is also able to run on virtualized infrastructure (VMWare is a supported platform). [ 15 ]

43 Introducing Zimbra End user interface JavaScript browser application Administrator console SOAP/HTTP(S) Zimbra server (Zimbra Store) 3p Tomcat Meta-Data Store 3p MySQL Message store File system 3p JavaScript browser application Microsoft Exchange Option to import users from pre-existing Exchange server * Edge MTA SOAP/HTTP(S) SMTP Load balancing Inbound spam filtering 3p ClamAV antivirus (inbound) Mail routing (MTA) 3p Zimbra application runs inside of Tomcat ClamAV anti-virus (outbound) Postfix User account data (LDAP) 3p OpenLDAP Option for Microsoft Active Directory Server (AD) for auth and GAL Anti-virus & Anti-spam plug-ins 3p Spamassassin antispam (inbound) 3p 3p Index store Attachment HTML conversion 3p * Lucene Verify Backups To disk Logging Local Syslog Redo logs Monitoring (Zimbra SNMP) Tools such as swatch 3p Third-party (proprietary) 3p Third-party (open-source) * Your choice of technologies The Benefits of Zimbra Now that we have had a chance to go over all of Zimbra's moving parts, it's time to discuss exactly why an organization would turn to Zimbra as its Collaboration and Messaging platform. We will divide the benefits into two parts, benefits for the enduser and benefits for the systems administrator. For the end-user, Zimbra provides: [ 16 ]

44 Chapter 1 Choice of Client as discussed earlier, ZCS provides users with many choices when it comes to which client they could use. However, this is assuming the organization does not require the use of a particular client. To take advantage of all that ZCS has to offer, the recommended client is the Ajax web client. ZCS supports Microsoft Outlook, Apple isync, Ximian Evolution, and other clients as well. Mailbox Management ZCS offers advanced search capabilities, filters, Tags, grouping s by conversation, and custom handling of messages through message rules. Calendaring the ability to share and sync calendars is crucial to any collaboration suite. Users may have multiple calendars and assign delegation and sharing of those calendars to additional users. Access Anywhere any user can access the Zimbra client from any computer with a connection to the internet, assuming they have a supported web browser installed and the is made accessible via a publicly routable IP. For the systems administrator, Zimbra provides: Admin Console easy configuration and user management via a web-based admin-console. Monitoring Tools in the form of performance dashboards for displaying and reviewing real-time system activity. Storage Reduction By storing only one copy of each and attachment, the amount of storage space necessary for s sent to multiple recipients on the same server, substantially decreases. Utilizing multi-level caching and other optimization tools, ZCS is able to handle more users per CPU. Built-in Security Tools ZCS comes bundled with ClamAV and SpamAssassin for an integrated anti-virus and anti-spam solution, without the need of additional third party tools. Messages are handled using TLS/SSL ensuring encryption without the need for a VPN connection. Multiple Domain Support ZCS offers administrators the ability to support multiple domains, each with its own unique configuration, from a single administration console. [ 17 ]

45 Introducing Zimbra Summary This chapter served as a brief introduction to the Zimbra Collaboration Suite. As an open source project, Zimbra has grown to a robust, scalable, and secure enterprise-level messaging platform that provides small, mid sized businesses a true collaboration suite, at a lower cost, as well as larger organizations a true alternative to Microsoft Exchange and other commercial collaboration suites. ZCS offers many benefits to both the end-user and system administrator, including a powerful web-client providing users with many tools to help facilitate collaboration and teamwork through the ability to share documents, calendars, and address books. [ 18 ]

46 Installing Zimbra For the remainder of this book, we will be using a fictional corporation, Collaboration Services, Inc. ( CS), as a case study for all of our examples and explanations. CS is developing an online tool for their employees and vendors and has chosen to install the Zimbra Collaboration Suite (ZCS) Network Professional Edition. This chapter will go over the installation of ZCS using cs. com as our domain. In the examples that follow, feel free to replace cs.com with your organization's domain name to follow along. The Zimbra Collaboration Suite is a very straightforward install. However, like most software deployments, you want to be sure to prepare for the installation and make sure your system has the recommended hardware and software configurations before attempting the install. This, potentially, could save you a lot of time and money by simply making sure all of your bases are covered. This chapter will cover the following to prepare you for a successful and efficient install of ZCS, beginning with the system requirements. At this time, please download the latest ZCS package from and register for a free limited-term license to follow along with the install described in this package. Before the Installation As mentioned earlier, it is imperative we understand fully what the system requirements (hardware and software) of the Zimbra Collaboration Suite are, before attempting an install. First, we will discuss the minimum recommended hardware requirements for the suite. Keep in mind that depending on your organization size and the amount of users you will be supporting, the hardware must be adjusted accordingly.

47 Installing Zimbra Hardware For a production server running ZCS, and assuming that this is a standalone box running no other network services and servicing 100 users, you will need the following: A current 32-bit processor of at least 2.0 GHZ (Intel or AMD). For MAC OS X users, the processor should be G5 or better, Intel Core Solo, or Intel Core Duo. At least 2GB of RAM. (However, 4GB is recommended.) 10GB free disk space for software and logs. Additional disk space for mail. I usually assume 500MB of mail per user. So at 100 users, I would recommend at least 100GB of disk space for mail. Why not 50GB (50*100)? Because you need space for your backups. Zimbra stores only one copy of an attachment sent to several users (that can save a lot of space) but needs space for its databases (indexes, etc). As the server is a mission-critical application for any enterprise, I would recommend some sort of hardware fault-tolerance solution. A rule of thumb is that RAID 5 is OK for 100 users. As the organization exceeds that number, RAID 5 is not recommended. Scalability white papers are available on Zimbra's website (for single or multi-server installs). Software Zimbra Collaboration Suite Network Edition supports the following operating systems (end of July 2007): Red Hat Enterprise Linux 4 (AS or ES), 32 and 64 bits MAC OS X SUSE Enterprise Server 9 and OpenSUSE 10 rpath (beta) Please note: the Open Source Edition also supports other operating systems including: Fedora Core 4 and 5 Ubuntu Linux ( LTS) Debian Linux Mandriva Linux (beta) [ 20 ]

48 During the install process, the installer will do a check on the operating system to ensure the following are installed on the server. If any of these are missing, the installer will fail. Chapter 2 NPTL Sudo libidn curl fetchmail GMP compat-libstdcc++-33 (and compat-libstdc for Red Hat, both 32 bits and 64 bits version of the library are needed for a 64 bits OS) Java 1.5 as default Java (MAC OS X ) Also, I would recommend SSH is installed for remote management (Zimbra needs it anyway to communicate with itself for mail queue management). DNS should be installed and configured prior to installation of the Zimbra Collaboration Suite, but after the installation and initial testing, I would host the DNS record elsewhere. This will be discussed later in the chapter. Finally, when installing the operating system, do not install any Apache or MySQL servers. These will be installed with the ZCS installer and if they are already running on the box, this may cause problems later. Editing the HOSTS File Regardless of which operating system you choose to run, there are a couple of configurations you will need to complete prior to installing the software. The first is a simple fix of the hosts file. The hosts file is used to translate network names to IP addresses and is usually located in the /etc directory of the computer file-system. This is a static file and with the advent of DNS is not used very often. However, most operating systems use this file for local host information and it could also be used to statically map a network name to an IP address without the need for creating a DNS zone file. Due to the fact that Zimbra uses a MySQL database and uses MySQL permissions to grant access to users from localhost, the /etc/hosts file must be correctly configured or the installer will abort. To edit the /etc/hosts, you will use your preferred text editor (in this case, we will be using vi) and follow the instructions below: 1. You must be the Superuser to save changes to the /etc/hosts file: su 2. Next, we will open the file with our text editor: vi /etc/hosts [ 21 ]

Installing Zimbra 3. The first line of the file defines the IP address of localhost as follows: 127.0.0.1 localhost.localdomain localhost 4.

49 Installing Zimbra 3. The first line of the file defines the IP address of localhost as follows: localhost.localdomain localhost 4. The second line will include the private IP address and hostname of the server: zimbra. cs.com zimbra 5. The final file should resemble the following screenshot. 6. Once the file is correct, simply type :wq to save and close the file. Once we have fixed the /etc/hosts file, the next step is to configure DNS. Configuring DNS By default, most operating systems install BIND when it installs a DNS server. DNS is used to dynamically map network names to IP addresses and also to inform other computers on the network which server the should be sent to (via an MX record) in order to reach its intended recipient. Since we are building an server, Zimbra wants to ensure there is an MX record for the initial domain that we are installing the Zimbra Collaboration Suite for. So initially, what we do is configure a zone file for our local domain for testing and development purposes, but once we are ready to "go live" with the server in production, it is highly recommended we host our DNS information on another server. To configure DNS for our server domain name, in our case cs.com, we need to edit two files. The first being the named.conf which BIND uses to let the DNS server know which domain names we have local information for. To edit the named.conf file, you will have to do the following: 1. Just like the /etc/hosts file, we will need to be root before we could save any changes to the named.conf file. So our first step would be: su [ 22 ]

Chapter 2 2. The named.conf will sometimes be located in the /etc directory. However, if your installation of BIND is using chroot, (which is the case for most of them) the named.

conf file, we will add an entry for our emailcs.com domain.

50 Chapter 2 2. The named.conf will sometimes be located in the /etc directory. However, if your installation of BIND is using chroot, (which is the case for most of them) the named.conf file is located in the /var/named/chroot/etc/ directory. To open the named.conf file for editing: vi /var/named/chroot/etc/named.conf 3. In the named.conf file, we will add an entry for our cs.com domain. Essentially, what we are doing is informing BIND where to find the master file of the domain and where to find the DNS information for our domain. See the following screenshot to see what the entry should look like: 4. Once we add the information, save and close the named.conf file by entering (in command mode) :wq!. 5. Next, we will create our zone file. As defined in the named.conf file, we are going to simply name the file containing the DNS information cs.com. This file will be located in the /var/named/chroot/var/named directory (assuming BIND is chrooted), if not, the file will be created in the /var/ named/ directory. vi cs.com 6. The file will contain specific information. BIND needs to be able to resolve all of the information needed for our cs.com mail server. We will create an "A" record, which maps the network name to an IP address. We will also create an MX record, which Zimbra and other Mail Transport Agents require in order to know what server handles for our domain, and then also a CNAME record, which will create an ALIAS of a server that we will use for our mail server. So the file when completed, should look similar to the one in the following screenshot:: [ 23 ]

51 Installing Zimbra Let's take a moment to review a few key items in this zone file. As this is not a comprehensive book on DNS, some items will not be covered in detail. The first line of the file is the time to live. In our case it is set to 3h or 3 hours. The next line begins with an ampersand (@) and is used to let BIND know that this file will serve as the "authority" for all DNS information of the cs.com domain. Whenever a domain name is written out in a Zone file it must end with a period (.). So in this case, we write cs.com as cs.com. The next entry is the domain administrator's address. This line is unique as the ampersand is replaced with a period and again the domain name ends with a period. We then define the periods for refreshing the zone file, and the serial number of the file itself. This information is used when transferring zone files between DNS servers and also, each time a zone file is changed, the administrator should change the serial number so BIND knows a change has been made. The next set of lines will give specific information about our domain. The first line is the A record which, as discussed earlier, simply lets DNS know what the IP address is of our domain. The next line is a NS record, informing all DNS servers which server has the authoritative information about this domain. The next line is a key line for us, as it lets BIND know which server will handle our . And lastly, an alias record, or CNAME, is defined which, will let BIND know where Zimbra. cs.com is actually located. In this case, it is just an alias of cs.com. 1. Once we add the information, save and close the cs.com file by entering (in command mode) :wq!. 2. Now we can restart our BIND server and load our zone file, essentially making it active: service named restart 3. Before we move forward, we must test our DNS configuration using the nslookup command: nslookup cs.com This command should return the IP address of our domain name cs. com, in our case it is To test our MX record configuration we will use the dig command: dig cs.com mx [ 24 ]

52 Chapter 2 A successful result will return an ANSWER SECTION listing the MX record as displayed below: Turning Off Sendmail Sendmail is a popular open source mail transfer agent (MTA) that is installed by default in most Unix or Linux based distributions. Since it is an MTA, we must disable the service so it does not conflict with the Zimbra MTA. Each operating system may be a little different in how to disable a service, but we are going to walk through how to disable the service in Red Hat. There are two steps to this process. First, we want to stop the sendmail service, if it is running. Secondly, we need to disable the service so it does not start up again after a reboot. 1. To stop the sendmail service, type the following command as root: service sendmail stop 2. Now to disable the service from starting up again, we will use the chkconfig command (for RHEL, check your OS documentation to find the equivalent command). Again this must be run as root: chkconfig sendmail off So if we had a running server and configured the HOSTS file, DNS, and turned sendmail off, we would be ready to install our Zimbra Collaboration Suite. However, in an ideal world we would be able to further prepare our server by running through an install of the operating system that will even further optimize our Zimbra install. The following section will walk through an entire installation of the operating system. We will start with Red Hat and then once the server is up and running, we will install Zimbra on the Red Hat server. We will then look at installing the Zimbra Collaboration Suite on both Suse 9 and MAC OS X server. Because there are subtle differences between configuring the servers prior to the Zimbra install, we will not be going into an indepth installation of Suse and MAC. Therefore, I would highly recommend that if you are going to use one of those two operating systems, you still read through the Red Hat walk-through as there are some key points that are transferable to the other systems. [ 25 ]

Installing Zimbra Installing on Red Hat Enterprise Linux 4 Let me start out this section by mentioning that if you have a choice on what operating system to use for your Zimbra Collaboration Suite

53 Installing Zimbra Installing on Red Hat Enterprise Linux 4 Let me start out this section by mentioning that if you have a choice on what operating system to use for your Zimbra Collaboration Suite implementation, I would recommend using Red Hat Enterprise Linux 4 (RHEL4). The reason for this is that, according to the Zimbra documentation, all features ZCS is made up of, are offered on RHEL4. The other two major operating systems (SUSE and MAC OS X) each have limitations as will be discussed later in the chapter. All that being said, Collaboration Services, Inc ( CS) will use RHEL4 (32 bits) as its operating system of choice. Now we will walk through the Red Hat installation process. Installing the Red Hat Operating System 1. When the Red Hat installer boots up from the install CD, the user is presented with the initial splash screen, shown in the following screenshot. Once the screen is loaded, simply click on Next to proceed. [ 26 ]

Chapter 2 2. The next screen prompts the user to select the Language they would like to use during the installation. Click on the language of choice and click NEXT. I recommend choosing English here.

54 Chapter 2 2. The next screen prompts the user to select the Language they would like to use during the installation. Click on the language of choice and click NEXT. I recommend choosing English here. 3. The Keyboard Selection screen is next, and the user will now have the opportunity to select which keyboard layout they would prefer to use during the installation. Choose the correct language, depending on your own keyboard. 4. The first part of the installation where we have an opportunity to optimize our installation for Zimbra comes next, which is the Disk Partitioning Setup screen. In our case, we will choose to Manually Partition with Disk Druid. [ 27 ]

55 Installing Zimbra 5. The easiest way to partition our disk, is to delete any current partitions we do not need. I am making the assumption that this server will only be running one operating system, RHEL4, and will not be a dual or multi-boot situation. Once the partitions are cleaned up, we will create a partition scheme consisting of the following: A /boot partition of 100MB A swap partition of twice our physical memory (RAM) A / partition that is able to grow to fill the remainder of the diskspace The following screenshot shows how to create the /boot partition. You may use this as a template to create the other two partitions. [ 28 ]

56 Chapter 2 Obviously, this partition scheme is OK for our test/demo server, but you should create your own partition scheme depending on your "real life" needs. Once the partitions are created, the partitioning scheme should match the one shown in the following screenshot. [ 29 ]

Installing Zimbra 6. The following screen will ask for a choice of the bootloader you would prefer to use. I would leave this screen as default and click Next. 7.

57 Installing Zimbra 6. The following screen will ask for a choice of the bootloader you would prefer to use. I would leave this screen as default and click Next. 7. Due to the fact we are creating an server, it is critical the server has a static IP address and network configuration. It should not use any DHCP client information, including hostname, DNS, and Gateway. So on the network setup screen, the first thing we need to do is edit our eth0 device and give it a static IP address by clicking the Edit button. At this point, we need to uncheck the Configure Using DHCP checkbox and also make sure that Activate on boot is checked (if you don't, your network card won't be "up" after boot and your server will be unreachable). After entering our IP address information, which you may need to ask your Network Administrator to provide, click on OK. The rest of the screen should be used to enter the rest of the networking information including the hostname. The hostname should be the fully qualified domain name (FQDN) of the server. In our case, that would be zimbra. cs.com. [ 30 ]

58 Chapter 2 Also, please note that the DNS server will be the same IP address of the server we are creating. This is because we want to make sure we have complete control of the DNS information when configuring our server. After Zimbra is installed, I would recommend not running DNS on this server, but providing another server to handle DNS by editing the /etc/resolv.conf file. [ 31 ]

Once your server is running, you'll be able to re-enable it with the correct configuration. You'll have to disable SELinux too (mandatory from Zimbra). 9.

59 Installing Zimbra 8. At the time the server is installed and until Zimbra has been installed, you should disable the firewall. This is recommended by Zimbra, due to the several "non standard" ports used by Zimbra to communicate with itself. Once your server is running, you'll be able to re-enable it with the correct configuration. You'll have to disable SELinux too (mandatory from Zimbra). 9. Now Red Hat will try and make you think twice about disabling the firewall and will prompt you with a warning message. Simply continue with the message, by clicking Proceed, knowing that we will enable the firewall as soon as Zimbra is up and running. [ 32 ]

Chapter 2 10. The following screens will prompt the user to enter any additional languages, set the time zone, and create a root password.

60 Chapter The following screens will prompt the user to enter any additional languages, set the time zone, and create a root password. These are all user-specific so once you have completed these three screens, the installation will ask you what packages to install with the installation. This is a great way to save time on preparing the server for the Zimbra installation, as we could customize the packages Red Hat installs, so we will not need to install them later. So please make sure you click on the Customize software packages to be installed radio button before proceeding. 11. Considering we're setting up a test/demo server, we can add some graphical interface and additional tools. These tools are not mandatory and I think they should not be set-up on a production server. On the package selection screen, select the following packages: Desktops X Windows System Gnome Desktop Environment [ 33 ]

61 Installing Zimbra Applications Editors Graphical Internet Text-based Internet Servers Server Configuration Tools DNS Name Server Development Development Tools Gnome Software Development Legacy Software Development System Administration Tools System Tools [ 34 ]

Chapter 2 12. The final screen of the install gives you a chance to make any changes to the install configuration before any changes are made to the server.

62 Chapter The final screen of the install gives you a chance to make any changes to the install configuration before any changes are made to the server. By clicking Next on this screen, the installation will begin. The entire installation process will take anywhere from 10 to 30+ minutes, depending on the speed and hardware configuration of the server. 13. Once the install is complete, the system will reboot and a post-installation screen will present the user with an opportunity to join the Red Hat Network and also to configure the screen resolution of your monitor. Once you have completed these screens, the main login screen will be displayed, and our server is ready to be installed. Installing Zimbra Collaboration Suite 1. After the server has been installed, and prior to installing Zimbra, you must follow the instructions defined earlier for modifying the /etc/hosts file, configuring DNS, and disabling sendmail. [ 35 ]

63 Installing Zimbra 2. As mentioned at the beginning of this chapter, by now you should have downloaded the Zimbra Collaboration Suite and also registered for a free trial license. So we will continue assuming that the ZCS installation file has been downloaded to our server. Please note from now on, make sure you are logged in as root or have switched to the root user by entering: su 3. To install ZCS, we will need to unzip the download package. The best way to handle this would be to create a temporary directory to unpack the installation files by logging in as root and then from a terminal typing the following command: mkdir /temp 4. Once the temp directory is created, copy the zipped installation file to the temp directory. I have downloaded the file to my Desktop, so I will copy the file from my Desktop to the /temp directory using the following command: cp /home/mresnick/desktop/zcs-network-4.5.6_ga_1044.rhel4.tgz /temp 5. Now we will change our directory into the /temp directory: cd /temp If you have not downloaded the file yet, you can do it now, using the wget command line tool: wget zcs-network-4.5.6_ga_1044.rhel4.tgz 6. In the same directory, put the License file you received by ZCSLicense.xml 7. In the /temp directory, we could now unpack the installation files: tar xvzf zcs-network-4.5.6_ga_1044.rhel4.tgz 8. Unpacking the file will create a zcs directory within /temp that we will need to change directory into, to install our server: cd zcs 9. From within the /temp/zcs directory there is a file called install.sh. This is the file that will launch the installer for Zimbra../install.sh [ 36 ]

64 Chapter The first thing the installation program will do is check and make sure there are no other installs of the Zimbra Collaboration Suite. Since this is a fresh install, no previously installed Zimbra components are found and we could hit Return to continue. 11. The second step of the install process is to check and make sure that all prerequisites and requirements have been met, prior to continuing with the installation. If you followed every step in this chapter, then during the install the check should be successful. If not, the installer will let you know what needs to be installed or configured prior to proceeding with the installation. Assuming all is OK, hit RETURN to continue. [ 37 ]

65 Installing Zimbra 12. Now we will be prompted which components we would like to install. As the installer cycles through the installable packages, you could just hit the ENTER key as the Y is the default to install the package. If you would like to exclude a package, type N and then hit ENTER on that package as it is prompted. In our case, we will install everything. After selecting the desired packages, the installer will prompt the user with a summary of packages to be installed. If all looks well, type Y and hit ENTER to continue. The default here is N, to not continue. 13. After all of the packages are installed, we are prompted with an opportunity to change any of the default settings. At this time, the only change we will make is to change the administrator password for administering the Zimbra server. First enter 6 at the Address unconfigured items prompt and press ENTER. [ 38 ]

66 Chapter Next, you will be presented with a list of options that could be changed. Type 4 for the admin password at the Select prompt and hit ENTER. 15. Type in the new password at the prompt noting that the password must be a minimum of 6 characters. Also note that the password is case-sensitive. 16. After entering the password hit ENTER and then you will be returned to the Store Configuration screen. 17. Now type 12 then ENTER to change the web server mode and activate http and https. 18. Type both in order to have both http and https working, then hit ENTER. 19. Now type 20 then ENTER, in order to enter the path of the license file. 20. Type /temp/zcslicense.xml, then hit ENTER. 21. Type r and then hit ENTER to return to the main menu. 22. Once all changes have been made, you'll see CONFIGURATION COMPLETE at the bottom of the Main menu. Type a to apply the new configuration. At this time, we are also prompted to save the configuration file, and then we are prompted to make sure we are ready to modify the system. Be careful and notice that the default here is No, so before hitting ENTER too fast, type Yes at the continue prompt. [ 39 ]

67 Installing Zimbra 23. The installer will now proceed to finalize the Zimbra installation and when all is said and done, a prompt notifying the user that the configuration is complete will be displayed. Hit ENTER to exit; and the installation of Zimbra Collaboration Suite on Red Hat Enterprise Linux 4 is complete. Installing on SUSE ES 9 The install of SUSE Enterprise Server 9 should be similar to Red Hat in that you will want to partition the drives the same way as described in step 5, as follows: A /boot partition of 100MB. A swap partition of twice our physical memory (RAM). A / partition that is able to grow to fill the remainder of the diskspace. A "default install" should be used. In the Network Devices section, a static IP address should be used along with entering Zimbra for the hostname and cs.com for the domain, creating a Fully Qualified Domain Name of Zimbra. cs.com. [ 40 ]

Chapter 2 Also, during the install, you will be prompted to configure the OpenLDAP server. At this time, the OpenLDAP server should be disabled, as to not conflict with the Zimbra-LDAP server.

68 Chapter 2 Also, during the install, you will be prompted to configure the OpenLDAP server. At this time, the OpenLDAP server should be disabled, as to not conflict with the Zimbra-LDAP server. Once the operating system is installed, there will be a few more pre-installation steps prior to installing the Zimbra Collaboration Suite. Also please note that on SUSE ES 9, the Zimbra clustering feature is not supported. Preparing SUSE ES 9 for Zimbra 1. The Default Install does not install GMP (GNU Multiple-Precision Library). So the first thing we need to do is use the YaST (Yet Another Setup Tool) to install the GMP library. Open up the YaST tool and select Install and Remove Software. [ 41 ]

With the YaST tool open, we will also need to install BIND to configure DNS on the server.

69 Installing Zimbra 2. In the Search text box, enter in GMP and click on Search. Then proceed to select the GMP checkbox and click Accept. 3. With the YaST tool open, we will also need to install BIND to configure DNS on the server. So in the Search box, type bind and click Search. Just as we did with GMP, select the bind and bind-utils checkbox and click Accept. [ 42 ]

Chapter 2 4. YaST offers a GUI tool for configuring the DNS server, which you could use to configure the DNS information required for the install of Zimbra.

70 Chapter 2 4. YaST offers a GUI tool for configuring the DNS server, which you could use to configure the DNS information required for the install of Zimbra. However, if you prefer to configure DNS manually, you can edit the /etc/named.conf and /var/lib/named/master/ cs.com files as described in the section above. To use the DNS Server Tool, reopen YaST and select DNS Server from the Control Center. 5. The first screen will ask if we want to set any Forwarder Settings; we could just leave the default setting of Set Forwarders Manually and click Next. [ 43 ]

Installing Zimbra 6. The next screen will ask us to create a zone file. We will proceed to name the Zone emailcs.com and leave the Zone Type as Master.

71 Installing Zimbra 6. The next screen will ask us to create a zone file. We will proceed to name the Zone cs.com and leave the Zone Type as Master. We can then click Add, which will add cs.com to Configured DNS Zones. To edit the DNS information of our newly created zone, we will click on Edit Zone. [ 44 ]

72 Chapter 2 7. In the Zone Editor, there will be several tabs displayed. We will first start with the NS Records tab and add zimbra. cs.com as our Name Server. [ 45 ]

73 Installing Zimbra 8. The next tab will be the MX Records tab. Here we will add zimbra. cs.com as our MX record, with a Priority of 10 and then click Add. Priority is used when you have several MX records and you want to organise the order the MX are used by the other mail servers on the Internet. The lower the number is, the higher the priority is: if you have two MX, one with priority 5 and the other with priority 10, the other MTA on the Internet will send the mail to the "5" MX. If this one does not answer, they'll try the "10" one. [ 46 ]

Chapter 2 9. Finally, on the Records tab, we will need to enter two records. An A record for mapping our host name emailcs.

74 Chapter 2 9. Finally, on the Records tab, we will need to enter two records. An A record for mapping our host name cs.com to the IP address of the server, and also creating a CNAME for zimbra. cs.com. When entering the CNAME, be sure to enter a period (.) after zimbra. cs.com. and cs.com., just as we would if we edited the files manually. [ 47 ]

75 Installing Zimbra 10. Lastly, we need to make sure that our DNS server will start up at reboot. To do this, we need to edit the DNS Start Behavior and make sure the radio button for On Start DNS Server Now and When Booting is selected. Once all of this is completed, click Finish and we are ready to start installing Zimbra. The installation of the Zimbra Collaboration Suite is identical to that of installing the Suite on Red Hat Enterprise Linux 4. Therefore, please follow the steps described in the Installing Zimbra Collaboration Suite earlier in this chapter. [ 48 ]

76 Chapter 2 However, be sure to download the correct ZCS archive from Zimbra's website there's a different archive for each supported operating system. Installing on MAC OS X The MAC OS X server does not include these Zimbra features: Searching and indexing attachments Viewing attachments as HTML Clustering However, if you choose to use MAC OS X server (it should be version ) as your operating system of choice, there are a few configurations you will want to have completed before attempting to install the suite. Preparing MAC OS X Server for Zimbra When installing MAC OS X server, the default install should work fine and install all of the necessary prerequisites for Zimbra. However, it is important that you configure a static IP address and hostname (zimbra. cs.com) during the install, or at least prior to attempting the install of Zimbra. Also, you may follow the instructions above to manually configure DNS on the server. On MAC OS X, the files that need to be configured are /etc/named.conf and /var/named/ cs.com. Once DNS is configured, you will need to start the DNS service as follows: 1. Open up Server Admin by clicking on Go Applications Server Server Admin. [ 49 ]

77 Installing Zimbra 2. With the Server Admin application open, find DNS in the list and make sure to start the service in the upper-right-hand corner of the screen, as displayed in the following screenshot: Java 1.5 is required to be installed and configured on the server prior to installing Zimbra as well. Java package could be installed with the Software update application. Once it is installed, you need to follow these steps to configure Java 1.5 as the default Java Virtual machine on the server. 3. Open up a terminal and change directory to the following: cd /System/Library/Frameworks/JavaVM.Framework/Versions 4. Remove the CurrentJDK symbolically linked file sudo rm CurrentJDK 5. Create a new symbolic link to the 1.5 version of Java sudo ln s CurrentJDK [ 50 ]

Once this process is completed, we can go ahead and install Zimbra. Installing the Zimbra Collaboration Suite When downloading the Zimbra Collaboration Suite from zimbra.

78 Once this process is completed, we can go ahead and install Zimbra. Installing the Zimbra Collaboration Suite When downloading the Zimbra Collaboration Suite from zimbra.com, you are actually downloading a Disk Image (dmg) package, and therefore the process for installing Zimbra on MAC starts out completely different than the linux servers discussed earlier. To begin the installation: Chapter 2 1. Double click on the zcs.dmg file and a window will open up displaying the zcs.mpkg file. Double-clicking this file will start the installation. [ 51 ]

79 Installing Zimbra 2. Next the package will check to make sure the software is compatible with the server you will be installing it on. Simply click on Continue to proceed with the installation. [ 52 ]

80 3. When the server check is complete, the Welcome to the Zimbra Collaboration Suite Installer screen will appear. Again, simply click on Continue. Chapter 2 [ 53 ]

81 Installing Zimbra 4. No software installer would be complete without a Software License Agreement screen, which of course appears next, along with an opportunity to select the language you would like to use. Click Continue and then Agree to continue with the installation. [ 54 ]

82 Chapter 2 5. Next we must select a destination for the installer to place the Zimbra files. In our case, we only have one hard drive, so we will select the drive and click Continue. [ 55 ]

83 Installing Zimbra 6. Finally, when all is done, the installer is ready to go by clicking Install. [ 56 ]

7. Once the installer is completed, we will be given instructions to run a perl script to complete the setup of the suite. Chapter 2 8. To complete the install, we must run the zmsetup.

84 7. Once the installer is completed, we will be given instructions to run a perl script to complete the setup of the suite. Chapter 2 8. To complete the install, we must run the zmsetup.pl script by opening a terminal and entering the following command: sudo /opt/zimbra/libexec/zmsetup.pl 9. The zmsetup.pl script behaves similarly to the install.sh script we ran on our Linux servers. So at this time you could just follow steps 9 to 17 in the Installing Zimbra Server earlier in this section. 10. You should now have Zimbra Collaboration Suite successfully installed on MAC OS X Server. [ 57 ]

85 Installing Zimbra Post-Installation Steps Now that our Zimbra Collaboration Suite server has been configured and installed, there are a few post-installation steps we will need to complete before moving on. We will be using Red Hat Enterprise Linux 4 to make these changes, however, you could just apply these steps to your operating system. The first step will be to enable our firewall so our server is protected. Configuring the Firewall As you will recall, we disabled the firewall when installing our operating system. With Zimbra installed, we can now open up just the ports necessary to successfully use our collaboration server: 1. First, we must login as root on our server by typing su at the shell prompt. 2. Next, we will open up the firewall configuration tool by typing: system-config-securitylevel 3. This will open up the Security Level Configuration Tool as shown on the next page. Here we will need to enable the firewall and select the checkbox next to SSH to allow for remote access to the server (and self access for mail queues management). We will also need to open up the following ports by typing them into the Other ports text box: :tcp pop3:tcp imap:tcp imaps:tcp ldap:tcp pop3s:tcp 7025:tcp 5800:tcp 5900:tcp 7071:tcp 3895:tcp 3894:tcp [ 58 ]

Chapter 2 4. With all the ports entered, click OK and you will be prompted to restart the firewall. Click YES and the firewall configuration is complete.

86 Chapter 2 4. With all the ports entered, click OK and you will be prompted to restart the firewall. Click YES and the firewall configuration is complete. Uninstalling Zimbra If at any time you find it necessary to uninstall the Zimbra Collaboration Suite, the process is actually very simple and straightforward. Uninstalling the ZCS also means deleting all the data ( s accounts, s, etc.). On Red Hat and Suse you need to: 1. From a command line, change directory to the /temp/zcs, where you first unzipped the installation file. 2. As root run the following command:./install.sh u 3. The u switch informs the installer to remove any instances of Zimbra it finds. [ 59 ]

87 Installing Zimbra On MAC OS X, the script is different. Go to the directory you installed Zimbra, and from the command line run the following command: sudo install.mac.sh -u Summary In this chapter, we installed our Zimbra Collaboration Suite for use by Collaboration Services, Inc. Although, the company will be using Red Hat Enterprise Linux 4, we discussed installing the Suite on SUSE ES 9 and MAC OS X as well. We also looked at preparing the server for the installation including editing the /etc/hosts file, installing and configuring DNS, making Java 1.5 the default virtual machine on MAC OS X and turning sendmail off. We also discussed configuring the firewall after installing Zimbra. Finally, we ended the chapter with a look at uninstalling the Zimbra Collaboration Suite when and if necessary. In the next chapter, we will begin looking at how to administer our newly installed server. [ 60 ]

88 Administrating Zimbra Now that we have the Zimbra Collaboration Suite installed, it is time to discuss the tasks and responsibilities necessary to maintain a stable and scalable messaging infrastructure. As the Zimbra Administrator, you are responsible for installing, configuring, maintaining, supporting, and optimizing the Zimbra Collaboration Suite. In the previous chapter, we have covered the installing piece in detail. In this chapter, we will cover the configuring, maintaining, and supporting pieces. Later, we will discuss how to optimize and monitor our system. A typical job description for an administrator for any messaging system may include: Manage and administer the system and all of its related software and hardware. Create, modify, and delete user accounts and set appropriate permissions and class of service for each account. Provide on-call technical support for the users. Set up and administer storage space allotments and quotas. Maintain the database, and track error and system logs. Install and configure anti-spam and anti-spyware solutions. Recommend, schedule, and perform software updates and upgrades as needed. Create and maintain sharing of address books, documents, and calendaring. Maintain the Global Address List for the organization. Develop, implement, and maintain policies, procedures, and training plans for the appropriate use of the system.

89 Administrating Zimbra This list is just a small part of the overall responsibilities an administrator may face. This chapter will focus on preparing the systems administrator to handle the above list and many more responsibilities that come with managing the messaging infrastructure of an organization. We will continue to use Collaboration Services ( CS) as our case-study, and begin our discussion by taking a look at the Administration Console that Zimbra provides to handle most of our tasks and responsibilities. An Overview of the Administration Console The Administrator Console is a web-based console that runs via a web browser. To open up the console itself, you could go to any browser and in the address bar type the URL: Remember, in our case, we are using zimbra. cs.com, however, in your environment, simply replace zimbra. cs.com with yourserver.yourdomainname. com. Don't forget to use https, because the administration console is only available in secure mode. You'll get a warning message in your browser because the SSL certificate is "not valid". This is normal, as the certificate was created by Zimbra during the setup and is self-signed. However, it is secure and you can use it. To log into the Administration Console, the user must be a member of either the Global Administrator or the Domain Administrators group. We will discuss those groups in more detail at a later time. For now, we are going to log in with the username admin@zimbra. cs.com and the password we created when installing Zimbra. [ 62 ]

90 Chapter 3 When first logging into the system, you will be presented with a screen as shown in the following screenshot. I have marked particular areas with a letter and will proceed to describe each area briefly. Later in this chapter, we will use each of these sections to manage and configure our install. A. Content Pane The content pane is a dynamic area that changes based on the functional area you are administering. When first logging into the administration console, the Server Status information appears. Server Status lists the services installed on the system, their current status (currently running or not), and the last time the services were started. B. Search Bar The Search Bar allows the administrator to quickly look for objects, such as user accounts or domains, you would like to modify or view. The default is set to look through all objects, however, by using the drop-down menu to the right of the globe, you could choose to search by Accounts, Distribution Lists, Aliases, Resources, and Domains. [ 63 ]

91 Administrating Zimbra C. Monitoring Sections C, D, and E are part of what is called the Navigation Pane. The Monitoring section of the Navigation Pane, is used for viewing: Server Status. Server Statistics which includes message count, message volume, anti-spam/anti-virus activity, disk usage, and quota information. D. Configuration This is the area where we will spend a lot of time in this chapter. The Configuration section of the Navigation Pane includes tools for configuring and defining: Class of Service, which is used to assign features, preferences, server pools (if available), and advanced configuration settings for use by a defined group of users. Domains, which is used for customized handling of Global Address Lists (GAL), authentication mechanisms, virtual hosts, and shared documents. Servers, which is used to define and customize services, MTA, IMAP, POP, and volume information. HSM sessions, which are used for handling archived messages and attachments may be initiated from this screen as well. Global Settings, are settings that apply as defaults globally for all domains and services on the server. It is important to keep in mind that Server Settings will override Global Settings. E. Addresses The addresses section is probably where the administrator will spend most of their time in the initial implementation of the system. This is where the administrator will create: Accounts for logging onto the system, creating boxes, and assigning users to a domain and class of service. Aliases, which are essentially additional names people may choose to receive for, in addition to their regular account . For example, my account may be mresnick@ cs.com, however, as I am the only Marty at the company, I could set up my account to receive mail at marty@ cs. com as well. [ 64 ]

92 Chapter 3 Distribution Lists are used to create addresses that will forward mail to multiple accounts. An example of this would be if you would like to create a sales@ cs.com address that forwards copies of each piece of to everyone in the Sales department. F. Shortcuts On the right-hand side of the Navigation Pane are a vertical row of icons that could be used as shortcuts to Navigate to various parts of the Administration Console. From top to bottom, they are: Manage Accounts Manage Configuration Monitor Servers Help Downloads Log Out G. Tools This set of icons show the administrator's tools. Mail Queues used to view mail queue information in real-time, as well as, manage messages that may require hold, releasing, and re-queuing. Backup will show the existing backups and will allow the administrator to restore some data. With knowledge of how to navigate around the Administration Console, we can now begin setting up our server. Before creating users and creating boxes, we will need to configure some Global and Domain level settings and defaults. Server Management Recall that when we installed our server, we used zimbra. cs.com as the domain name. This was fine for creating a test environment, however, as it stands right now, our user's address will be username@zimbra. cs.com and that seems a little lengthy. So the first thing we will do here is set up the additional domain. There is a reason I am choosing to create the Domain Settings first and not the Global Settings, which I will explain as we proceed through this example. [ 65 ]

Administrating Zimbra Creating a New Domain If you do not already have the Administration Console open, please open up your favourite web browser, type in

Once logged into the system, please click on Domains under the Configuration section of the Navigation Pane. Initially, we only see our zimbra.emailcs.

93 Administrating Zimbra Creating a New Domain If you do not already have the Administration Console open, please open up your favourite web browser, type in the URL for the console ( cs.com:7071) and log in as admin@zimbra. cs.com and the password you configured when we installed the system. Once logged into the system, please click on Domains under the Configuration section of the Navigation Pane. Initially, we only see our zimbra. cs.com domain listed. At this point, we could choose to edit the configurations of that domain, or we could choose to create a new domain by clicking New. [ 66 ]

Chapter 3 What we are doing at this point, is informing Zimbra that it will be handling email from multiple domains and how to handle the email for that domain in particular.

94 Chapter 3 What we are doing at this point, is informing Zimbra that it will be handling from multiple domains and how to handle the for that domain in particular. In our case, the domain will be called cs.com. Clicking on the New button opens up a wizard that walks us through the domain creation and makes sure we have at least the minimum configuration completed before attempting to use our new domain. At this point, we will walk through the wizard and make sure we have all of the information needed to proceed. 1. The first step of the wizard asks us to name the new domain, enter an optional description, and assign the domain to a policy. At this point, the only policy we have configured is the default policy, and that will work fine for now. We won't set any account limit either (this can be used for managed hosting, if you want to allow some users to be the administrator of a specific domain and allow him to create only a defined number of accounts in that domain). 2. After clicking Next, we must configure the settings for the Global Address List. We will be using the defaults of "Internal" for GAL mode and "100" for amount of results returned by a GAL search. Make sure those are the values entered and click Next. [ 67 ]

95 Administrating Zimbra 3. Again, we will use the default "Internal" for Authentication Mode. Make sure that value is chosen and click Next. Other choices for Authentication include LDAP and Active Directory. By choosing Internal, that means we will be creating usernames and passwords separate from any centralized domain authentication server. 4. Virtual Hosts will be left empty for now. This is useful if a user would like to have a default domain name appended to their name automatically when logging in. For example, instead of typing marty@ cs.com at login, I would simply type marty and the cs.com would be assumed. Click Next. 5. Zimbra has the ability of creating Document Spaces for each Domain. These are better known as a "wiki". This is one way to set up sharing of documents within an organization or between users. At this point, we will go ahead and create the domain level document space. Leave the default user of wiki@ cs.com, and create any password you would like. When completed click Next. This is currently a beta feature. [ 68 ]

96 Chapter 3 6. Since we created the document space, we need to set up some basic permissions for users in our domain to access the wiki. Leave the defaults here of all users in our domain having View, Edit, Remove, and Add. Also, go ahead and check Public and click Next. 7. That should do it for our domain. When prompted by the system, click Finish and our new domain is ready to go. With our new domain ready to go, we should now make some changes to our Global Settings so that cs.com is treated as our default domain and also to make sure all of the other settings are correct for our organization. [ 69 ]

Administrating Zimbra Configuring Global Settings In the same Configuration area of the Navigation Pane, towards the bottom, you will see Global Settings.

97 Administrating Zimbra Configuring Global Settings In the same Configuration area of the Navigation Pane, towards the bottom, you will see Global Settings. Single-click Global Settings and the Content Pane will now show information about our server with the General tab displaying the first piece of information regarding our setup. 1. Due to the fact, this server will primarily be used for cs.com accounts, we should go ahead and make cs.com the Default domain on our server as displayed below. 2. The default for the GAL search is fine at 100. So the next tab we will work with is the Attachments tab by clicking on the tab towards the top of the Content Pane. This is where we could inform Zimbra how to handle attachments. Our choices are Attachments may not be viewed regardless of Class of Service, Attachments are viewed in HTML regardless of Class of Service, and Attachments are viewed according to Class of Service. This is always a sticky area for an administrator, as the easiest thing to do would be to create a global rule about attachments regardless of user. However, in the "real world" that may not work, as there are always exceptions to every rule. In my experience, using Class of Service to determine the handling of attachments is always the best way to go. However, the one global setting that Zimbra uses is rejecting particular attachment extensions. For example, in a Windows environment you would never want your users to open up any extension with a.bat or.vbs extension. Zimbra comes preconfigured with about 30 extensions that could be rejected. I would recommend using them all, and find another means of having your users send files back and forth to each other, like FTP. So on this screen, we will go ahead and make sure the radio button for Attachments are viewed according to COS is marked and that all 30 extensions are added to the Reject messages in the following extensions area. [ 70 ]

98 Chapter 3 3. The MTA (Mail Transport Agent) tab is used to configure global settings for SMTP. For example, does SMTP require authentication before it will allow a sender to send mail through the server and also the restrictions for size and upload size for documents and files. There are only a few changes we are going to make on this screen. The Web mail hostname we will change from localhost to zimbra. cs.com. 4. The next two tabs are IMAP and POP. As we will be using this in a corporate environment, and we will primarily be encouraging users to use Outlook or the web-based client, we will disable both of these services by unchecking the Enable IMAP and POP3 service boxes. [ 71 ]

99 Administrating Zimbra 5. The AS/AV tab is for enabling the built-in anti-spam and anti-virus solutions within Zimbra. It is always a good idea to enable these, even if you are using a third party software package to handle this on another server (this will allow Zimbra to catch some spam/virii not caught by your other solution and to learn from your users' classification). The default settings for Kill and Tag percent should work fine, as well as the default Anti-Virus settings. 6. The Backup/Restore tab allows you to set up the target directory for the backup and the notification informations. The default is fine. 7. The HSM tab is used for secondary storage for archived messages. The 30-day default works fine for this. 8. The License tab displays your current license information. At this point, most likely, the license type should say trial. When clicking on the top of this screen, you could upload a new license. 9. Once all of the settings have been changed. Make sure to click Save in the upper-left-hand corner of the content pane. At this point, it may not be a bad idea to scroll through each tab and make sure all of your changes are currently showing. The final step in getting our server operational and ready to add users, will be to look at setting up a Class of Service for our users. Class of Service Collaboration Services will have two classes of service for their users: one for employees and the other for the Executive team. First, we will set up the Class of Service for the employees. 1. The easiest way to set up a Class of Service is to use the default COS as a template and duplicate it. To do this, click on the Class of Service item in the Configuration section of the Navigation Pane and highlight default. With default highlighted, click on the Duplicate button to get us started. [ 72 ]

100 Chapter 3 2. Five tabs will now appear with the first one being General Information. This is where we will name our class of service and add a description and any notes we see fit. We will call this class of service "Employees" with a description of "COS for Employees". Once that information is entered, go ahead and click on the Features tab. 3. The Features tab lists all features that users in this Class of Service are entitled to use and/or have access to. Our users will not have access to the following, so please make sure the following boxes are not checked: Change Password IMAP Access POP Access External POP3 access Allow users to specify a forwarding address Zimbra Mobile 4. The Preferences tab will be used to set up default settings for the Users and how Zimbra handles their . For example, we could set how many items are displayed per page, or how mail should be composed or read. These settings really only apply to the Zimbra web-based user interface and we will go through customizing these preferences later at the user level. 5. Themes allows you to authorize the users to change the look and feel of the web interface (and specify which themes are allowed). We'll leave the default. 6. Zimlets is like Themes but for the Zimlets. Once again, default is OK. 7. Server Pool does not apply to us, as we are only using one server for Zimbra. So we could skip this tab. 8. The Advanced tab will be where we set quotas and password handling for each user. We will be giving every user 500MB of disk space to start and require a Minimum Password length of 8 characters. Everything else we could leave default here. 9. Once completed with the changes, be sure to Save the Class of Service. 10. For the "Executives" Class Of Service, there are only a few changes that will be different from the the "Employees" so at this point, from the list of COS we could highlight "Employees" and click Duplicate. 11. We will call this Class of Service "Executives" with a description of "COS for Executives". When complete click the Features tab. [ 73 ]

101 Administrating Zimbra 12. We will allow executives to have additional features. Place check marks next to Zimbra Mobile, External POP3 access, and Allow the user to specify a forwarding address and leave everything else the same. 13. Lastly, we need to take away any quota from the executives, as the last thing we need is for an Executive to not be able to send and receive . On the Advanced tab, change the Account Quota to "0" so there is no quota set for the executives. Be sure you have enough disk space available to allow this. 14. Once completed, press the Save button and our Classes of Service are now set up and ready to use by our users. We now have configured our server and created Classes of Service for our users, so the next step will be to create our users. User Management Creating users in Zimbra is very straight forward and takes very little time. Right now, we will create one user in the employees group and one in the Executives group. We will also set up a distribution list that includes both of those users, as well as, an alias for the executive. Creating User Accounts To create our first user account, we will need to use the Addresses section in the Navigation Pane of the Administration Console. By single-clicking the Accounts menu item, a list of users that are already configured will be listed. At this point, we could click on the New button in the upper-left-hand corner of the Content pane and create our first user. 1. The first screen that appears when creating an account is really the only screen we will usually need. This screen allows us to create an account name, which will be the first part of their address, and assign a domain for . Since we set cs.com as the default earlier, it is showing as the default address for our user. Please go ahead and fill out the information as shown. Be sure to uncheck auto and select employees for Class of Service and click Next. [ 74 ]

102 Chapter 3 [ 75 ]

103 Administrating Zimbra 2. The next screen allows us to enter contact information that will show up in the Address Book for the user. For now, you may enter any information you choose, or use the information I entered below and click Next. 3. We are prompted to create an alias for this account. We will go through how to manually do this later, so leave this blank and click Next. 4. The next screen asks if you would like to override the setting we defined in the Employees Class of Service and allow the user to specify a forwarding address. Leave everything blank on this screen and click Next. 5. Next, the Features screen appears. As we already defined all of these on the Class of Service, we could simply click Next here. 6. Just as with Features, we also set the Preferences, so please simply click Next here. 7. Themes is next screen, just like Features and Preferences, click Next. 8. Then we have the Zimlets screen, just click Next once more. 9. Lastly, we could override any advanced settings (for example, quota) for this user, but we are going to stick to our guns and use our Class of Service settings. Clicking Finish here will create our user. 10. Now let's go ahead and create our executive user, but we will make it a little simpler. As you have seen, we have already completed most of the work by creating a Class of Service. So to create our executive, we just need a couple of steps. [ 76 ]

Chapter 3 11. Click New in the upper-left-hand corner of the content pane, and the New Account Wizard will open up. 12. On the first screen, we will call this account CEO.

104 Chapter Click New in the upper-left-hand corner of the content pane, and the New Account Wizard will open up. 12. On the first screen, we will call this account CEO. Also make sure you select executives from the Class of Service drop-down box. 13. By clicking Next, you have the option of entering address information for our CEO, or you could simply click Finish here and your account is all set with all of the settings from the executive's Class of Service. Creating an Alias With a couple of users set up, we could look at creating an alias for our CEO, so that employees could reach him by ing ceo@ cs.com or by his first name bill@ cs.com. 1. Single-click on the Accounts menu item of the Addresses section in the Navigation Pane. You could also use the Aliases menu item, but essentially you would create a new account as well. 2. Highlight the ceo@ cs.com user and click on Edit. 3. Click on the Aliases tab and type "bill" in the text box. 4. Click Save in the upper-left-hand corner of the Content Pane. 5. To make sure the alias was created, click on the Aliases menu item in the Addresses section of the Navigation Pane. 6. bill@ cs.com should now be listed. [ 77 ]

105 Administrating Zimbra Finally, we will go ahead and create a Distribution List to send to all of our users (well, the two of them we have so far). Creating a Distribution List Distribution lists are very handy, as they are used to create a mailing list of multiple users, but the sender only needs to enter in one address to reach all of these users. This saves a lot of time on the user's part and also facilitates better communication by making sure everyone receives necessary information without the worry of a user leaving someone off of the list. To begin, create our distribution list: 1. Single-click Distribution Lists from the Addresses section of the Navigation Pane. 2. Click New from the upper-left-hand corner of the Content Pane. 3. Give the list the name users and keep the default of cs.com for the domain. 4. Display name could be entered as All Users and no description is necessary, as I think this is pretty self explanatory. 5. On the right-hand side of the screen, we could go ahead and add members to our distribution list. By clicking on SEARCH, all users will be listed that are on the server. If we had a lot of users, we could type in a search criteria in the search text box. [ 78 ]

6. Highlight worker@emailcs.com and ceo@emailcs.com and click Add. Chapter 3 7. Once completed, click Save in the upper-left-hand corner and your distribution list is complete.

106 6. Highlight and and click Add. Chapter 3 7. Once completed, click Save in the upper-left-hand corner and your distribution list is complete. We have spent a good amount of time looking into the Administration Console and have seen how useful it is in helping administrators manage the system and its users. However, there is also another way to mange the Zimbra Collaboration Suite that is very appealing to Linux users, and that is by way of the Command Line Interface (CLI). [ 79 ]

107 Administrating Zimbra Administering Zimbra from the Command Line Although the Administration Console could handle the bulk of the administration needs an administrator may need to handle, there are a few tasks that need to be handled using the Command Line Interface. In this section, we will be looking at two specific command line tools and will continue to focus on additional tools throughout the rest of this book. The first tool we will be focusing on is zmcontrol. Managing Services with zmcontrol Zimbra Collaboration Suite uses a tool called zmcontrol to manage and monitor services via a command line. The three options we will look at will be status, start, and stop. The status option will display the list of all services configured for the Zimbra installation and will display the status of each one. To use zmcontrol: 1. Switch to the Zimbra user by logging into the server as root, and then typing su zimbra at the command prompt, as displayed below. [root@zimbra ~]# su zimbra 2. Now as the Zimbra user, you need to enter zmcontrol status [zimbra@zimbra ~]$ zmcontrol status 3. A listing of the services will be returned to the command window, along with each service's status. Host zimbra. cs.com antispam antivirus ldap logger mailbox mta snmp spell [ 80 ] Running Running Running Running Running Running Running Running 4. It appears all of our services are up and running. However, if we wanted to stop the services, we could use zmcontrol with the stop option. [zimbra@zimbra ~]$ zmcontrol stop Host zimbra. cs.com Stopping mta...done Stopping spell...done

108 Stopping snmp...done Stopping antivirus...done Stopping antispam...done Stopping imapproxy...done Stopping mailbox...done Stopping logger...done Stopping ldap...done Chapter 3 5. And finally, to start all of our services back up we could use the start option. [zimbra@zimbra ~]$ zmcontrol start Host zimbra. cs.com Starting ldap...done. Starting logger...done. Starting mailbox...done. Starting antispam...done. Starting antivirus...done. Starting snmp...done. Starting spell...done. Starting mta...done. zmcontrol also has an option for maintenance. This places Zimbra and a read-only mode for all users, and is used during the backup process. We will use this option as we discuss Backup and Recovery in a later chapter. Creating Accounts with zmprov As we walked through creating users with the Administration Console, I am sure some of you were thinking there has got to be a better way to create users. Especially since most administrators will be dealing with hundreds of users. Zimbra uses a command line utility called zmprov that is used to add accounts, administrators, and aliases from the command line. Also, because this is a command line tool, it is not difficult to create a script or batch process to create multiple users with ease. To create the user account we will use the zmprov utility, as with three options. First, we will use ca meaning "create account". Second, we will enter the address for the account. Last, we will need to give the user a password. 1. From a command line as the Zimbra user, enter the following: [zimbra@zimbra ~]$ zmprov ca employee1@ cs.com password [ 81 ]

109 Administrating Zimbra 2. Although the user is created, we have not assigned a particular Class of Service to them. We do this with zmprov and the sac option. [zimbra@zimbra ~]$ zmprov sac employee1@ cs.com employees We have now created a new user, employee1, and have assigned employee's Class of Service to them. zmprov could also be used to modify the user. For example, let's say Employee1 has received a promotion to an executive position. Not only does Employee1 receive a key to the executive washroom, they will also receive a change to their Class of Service from employees to executives. To accomplish this change with zmprov, we would do the following: [zimbra@zimbra ~]$ zmprov sac employee1@ cs.com executives Both command line utilities, zmprov and zmcontrol, could be very useful and efficient when managing your Zimbra implementation. We have just scratched the surface of managing Zimbra from a command line in this chapter. In later chapters, we will continue expanding our knowledge of the powerful Command Line Interface. Summary This chapter introduced the basic functions of administering the Zimbra Collaboration Suite. Having the ability and knowledge of creating and modifying user accounts, creating and modifying server settings, and using the Command Line Interface will serve as a foundation to delving into the more advanced functions and administration of Zimbra. In the next chapter, we will take a break from server administration, and take a look at how the end-user will use Zimbra for sending and receiving , scheduling appointments with the calendar, sharing documents, and customizing the look and feel of the Zimbra web-based client. Understanding Zimbra from the user perspective is key to becoming a successful Zimbra administrator [ 82 ]

110 The Zimbra Web Client As we continue our understanding and knowledge of managing the Zimbra Collaboration Suite, it is important, at this point, that we take a break from the back end systems administration, and see what Zimbra looks like from the user's perspective. As systems administrators, our main goal is to ensure that our system is working properly and creating a messaging infrastructure that is both effective and easy to use for our user community. Without understanding how the users are using the system, or for that matter, should be using the system, our jobs would not be possible. In this chapter, we will take a break from configurations and day-to-day systems administration and focus on the Zimbra Web Client. Keep in mind, that there are many clients available to access the Zimbra server (as explained in Chapter One). However, this chapter will focus on the Zimbra AJAX web client, which is the recommended client, to take advantage of all the features and functionality that Zimbra has to offer. The AJAX web client offers an interactive web application that presents a very responsive client that could be accessed from any computer that has an Internet connection and a web browser. Of course, access to the web application may be limited by the network administrator, but that is a conversation for another time. Currently (end of July 2007), the web-client is supported on Internet Explorer 6 SP2 and 7, Firefox 1.0.7, 1.5 and 2, and Safari (beta, version 3.0 is not supported at all). The Web Client System Requirements According to the client system requirements, as listed on the client computer could be any one of three operating systems: Windows XP Fedora Core 4 MAC OS X 10.4

111 The Zimbra Web Client The system requirements for Windows XP include: 1.5 GHZ Processor 512MB RAM Internet Explorer 6.0 SP2 or 7 Or Firefox 1.0.7, 1.5 or 2.0 For Fedora Core 4, the requirements are: 1.5 GHZ Processor 512MB RAM Firefox 1.5 or 2.0 And for MAC OS X 10.4: 1.5 GHZ Processor 512MB RAM Firefox 1.5 (or 2.0) or Safari A 1024x768 screen is mandatory. Although the Zimbra Web Client works on all types of operating systems and browsers, in my experience, I have found that the highest performing client configuration for a Zimbra implementation would be to use Fedora Core 4 clients with Firefox 1.5. If your environment is a Windows XP and/or MAC OS X environment, your best bet is to use the Firefox browser for all of your clients. To access the Zimbra Web Client, users will need to open up their browser, and type the URL for the server that you created in Chapter Two. In our case, that URL would be At this point, we are going to walk through the Zimbra Web Client, put on our user's hat, and learn how to use the major functionality the client has to offer. [ 84 ]

Chapter 4 A Bird's Eye View of the Web Client Before we begin using the web client, we are going to take a few moments looking at an overview of the web client and the various components that make up

112 Chapter 4 A Bird's Eye View of the Web Client Before we begin using the web client, we are going to take a few moments looking at an overview of the web client and the various components that make up this rich Internet application. To follow along, open up your browser and enter the URL of your Zimbra client. Again in our case, we will change to visit We are going to use the worker account we created in Chapter 3. When the web client first appears, you will be presented with the screen shown in the following screenshot: We will log into the client as the username worker and the password you created in Chapter Three. Once those pieces of information are entered, click Log In and we are ready to go. [ 85 ]

113 The Zimbra Web Client The initial screen users will be presented with will look similar to the one shown in the following screenshot. However, I have highlighted and labeled certain areas that we will focus on in this chapter. Starting from the uppermost left corner of the web client, we will now define each section and what its uses are, as it pertains to the user. A. Location Box displays the application the user is currently using, in our case Mail or , and then present a drop-down menu of available views for that application, if applicable. B. Overview Pane displays a list of folders available to the user. Included in the list of folders are system folders (INBOX, SENT, DRAFTS, JUNK, TRASH), as well as custom folders that are created by the user, Tags, Zimlets, and Searches. C. Calendar Overview Pane displays the current month and highlights the day's date. The Calendar also presents the user an overview of days that have appointments or events by presenting the numbers in bold. By double clicking on any day of the week, the user is presented with the Calendar application. It's also called the "minical". [ 86 ]

114 Chapter 4 D. Status Box displays the current time, as well as displays any informational messages that the system communicates to the user. An example of an informational message would be letting the user know when an message has been successfully sent. E. Application Chooser presents the user with a shortcut list of applications presented via tabs. The user could simply click the appropriate tab to quickly open up the Zimbra application of their choice. On our screen, from top to bottom, the applications are Mail, Address Book, Calendar, Notebook, Help, Options, and Log Out. F. Search Bar is used to perform ad-hoc searches within Zimbra, as well as access the more advanced Search Builder feature. G. Quota Display Bar displays the current logged user and the amount of space they are currently using on the server. Lastly, it displays the total quota, or amount of space, they have available to use. H. Toolbar presents the user with functions that are available for the user to use in the current application. I. Content Pane presents the user with results of the currently selected item in the Navigation Pane. In the case of the previous screenshot, Inbox is selected in the Folders section of the Mail Application. So the Content Pane is displaying our in our Inbox. With an understanding of where to find things in the application, we will now discuss interacting with the Zimbra Web Client, accomplishing everyday messaging tasks. Working with Communicating via is as much a part of our lives as writing letters through "snail mail", talking on the phone, or faxing one another. That being the case, we are not going to spend a lot of time discussing what it means to compose, send, reply, forward, and add attachments to . These tasks tend to be standardized among most applications. So in this section, we are going to quickly walk through these tasks, and then discuss Zimbra ing functionality in more detail. This additional functionality will include working with Tags and viewing Conversations. So let's begin walking through the basic functionality of Zimbra. I have sent a sample from the CEO to our Worker Bee and will use this to begin discussing the overview of the process. [ 87 ]

115 The Zimbra Web Client Checking As you can see in the following screenshot, I have just logged into the Zimbra application as Worker Bee (username worker) and have received a new message. [ 88 ]

116 Chapter 4 When new is received, the name of the folder is highlighted with bold text, with the number of new messages in parentheses. In our case, we have one new message and if we click on the Inbox, we see the new message in the Content Pane. The content pane, by default, lists seven columns including Flag, Tag, From, Attachment, Subject, Count, and Received. These columns are customizable, by right-clicking on any column heading and placing a check next to the columns you would like to be visible. Removing the check hides the corresponding column. Each column may also be used as a criteria for sorting the display, simply by clicking on the column. For example, if you would like to see all messages that have a Flag marked for them, click on the Flag column. [ 89 ]

The Zimbra Web Client To open up a message, double-click the message in the Content Pane. Now the Content Pane changes to reveal the message in two parts.

117 The Zimbra Web Client To open up a message, double-click the message in the Content Pane. Now the Content Pane changes to reveal the message in two parts. Also, the buttons on the Toolbar change to allow for additional functionality. The first part of the message is the Header. This includes the subject of the message, who it was sent by, who it was sent to, and the date/time of when it was sent. What is unique to Zimbra, is that when you hover the mouse cursor over a name that is in your contacts (in this case CEO), the contact information is revealed in a pop-up box. By highlighting the Date, a list of any appointments that you have that day is listed. By clicking on any of the displayed names, the Compose screen appears allowing you to send an to that person. [ 90 ]

Chapter 4 One other feature that the Zimbra Web client offers, is by right clicking on any name or email address, a context sensitive menu is displayed in a pop-up menu, offering a list of options

118 Chapter 4 One other feature that the Zimbra Web client offers, is by right clicking on any name or address, a context sensitive menu is displayed in a pop-up menu, offering a list of options including creating searches, adding contacts, creating rules, and so on as seen in the following screenshot. Once an is read, it is no longer highlighted. With the open, you may reply, reply to all, or forward the message if desired. This functionality is standard in every application. When you are done with the message, you may choose to file it in a folder other than the Inbox for organization purposes. [ 91 ]

In this case, I will be creating a folder called CEO, to file all of my email messages from the CEO automatically.

119 The Zimbra Web Client To create a new folder: 1. Right-click on the Inbox and select New Folder. 2. When the Create Folder Dialog box appears, type a name for the new folder and click OK. In this case, I will be creating a folder called CEO, to file all of my messages from the CEO automatically. 2. To create a rule to automatically file s from the CEO to this folder, I could right-click on the message in the Inbox and select New Filter. [ 92 ]

Chapter 4 3. Most fields are automatically populated for you based on the message selected. You just need to add a Filter Name and select the folder you would like to file the email into. 4. This rule will be effective for every new email that comes in from the CEO.

120 Chapter 4 3. Most fields are automatically populated for you based on the message selected. You just need to add a Filter Name and select the folder you would like to file the into. 4. This rule will be effective for every new that comes in from the CEO. Now, just drag the current message from the Inbox (Content Pane) and place it into the CEO folder. Please go ahead and reply to the CEO's message, so we could use the message for later examples. Composing Just like the functionality for checking , composing in Zimbra is fairly straightforward. We had discussed earlier that clicking on the from or contact in an message will automatically open up the compose screen. However, if you are going to initiate an to someone, you would: 1. Click on the New button of the Mail application toolbar. [ 93 ]

121 The Zimbra Web Client 2. The Content Pane is now changed to a new message template, with the Toolbar changing as well. The new buttons are Send, Cancel, Save Draft, Add Attachment, and Options. 3. Either enter the contact name manually (if it is an address you have used before, Zimbra will display a list of matching entries as you type in the To address) or you could click on the To button to open up the contact list. 4. By default, there are three address lists to choose from: a. Contacts b. Personal and Shared Contacts c. Global Address List [ 94 ]

122 As we only have contacts in our Global Address List, select it from the drop-down menu and type CEO in the search text box. Chapter 4 5. You can now select the proper address and add it to the To, Cc, or Bcc form of the One option you have is to add an attachment to the using the appropriate button on the toolbar. A text box will appear under the subject line and will also provide you with a Browse button to choose the attachment from your computer. You could add or remove attachments as you wish. [ 95 ]

123 The Zimbra Web Client 7. Another option is if you would like to save an to work on later, or to just send at another point, you could click on the Save Draft button. 8. The Options button allows you to add additional options to the including: a. Format as HTML b. Format as Text c. Show Bcc 9. If you have installed the Zimbra Spell module, you will also have an option to spell check your by clicking the appropriate button. 10. When you've finished composing the , you may click on Send. 11. A copy of the will be saved in the Sent folder by default. Please go through the proceeding steps and send an to the CEO. We will need this to examine some additional features Zimbra offers. Tags clients are great, especially when they provide you with a means to organize s into folders. But what happens when a particular could be organized into multiple folders. Or what happens if you just want to group s together on a particular topic or project, but do not want them filed away in separate folders? The answer is Tags. Tags are used to flag messages and logically organize s, regardless of which folders they are stored in. Tags are used to essentially "color code" messages and create a quick way of seeing all s related to a particular topic. [ 96 ]

For example, we have received an email from the CEO and we have sent a completely unrelated message to him as well. Well, at least they are unrelated as far as Zimbra is concerned.

124 For example, we have received an from the CEO and we have sent a completely unrelated message to him as well. Well, at least they are unrelated as far as Zimbra is concerned. But, in our minds, we want to be able to group those messages together. So what we will do is Tag each message, thereby grouping them together. 1. Login to the Zimbra Web Client at Chapter 4 2. In the CEO folder, beneath the Inbox, right click on the "Good Morning" message from the CEO (you will need to send this message using the CEO account, if you have not already done so). 3. Select Tag Conversation New Tag from the pop up menu. [ 97 ]

The Zimbra Web Client 4. The Tag dialog box will open where we could name the Tag. Let's name the Tag "CEO Brown Nosing" and select Orange from the drop-down list. 5.

125 The Zimbra Web Client 4. The Tag dialog box will open where we could name the Tag. Let's name the Tag "CEO Brown Nosing" and select Orange from the drop-down list. 5. Notice that the message now has an orange tag next to it in the Tag column. 6. Click on the Sent folder and find the you composed in the earlier section. [ 98 ]

Chapter 4 7. Right-click on the message, select Tag Conversation, and now you can select "CEO Brown Nosing" from the list. 8. This message will now also have an orange tag in the Tag column.

126 Chapter 4 7. Right-click on the message, select Tag Conversation, and now you can select "CEO Brown Nosing" from the list. 8. This message will now also have an orange tag in the Tag column. You have now successfully tagged messages and grouped them together. You may have also noticed that the reply-to message you created when replying to the CEO's earlier message also has an orange tag. The reason for this is by default, Zimbra groups these messages together into conversations (see below), which we will explore in the next section. In this case, Zimbra automatically tagged the message as well. To quickly bring up all the messages that are related to the "CEO Brown Nosing" group, click on the CEO Brown Nosing Tag on the Navigation Pane under Tags. This will display the two tagged messages. The reply-to is grouped together with the initial "Good Morning" from the CEO. [ 99 ]

The Zimbra Web Client Conversations Zimbra has a built-in feature that groups email conversations into a single thread.

127 The Zimbra Web Client Conversations Zimbra has a built-in feature that groups conversations into a single thread. This being the case, we can now make it easier to find messages, as they are all logically grouped together, with no extra effort on our own. Earlier in this chapter, we discussed the Location Box and how, for some applications, it will have a View drop-down box. In the Mail application, the two views are By Conversation and By Message. By default, messages are grouped by Conversation, so the initial in the thread will be displayed with a number in parentheses in the Conversations column. In our case, that number is "(2)" representing that there are two messages in the conversation. By double-clicking on the message, the Content Pane will now display the list of messages that make up the conversation, as shown in the following screenshot: Conversations make it easier to organize your and increase search and grouping capabilities with very little interaction from the user. Admittedly, some users will not like the Conversation view and they have the option to choose By Message from the View menu. [ 100 ]

Chapter 4 Working with email only reveals a small measure of the unique capabilities that the Zimbra Web Client has to offer.

128 Chapter 4 Working with only reveals a small measure of the unique capabilities that the Zimbra Web Client has to offer. Continuing on with our exploration of the Web Client, we will now take a look at managing contacts. Managing Contacts Imagine life without your list of Contacts. In my experience as an Administrator and Implementer, this is the one area where users get very protective, especially executives and managers within an organization. Zimbra provides the users with two types of personal address books. One called Contacts allow users to add users manually to their address book. The other, ed Contacts, tracks contacts that the user has sent and received s to or from. This list is populated automatically. For the following exercise, we will be logging in as the CEO and managing his address book. 1. Login to the Zimbra Web Client at as CEO. 2. Once logged in, click on Address Book. 3. In the Address Books application, the Content Pane changes to a phone list of our contacts. At this point, our Address Book list is blank. [ 101 ]

The Zimbra Web Client 4. Click on New in the Toolbar to add our first contact. 5. Enter your first name, last name, and email address and click Save.

129 The Zimbra Web Client 4. Click on New in the Toolbar to add our first contact. 5. Enter your first name, last name, and address and click Save. Zimbra offers the ability to store a ton of information about a contact, for now, we will just keep it simple. 6. The File As: section provides options for how the user would like contacts displayed in the Address Book. Ours will be filed as "Last, First". 7. In the Content Pane, you should now be able to click on the first letter of your last name or the All button and see an entry for the new contact. Seems pretty straightforward, but let's add some additional Zimbra functionality to make things more interesting. For example, earlier we discussed how users have the ability to Tag messages, well what if the user wanted to logically group contacts through Tags? 1. Find the contact we just created in the Address Book, right-click the contact and select Tag Contact New Tag. [ 102 ]

130 2. Type a name for the Tag, we will call this one "Networking Group", and choose Cyan for the color. Chapter 4 3. Click OK and you should see a Cyan tag next to the contact in the Content Pane. 4. Also in the Navigation Pane, under Tags, you should see the Cyan tag labelled Networking Group. By clicking on the Tag, all of the members of the Networking Group will appear. Keep in mind that Tags are universal among all of the Zimbra applications. So a contact and an message and an appointment could all be assigned to the same Tag. Also, items could be assigned to multiple tags. Zimbra really makes organizing your user's messaging needs pretty easy. One more feature we should take a look at, is the ability to share address books among users. Sharing Address Books As the Worker Bee, you have been assigned the task of managing the contacts of the CEO. He has much more important things to do. The CEO needs only to share his address book with you and you will be able to manage his contacts from your Zimbra Web Client using your login. Here's how: 1. As the CEO, right click on the Contacts folder in the Address Books application. [ 103 ]

The Zimbra Web Client 2. Select Share Address Book from the drop-down menu as shown in the following screenshot. 3. The Shared Address Book dialog box will appear. Enter worker@emailcs.

131 The Zimbra Web Client 2. Select Share Address Book from the drop-down menu as shown in the following screenshot. 3. The Shared Address Book dialog box will appear. Enter com for and select the radio button labelled Manager. Sending a standard message is fine, so click OK. 4. Log out of the Zimbra Web Client by clicking on Log Off and log back in as the worker. 5. You should now see a new message from the CEO with the subject line "Share Created". This message will be in the CEO folder (because of the rule we created before). 6. Double click the message and in the Content Pane you will have the option to Accept or Decline the share. Seeing as though this is from the CEO, we better accept it. Click Accept Share and a dialog box will appear. 7. Leave the default name of "The Boss's Contacts" and select Orange for the color. [ 104 ]

132 Chapter 4 8. There is no need to send an about the share, so click Yes. 9. Click on the Address Book icon in the Application Chooser and you should now see The Boss's Contacts in the Worker's contact list. [ 105 ]

The Zimbra Web Client The worker now has full control of the CEO's contacts. Any changes made here are made directly to the CEO's contacts, and he will see them when he logs in.

133 The Zimbra Web Client The worker now has full control of the CEO's contacts. Any changes made here are made directly to the CEO's contacts, and he will see them when he logs in. Not only do users have the ability to share contacts, they could also allow people to share their schedule as well. Managing Schedules In this section, we will explore the Calendar application of the Zimbra Web Client. We will start with the basics of adding and managing appointments and then end with a look at sharing and letting others manage your calendar. To follow along with the examples in this section, please log in to the Web Client as the CEO user. Once logged in click on Calendar. The Content Pane will now change to reveal the current view of the calendar and the toolbar will now be changed to allow for Calendar functionality including, New, Refresh, Trash, Print, and then a button for each of the five views available for the application. There are five different views you could view the calendar in, they are by Day, Week, Work Week, Month, and Schedule. For now, we will be using the Week view. [ 106 ]

134 Adding Appointments There are a couple of different ways to add an appointment to your calendar. The easiest way is to simply click on a date in the calendar (at the bottom of the Navigation Pane) and this will open up the Calendar view of the Content Pane. 1. Click New from the Toolbar and select Appointment. Chapter 4 2. From there, the Appointment dialog box opens with five tabs that could be completed if necessary. 3. The Appointment Details tab is just that: the overall details of the appointment itself. For this example, add "Training" to the Subject and CEO for location (CEO's Office). The show as drop-down menu is how you would like the Schedule to show that time as. This is especially important when others are looking at your schedule to determine a good time to contact you. 4. Let's make this an All Day Event by checking the checkbox and clicking on the Schedule tab. [ 107 ]

should invite them to our meeting/event at that time. By default, you will see your own schedule.

135 The Zimbra Web Client 5. The Schedule tab allows us to check our availability, as well as other members of our organization's availablility in order to know if we should invite them to our meeting/event at that time. By default, you will see your own schedule. In the box directly underneath, add worker and it will reveal his schedule, which at this point should be wide open. 6. On the Find Attendees tab, you could now search for people to attend this event. Type Boss in the Find textbox and click Search. Once The Boss shows up in the results pane, click Add. [ 108 ]

Click Save and your event is now scheduled.

136 Chapter 4 7. As we have not set up any locations or resources in our system, we could skip those two tabs. Click back on the Appointment Details tab and it should now look as shown in the following screenshot. 8. Click Save and your event is now scheduled. Because you added The Boss to your attendees list, he will receive an like the one below to accept or decline the invitation. By accepting the invitation, it will be added to his schedule as well. [ 109 ]

137 The Zimbra Web Client Creating Multiple Calendars Zimbra also provides the ability for someone to have multiple calendars. This is especially useful if you are managing multiple projects, or you have a need to keep a personal and/or business calendar separate. This is also very useful if you are managing multiple calendars for different users. To create an additional calendar: 1. Open the Calendar Application (as the CEO user) and click New. 2. From the drop-down menu, select Calendar. 3. This will open up the Create New Calendar dialog box. 4. We will call this Calendar "personal" and use blue as its color. 5. Check the box to have it included when reporting free/busy times. 6. Leave the remote calendar synchronizing box unchecked. This would be used if we were syncing the calendar with another application such as ical or Outlook. You could use the "remote sync" with an external calendar such as the one provided by Mozilla's website that contains the days of country per country. 7. Click OK. You should now see an additional calendar in the Navigation Pane. Now, when you create a new event, you will have the choice of which calendar to add it to. Also, appointments will show up in the color of its respective calendar. In this case, personal appointments will be blue, and regular calendar appointments will be orange. As Worker has done such a great job managing the CEO's contacts, the CEO has determined he would like Worker to now manage his schedule. Sharing Calendars Sharing Calendars works exactly the same as sharing Address Books. Users have the ability to share any of their calendars and give additional users rights to view or completely manage the calendar from their own web client. To share the CEO's calendar: 1. Login to Zimbra as the CEO. 2. Click on the Calendar application. [ 110 ]

Chapter 4 3. Right click on the calendar you wish to share. For this exercise, right click the orange calendar and select Share Calendar. 4. Complete the Share Calendar dialog box giving access to worker@emailcs.

138 Chapter 4 3. Right click on the calendar you wish to share. For this exercise, right click the orange calendar and select Share Calendar. 4. Complete the Share Calendar dialog box giving access to worker@ cs.com and select Manager for the role as shown below. 5. When completed, click OK. 6. Log out of Zimbra and log back in as Worker. 7. You should now see a message from "The Boss" in the CEO folder of the Inbox with the subject line "Share Created". 8. Double-click on the message, and select Accept Share. [ 111 ]

The Zimbra Web Client 9. Leave the name of the Calendar as the default "The Boss's Calendar" and change the color to Green. 10. Click Yes and open up the Calendar application. 11.

139 The Zimbra Web Client 9. Leave the name of the Calendar as the default "The Boss's Calendar" and change the color to Green. 10. Click Yes and open up the Calendar application. 11. The Boss's calendar should now be listed in the Navigation Pane. Any appointments that are his are now displayed in green in your calendar. 12. If you do not want to see appointments for a particular calendar, you could simply uncheck the checkbox next to the calendar's name. The ability to create, manage, and share multiple calendars makes Zimbra a key piece to any collaboration suite. The Zimbra Documents Another key component to a collaboration suite, is the ability to store and upload documents. Zimbra uses a feature called Documents to allow for this functionality. The Documents feature provides the ability for users to store notes on various pages in the Zimbra Web Client. This is especially useful because you now have access to your notes from any computer that has access to the Zimbra Web Client. Imagine you are a salesperson, and you have taken notes regarding a specific client and their specific quote. At the client's site, assuming the Zimbra client is on a public address, the salesperson could log into their Zimbra Web Client, and pull up the notes. Additionally, each note could have attachments to them which are uploaded to the server. I use this for two purposes. First, I have access to attachments and documents from any computer and secondly, I now have a backup vehicle for critical documents. [ 112 ]

This feature is currently beta. Creating Documents Pages To create a documents page: Chapter 4 1. Login to the Zimbra Web Client as the CEO user and click on the Documents [beta] tab. 2.

140 This feature is currently beta. Creating Documents Pages To create a documents page: Chapter 4 1. Login to the Zimbra Web Client as the CEO user and click on the Documents [beta] tab. 2. The Content Pane will now change to Documents specific functions. 3. Click on New and then select Page from the drop-down menu. 4. Call this page "The Boss's Notes". 5. The text box in the content pane could be used to type text, add pictures, and add attachments. It is basically a WYSIWYG editor. For this exercise, we will just add a line of text that says "These are my important notes:", then hit Enter. 6. Click on the paperclip icon on the toolbar which will open up an add attachment dialog box. Browse to any file on your computer and then click OK. Please note: you will have the option to either overwrite a file with the same file name that is on the server, or rename the file. In general I prefer to keep it on Ask Me so that I do not accidentally overwrite a file. Other options are Replace With My File or Keep Existing File. [ 113 ]

The Zimbra Web Client 7. The Notebook page will now show a hyperlink for the location of the file and should look like in the following screenshot. 8.

141 The Zimbra Web Client 7. The Notebook page will now show a hyperlink for the location of the file and should look like in the following screenshot. 8. When complete, click Save and then Close, and you will be returned to the main Notebook page with a link to this new page. Sharing Documents Like Address Book and Calendars, Notebooks can be shared the exact same way with just a few easy steps. 1. Right-click on the notebook and select Share Notebook from the drop-down menu. 2. Type worker@ cs.com as the intended person to share the notebook with and select Manager as the role. 3. Click OK when complete. 4. Log In as the Worker in the Zimbra Web Client and open the Share Created Click Accept Share. 5. In the dialog box, keep the name as The Boss's Notebook and change the color to Red. Click Yes. 6. Click on the Documents [beta] tab and you should now see a link to The Boss's Notebook in the Navigation Pane. [ 114 ]

Chapter 4 Saving Time with the Zimbra Assistant The best part of learning a new product or technology is discovering all of the shortcuts that make your life easier.

142 Chapter 4 Saving Time with the Zimbra Assistant The best part of learning a new product or technology is discovering all of the shortcuts that make your life easier. Zimbra has its own fair share of shortcuts that help users accomplish tasks with as few keystrokes and mouse clicks as possible. The first of these shortcut tools is the Zimbra Assistant. To open up the Zimbra Assistant type Shift ~ on your keyboard. The Zimbra Assistant will appear waiting for your command. The Zimbra Assistant could be used to send an message, add an appointment, or even add a contact without having to go through the application itself. For example, if I wanted to add a quick appointment to my calendar, I could use the Zimbra Assistant as follows: 1. Log in to the Zimbra Web Client as Worker. 2. Open the Zimbra Assistant by typing Shift ~. 3. In the text box type appointment. 4. In quotes add the subject line "pick up boss's dry cleaning". 5. Type in the day, date, and time for the appointment as follows: Thursday January 4, :00am 9:00am. 6. Add some notes in parentheses (two shirts) on the next line. 7. Provide the location in brackets [Cleaners]. 8. Click OK to add to the Calendar. [ 115 ]

143 The Zimbra Web Client The context-sensitive help of the Zimbra Assistant is very good. Just type in the application you would like to use and follow the instructions from there to send an , create an appointment, or add a contact. After a few times, it becomes second nature and my personal preferential way of accomplishing these everyday tasks. Saving Even More Time with Keyboard Shortcuts Like most applications these days, sometimes it is just much easier to use keyboard shortcuts, as opposed to clicking the mouse multiple times. It seems, after a while, clicking the mouse becomes redundant and amazingly enough just too slow. Zimbra Web Client comes complete with many keyboard shortcuts. These shortcuts are divided into six main categories according to Zimbra. The categories are General, Mail, Mail Compose, Contacts, Calendar View, and Appointment Compose. There are too many keyboard shortcuts to mention here, but they are listed in the Help system within the Zimbra Web Client by clicking the Help icon (question mark) in the Application chooser. However, I would like to provide you with an example of how to use keyboard shortcuts to send an with an attachment. Sending an with Shortcuts 1. Log in to the Zimbra Web Client as Worker. 2. Type g m to open up the mail application. 3. Type n to compose the message. 4. Type alt-t to open up the search for addresses. 5. Type CEO in the Search box. 6. Click Enter and highlight The Boss on the Search results. 7. Click TO and click OK. 8. Type Shortcut in the subject Field. 9. Type the message Who needs a mouse? 10. Type alt-s to send the message Applications within the Zimbra Web Client have keyboard shortcuts that are either particular to that application, or general to the overall client itself. When you have time, and I would also encourage your users to do the same, print out a Quick Reference Card of the shortcuts and keep them handy. [ 116 ]

144 Chapter 4 Summary In this chapter, we covered a lot of ground. We looked at using Zimbra, and in particular the Web Client, from a user's perspective. The goal of the chapter was to help us better understand how our users will be using the system, so we could make sure we configure and maintain the system accordingly. In this chapter, we had a look at the system requirements of our web client. Then, we went on to see how to work with ; manage and share contacts; and manage and share calendars. We also covered creating and sharing notebook pages, along with using the Zimbra Assistant. Last but not least, we discovered some of the keyboard shortcuts that Zimbra provides. In the next chapter, we will put our systems administrator's hat back on and look at more advanced server configurations: we'll secure Zimbra and the server it runs on. [ 117 ]

145

146 Securing Zimbra At this stage of our implementation, we have a fully operational and usable solution. We have configured our server, created users, applied Classes of Service (COS), and learned how to share access to calendars and address books. Now, we are at the stage where we need to consider securing our Zimbra server and our surrounding infrastructure. The assumption in this chapter is that you will be hosting the Zimbra server, in house. However, if you will be using a hosted solution, or co-locating your server, most of this chapter still applies. To get things started, let's take a moment to look at why we need to secure our environment, and what some of the potential threats may be. In most cases, the server is one of only a few "internet facing" devices in your Server Room. Along with your web server, it is assumed that the public will have access to your server in one way or another. At the very least, other servers need to be able to send mail to your server, and your server needs to be able to route out. That being the case, the server now could be used as a means for unwanted visitors, programs, and processes into your infrastructure, if it is not properly secured. So besides the fact that your server could now be used as a way into your internal network from the fact that it must have ports open to allow the basic functionality of sending and receiving , other real threats apply specifically to . We will discuss these threats in more detail later in this chapter, but a few examples include: SPAM, viruses, and unauthorized messages being relayed through your server. Each one of these risks may be mitigated by taking the proper steps. This chapter will be looking at securing Zimbra through: Built-In Security Securing the Operation System Securing the Network

147 Securing Zimbra Built-In Security One of the strongest selling points of the Zimbra Collaboration Suite, is that it is developed with security in mind. By this, I mean they have built in some security mechanisms that are already pre-configured, or require very little fine tuning on the part of the administrator. The first component of Zimbra is the AJAX Web Client. Web Client Security As discussed previously, the Zimbra AJAX Web Client is a user-friendly interface that offers many collaborative tools for the users. These tools include document storage and sharing, address books, calendars, and Zimlets (mash-ups). So what does all this have to do with security? Although the AJAX Web Client is run on the client-side, through the browser, access to resources through Zimlets and other programs within the Web Client are controlled and secured via the server. For example, a Zimlet may allow users to import RSS feeds into their box, to read news events. This is both a common and popular request now. Users do have the ability to add and choose the feed or feeds that show up in their web client, only after a system administrator has allowed access feeds to the site. The Zimlet will simply error out until the administrator has opened up a pathway to that RSS feed's host site. This is out-of-the-box functionality. All of the Zimlets and programs have similar functionality in which they give the user the ability to use tools within their web client, but only if a systems administrator gives them access to do so. Also, out-of-the-box the Web Client uses SSL/TLS security offering secure communication, via HTTPS, that uses encryption to keep potential attackers from sniffing your network traffic and gaining access to files. Lastly, because the Web Client is run through the client's browser, even if an attacker were to gain access to a user's mailbox and even if they had that user's password, they would not be able to access the server and compromise other user's data or the server itself. Sure, they could definitely do damage to the one user's , but the damage is now contained to that user. [ 120 ]

148 Chapter 5 Mail Transfer Agent The Mail Transfer Agent (MTA) that is built into Zimbra uses Postfix. The MTA is used for sending and receiving to and from the Zimbra server. Essentially, when a user composes a message and sends it out, Zimbra uses DNS to look up the mail exchange (MX record) of the intended recipient and relays the message to that host. The MTA also receives directed to it and forwards the message to the intended user. It is a pretty straightforward process, however there is a security risk involved. Spammers are always on the lookout for what is called an "open relay". Open relays are servers, specifically SMTP servers, that are running a mail transfer agent that does not require any authentication, origination information or verification in order to send an out. What this means to spammers, is that they can compose a message that is intended to go out to thousands of users, and then tell their client to use the SMTP server of the unsuspecting server that is running an "open relay". Thus all of the processing power will now be taken away from that server thus bogging down the server and possibly leading to down time. Lastly, the header information of the spam will contain the host information of the server used to send the , and may cause that server to be blacklisted. Thus, making it difficult for users to send legitimate messages to legitimate customers. Zimbra's MTA has built-in security and verification, so that it is a closed relay to be used by authenticated users only. Anti-Spam Not only is having a server that is used to send out spam a security a risk, but users receiving spam is definitely a hot topic and a risk that needs to be mitigated. Spammers use spam for phishing expeditions, essentially trying to trick users into visiting fake sites designed to acquire personal information, or could be used to send unsolicited messages for soliciting products, and finally to be used to spread viruses and other malware. Zimbra uses SpamAssassin as its built in anti-spam program. It also makes use of whitelists and blacklists to control known spam offenders, and to make sure some is never blocked. SpamAssassin uses a process to "score" all incoming . The score is used to determine the validity of the and the higher the score, the more likely the piece of is spam and should be discarded. [ 121 ]

Securing Zimbra To enable spam checking, you will need to log into the admin console at http://zimbra.emailcs.com:7071.

149 Securing Zimbra To enable spam checking, you will need to log into the admin console at Once logged in, click on Global Settings in the Navigation Pane and click on the AS/AV tab. Place a check mark in the checkbox next to "Enable spam checking and antivirus" as shown in the following screenshot. By default, the Spam Checking Settings include a "Kill percent" of 75 and a "Tag percent" of 33. So what we are telling SpamAssassin is that we consider score of 15 (20 * 75%) as spam. So any that scores a 15 or higher is automatically discarded. The Tag percent is used to send that may possibly be spam to the user's Junk folder. With a Tag Percent of 33, any with a score of about 6.6 (20 * 33%) will be sent directly to the Junk folder. The subject prefix is used to append to the subject line of any s that were suspected of being spam. So for example, if the Subject prefix was set to "SPAM", if the original subject line of the suspected message was "Pharmaceuticals R Us" now it would say something like "[SPAM] Pharmaceuticals R Us ". The systems administrator is encouraged to play with the percentages to determine what is right for their organization. However, the score could be fairly arbitrary, and sometimes you just want to stop messages from coming in from a particular host, or you want to make sure messages from a particular host are not scored. This could be done by creating Whitelists and Blacklists. Whitelists and blacklists are not officially supported by Zimbra, but it works. [ 122 ]

150 Chapter 5 A blacklist is a list of hosts or users that you know are bad. They are spam and no matter what, you do not want your users receiving from this domain. To create a blacklist, you need to go through a couple of steps. First of all, we will create a list of blacklisted hosts, and then we will tell our spam filter where the list is located. To create the list, we will create a file in the /etc directory of our server. 1. Switch user to root: su - 2. From a command line type the following: Vi /etc/zimbra/blacklist 3. With the file open, hit the I key on your keyboard to place vi in insert mode. 4. Now, we will add one site to test out the blacklist. To test the blacklist functionality, enter a domain of a personal account you have. In my case I will use gmail.com: gmail.com 5. When completed, to save the file type: :wq! Once the file is created, we will create a whitelist file. The whitelist file will list all domains, or particular users from a specified domain, that will not be blocked by Spam Assassin for any reason. In the case of our blacklist, we entered gmail.com to be blacklisted. All users from the domain gmail.com will be blocked from ing to our server. Well, let's say, for example, that we know marty.resnick@gmail.com is a known sender and that his mail should always get through. We could add just that address to our whitelist, thus allowing this to come through, but no other address from gmail.com will be passed through. It is important to note that the whitelist takes precedence over the blacklist. Therefore, if a domain is listed in both, or a user is listed in both the blacklist and the whitelist, the whitelist prevails and the user will be able to send in. To edit the whitelist, we will follow similar steps as to the blacklist above: 1. Switch user to root: su - 2. From a command line type the following: Vi /etc/zimbra/whitelist 3. With the file open, hit the I key on your keyboard to place vi in insert mode. [ 123 ]

151 Securing Zimbra 4. Now we will add one site to test out the blacklist. To test the blacklist functionality, enter a domain of a personal account you have. In my case I will use gmail.com marty.resnick@gmail.com 5. When completed, to save the file type: :wq! Now that our two files are created, we need to tell the anti-spam system where to find our lists. To do this, we will edit the amavisd.conf.in file located in the /opt/ zimbra/conf folder. To edit this file: 1. Switch user to Zimbra: su - zimbra 2. From a command line type the following: Vi /opt/zimbra/conf/amavisd.conf.in 3. With the file open, hit the I key on your keyboard to place vi in insert mode. 4. Directly above where the file reads # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING 5. Add the following two lines: read_hash(\%whitelist_sender, '/etc/zimbra/whitelist'); read_hash(\%blacklist_sender, '/etc/zimbra/blacklist'); 6. Once complete, save and exit the file by typing: :wq! 7. In order for the change to take effect, we must restart the amavisd service: zmamavisdctl stop zmamavisdctl start Our blacklist and whitelist are now complete and ready for testing. As this is not an officially supported feature, its management is not straightforward: you'll have to redo the modifications to amavisd. conf.in each time you upgrade Zimbra. Anti-Virus Along with anti-spam being built into the Zimbra Collaboration Suite, anti-virus is built-in as well. The program Zimbra uses ClamAV. In fact, you cannot enable one without the other. Once you enable anti-spam by checking on the checkbox in the Global Settings AS/AV tab, anti-virus was also enabled. [ 124 ]

152 Chapter 5 There are three settings within the Admin console of Zimbra that affect anti-virus. They are: Definition update frequency (hrs) This is how often you would like the server to go out and update its virus definitions. This is a background process and in my experience does not put much of a load on the server. The default is every 2 hours. Block encrypted archives ClamAV does have a limitation that it cannot read encrypted archives. So with this box checked, no encrypted archives will be allowed to pass through the server to the user. Send notification to recipient This setting sends the intended recipient an message informing them an was blocked, due to the suspicion of having a virus. The also mentions the subject line and who the was sent from. I would have to say that the built-in anti-virus and anti-spam programs are one of the biggest selling points for Zimbra. As a long-time administrator and implementer of systems, including exchange, I have always had to find third-party, costly, and sometimes difficult tools to accomplish what Zimbra has built in. This is not to say that the Zimbra tools are better, or worse, than the third-party tools for other systems, only that the integration is more natural, the configuration is easier, and of course the price is right. Securing the Operating System Due to the fact that Zimbra runs on many flavors of Linux, and also runs on MAC OS X, a lot of time will not be spent in dealing with specific examples of how to configure the operating itself. However, what I will be dealing with is which pieces of the operating system any administrator should be concerned about when implementing the Zimbra suite. [ 125 ]

153 Securing Zimbra Host-Based Firewall When we first prepared the operating system for our initial Zimbra install (in Chapter 2), we looked at opening ports in our system, or host-based, firewall. During the initial install, the firewall was disabled. After Zimbra was successfully installed, we did an initial lockdown of our system by enabling the firewall and opening up all ports that were particular to Zimbra. It is imperative to keep in mind one simple fact about ports, only open up ports that are necessary for your server to function. Any other ports should be blocked on the host. That being said, let's review the ports we opened up for Zimbra, and decide if there are a few we should go ahead and close. The list below is the same one from Chapter 2 listing the ports :tcp pop3:tcp imap:tcp imaps:tcp ldap:tcp pop3s:tcp 7025:tcp 5800:tcp 5900:tcp 7071:tcp 3895:tcp 3894:tcp ssh:tcp Based on the Classes of Service (COS) that we have created this far and the features we have enabled, it is apparent the following ports are not needed or being used. 1. We disabled access to POP . Therefore, we could remove the pop3:tcp and pop3s:tcp from our list of open ports. 2. We also are not allowing imap access to our server at this time. So we may go ahead and disable imap:tcp and imaps:tcp. One other thing to consider is, will you be allowing access to the admin console over the public internet, or will it require local or VPN access. I would recommend not allowing access to the console, unless the request is coming from the local LAN (or VPN of course), that being said we could also disable 7071:tcp. [ 126 ]

154 Chapter 5 The rest of the ports we should keep active for our Zimbra server to work correctly. Once all of the changes have been made, it would be a good idea to restart the firewall and Zimbra services to make sure all is functioning as it should. Services The same rule of the thumb for ports applies to services. If a service is running on your server that is not necessary, disable it. In the case above, we had already determined we are not allowing POP3 and IMAP. Those we have not disabled, but using them is not allowed in the definitions of our COS. To determine which services Zimbra will start automatically, we need to open up the admin console and click on Servers in the Navigation Pane; then select your server and click on the Services tab. As shown in the following screenshot, any service with a check mark next to it will start up with Zimbra. Besides Zimbra services, operating systems have a tendency to install services by default. These services may include sendmail, DNS, mysql or other database, Apache, Squid, Webmin, whatever the case may be. If you are not using a service, disable it. Updates and Patching Running software updates and patches is critical for any server, and workstation for that matter, in your environment. Patches are used to fix vulnerabilities and bugs in software programs, and in the operating system itself. By not patching, you are leaving your server open to unnecessary risk. [ 127 ]

155 Securing Zimbra Most operating systems, most flavors of Linux included, offer a means to download the latest updates with very few clicks of the mouse. In fact, most distributions include the ability to download updates automatically and at a time you, as the systems administrator determine. Although, I do recommend you schedule updates to download automatically, I would be cautious in applying updates in that manner. The Zimbra server is a mission critical server in your environment. Therefore patch and updating the server must be a top priority. But making sure that the patches will not cause down time is also imperative. In an ideal situation, having a mirror image of the Zimbra server to be used as a development and/or sandbox would offer the administrator the ability to test the patches before rolling it out to the production server. I am well aware, that a mirrored server is a luxury most administrators do not have. All that being said, patching should be done after hours, or when the least amount of people are accessing the system in a 24/7 environment, and a full back-up of the system should be made prior to applying patches. Zimbra and Linux both offer some very good built-in backup and restore functionality that makes this a fairly easy and straightforward task. We will be discussing disaster recovery fully in a later chapter, but for now just remember to please back up the server before applying any operating system patch. Zimbra does a very good job providing maintenance updates for the Zimbra server. These maintenance updates are very easy to apply; in fact, all one needs to do is download the patch from Zimbra.com and unzip the patch and install it just like you would in a fresh install. All of your settings will remain intact. Again, I must caution you that a backup of the /opt directory and of Zimbra itself is a must before running any Zimbra updates. Also, an upgrade of Zimbra usually requires at least 5 GB of free space on the drive containing the /opt directory. Therefore, make sure the space is available, prior to running the install.sh program (the install/upgrade script will check the available space anyway). Securing the Network As mentioned earlier, the Zimbra server is an internet facing host and as such it could be used as a means of malicious attacks to your Local Area Network (LAN). Due to this fact, it is important that you do not only take precautions on the server itself, but on building a strong and secure network perimeter. This section will describe three tools you could use to immediately secure your network. Keep in mind, that you are depending on the structure and organization of your Information Technology group, you may need to enlist the help of a network engineer to implement these tools. [ 128 ]

156 Chapter 5 Creating a Demilitarized Zone The first item is to create a demilitarized zone (DMZ) that will be used to segment, or subnet, the Zimbra server from the rest of the LAN. This way the Zimbra server does not have access to the internal/corporate network so that if by any chance an attacker is able to compromise the Zimbra server, they will not have any access to the internal network and thus the damage will be mitigated only to that server. The DMZ can be created by placing a firewall between the internet, local area network, and the DMZ. Usually a port is configured for each area therefore keeping the networks separated. Any server that is accessed publicly from the internet, whether it be DNS servers, web servers, or servers, should all be kept away from the internal network via the DMZ. Firewalls We have already discussed the use of firewalls both on the host and for use in creating a DMZ. The firewall, in most cases, is your last line of defence between your internal network and the outside world. Firewalls monitor incoming (ingress) and outgoing (egress) traffic by examining each packet and checks to make sure that the traffic should be approved or denied based on rules that are set up by the network administrator. Rules may be created based on particular ports, services, or destination and source IP addresses. These rules need to be up-to-date and configured properly, as a firewall is only as good as the rules that it has defined. If no rule exists, some firewalls are configured to automatically let traffic through. Therefore, it is important to know what traffic is necessary to be coming in and out of your network and turn off access to all other traffic. Also, do not get stuck in the trap of thinking there is no reason why an attacker would want to target your network so why go through all of this trouble of configuring firewalls and closing ports. More often than not, attackers begin gathering potential targets by scanning full classes of internet addresses and look for particular ports that are listening so they know they have an attack that will compromise a known vulnerability on that port. So, in a lot of cases, those people that are victim to attack may not have been targeted because of who they are, they were target because of what ports they had listening and open. A firewall is key to any network, no matter the size, and in this author's humble opinion not optional. Virtual Private Networks One of the key selling points of Zimbra, and most collaboration suites nowadays, is the ability to check your from anywhere. Although, Zimbra does use TLS/SSL technology to encrypt and secure the user's from sniffers and [ 129 ]

157 Securing Zimbra possible attackers, there is still a case for having users create a secure tunnel to the local network, before accessing their . There are many benefits and unfortunately downsides to requiring a virtual private network (VPN) connection for web access. Obviously, a VPN creates a secure environment that allows for encrypting the transmission, requires less open ports on the firewall, and keeps access to the web server to local traffic only. The downsides include the fact that a user needs to go through several loops just to check their from an outside location. This may be fine for telecommuters (who are probably using a VPN anyways to access other services on the network), but for sales people and "road warriors", this could be troublesome. One type of VPN I have used that offers the ability for users to check their from any computer, while still requiring VPN access is what is referred to as an SSL VPN. These SSL VPNs allow users to browse to a specific URL in their internet browser, does a quick scan of the host computer to make sure there are no known malware on the system, and asks for user authentication. Once authenticated, the user is presented with a link to check their . Only the is now tunnelled through the VPN and the rest of the host computer is not. This allows for less overhead on the host computer and on the VPN itself. It also creates an easy way for users to check on the road, while protecting your network from unwanted visitors and malware. If a VPN solution is not an option for all of your users to access the Zimbra web client, I would recommend that at least the admin console ( cs.com:7071) is accessible only through a VPN. That way port 7071 could be closed and that is the one area of Zimbra you do not want unwanted visitors. Summary This chapter discussed the importance and methods that could be used to secure your Zimbra environment. We began by looking at Zimbra's built-in security tools including: web client security, anti-spam, and anti-virus. We then looked at securing the operating system or host that Zimbra is running on with a focus on securing ports, disabling unnecessary services, and being sure to keep the system patched and updated on a regular basis. Lastly, we looked at securing the network with a discussion on creating a demilitarized zone (DMZ), configuring firewalls, and the use of Virtual Private Networks (VPN). In the next chapter, we will look at adding some finishing touches to our Zimbra implementation by enhancing the user experience through customizing user settings and branding Zimbra to match your corporate look and feel. [ 130 ]

158 Customizing Zimbra Our implementation of Zimbra is nearly complete and secure. Now our goal is to make Zimbra a little more user friendly, by giving our users the ability to customize the AJAX Web Client to their own liking. When we first created the COS (Classes of Service), we preconfigured some settings for the COS that each user would then inherit. As administrators, we could now train our users and give them the ability to make changes to their own web client, just as we may give users rights to change their desktops and themes on their workstations. Keep in mind, however, that administrators could override any setting and keep users from making adjustments. This is usually done to support any organizational or acceptable user policies your organization may have. In this chapter, we will be taking an in-depth look at customizing Zimbra from a user perspective. Specifically, this chapter will look at: Exploring user options Configuring mail identities Building searches Exploring User Options This section will explore the user options available in the Zimbra Web Client. Some or all of these options may be locked down in the creation of the Class of Service (COS), but we will look at all of the options, as if the user has the ability to change them. Although, we will be looking at each option, I strongly encourage you to test all of the options yourself so that you have a good feel for the client from the user perspective. To edit options, the user simply needs to click on the Options tab in the Navigation Pane.

159 Customizing Zimbra This will open up the options window with seven tabs by default. Before we take a more thorough look at each tab, below is an overview of the options each tab is used to configure. General Mail Identities The General tab contains options for configuring some aspects of the Search function, as well as, choosing the default format for s (Text or HTML) and for choosing a theme for the client. The Mail tab is used to configure the look and feel of receiving and viewing . Options include the default view for , how often the client checks the server for , how many messages are displayed at a time, and whether to use the reading pane or not. Mail Identities is a new feature in Zimbra 4.5 that offers users the ability to check and manage for multiple addresses. This functionality will be covered in depth, later in this chapter. POP Accounts POP Accounts is a way for users to check from other providers or from other accounts in the same web client with a single sign on. Mail Filters Mail Filters is used to configure rules for incoming . For example, in the case of our Worker, he may want to create a special folder for all s from CEO. This tab would be used to configure a rule to send all s from the CEO automatically to the CEO folder. Address Book The Address Book configures settings for the Address Book application. This also gives the user the opportunity to import or export contacts. Calendar Shortcuts The Calendar tab is used to configure settings for how the Calendar should be displayed and for configuring reminders for appointments and events. For those of us that like to use the keyboard to move around, as opposed to constantly clicking the mouse, the Shortcuts tab is used to show the users a list of predefined keyboard shortcuts, as well as, give users the ability to create their own. [ 132 ]

Chapter 6 General Options The first three items in the General tab are used to configure defaults for searching and in particular the Search Builder (or Advanced Search).

160 Chapter 6 General Options The first three items in the General tab are used to configure defaults for searching and in particular the Search Builder (or Advanced Search). The three items are: Include Junk folder in searches: By placing a check mark in this box, by default, searching for items will include searching through items in the Junk folder. Typically, this is not something you would want to do, as the Junk mail folder generally is full of potential SPAM items. Include Trash folder in searches: A checkmark in this box, will include the Trash in all searches. Always Show Search String: When using the Search Builder function, you have the option of displaying the search criteria or not in the search box. This is usually a good thing to have checked so users could learn how to do more complex searches, without the need of going to the Search Builder tool. The remaining options include: Default editor: This drop-down menu gives the user the option to either compose in plain text (no pretty pictures) or HTML (being able to display web elements). Users would want to use the HTML editor if they want to include colors or images in the body of their or signature. [ 133 ]

Customizing Zimbra Default font settings: If the default editor is set to HTML, this font type, size, and color will be used when composing email.

161 Customizing Zimbra Default font settings: If the default editor is set to HTML, this font type, size, and color will be used when composing . Change password: Gives the user the option of changing their login password. UI Theme: This drop-down menu allows the user to choose one of many built-in themes (or color schemes) for the Zimbra client. This ability should be taken away if you want a consistent look and feel, or corporate branding of the web client. Restore Defaults: This all important button, which appears in most option screens, will restore all the option changes made to this particular tab back to the default options of the COS. Mail Options The Mail options tab is used to configure how the user would like the Zimbra Web Client to handle messages. [ 134 ]

162 In particular, the options are: Chapter 6 Group mail by: This is used to determine how the user would like the to be displayed. By choosing "Messages", each individual message will be displayed. Choosing "Conversations" will group s into a conversation view, so only way from a conversation will be displayed with a number populated in the "Count" column of the page. Number of items to display per page: The user has the choice of displaying 10, 25, 50, or 100 messages per page. Show fragments in conversation/message lists: This box is checked by default and is used to display the first part of the message immediately following the subject in the results pane. Un-checking this box will then only show the subject line in the results pane. Initial mail search: Is used to determine the parameters that will be used for a default search. By default it is "in:inbox" but users could change this as they get more savvy with the search builder. Polling interval: Is the number of minutes that are used to determine when the Zimbra Client checks the server for new messages. Always show the reading pane: Determines if the reading pane is turned on and displayed beneath the results pane. Save copies of messages to sent folder: This is used to set the default handling of sent messages as to whether or not the user would like to save a copy in their Sent items folder. Typically, users keep this checked. Away Message Enabled: When checked, the user is "out of office" and a message is sent automatically in response to senders of s that are received while the user is away. Away message: This is the text of the "out of office" message that is sent automatically when the Away message is enabled. Enable address for new mail notifications: This feature will enable Zimbra to users at another address that they received a message. This notification would include the Sender, Receiver, Subject, and Date of the message received. This could be effective, for example, if a user is monitoring a special account for let's say Orders. And instead of leaving the Orders client open or logging in and out as the Orders users, they could simply receive notification from the server each time Orders receives an message. At that time, if it is an they need to take action on, they could simply login as the Orders user at that time. [ 135 ]

163 Customizing Zimbra Address for new mail notifications: Simply the address that should receive the new mail notifications as explained just now. Address to forward mail to: When users want to forward their to another user while they are away, or if someone has left the company and the administrator chooses to forward their s for a short time to their manager or replacement, then they would populate this field with the address to be forwarded to. Don't keep a copy of local messages: By default, even if is forwarded, a copy of the original will still be kept in the users box that is having all of their s forwarded. If checked, no copy of the will exist in the user's box. View mail as HTML: This is set by default, and displays as HTML (including images, colors, and various fonts) only if the original was sent in HTML format. If I send a message that I then receive: For those users that have the habit of hitting reply-to-all on all messages, this feature is for them. Essentially, if you end up sending an to yourself, by hitting reply-to-all for example, what do you want Zimbra to do with the message? Most likely, you have a copy in your Sent items folder, so usually the user will set this to "Do not receive the message". By default, it is set to "Receive the message as normal". Always compose in new window: In general, when you compose a new message, Zimbra will display the message in progress in the results pane in the original Zimbra window. Therefore, the user will not be able to see their list of s in their inbox, etc. By checking this box, Zimbra will open up a new browser window or tab in Firefox and Internet Explorer 7 to compose the message. Restore Defaults: And again my favorite, Restore Defaults, to bring everything back to how it was based on the Class of Service and Zimbra defaults. Mail Filters Anyone who has had for more than a week is well aware of the fact your Inbox could get out of control and disorganized in a hurry. Zimbra uses mail filters to allow the user to set up message rules for Zimbra to follow automatically as new messages come in. To create a rule, simply click on the Mail Filters tab and click ADD. [ 136 ]

164 Chapter 6 Filter Name: It is good practice to give the Filter Name a descriptive name, so later when you are reviewing or editing your rules, it is easy to find the right one. Some users have the tendency to create an overwhelming amount of rules, and troubleshooting them later may become difficult if the names are cryptic and meaningless. Conditions (Any and All): This informs Zimbra to apply the filter (rule) if at least one of the conditions occur (any) or every condition listed below occurs (any). There could be a number of conditions including Subject lines, From, To, Cc, Date, etc, also if the incoming message matches exactly, does not match exactly, or contains the criteria typed in the text box. Perform the following actions: If the criteria are met (any or all as defined by the user), then Zimbra will handle the message by moving it to a folder, tagging the message, discarding the message, or numerous other actions as defined by the user. [ 137 ]

Customizing Zimbra Do not process additional filter rules: If checked, even if the message matches criteria for another filter, no other filter rules will be applied to the same message.

165 Customizing Zimbra Do not process additional filter rules: If checked, even if the message matches criteria for another filter, no other filter rules will be applied to the same message. Active: Users may activate or deactivate filters without the need of deleting the filter, by selecting or deselecting this checkbox. Address Book The Address Book tab has options that only effect the Address Book application, with the exception of one. Also, this tab enables users to import and export their address books to a comma-separated file (.csv). Enable auto adding of contacts: When checked, any you reply to, the person who originally sent the will be added to your Address Book automatically. Use the Global Address List when autocompleting addresses: When users are composing messages and begin typing an address in the To: or Cc: field, Zimbra will automatically look in the user's Address Book to try and auto-complete the address for them. By checking this box, Zimbra will look at the Global Address List as well to auto-complete addresses. Default contact view: When clicking on the Address Book view, this is the default view of how the addresses will appear, either as a list or as Detailed Cards. [ 138 ]

Chapter 6 Number of contacts per page: When in the Address Book view, this field determines how many addresses or cards will appear in a single page of the results pane. Import and Export to.

166 Chapter 6 Number of contacts per page: When in the Address Book view, this field determines how many addresses or cards will appear in a single page of the results pane. Import and Export to.csv: This is great for users to import or export their contacts from other clients and programs. Specifically, this is used for users moving from one client (i.e. Outlook) to the Zimbra client, and if they want to consolidate all of their addresses in one place. Restore Defaults: Restores all options for Address Book, back to their defaults. Calendar The Calendar options only apply to the Calendar application of Zimbra. There are just a few options that are available to the user, but some are very useful and should be considered. Initial calendar view: When opening the Calendar application, this determines the initial view the user will see. For example, 7-day week, monthly, daily etc. First day of the week: By default, this is Sunday, but if a user wants just the work week view (5 days), then the user would select Monday here. Show timezone list in appointment view: This allows the user to see and select different time zones if they are scheduling appointments throughout various time zones. However, this could get confusing after a while, and most users tend to stick with their own time zone and disable this feature. [ 139 ]

Customizing Zimbra Use the QuickAdd dialog when creating new appointments: The QuickAdd dialog box, as seen below, allows the user to just enter in the critical fields to create an appointment,

167 Customizing Zimbra Use the QuickAdd dialog when creating new appointments: The QuickAdd dialog box, as seen below, allows the user to just enter in the critical fields to create an appointment, without the need for filling out a lot of details that normally, the Calendar application would ask for. Always show the mini-calendar: The mini-calendar is the calendar in the lower-right-hand corner of the navigation pane. By default, this calendar is visible to the user, but they could turn it off if they desire by de-selecting this checkbox. Number of minutes before an appointment to show reminder: When an appointment is scheduled, Zimbra will pop up a window reminder for the user to let them know that it is coming. This determines how far in advance a user would first like to be reminded of the appointment. This setting is for all appointments, you can not choose a different one per appointment. Shortcuts Keyboard shortcuts come in very handy for users to be able to open up and close windows within the Zimbra web client, easily and efficiently, without the use of the mouse. They could also be used to run saved searches, move to specified folders, and pretty much any function the user would like to perform within Zimbra. We looked at some basic shortcuts in an earlier chapter. At this time, we will look at creating a custom one. Our custom shortcut will give our user (Worker Bee) the ability to open up the CEO folder that stores all of the CEOs messages with just the touch of a couple of keyboard keys. [ 140 ]

Assuming we have already created the CEO folder, we are going to click on the Shortcuts options tab and select Mail Folder Shortcuts. Chapter 6 1. Click on Add Shortcut. 2.

Once selected, the Browse button will now read CEO. 5. For our combination keys, we are going to use 6. So type 6 in the Shortcut text box. 6. Once complete, click on Save.

168 Assuming we have already created the CEO folder, we are going to click on the Shortcuts options tab and select Mail Folder Shortcuts. Chapter 6 1. Click on Add Shortcut. 2. A Browse button will appear allowing the user to select a folder to be accessed with the keyboard shortcut. 3. Select CEO from the Choose Folder pop up box. 4. Once selected, the Browse button will now read CEO. 5. For our combination keys, we are going to use 6. So type 6 in the Shortcut text box. 6. Once complete, click on Save. Our keyboard shortcut is now added. So in the Mail application, results pane, if we type v then 6 we are automatically viewing messages in the CEO folder. If we type. then 6, while highlighting a message, Zimbra will automatically move the highlighted message to the CEO folder. [ 141 ]

169 Customizing Zimbra Configuring POP Accounts Nowadays, we all have several addresses (either work related or personal) and we like to check them out several times a day. Zimbra allows you to do so from a single (Web) client and with a single logon. To be able to set this up, you'll need to know your POP3 account (username and password) and its POP3 server. Let's pretend we want to check our personal account (myaccount@myisp.com) that is hosted on the pop3.myisp.com server. Obviously, you'll do this with your own account. To configure this external account to be checked by Zimbra: 1. Click on the POP Accounts tab. 2. Click on the Add button. 3. In Account Name, type in a name that is explanatory enough. We'll use My Personal Account. 4. In Place messages in folder, we'll create a brand new folder for the mails. In order to do so, click on the Inbox button. Then click on the New button (in the window that just popped up) and type My Personal s as Name, then click OK. A new folder is now available (and pre-selected), just click again on the OK button. 5. We'll choose leave a copy on the POP server (in case, we want to download them from home) for the option When downloading messages. 6. Then we'll type in the account settings: Incoming mail server is pop3. myisp.com, Username is myaccount@myisp.com and Password is mypassword. You can check the Show Password box if you want to check it was correctly typed. 7. If your ISP supports SSL connections, you can check the Use SSL to connect securely box. If you do so, you'll see the Port changes. 8. Click on Test Account Settings in order to check if you entered everything correctly. 9. If you want to be able to send mails from this account, you just have to check the Create new identity for this account box (see below for Mail Identities) 10. Your Personal Account is now setup, just click on Save. [ 142 ]

170 Chapter 6 The POP accounts are checked each time you click on the Get Mail button in the Mail application. Configuring Mail Identities It has become almost expected and certainly acceptable that employees wear many different hats and take on many different roles within an organization. However, as far as customers are concerned, companies tend to want to convey an image that they are larger than they really are. In other words, their Customer Service, Sales, and Shipping departments are all the same person, yet they create an image via multiple phone extensions, addresses, and contact forms that all end up on the same person's desk. Because this is a normal occurrence in business, especially in the small-to-medium-sized business (SMB) market, Zimbra has added the ability for one user to have multiple "identities" in one place, one client, so that they could wear different hats effectively. [ 143 ]

171 Customizing Zimbra As we continue looking at mail options, we will configure our Worker Bee user to also act as our sales user, by accepting s to We will use an alias for this, and then set up a mail identity within Worker's client to act as sales. To create the alias, we will go to the administrator console at cs.com:7071 and log in as the Zimbra user. Click on the Accounts tab and edit the Worker. Click on the Aliases tab and add "sales" in the text box. When completed click Save then Close. At this point, log out of the Administration Console, and log into the regular Zimbra web client as Worker. Now we will configure the Mail Identity for sales. 1. Click on the Options tab. 2. Select Mail Identities. 3. In the Identities box, click Add. 4. For the Identity name: type in "Sales". 5. For the From: field we will use "Sales Department". 6. Check the Reply-to box and type in "Sales Department" for the name and sales@ cs.com for the address. 7. Under Select this identity when: Check the box for Replying to a message sent to: and enter sales@ cs.com. 8. Next click on the Signature tab. 9. We will now create a signature for the messages responded to as sales. In the Mail Signature box add the following: "Thank you for contacting the CS Sales Department." 10. Once completed, click Save. Our Worker Bee user now could act as sales and respond to messages accordingly. Mail Identities behaviour is handled by the Class of Service. A user is not able to use any identity he wants (unless authorized by the CoS) : he can only, by default, use one of his aliases or POP3 accounts' address to send mail from. Building Searches Zimbra has a very powerful and configurable search tool called "Search Builder" that could be accessed by clicking on Advanced Search. What is key about the Search Builder, is not only does it allow the user to compile some fairly complicated searches, but it also gives the user the option to save the search for use at a later time. The Search Builder also displays the search string so the user could learn how to format future searches later that will be similar, without the need of using the search builder tool. [ 144 ]

172 Chapter 6 In this section, we will create an advanced search, save the search for later use and then create a keyboard shortcut, to automatically run the search when desired. Building Our Search As the Worker Bee, we know our CEO tends to sends important files to us as attachments, and then assumes he could delete the file on his computer. Since of course now the Worker has a copy of it and he has no more need of it. Of course, there are times, he calls up the Worker Bee and demands for a copy of the attachment back, with the original . So, we will create a search that will show us all s that were received from the CEO, that have an attachment, and were received prior to this month. To create the search, we will need to do the following: Please note that before creating the search, make sure Always Show Search String is selected in the General tab of users options. 1. Click on Advanced Search at the top of the Zimbra Web Client. 2. You should see the Basic Search Box is already open, if not click on Basic, in the toolbar. 3. In the From field, type in "The Boss" and select the checkboxes for searching in Junk and Trash folders, just in case. 4. Next click on the Attachments icon in the search toolbar. 5. Select the Any Attachment radio button. 6. Click on the Date icon. 7. Make sure it is selected and then insure that today's date is selected. 8. On the top of the screen, directly to the left of the Advanced Search button, you will see a small floppy disk icon. Click on the icon to save our search and name it "Attachments". Our search is now created and saved for future use. Also, we can also the search string for the search, if we would like to create a similar search, later without needing to go through the search builder. In the Search text box, you should now see: (attachment:any from: (The Boss) is:anywhere before:3/1/2007) [ 145 ]

Customizing Zimbra Using a Saved Search Now that we have saved our search, there are a few ways we can access it again in the future. The first is through Advanced Search: 1. Click on Advanced Search.

173 Customizing Zimbra Using a Saved Search Now that we have saved our search, there are a few ways we can access it again in the future. The first is through Advanced Search: 1. Click on Advanced Search. 2. Select the Saved Searches icon in the search toolbar. 3. Place a checkmark next to the search named "Attachments". This will immediately initiate our search that we built previously. Another way you may notice is that there is now a Searches section in the Navigation Pane of the Web client that now lists the search. Simply double-clicking on the search "Attachments" will initiate the search with all of our defined parameters. Lastly, we could create a keyboard shortcut. To create the keyboard shortcut for the search: 1. Click on the Options tab and select Shortcuts. 2. Select the Saved Search Shortcuts tab. 3. Click on Add Shortcut. 4. Click on Browse to select our saved search. 5. Choose "Attachments" from the Choose Search dialog box and click OK. 6. For the shortcut textbox enter the number Click Save. At any time now within the Zimbra Client, if you type in the shortcut s then 1, our saved search "Attachments" will be initiated. [ 146 ]

174 Chapter 6 Summary This chapter took a look at customizing the Web Client from the user perspective. It is imperative for systems administrators to understand as much functionality as possible that the users will have access to, in order to properly train and support the users to use Zimbra most effectively. This chapter began with a look at user options, and then moved on to creating mail identities and aliases for users. Lastly, we looked at the power of the built-in Search Builder. In the next chapter, we will take a break from using the Web Client and focus on using Zimbra on the desktop. Specifically, we will be looking at how to integrate Zimbra with Microsoft Outlook. [ 147 ]

175

176 Zimbra and Outlook Let's face it, in today's business environment, there is only one client that truly matters. I am not saying it is the best client, or that it offers more features, and I certainly am not saying it is the most secure. What I am saying is that you would be hard pressed to walk into an organization, of let's say more than 10 desktops, and not see users checking their with Microsoft Outlook. So far in this book, we have focused on the AJAX web client for Zimbra. We have looked at all of the bells and whistles, including Document and Address Book sharing, tags, multiple calendars, advanced search functionality, and we will soon be discussing Zimlets. But, again, any enterprise level server needs to support Microsoft Outlook in order to truly be a player in that market. All that being said, Zimbra Collaboration Suite offers uncanny support for Outlook including: Native Sync with MAPI Support for both Online and Offline Modes Cached mode operation Support for multiple calendars In this chapter, we will discuss these features and focus on configuring Outlook to work with the Zimbra server. As you will see with a Zimbra back end and an Outlook client, it is transparent to your users whether you are using Microsoft Exchange or Zimbra Collaboration Suite as your back end product. This transparency to users makes the migration from Exchange to Zimbra that much easier in the eyes of your users, especially when it comes to user training. The ability to seamlessly integrate Zimbra and Outlook is one of Zimbra's strongest assets and one of its strongest arguments for making the transition from Exchange to Zimbra. However, if you want to use the full power of Zimbra (not only the fancy look but great features such as the searches), you should use the Web Client.

Zimbra and Outlook This chapter will take a detailed look at Zimbra integration with Outlook, including: The Zimbra Connector for Outlook (ZCO) A look at Zimbra integration Sharing Outlook folders

177 Zimbra and Outlook This chapter will take a detailed look at Zimbra integration with Outlook, including: The Zimbra Connector for Outlook (ZCO) A look at Zimbra integration Sharing Outlook folders Outlook uses the Messaging Application Programming Interface (MAPI) to allow programs to communicate with messaging systems and stores. MAPI is proprietary to Microsoft and is key to Zimbra being able to synchronize and work with Outlook. Zimbra uses a connector to facilitate this communication called the Zimbra Connector for Outlook. The PST Import Wizard One of the beauties of Outlook's integration in Zimbra is that you won't start from scratch: Zimbra gives you tools that are able to import your data ( s, calendars, contacts, etc) either from a concurrent solution's server (Exchange or Domino) or directly from a PST file (the file used by Outlook to store all its data). If you have not used Outlook before, you can go to the next chapter. We'll have a look at the PST Import Wizard. To download it: 1. Log in to the Administration Console at 2. Click on the Downloads tab on the left of the navigation pane. [ 150 ]

exe file to launch the wizard (there's no installation process). 6. Click on Next on the presentation page. 7. In the Hostname field enter: zimbra.

178 3. In the Content Pane, click on the PST Import Wizard to download the executable file. Chapter 7 4. Save the file to the local computer, or a network accessible shared folder. 5. Double click the.exe file to launch the wizard (there's no installation process). 6. Click on Next on the presentation page. 7. In the Hostname field enter: zimbra. cs.com. 8. In the Port field you can leave the default (80) and let the Use Secure Connection box unchecked. 9. In the Username field, enter your Zimbra's user (worker@ cs.com) and in the Password field your Zimbra's password. [ 151 ]

179 Zimbra and Outlook 10. Click on the Next button. 11. You will now have to select the PST file that you want to import into the Zimbra server. The Zimbra Import Wizard helps you as it opens the default Outlook PST's directory when you click on the Browse button. 12. Once you have selected the PST you want to import and clicked on the Open button, you can now click on the Next button of the initial window. 13. Now, you can choose how your data will be imported: Import Junk-Mail Folder: If you leave this box checked, all your spam will be imported to the server and marked as spam on the server. Import Deleted Items Folder: With this, the deleted mails will be imported on the server. Ignore previously imported items: This option is used when you're importing your data in several attempts. If you leave it checked, the already imported mails won't be imported again. Import items received after: Checking this box and choosing a date in the calendar next to it, allows us to do a partial import based on date. Import messages with some headers but no message body: You should leave this one checked as it imports some badly formatted mails. Convert meeting, organized by me, from my old address to my new address: You need to check this box (and enter your previous address) if you're getting a new address on the Zimbra server. If you don't, the meetings will be imported but you won't be the owner. Migrate private appointments: This one is your own choice as Zimbra does not handle (yet) the private items; all the imported appointments will be viewable by anyone you share your calendar with. [ 152 ]

Chapter 7 Once your choices are made, you can click on the Next button. 14. Click OK in the confirmation window. 15. Next window will show you the import evolution (number of items and percentage).

180 Chapter 7 Once your choices are made, you can click on the Next button. 14. Click OK in the confirmation window. 15. Next window will show you the import evolution (number of items and percentage). You can stop the import at anytime and start again later. Once the import is finished, a window pops up with a summary of the import session. 16. You can click on the OK button of the summary window then Finish in the last window. The Zimbra Connector for Outlook The Zimbra Connector for Outlook (ZCO) is a downloadable.msi installable file that must be installed on the desktop in order for Outlook and Zimbra to communicate. To download the ZCO to the client: [ 153 ]

Zimbra and Outlook 1. Log in to the Administration Console at https://zimbra.emailcs.com:7071. 2.

In the Content Pane, click on the Zimbra Connector for Outlook to download the.msi installable file. 4.

181 Zimbra and Outlook 1. Log in to the Administration Console at 2. Click on the Downloads tab on the left of the navigation pane. 3. In the Content Pane, click on the Zimbra Connector for Outlook to download the.msi installable file. 4. Save the file to the local computer, or a network accessible shared folder. 5. Double click the.msi file to start the installation process. 6. The installation wizard will begin and go ahead and accept the License Agreement and accept all of the defaults. 7. Once complete click FINISH. [ 154 ]

182 Chapter 7 The ZCO creates a brand new profile within Outlook, called Zimbra. If you had previous profile(s) created on your computer, be sure to choose the Zimbra one. The ZCO is now installed, and the first time we run Outlook on this client, the connector will prompt us for configuration information. Zimbra currently supports Outlook 2003 only. 1. In the Server Name field, enter: zimbra. cs.com. 2. For port leave the default of address will be the address for this user. In our case, we will use the Worker Bee with an address of worker@ cs.com. 4. For the password, enter the same password Worker would use to log in to the AJAX web client. 5. Once completed, click OK and Outlook will open Worker's box. The ZCO will now sync the Global Access List and will get all the s from the server locally. It means that if you imported lots of item previously, you might need some time to get them back into Outlook from the server. Luckily, then the sync process happens in the background. As you can see in the following screenshot, the folders we created in the Web Client are now configured in Outlook. The first time Outlook is opened, it automatically performs a send/receive with the Zimbra server. After this initial synchronization, there is nothing a user needs to do from then on to initiate synchronization with the server. There is also nothing the user needs to set-up to let Outlook know whether or not the user is Online connected to the server, or Offline disconnected from the server. Outlook automatically checks the status and acts accordingly. Therefore, a user need not be connected to the server to work with that has already been received, check the address book, or work with the Calendar. All changes that the user makes in Offline mode, will synchronize with the server the next time the server is connected and Outlook is online. [ 155 ]

183 Zimbra and Outlook At this time, we should take a quick look around Outlook and see how integrated Zimbra really is with Outlook. A Look at Zimbra Integration The integration of Zimbra is more than just the ability to send and receive . Outlook is now acting as the front end to create contacts, appointments, and tasks that will be stored on the server. Let's take a moment to look at each one individually. Contacts The easiest way to see the integration of contacts between Outlook and Zimbra is to compose a new mail message, and instead of typing in an address, click on the TO: button and select Global Address List from the Address Book drop-down menu. [ 156 ]

184 Chapter 7 As you can see, this feature looks exactly the same whether you are using Exchange or Zimbra as your back end collaboration server. Users are familiar with this look and feel, and the ability to select users that are within the organization's Global Address List. This list comes directly from the Zimbra server and is maintained there as well. The user also has the option to select the own personal contact list. This list could be created and maintained either via the web client, through Outlook directly, or both as they will synchronize together. Appointments In most work organizations, the ability to create appointments, invite people to attend, and check invitees schedule is a key function of Exchange and Outlook. Luckily for us, the same functionality could be used with Zimbra and Outlook. As seen in the following figure, the process for creating an appointment is exactly the same. 1. In the Calendar application, click New Appointment. 2. Click on the Invite Attendees button. 3. Click the To button and select the Global Address List from the drop-down menu. 4. Select the CEO from the address list and click OK. 5. Click on the Scheduling tab. The Calendar is synced with the Zimbra server and is able to check the availability of the users within the organization, a key feature of any collaboration suite. [ 157 ]

185 Zimbra and Outlook Once you have found a schedule when all the attendees are free, go back to the Appointment tab, type in a Subject for your appointment then click on the Send button. The last feature we will look at is Sharing Outlook folders. Sharing Outlook Folders Users have the option to share any Outlook folder with users in the Global Address List. Essentially, this is the same ability we covered in an earlier chapter with the Web Client for the Contacts or Calendar. However, here the process is different. Users could be delegated different levels of access to Outlook folders. These levels include: Read Edit Create Delete Act on workflow Administer Folder View items in folder only Edit any contents in the folder Create/add items to the folder Delete/modify items in the folder Respond to meeting and task requests Modify the permissions on the folder There are also predefined roles that users could assign to other users in the Global Address List including: Administrator Delegate Editor Author Reviewer Has all rights to the folder listed above Has access to all rights except for Administer folder Access to Read, Edit, Create and Delete Access to Read and Create Read only To assign roles and rights to the folder: 1. Right click the folder and click Properties. 2. Click on the Sharing tab. 3. Click Add and select CEO from the Global Address List. 4. With CEO highlighted, select Administrator from the Permission Level drop-down-box. [ 158 ]

Chapter 7 5. With Administrator selected, you should be able to see all of the Permissions selected. 6. Change the Permission Level to Reviewer and you will see that only Read items, is selected. 7. Go ahead and play with the various levels so you can get a feel for the different permissions associated with the various levels.

186 Chapter 7 5. With Administrator selected, you should be able to see all of the Permissions selected. 6. Change the Permission Level to Reviewer and you will see that only Read items, is selected. 7. Go ahead and play with the various levels so you can get a feel for the different permissions associated with the various levels. 8. Once complete, click OK. An will be sent to the CEO informing him that he now has Administrator access to the Inbox of the Worker Bee. [ 159 ]

187 Zimbra and Outlook In order for the CEO to work with the new Shared Folder (the Worker's Inbox in this case), the CEO would simply: 1. Click on File Open Other User's Mailbox in the Outlook Menu bar. 2. Select Worker from the Global Address List. 3. Once the folder is added to Outlook, click on the Send/Receive button to synchronize the folder. Summary The goal of this chapter was to take a brief look at using the Microsoft Outlook client as a front end to the Zimbra Collaboration Suite. In my experience, users do not like change and they tend to be comfortable with applications they are familiar with. One of the most common objections to changing systems is that users rely so heavily on their and contacts that they do not want to have to learn a whole new system to access them. Hopefully, if I have done my job, you could now see how users need not be afraid of moving to a Zimbra system, because in the end, their everyday life and functionality is not going to change much. They could still use the tool that they are most familiar with, but still have the added benefit of using the AJAX Web Client when they are on the road or away from their desks. In this chapter, we focused mainly on installing and configuring the Zimbra Connector for Outlook. We also took a look at the most common applications within Outlook and how they integrate with Zimbra, including sharing folders and delegating access to other users. In the next chapter, we will be looking at another important Zimbra client, and that is Zimbra Mobile. [ 160 ]

188 Zimbra on the Road Last chapter, we discussed how users in an enterprise environment tend to be very familiar with Outlook as their everyday mail client. However, a company's "road warriors" are constantly on the go, and are looking for a quick, easy way to stay in touch. In recent years, the technical advancement of mobile phones is astounding to the point that it is very rare to find a phone that just makes and receives calls. The consumers are buying phones that have cameras, mp3 players, and play videos. Business users are buying phones that in their own right are mini computers. For example, I just purchased a Motorola Q "smart phone" from my mobile carrier. This thing does everything. I could surf the web, play music, watch videos, take pictures, and view/edit office documents. In some cases, it is easier to use and more efficient than my laptop. One key feature it has, is the ability to sync "over the air" directly with my server. Although, seeing as though it is running a Windows operating system, the phone is expecting to sync with an Exchange server. However, Zimbra works just fine: Zimbra's developers chose to mimick the "Exchange server communication with mobiles" part. This way, any PDA or smartphone that is able to communicate with Exchange is able to communicate with Zimbra too. In this chapter, we will discuss how to configure the Zimbra server for allowing mobile access, as well as, how to configure some of the most popular "smart phones" to act as a Zimbra Mobile client. Specifically, this chapter will discuss: Preparing the Zimbra server for Zimbra Mobile Configuring Windows Mobile to sync with Zimbra Configuring PalmOS to sync with Zimbra Before we set up our clients, let's go ahead and prepare the server to allow mobile connections.

Zimbra on the Road Preparing the Zimbra Server for Zimbra Mobile When we installed the Zimbra Collaboration Suite, we used the Network Edition.

189 Zimbra on the Road Preparing the Zimbra Server for Zimbra Mobile When we installed the Zimbra Collaboration Suite, we used the Network Edition. By installing the Network Edition, we have installed Zimbra Mobile as well. However, Zimbra Mobile needs an additional licence to work. Zimbra Mobile is considered a "feature" and therefore will be configured at the user or COS (Class of Service) level under the Features tab. To begin with, we will configure Zimbra on the COS level: 1. Login to the Zimbra Administration Console at: 2. Use admin@zimbra. cs.com as the username and type in the password you assigned the admin user at installation. 3. In the Navigation Pane, select Class of Service as shown below: [ 162 ]

190 4. For this example, we will be using the employees COS, so double-click Employees to edit their Class of Service. 5. Click on the Features tab. 6. Scroll down the list of features, and place a check in the checkbox next to Zimbra Mobile. Chapter 8 7. Once completed click Save. 8. You can now close out of the Employees Class of Service editor. What we have done is configured our Zimbra server to allow access to Zimbra Mobile, to all accounts assigned to the employees COS. However, there are many times when a systems administrator may want to allow access to Zimbra Mobile to a particular user only. To accomplish this task: 1. If you have exited out of the Administration Console, please log back in. 2. In the Navigation Pane, select Accounts. 3. In the Content Pane, is a list of all accounts on the Zimbra server. For this exercise, we will select the Worker account by either double-clicking on Worker, or highlighting Worker and selecting Edit. [ 163 ]

Zimbra on the Road 4. Again, we will go to the Features tab. 5. In the list of features, find Zimbra Mobile and place a check in the checkbox to the left of Zimbra Mobile. 6.

191 Zimbra on the Road 4. Again, we will go to the Features tab. 5. In the list of features, find Zimbra Mobile and place a check in the checkbox to the left of Zimbra Mobile. 6. As you will notice, once the checkbox is selected, a new option appears to "Reset to COS value". What is happening is that Zimbra realizes that the system administrator is trying to make a change to the user that will override a setting that has been configured in the COS. In this case, we are fine. But in general, configuring features on the user level may make it difficult for the administrator to manage accounts. 7. Once completed, click Save and Close out of the editor. Our Worker account is now ready to configure the mobile device to sync with the Zimbra server. Configuring Zimbra mobile on the server side is fairly straightforward and so is configuring the mobile device. Configuring Windows Mobile to Sync with Zimbra As mentioned earlier, I have just purchased a new Windows mobile device by Motorola called the Q or MOTO Q. It is running on the Windows Mobile 5.0 operating system and has built-in functionality to sync with an Exchange server. Although I do not plan on syncing it with Exchange, I can use the same built-in functionality to sync with Zimbra. [ 164 ]

192 Chapter 8 Keep in mind that the steps I describe below should be very similar to the ones you would use to configure any Windows mobile device. 1. On the main menu click START ActiveSync 2. Next click MENU Configure Server 3. For Server Address, type in the fully qualified domain name (FQDN) of your Zimbra server. This would most likely be the same address you use to connect to your Zimbra server in a web browser, without the http: or In our case, the server address is zimbra. cs.com. 4. The Edit Server Settings screen will also ask if your server requires an encrypted SSL connection. This would be the case if you have configured your Zimbra server to use an SSL Certificate. If this is the case, check this box, however, you will need to follow additional steps for copying over the certificate to your mobile phone. This is beyond the scope of this book. But you could find more information about using the SSL Chain Saver Utility at sslchainsaver.aspx. For our purposes, we will leave this box blank. 5. Once we have completed the first screen, click NEXT. 6. The next screen, User Information, requires us to enter the username, password, and domain of the user. 7. For User Name: type in worker. 8. Enter the password for worker that you have used to log into the Zimbra client. 9. The Domain will be the domain of the Zimbra server that worker is a part of. Remember, that the Zimbra server could handle multiple domains. In this case, enter cs.com or zimbra. cs.com. 10. Check the Save Password box and click NEXT. 11. The Options screen appears asking for which items to sync. We could leave the default of everything (Contacts, Calendar, , and Tasks) and click FINISH. 12. Once we click FINISH, ActiveSync will attempt to sync with the server. The initial sync may take a few minutes. As you can see, there is no difference configuring the Windows mobile device to sync with Zimbra as there would be to sync with Exchange. In fact, there is no additional software needed to make this seamless to the end user. [ 165 ]

193 Zimbra on the Road A side note about the Tasks: they'll be synced with the server and Outlook (if you're using it with the ZCO) but won't show up in the Web Client because there's currently no Tasks support in the Web Client. Now that we have seen how easy it is to configure a Windows mobile device, let's take a look at configuring a Palm OS device. Configuring Palm OS to Sync with Zimbra In the previous section, we used ActiveSync to synchronize with the Zimbra server. Although, Palm devices have a built-in program called VersaMail (that is fairly similar in its functionality), it in fact uses Exchange ActivSync as well. Prior to moving to the MOTO Q, I was using a Palm Treo 700p to sync with my Zimbra server. This is how I configured it: 1. Press the APPLICATIONS button and select You should see the Initial Setup screen. Simply click CONTINUE. 3. To create the Zimbra server account, enter any name in the Account Name field. For now, we could just enter zimbra. 4. From the Mail Service selection list, select Exchange ActiveSync. 5. Click NEXT. 6. The username will be your address. This is because VersaMail does not ask to specify a domain. So in our case the username will be worker@ cs.com. 7. Click on the Password field and enter the password for worker. 8. Click NEXT. 9. The next screen will ask for your address and server name. For address enter worker@ cs.com and for server name zimbra. cs. com. 10. Click NEXT. 11. Our server is not using SSL or port 443. This is the default for VersaMail. To change this, click ADVANCED. 12. Change the port number to 80. Click NEXT. 13. On the Proxy Server Settings screen, make any necessary changes for your environment, once complete click DONE. [ 166 ]

194 Chapter 8 At this point, your Palm Treo is configured to connect to the Zimbra server, and synchronize with it. Although the process is a little different than configuring the Windows mobile devices, the end result is the same. Having the ability for the Zimbra server to push information, including , contacts, and calendar to the mobile device, without any need for additional software or utilities is a key benefit to the Zimbra Collaboration Suite. Summary This chapter focused on configuring the Zimbra server to allow users at both the Class of Service (COS) and user level, permission to sync with the Zimbra server with their mobile devices. With the server configured, we then looked at how to configure two of the more popular devices to receive push synchronization from their Zimbra accounts. In the next chapter, we will take a closer look at the Zimbra "mash-ups" called Zimlets. Zimlets will be the last part of end-user functionality we will look at. We will then get back to the server with a look at Disaster Recovery. [ 167 ]

195

196 The World of Zimlets As we have discussed, it is very difficult to break our users' old habits. It is even more difficult to get them to come out of their comfort zone and try new ways of doing, especially when it comes to their . The previous two chapters focused on how Zimbra could be a replacement for any enterprise-level messaging infrastructure, specifically Microsoft Exchange. However, the goal of those two chapters was to show how seamless a change to Zimbra could be to our end-users, because all of the functionality that they have grown accustomed to, is still there. In the end, they still have their Outlook, or their Mobile access, so therefore they couldn't care less what server you decide to implement. Well in this chapter, we are going to take a step back and revisit the AJAX Web Client that Zimbra offers. The Web Client truly is the key to leveraging all that the Zimbra Collaboration suite has to offer. We have already discussed basic functionality with the Web Client including working with , calendar, and contacts. We also discussed the use of Tags and viewing by conversations. These are all items that are very useful, but not necessarily enough to "wow" the users into making a transition from Outlook to the Web Client. This chapter will give you the tools to "wow" your users. One of the key benefits of using the Zimbra Web Client are small third-party applications or "mash-ups" that are used to integrate additional functionality into the Zimbra Collaboration Suite. These "mash-ups" are called Zimlets and open up a whole new world of possibilities over your typical client. Specifically, this chapter will discuss: An overview of Zimlets An example of mouse-over action with Zimlets Managing Zimlets A look at configuring specific Zimlets

197 The World of Zimlets An Overview of Zimlets As mentioned earlier, Zimlets are third-party applications or "mash-ups" that are used to enhance the user experience. Zimlets add additional functionality to the Web Client so that users have more options and tools to communicate more effectively and efficiently. Zimlets are displayed in the Navigation Pane of the web-client. Below is a list of some of the Zimlets that are installed and deployed by default: Flight Explorer Amazon Enables the user to check updated flight status on flights directly from their client. Provides users with access to search Amazon.com. Date If any part of the message body of an is a date (i.e. April 10, 2007) by hovering the mouse cursor over the date, Zimbra will automatically display any appointments the user has that day. Gtranslator RSS Search YMaps Google Translator displays a pop-up window for users to enter in phrases they would like translated into another language. Used as an RSS feed client for users to receive RSS feeds in their client. The RSS feed takes the place of the calendar in the lower left hand side of the client. We will walk through the RSS Zimlet in more detail, later in this chapter. Provides users quick access to Zimbra Search. Yahoo! Maps is now integrated into the , so that if an address is displayed anywhere in the body of an message, by hovering the mouse cursor over the address, a map of the area will appear. Unfortunately, this works only in the US. Hopefully, by just getting an overview of seven of the Zimlets that come default with a Zimbra implementation, you are starting to see how much functionality could truly be added to a Web Client. It is important to keep in mind a few items when thinking about Zimlets: 1. Developers and System Administrators can create and deploy custom Zimlets and are not limited to the ones offered by Zimbra. 2. In order to optimize the performance of the Zimlets, it is best (at the time of this writing) to use the Firefox web browser. In fact some Zimlets (i.e. RSS) only work within Firefox. 3. Although Zimlets run on the client side, they are still secured on the server. An example of this security will be discussed. [ 170 ]

198 Now that we have a basic idea of what Zimlets are, let's take a look at Zimlets in action. In the following section, we will look at how the Date and Maps Zimlets integrate, or intermingle, with an message. Chapter 9 Mouse-Over Zimlet Example In this example, we are going to take a look at how tightly Zimlets integrate with the Web Client. To follow along with this sample, you will need to send a test to the worker account (i.e., worker@ cs.com). You can send this from any account, and the body of the message should include a date and an address. For this example, I sent an to Worker with the following text: Hey Worker, Are you free to go to opening day this Monday April 10, 2007 at 1:05PM? If so, meet me at 1000 Elysian Parkway, Los Angeles, CA Thanks! Dodger Fan So this two-sentence should suffice for providing us with a good test case to see Zimlets in action. Once the message has been set, follow the steps outlined in the next section. The Date Zimlet The first Zimlet we will look at is the Date Zimlet. This particular Zimlet scans the body of the message for any dates. If it finds one, then it will change the color of the text to blue, signalling that the user could simply place their mouse cursor over the highlighted text for action. For this exercise, you will need to login to the Zimbra Web Client with the Worker account. 1. Open up your browser and type in the Address Bar. 2. Log in as username: worker and use the password you created at account creation. 3. Double-click the message in the Results pane of the Mail application inviting worker to opening day. 4. With the message open, you should see that the date (April 10, 2007) and the address are highlighted in blue. [ 171 ]

199 The World of Zimlets 5. Place your mouse cursor over the highlighted data, and a message should pop up listing the appointments for that day. As displayed in the image above, the Date Zimlet automatically checks your calendar and lists your appointments. This is an extremely effective tool as it saves the recipient from having to go to a different screen (Calendar), search for and find the date and check for conflicting appointments. The Date Zimlet, although very simple, is also very effective. Now let's take a look at Yahoo! Maps. The Yahoo! Maps Zimlet With the same message open, we are going to take a look at how the built-in Zimlet by Yahoo! Maps could be used to display a road map of the area surrounding the address within the body of the message. 1. With the message open, find the highlighted text with the address. It should start with 1000 Elysian Parkway. 2. Just as you did with the date, hover your mouse cursor over the address. 3. After a few seconds, the Yahoo! Maps Zimlet will pop up and start loading map information. [ 172 ]

Chapter 9 Just as the Date Zimlet is very simple and straightforward, so is the Yahoo! Maps one. They require no configuration on the user end and are completely integrated into the Zimbra Web Client.

200 Chapter 9 Just as the Date Zimlet is very simple and straightforward, so is the Yahoo! Maps one. They require no configuration on the user end and are completely integrated into the Zimbra Web Client. Although, Zimlets come built into the client, it does not mean administrators need to allow all users to have all of them. In fact, I would recommend administrators only deploy Zimlets that are necessary for their users. There are several reasons for this, but the main one is that the more Zimlets that are enabled for a user, the longer it takes for the client to load up in a browser. Managing Zimlets In this section, we are going to look at how the Systems Administrator could manage and deploy the Zimlets. They are two ways to manage Zimlets. First, beginning in Zimbra 4.5 Zimlets could now be managed and deployed through the Administrator Console. Second, we will look at using some command line tools to manage and deploy Zimlets. Managing Zimlets through the Administrator Console Zimlets could be assigned to specific users or to a Class of Service (COS). Keep in mind that specific user settings always override COS settings. The first step in assigning Zimlets to specific users is to make sure the Zimlets are enabled and installed on the server. This could be done through the Administration Console. [ 173 ]

201 The World of Zimlets Zimlets can be managed and assigned at the Class of Service (COS) or the user level. In this section, we will look at how to use the Administration Console to view which Zimlets are currently available on the server. 1. Login to the Administration Console by typing com:7071, in the address bar of your web browser. 2. In the Navigation Pane, under the Configuration section select Zimlets. [ 174 ]

Chapter 9 3. In the Results Pane, you will see a list of Zimlets currently deployed to the server and their status Enabled/Disabled. 4. To uninstall a Zimlet, select the Zimlet and click on Undeploy.

202 Chapter 9 3. In the Results Pane, you will see a list of Zimlets currently deployed to the server and their status Enabled/Disabled. 4. To uninstall a Zimlet, select the Zimlet and click on Undeploy. This will disable the Zimlet for the entire server. 5. To install a new Zimlet, after you have downloaded the Zimlet.zip file from a third-party vendor or developer, you would use Deploy new. This will enable a Zimlet for the entire server. Once the Zimlets are deployed/enabled to the server, we can now manage the access to Zimlets either through Class of Service (COS) or the user level. [ 175 ]

The World of Zimlets Assigning Zimlets to a COS In this example, we will be assigning access to Zimlets to users on the Class of Service level using the "employees" Class of Service we created when

203 The World of Zimlets Assigning Zimlets to a COS In this example, we will be assigning access to Zimlets to users on the Class of Service level using the "employees" Class of Service we created when we first configured our system. 1. With the Administration Console still open, in the Configuration section, click on the plus sign next to Class of Service. 2. This will expand the list of COS. Select employees from the list and double-click it. 3. In the Content Pane, you will see tabs that control various aspects of the Class of Service features and functionality. [ 176 ]

4. Select the Zimlets tab. Chapter 9 5. Within this tab, you may disable or enable Zimlets for all users within the Class of Service by unchecking (disabling) or checking (enabling) each Zimlet.

204 4. Select the Zimlets tab. Chapter 9 5. Within this tab, you may disable or enable Zimlets for all users within the Class of Service by unchecking (disabling) or checking (enabling) each Zimlet. Only Zimlets that have been enabled on the server level will be seen here. 6. Once completed click Save. Just to reiterate, these Zimlets will be available, or unavailable, to all users within the COS unless they have explicitly been defined at the user account level, which we will go over in the next section. Users will have to log out and in again to see the changes. Assigning Zimlets to an Account Assigning Zimlets to an Account works exactly the same way as assigning them to a COS. 1. With the Administration Console open, double-click Accounts in the Navigation Pane. 2. In the Content Pane, select the Worker account and click Edit. [ 177 ]

205 The World of Zimlets 3. Select the Zimlets tab. 4. In the Results Pane, you will see a list of Zimlets that are available to the user. Those Zimlets will have a check mark in the box to the left of them. 5. To disable a Zimlet, uncheck the box. You should notice two radio buttons that allow you to either use the COS settings (this is default) or to Limit Zimlets available to this user. 6. Once completed click Save. Keep in mind that user settings will override COS settings. By defining Zimlets at the user level, it makes it much more difficult to administer them later. Administering Zimlets through the Administration Console is very simple and straightforward. However, like in many services, the real power comes from administering the Zimlets from the command line. In the next section, we will look at how to configure the RSS Zimlet, which will provide us with a good overview of configuring Zimlets from the command line. [ 178 ]

206 Chapter 9 A Look at Configuring the RSS Zimlet One of the more popular Zimlets, at least in my experience, is the RSS Zimlet. What this Zimlet allows the user to do is to subscribe to, and view, an RSS syndicated feed in the web-based client. The feed is displayed in place of the calendar in the lower left hand corner of the screen. There are two reasons this is a good test Zimlet for us to look at. The first is from a security standpoint, this Zimlet is an excellent example of how although Zimlets are client side programs that are usually configured by the user with preferences, they are still secured on the server side. The RSS Zimlet has a server-side configuration file that lists all of the websites in which users are allowed to receive feeds from. Only an administrator has access to add or delete allowed sites from this file. This configuration is done on a global server level. The second reason is that the only way for an administrator to make changes to the configuration file, to allow or disallow access to particular feeds, is through using command line tools. Let's take a moment to look at the RSS feed from the user perspective, and then we will move on to look at how to configure the Zimlet for access to additional RSS feeds from websites. The RSS Zimlet in Action The RSS Zimlet can be found in the Navigation Pane, under Zimlets. To configure the Zimlet and add feeds to it, you will need to follow these steps: 1. Login to the Zimbra client ( as the Worker. 2. In the Navigation Pane, right-click on the RSS Zimlet and select Preferences. [ 179 ]

207 The World of Zimlets 3. The RSS Zimlet can store up to five RSS feeds. 4. Each feed (1 5) is numbered and the active feed number should be entered in the "Select feed to use" textbox. 5. The RSS Zimlet will only display one feed at a time. 6. Once completed, click OK. 7. To view the current feed, double-click the RSS Zimlet. 8. The feed should display at the lower-left-hand corner of the screen, in place of the calendar. This particular RSS Zimlet has two feeds listed. The first is from news.yahoo.com, the second from sans.org. As mentioned earlier, there is a configuration file that allows or denies access to particular website's RSS feeds. In this case, by default, yahoo.com is allowed and so therefore all of its sub-domains are available as RSS feeds. Sans.org, on the other hand, is not an allowed site and we will need to explicitly allow the site. Any site not listed in the configuration file is denied. Allowing RSS Feeds for Additional Sites If a user has added an RSS feed from an unauthorized website, when they click to activate the feed, an error message will pop up and no feeds will appear. To allow access to the website, the administrator will use some command line tools to add the website to the configuration file, therefore allowing the RSS Zimlet to access the feed. We will use SSH to connect to the server and make the changes. 1. SSH to the Zimbra server and login as a user on the server. 2. Switch the user to root by typing su Switch from root to the Zimbra user by typing su zimbra. 4. Change to the Zimlets-extra directory: cd /opt/zimbra/zimbra-extras 5. We are now going to use the zmzimletctl tool to extract the configuration template for the RSS Zimlet. This will allow us to view the configuration file. We could also choose to copy and paste the information to a new file to overwrite the configuration. zmzimletctl getconfigtemplate com_zimbra_rss.zip [ 180 ]

208 6. Copy the information that is displayed after using getconfigtemplate by highlighting the text that is returned. The information is also displayed below: Chapter 9 <zimletconfig name="com_zimbra_rss" version="1.1"> <global> <property name="alloweddomains">*.google.com,*.yahoo.com,*. yimg.com,*.flickr.com,*.economist.com,pheedo.com</property> </global> </zimletconfig> 7. Create a new configure_template.xml file. vi configure_template.xml 8. Paste the configuration information into the file. Type i to insert and then right-click to paste. 9. Add sans.org (and any of its sub-domains) to the list of allowed sites. This would be simply add the domain name between the alloweddomains tags. *.sans.org 10. Save the configuration file. :wq! 11. Replace the configuration file for the RSS Zimlet. zmzimletctl configure configure_template.xml 12. Restart tomcat so the users will have the changes effective on the client side. tomcat restart 13. Test the new changes by activating the RSS Zimlet in the Web Client. The zmzimletctl utility could be used to manage all aspects of the Zimlets including installing, deploying, disabling, as well as controlling access to Zimlets. Although the GUI tools in the Administration Console can help with basic administration of the Zimlets, it is important to understand how to use the built-in command-line (shell) tools to become a more effective administrator of the Zimbra Collaboration Suite. [ 181 ]

209 The World of Zimlets Summary In this chapter, we took a brief look at the third-party applications and "mashups" called Zimlets that are an effective set of tools and programs that add more functionality to the Zimbra Web Client. Specifically, this chapter covered an overview of Zimlets and their functionality, the integration of Zimlets into and calendaring, managing Zimlets from the Administration Console, and Introducing the Zmzimletctl utility To me, Zimlets are what makes the difference from the Zimbra Collaboration Suite being a less expensive, more secure, an easier to manage replacement to Microsoft Exchange and other commercial messaging and collaboration suites, to Zimbra becoming a key and beneficial part of any messaging infrastructure. You can develop your own Zimlets or use some of the one shared by other people. You can get some on Zimbra's gallery : In our next chapter, we will discuss one of the most important parts of any server deployment, backup (and restore). [ 182 ]

210 Backup and Restore A systems administrator's worst nightmare is the call, page, text message, or any other alarm, informing you that your server is down. Especially a server that is so instrumental and imperative to any organization, like the messaging server. Recently, I had an Exchange 2003 Enterprise Server crash, and although I had a backup of the Mailbox Store and the System State of the Windows operating system it was installed on, restoring the system took hours. I mean almost an entire business day wasted. Below are the basic steps I needed to go through to bring the server back up. Keep in mind, the box had a hardware RAID card error and a new server had to be used to host the Exchange Server. 1. Install Windows 2003 Standard Edition on a new box. 2. Apply all of the service packs to the server. They needed to match the service pack and patch level of the previous server. 3. Install the backup client, for the backup software. 4. Restore only System State first. 5. Reboot into Active Directory Restore mode. 6. Restore Active Directory. 7. Reboot system and install Exchange Apply service pack to Exchange Restore the Information Store to Exchange. Now, it may appear pretty straightforward to restore the box. I mean, I only needed to go through nine steps. Well, each step probably had three to four items to complete and the clock was ticking. Eventually, the server came back up and everyone had all of their s and settings. That day, I decided there must be an easier solution for . From restoring mailboxes to the entire server, there needs to be a better way. I needed a system with a faster, more efficient way to keep the messaging infrastructure available to the users.

211 Backup and Restore Enter Zimbra Collaboration Suite. Zimbra offers a very straightforward backup system that does not require additional software, clients, or configurations to make them work. Let me qualify this by saying that I would highly recommend the server be backed up to tape or some other disk based backup management system, but for the sake of this section, we will be exploring the built-in tools Zimbra, and Linux for that matter, have built-in to backup and restore your system. We will be discussing restores that take minutes and not hours. Specifically, this chapter will discuss: Managing backups from the Administration Console Restoring mailboxes Using the command line for backups To begin our exploration of Disaster Recovery, and more appropriately, Backup and Restore, we will log into the Administration Console and look at the Backup application. Managing Backups There are two ways to manage backups within the Zimbra Collaboration Suite. The first, as we discussed in this section, is the ability to use the Administration Console and its intuitive GUI interface. The other, which we will discuss later in this chapter, is to use the command line. Backups can be performed on the mailbox or server level. Therefore, if you would prefer to only backup a few critical accounts, you could accomplish that as well. The Administration Console supports two types of backups: Full Backups up all of the mailbox information. The advantage of a Full backup is all the information is stored, and restoring a complete system is much easier. The disadvantage: the time and disk space it takes to run a full backup may be prohibitive. Incremental A backup method in which a full backup is made, and then only the changes from the previous backup are backed up to file. The advantage here is that backups are much quicker. The disadvantage is that it may take many files to restore a complete system. In this section, we are going to walk through completing a full backup of the mailbox store. The steps for creating an incremental backup are identical. 1. Login to the Administration Console at: 2. In the Navigation Pane, under Monitoring, double-click Backups. [ 184 ]

212 Chapter In the Content Pane, you should see a list of the current backups already completed on the system. 4. Click Backup to begin the Immediate Backup Wizard. [ 185 ]

The following screen gives us the option of choosing which mailboxes to back up. We are going to select Backup all Accounts as displayed below: 7.

213 Backup and Restore 5. As stated by the warning, this is not really a "full backup" (full backups can only be done from command line). As the LDAP data are not backup, you won't be able to do a disaster recovery with such a backup (done through the Web Admin Console). 6. The following screen gives us the option of choosing which mailboxes to back up. We are going to select Backup all Accounts as displayed below: 7. At this point, we could go ahead and click Backup to begin the backup of our server. 8. The backup runs in the background, as the final part of the Immediate Backup informs us, we could just click Finish at this point and our backup is off and running. [ 186 ]

Chapter 10 By default, Zimbra is set up to automatically run backups every morning at 1:00AM. So if that schedule works for your organization, there is no need to change it.

214 Chapter 10 By default, Zimbra is set up to automatically run backups every morning at 1:00AM. So if that schedule works for your organization, there is no need to change it. This includes a Full backup (a real full backup with LDAP data) weekly and then Incremental backups daily. That being the case, you could use the Backups application in the Administration Console to monitor backup activity and make sure they have completed successfully. Backing up data always seems like a straightforward process, however, the real test of a backup is to see it in action. By this, I mean performing a restore. Restoring Mailboxes In this section, we will test our latest backup to restore a mailbox that of course we are going to go ahead and delete. In this exercise, we will delete the Worker Bee account and then go ahead and restore the mailbox using our latest Full backup. The first step in this exercise would be to delete the account. 1. Login to the Administration Console at: 2. Double-click on Accounts in the Navigation Pane. 3. Right-click on the Worker Bee account and select Delete. [ 187 ]

Backup and Restore 4. Once completed, open a new browser and try to log in as Worker to the Zimbra Web Client (http://zimbra.emailcs.com). 5.

Of course deleting email accounts is usually not the recommended practice, disabling them is a better way to go, nonetheless this will serve as a good test for our restore process. 1.

215 Backup and Restore 4. Once completed, open a new browser and try to log in as Worker to the Zimbra Web Client ( 5. Verify that you are unable to log in and close the browser window. Of course deleting accounts is usually not the recommended practice, disabling them is a better way to go, nonetheless this will serve as a good test for our restore process. 1. If you are not currently logged in, log in to the Administration Console. 2. Double-click on Backups under the Monitoring section of the Navigation Pane. 3. In the Content Pane, click Restore in the Menu Bar. 4. The Mailbox Restore Wizard will begin by asking us to enter the address of the account we would like to restore. Enter worker@ cs.com and click Next. [ 188 ]

Chapter 10 5. The next step would be to choose the path to the backup we would like to restore from. The default server and path are OK, then click Next. 6.

216 Chapter The next step would be to choose the path to the backup we would like to restore from. The default server and path are OK, then click Next. 6. Next, we will choose the latest Full backup to restore from and restore all of the information to the new account. Go ahead and click Restore. 7. Finally, once the restore is completed you will be notified by Zimbra. Simply click Finish and we could go ahead and test our restore. 8. Open up a new browser and log in to the Zimbra Web Client as Worker Bee. 9. You should see all of their s, folders, etc., if the restore was successful. As you can see, from the previous example, backing up the system and restoring mailboxes is a very straightforward process that uses all built-in tools. No third-party tools or plug-ins are required. You can also restore an existing account: Imagine the CEO comes to see you and tells you he deleted some very important s two days ago (and obviously emptied the Trash). He wants you to restore these s, but obviously doesn't want you to delete his account first. [ 189 ]

217 Backup and Restore You just have to launch the restore procedure but instead of restoring to the same account, you'll choose to restore to a different account (see screenshot above). Once restored, go to the Account section, and double-click on the restored account (you want to put a new password to this restored account). Once you've set up a new password, you can give the restored account informations to the CEO in order for him to get back his deleted mails. And once he's done, you can delete the restored account. Although the GUI tools for backups are very simple, they do not offer a lot of flexibility. In the next section, we will look at two command line tools, zmbackup, zmrestore, and zmschedulebackup, to show how administrators could use additional functionality and change the default backup schedule. Using the Command Line for Backups Many systems administrators find it much easier to accomplish tasks with the Command Line. Especially those of us that like to create shell scripts to accomplish our everyday tasks. In this section, we will go through backing up and restoring the Worker Bee account using the Command Line instead of the GUI. In this section, we will use all command line tools to complete the steps we did in the previous section. 1. You will need to log in as root to the server hosting the Zimbra Suite. 2. Change the user to Zimbra: su zimbra 3. Complete a full backup of the server by running zmbackup. We will use the f option meaning full backup, the a which specifies the account to backup (in our case, we will use all), and s which specifies the server. zmbackup f a all s zimbra. cs.com 4. To delete the Worker Bee account, we will use zmprov as in: zmprov da worker@ cs.com 5. Now, to restore the account, the tool is zmrestore. The acct option specifies the account to restore and the s specifies the server. By default, zmrestore will use the most recent full backup. zmrestore acct worker@ cs.com s zimbra. cs.com 6. Open up a browser, and log in to the Zimbra Web Client and the Worker Bee's account should be completely restored. [ 190 ]

218 Using the Zimbra Command Line Interface (ZCLI) is a very quick and effective way to accomplish everyday administration tasks with very little effort and the best part, very few mouse-clicks. The last tool we need to explore is the zmschedulebackup tool. Chapter 10 In order to view or modify the schedule of the backups, you could use the zmschedulebackup tool. The information is stored in the same format as the Unix program Cron, so that each type of backup will have information in one of five columns representing the following: Minute Hour Day of Month Month Day of Week So, to see our current schedule that zmbackup is running in, we would issue the command (as the Zimbra user) zmschedulebackup q. The results should look something like this: f 0 1 * * 6 i 0 1 * * 0-5 d 1m 0 0 * * 0 There are three lines here, one for the Full Backup schedule (f), the other for Incremental (i), and the final one for deleting. Therefore, using our table above to determine the actual schedule for each: The Full backup will run at 1:00am every Saturday: Minute Hour Day of Month Month Day of Week 0 1 * every * every 6 (Days are 0-6, with 0 being Sunday) The incremental backups will run: Minute Hour Day of Month Month Day of Week 0 1 * every * every 0-5 (every day except Saturday) The delete backup line is a little bit different as it states how long a backup should be kept before being deleted. So the 1m determines the backup should be saved for 1 month before being deleted. The rest of the line follows the same format as the other line and is scheduled to run every Sunday at 12:00am. [ 191 ]

219 Backup and Restore Minute Hour Day of Month Month Day of Week 0 0 * every * every 0 (Sunday) To change the current schedule, for example, let's say we want to run full backups at 2:30am instead of 1:00am, and also change our incremental backups to run at 2:30am as well, we could issue the command (logged in as the Zimbra user): zmschedulebackup -R f "30 2 * * 6" i "30 2 * * 0-5" d 1m "0 0 * * 0" Since version 4.5.6, a mail is automatically sent to the administrator once a scheduled backup is finished. The administrator now knows if the backup was correctly performed (or not) without having to use the CLI tools to check. A quick note on server upgrades and backup: when upgrading your Zimbra version, read the release notes carefully. In the past, some upgrades "broke" the backups as the new backup format was not compatible with the previous ones. This means it's not possible to restore an "old" backup onto a brand new upgraded server. Don't forget to do a full backup right after you've upgraded. Summary This chapter explored the various ways the systems administrator could make sure that all mailboxes (including all of their information) are backed up on a regular and consistent basis. These backup files could be stored directly on the Zimbra server, or a better practice would be to copy them off to tape or another server so that if a hardware failure occurs, the backup could be used to restore to a new server. I urge you to read an excellent post in the Zimbra's blog about this: Backups could also be used to restore specific mailbox accounts due to accidental deletion or if a user ends up deleting an important folder or group of contacts that need to be restored immediately. In the next and final chapter of this book, we will look at the task of monitoring the Zimbra server, making sure as systems administrators we are being as proactive as possible. [ 192 ]

220 Keeping an Eye on Zimbra As we come to the end of our look into implementing and maintaining the Zimbra Collaboration Suite, it would be a disservice to not take a few moments to look into the tools Zimbra offers for system administrators to monitor their messaging infrastructure. Being proactive is a key characteristic of any successful systems administrator, and all the monitoring tools in the world mean absolutely nothing unless the administrator is committed to using them on a consistent basis. This chapter will look into the tools Zimbra offers to provide visibility to the systems administrators, and also focuses on the reasons why monitoring your server is so critical. Specifically, this chapter will cover the following: The need for monitoring Working with mail queues Monitoring log files Before we take a look at the various monitoring options within Zimbra, let's first take a moment to look at the reasons why monitoring the server is so important. The Need for Monitoring I believe it goes without saying, that monitoring any critical server within an enterprise is a key job function of a systems administrator. However, it is probably the one job function that we let fall by the wayside. It seems, in most cases, we just get too busy to monitor our servers. The problem with this fact of life, is that we could avoid so many "fires" by utilizing our monitoring tools and preventing downtime and system failures from occurring. To me, there are three main reasons why monitoring is so critical to any Zimbra implementation. These reasons are: availability, scalability, and security. This is in no way an exhaustive list of all reasons why monitoring is so important, but it is my top three.

221 Keeping an Eye on Zimbra Availability By availability, we are concerned with the reliability and accessibility to all users at all times. In a nutshell, the word "availability" could be synonymous with up-time. Monitoring the server provides a means by which the systems administrator could determine the availability of all services within the collaboration suite. As a prideful systems administrator, I want to be aware of a service going down and immediately be able to bring it back up, before I am notified by my users. There are a couple of tools Zimbra provides that particularly deal with server status. One is the GUI tool in the Administration Console, the other is the command line tool, zmcontrol. For these examples, I will be using screenshots and information from my server for my company, as we could see some real data, however, please feel free to follow along with the server we have been working on throughout this book. To use the Administration Console to monitor services: 1. Direct your internet browser to and login with the admin account. 2. In the navigation pane, double click on the Server Status application in the Monitoring group. 3. The results pane should now display a list of all of the installed Zimbra services, and their current statuses. In my case, you could see that the logger service is currently down. [ 194 ]

222 Chapter 11 Using the Administration Console is a really quick and visual way to look at the current state of your services. Restart, shutdown, or start-up services could be done through the command line using zmcontrol. However, to save a step in needing to log into the Administration Console, we could simply login to a console session, usually via SSH, on our Zimbra server, and check and restart statuses from there. 1. SSH to the Zimbra server at zimbra. cs.com. 2. Login as a regular user. 3. Switch the user to root using the su and provide the root password. 4. Switch the user once more to the Zimbra user, using su zimbra. 5. Type the command zmcontrol status to view the installed services. The results should be the same as the GUI displayed in the Administration console. [zimbra@zimbra ~]$ zmcontrol status Host zimbra.techmaking.com antispam antivirus ldap logger [ 195 ] Running Running Running Stopped zmlogswatchctl is not running mailbox mta snmp spell Running Running Running Running

223 Keeping an Eye on Zimbra 6. Again, we can see that the logger service is stopped. 7. To bring up the logger service again we could use zmcontrol. zmcontrol start logger Monitoring is obviously so much more than just watching and restarting services. However, from a user perspective, it is probably the most important part. Their only desire is to be able to work with their , calendars, and address books when they need to. By monitoring services on a consistent basis, even services going down could be transparent to our users and keep them happy and productive. Scalability One of the most common questions I receive when implementing a new system is, "What type of server do I need for this?". Of course, this question is really asking how much RAM, processor power, disk space, and networking bandwidth do I need for a successful implementation. Or really, what is the minimum amount of these things I need to purchase to get by. Well, for a new implementation, that is a very difficult question to answer. In the beginning of this book, we looked at the recommended hardware configuration for the Zimbra server, but how do we know if that is enough? Well, we could use our monitoring tools for this. Zimbra has two server statistic measurement tools that would help in deciding if the recommended minimum requirements are not enough. So for example, let's say you go live with the recommended requirements and need to know when it is time to increase components. These two tools are the server statistics, Message Volume and Disk, both of these are located in the Administration console. 1. Login to the Administration Console at and login as the admin user. 2. In the Navigation Pane, double-click on the Server Statistics application and select the server displayed in the following screenshot: [ 196 ]

Chapter 11 3. In the results pane, click on the Message Volume tab. This will display the aggregate size in megabytes of all messages received and sent by the server, per hour and per day.

224 Chapter In the results pane, click on the Message Volume tab. This will display the aggregate size in megabytes of all messages received and sent by the server, per hour and per day. The Message Volume information is important for two reasons. First, from a network bandwidth perspective, we could now see how much bandwidth our server is utilizing on the network sending and receiving messages. Second, we could now determine and estimate how much disk space we will require, over time, so we may determine when it is time to add more disk space and how much. [ 197 ]

Keeping an Eye on Zimbra The other tool for determining disk space, is the Disk tab, under the Server Statistics application. 4. Click on the Disk tab in the results pane.

225 Keeping an Eye on Zimbra The other tool for determining disk space, is the Disk tab, under the Server Statistics application. 4. Click on the Disk tab in the results pane. The Disk monitoring tool looks at the disk space used and available per hour and per day. The Disk tool, in conjunction with the Message Volume tool, is very effective in determining current and future disk space requirements for your organization. Security By security, I am mostly speaking about securing your server, and users, against spam and viruses. Zimbra comes with built-in anti-spam and anti-virus functionality, however, it is also important for the Zimbra administrator to keep track of the spam and virus activity on the server. By doing so, they could make educated guesses as to whether the tools are tuned and configured properly, as well as, if additional thirdparty tools may be necessary. [ 198 ]

226 Chapter 11 The Anti-Spam/Anti-Virus monitoring tool is also located in the Administration Console in the Server Statistics tab. By clicking on the Anti-spam/Anti-virus Activity tab, we could view spam and virus activity for the last 48 hours, 30 days, 60 days, and a year. This tool displays the total messages received, and then uses colour coding, blue for spam and red for viruses, to provide an overall picture of the activity on the server. Again, this is another effective monitoring tool to help performance-tune the server, and see that the security settings you have configured are appropriate for your organization and the server. [ 199 ]

Keeping an Eye on Zimbra Working with Mail Queues Email servers handle virtually thousands of email messages per day, and in most cases messages are sent and received to the proper users seamlessly.

227 Keeping an Eye on Zimbra Working with Mail Queues servers handle virtually thousands of messages per day, and in most cases messages are sent and received to the proper users seamlessly. However, there are times when messages get bottlenecked or held up in a queue, and as administrators, it is important we keep an eye on that queue and handle "problem" messages, before they become an even bigger problem for our entire server. The Mail Queue application is designed to give administrators visibility to messages coming in and delivering out of the server. Each message is scanned, for viruses and spam, and then delivered to the appropriate party. While a message is in the queue, administrators may view messages that are deferred (messages that have not been able to be sent for some reason and will eventually expire unless some action is taken), a message may be placed on hold (messages the system is unable to process), incoming (all messages come in to this queue before they are delivered to the appropriate user, and active (messages being prepared to be sent). Also, using the Mail Queue application, an administrator may "flush" the queue and attempt to deliver all messages in hold, deferred, and the active queues. This is usually done when a bottleneck is created from the server experiencing too many errors sending out too many messages and therefore no messages are being sent out from the server. Each queue displays the Receivers domain, origin IP of the sender, sender's domain, and receiver's address. When a message is in queue, it may be placed on hold, deleted, or re-queued for delivery at a later time. In the upper-right-hand corner of the Mail Queue application is the Flush button for flushing all the queues when and if it becomes necessary. [ 200 ]

228 Monitoring Log Files There are times when the information provided in the Administration Console Chapter 11 GUI are just not enough to help troubleshoot an issue with the server, or to have a complete picture of the overalll health and activity of the server. So besides using the tools described earlier in this chapter, it is also very important that the systems administrator is aware of at least three log files that are key to monitoring your Zimbra implementation. The first log file is the zimbra.log file, located at /var/log/zimbra.log on the Linux server. This log is used to record and display system messages from the Zimbra server. For example, when services are started or stopped. If we noticed a server is stopped and we would like to find out if there are any messages in the log file regarding this to help explain why the server stopped, we could search the log file for all instances of the word stopped, by issuing the command: cat /var/log/zimbra.log grep Stopped Or if you would just like to view system messages about a specific service you could issue a similar command and replace the keyword Stopped, with the name of the service. cat /var/log/zimbra.log grep logger The second log file is the audit.log file located at /opt/log/zimbra/audit.log. This file is used to look at security authentication and is useful in viewing which users are successfully, and unsuccessfully, logging in to the Zimbra server. Finally, for detailed information on mailbox activity, you will definitely want to use the mailbox.log file, located at /opt/zimbra/log/mailbox.log. This is a great file for troubleshooting mail delivery and receipt problems. This log records all activity for the mailboxes on the server, so that you could see if the mailbox is even attempting to send a message before you get lost in trying to find out why delivery was unsuccessful. So for example, let's say I want to see a list of all messages that were sent to a particular address, I could use my favourite grep command and seach the entire mailbox.log for all instances of the address by typing in: cat /opt/zimbra/log/mailbox.log grep name@domain.com There are many more log files that Zimbra, and the operating system offer, to help monitor and troubleshoot issues with you system, however, the three discussed previously (mailbox.log, audit.log, and zimbra.log) are probably the ones you will end up using most frequently. Also, due to the overwhelming size of the files and the amount of information contained in each file, it may be a good idea to look at a third-party log management solution to not only make it easier to view and search the logs, but also to write information to a database for further analysis. [ 201 ]

229 Keeping an Eye on Zimbra Summary The goal of this chapter was to remind system administrators that their jobs does not stop after implementation, configuration, and backing-up the system. It is critical that we, as effective systems administrators, remain proactive when it comes to the availability, scalability, and security of our servers. Specifically, this chapter discussed: the need for monitoring, and a looked at a few built-in tools that Zimbra provides. We also talked about working with, and monitoring, mail queues and viewing three key log files for additional troubleshooting information. The messaging system of any organization is a critical piece of the infrastructure. Users rely on this system to maintain communication with vendors, customers, and fellow employees. has become a key component to every organization, and our responsibility to make sure that our system is effective and efficient is our number one priority. [ 202 ]

230 Index A admin console, settings block encrypted archives 125 definition update frequency(hrs) 125 send notification to recipient 125 administrating, Zimbra about 61 server management 65 user management 74 Zimbra, administering 80 Administrator Console addresses 64, 65 configuring 64 content pane 63 logging 62 monitoring 64 Navigation Pane 64 overview 62 search bar 63 services 194 shortcuts 65 tools 65 advantages, Zimbra accessing any where 17 admin console 17 built in security tools 17 calendaring 17 choice of client 17 end-user, advantages 16 mailbox management 17 monitoring tools 17 multiple domain support 17 storage reduction 17 application, Zimbra web client calendar 106 , working with 87 schedules, managing 106 B back end about 14 Zimbra core 14 Zimbra LDAP 14 Zimbra Logger 15 Zimbra MTA 14 Zimbra SNMP 15 Zimbra spell 15 Zimbra store 15 backups command line, using 190 full backup 184 incremental backup 184 mailbox restoring 187 managing from Administration Console 184 C calendar additional calendars, creating 110 appointments, adding multiple calendars, creating 110 sharing Classes of Service 131 command line zmbackup, using 190 zmrestore, using 190 zmschedulebackup, using 191, 192 command line tools zmbackup 190

231 zmrestore 190 zmschedulebackup 190 COS 131 D DNS service, starting 49 documents documents pages, creating 113, 114 sharing 114 E address book, sharing checking composing contacts, managing conversations 100 sending 96 tags working with 87 , checking folder, creating 92, 93 administrator requirements 61 Collaboration Services 19 CS 19 F front end about 12 Evolution 13 isync 13 Microsoft Outlook 13 other clients 13 Zimbra archiving and discovery 14 Zimbra collaboration client 12 Zimbra desktop offline client 13 Zimbra Mobile 13 Zimlets 13 H HOSTS file editing 21, 22 I incremental backup creating installation, Zimbra about 19 DNS, configuring firewall, configuring 58 hardware requirements 20 HOSTS file, editing 21 on MAC OS X 49 on Red Hat Enterprise Linux 4 26 on SUSE ES 9 40 post installing 58 pre-installing 19 sendmail, turning off 25 software requirements 20 integrating, Outlook and Zimbra about 149, 150 PST import wizard 150 L log files audit.log file 201 mailbox.log file 201 monitoring 201 zimbra.log file 201 Lotus Notes 8 M MAC OS X preparing, for Zimbra 49, 50 Java 1.5, configuring 50 mailbox, restoring process 188, 189 mail identities aliases, creating 144 configuring 143 Mail Queues application working with 200, 201 MAPI 150 Messaging Aplication Programming Interface 150 monitoring reasons availability 194 scalability 196 [ 204 ]

232 security 198 MTA 25 N network security demilitarized zone, creating 128 firewalls 129 VPN 129, 130 O operating system, security host-based firewall 126 patching 127, 128 services 127 updating 127, 128 Outlook configuring 149 integrating with Zimbra 156 running 155 Zimbra connector 153 Outlook, integrating with Zimbra appointments, creating 157 contacts, integrating 156, 157 Outlook folders, accessing 158 Outlook folders, assigning roles 158, 159 Outlook folders, sharing 158 P POP accounts configuring 142, 143 PST import wizard downloading R Red Hat operating system installing RSS feeds additional sites, allowing 180 RSS Zimlet configuring 179 feed, accessing 180, 181 RSS Zimlet, configuring steps 179, 180 S saved search keyboard shortcut, creating 146 schedule, managing appointments, adding calendars, sharing multiple calendars, creating 110 Search Builder about 144 saved search, using 146 search, building 145 search, creating 145 security, Zimbra admin console, settings 125 AJAX web client security 120 Anti-Spam Anti-Virus 124 Mail Transfer Agent 121 network security 128 operating system, security 125 server management about 65 classes of service 72, 73 domain, creating global settings, configuring server statistic measurement tools Disk 198 Message Volume 196 server statistic monitoring tools Anti-Spam/Anti-Virus 199 services, monitoring Administration Console, using shortcuts Zimbra Assistant 115 Zimbra Assistant, example 115, 116 SUSE ES 9 preparing, for Zimbra U user management about 74 alias, creating 77, 78 distribution list, creating 78, 79 user accounts, creating [ 205 ]

233 user options address book 138 calendar 139, 140 exploring 131 general options 133, 134 mail filters 136, 137 mail options overview 132 shortcuts 140, 141 V Virtual Private Network 129 VPN 129 Z ZCO about 153 downloading 154 ZCS. See also Zimbra about 8, 10 back end 14 back end architecture 11 collaboration, building 11 features 8 front end 12 front end architecture 11 installing, on MAC OS X installing, on Red Hat Enterprise Linux journaling 12 message store 11 Metadata SQL Store 11 product edition comparision 9, 10 Zimbra search 11 Zimbra. See also ZCS administrating 61 administrating, from command line 80 advantages 16 AJAX web client system, requirements 83 backups, managing 184 backup system 184 configuring, on COS level 162 customizing 131 documents 112 Fedora Core 4, requirements 84 history 10 installing 19 integrating with Outlook 156 MAC OS X 10.4, requirements 84 Outlook, configuring 149 Palm OS, configuring to sync 166 patching 128 Search Builder 11 security 119 server statistic measurement tools 196 server statistic monitoring tools 199 uninstalling 59, 60 updating 128 Web Client system, requirements 83 Windows mobile, configuring to sync 164, 165 Windows XP, requirements 84 Zimbra, administering ZMCONTROL, managing services 80, 81 ZMPROV, accounts creating with 81, 82 Zimbra, customizing mail identities, configuring 143 POP accounts, configuring 142 Search Builder 144 user options, exploring 131 Zimbra, post installing firewall, configuring 59 Zimbra, securing anti-spam 122 Zimbra Collaboration Suite. See also Zimbra; See ZCS Zimbra Connector for Outlook. See ZCO Zimbra Mobile about 162 accessing 163, 164 Zimbra server configuring 161 monitoring 193 preparing, for Zimbra Mobile 162 reasons for monitoring 193 Zimbra store Data store 15 HTML Conversion 15 Index store 15 Message store 15 Zimbra Web Client accessing 84 application chooser 87 [ 206 ]

234 calendar overview pane 86 content pane 87 documents 112 keyboard shortcuts 116 keyboard shortcuts, example 116 location box 86 overview 85 overview pane 86 search bar 87 status box 87 shortcuts 115 tool bar 87 Zimlet about 169 Amazon 170 date 170 Date Zimlet 171 Flight Explorer 170 Gtranslator 170 managing 173 mouse-over Zimlet, example 171 overview 170 RSS 170 Search 170 Yahoo! Maps Zimlet 172, 173 YMaps 170 Zimbra Web Client, login 171, 172 Zimlet, managing Administrator Console, used assigning, Accounts to 177, 178 assigning, COS to 176, 177 [ 207 ]

235 Thank you for buying Zimbra Packt Open Source Project Royalties When we sell a book written on an Open Source project, we pay a royalty directly to that project. Therefore by purchasing Zimbra, Packt will have given some of the money received to the Zimbra Collaboration Suite. In the long term, we see ourselves and you customers and readers of our books as part of the Open Source ecosystem, providing sustainable revenue for the projects we publish on. Our aim at Packt is to establish publishing royalties as an essential part of the service and support a business model that sustains Open Source. If you're working with an Open Source project that you would like us to publish on, and subsequently pay royalties to, please get in touch with us. Writing for Packt We welcome all inquiries from people who are interested in authoring. Book proposals should be sent to authors@packtpub.com. If your book idea is still at an early stage and you would like to discuss it first before writing a formal book proposal, contact us; one of our commissioning editors will get in touch with you. We're not just looking for published authors; if you have strong technical skills but no writing experience, our experienced editors can help you develop a writing career, or simply get some additional reward for your expertise. About Packt Publishing Packt, pronounced 'packed', published its first book "Mastering phpmyadmin for Effective MySQL Management" in April 2004 and subsequently continued to specialize in publishing highly focused books on specific technologies and solutions. Our books and publications share the experiences of your fellow IT professionals in adapting and customizing today's systems, applications, and frameworks. Our solution-based books give you the knowledge and power to customize the software and technologies you're using to get the job done. Packt books are more specific and less general than the IT books you have seen in the past. Our unique business model allows us to bring you more focused information, giving you more of what you need to know, and less of what you don't. Packt is a modern, yet unique publishing company, which focuses on producing quality, cutting-edge books for communities of developers, administrators, and newbies alike. For more information, please visit our website:

Qmail Quickstarter ISBN: 978-1-847191-15-1 Paperback: 152 pages A fast-paced and easy-to-follow, step-by-step guide that gets you up and running quickly 1. Qmail Basics 2.

Hosting Multiple Domains, Encryption, and Mailing Lists Mastering OpenLDAP ISBN: 978-1-847191-02-1 Paperback: 400 pages Install, Configure, Build, and Integrate Secure Directory Services with

236 Qmail Quickstarter ISBN: Paperback: 152 pages A fast-paced and easy-to-follow, step-by-step guide that gets you up and running quickly 1. Qmail Basics 2. Storing and retrieving of s 3. Virtualisation 4. Filtering Spam 5. Hosting Multiple Domains, Encryption, and Mailing Lists Mastering OpenLDAP ISBN: Paperback: 400 pages Install, Configure, Build, and Integrate Secure Directory Services with OpenLDAP server in a networked environment 1. Up-to-date with the latest OpenLDAP release 2. Installing and configuring the OpenLDAP server 3. Synchronizing multiple OpenLDAP servers over the network 4. Creating custom LDAP schemas to model your own information 5. Integrating OpenLDAP with web applications Please check for information on our titles

Zimbra Collaboration Suite Virtual Appliance VMware Installation

Zimbra Collaboration Suite Virtual Appliance VMware Installation Network Edition 4.5 Beta 2 The Zimbra Collaboration Suite (ZCS) virtual appliance includes the rpath Linux operating system and the ZCS