How to install and use Zimbra 5.0 on a Mac
Zimbra is on my radar ever since I saw the first glimpse of their webmail application, already a few years ago. Recently I started my own business, registered my personal internet domain(s) and installed a Mac Mini for my server needs. An excellent opportunity to install Zimbra to serve my mail and calendars!
Introduction
I needed a solution not just for email, also for sharing multiple calendars within my family. Zimbra is just perfect for that: It has a sweet webmail interface, simple administration console (also a web application) and shares calendars using the CalDAV protocol, which is the native Apple iCal protocol as well.
Virtual Machine
Zimbra is quite demanding when it comes to installation: You can’t have any Apache, LDAP, MySQL server already running ’cause Zimbra wants to control it! Although you can install Zimbra on a Leopard Mac Mini, you can’t use the machine for anything else.
Fortunately, the solution for this problem is also a great benefit: We use virtualization to run Zimbra on a dedicated Virtual Machine. This way Zimbra can have all the resources it needs, it is also much better manageable in terms of backup and upgrade operations. So virtualization it is!
It doesn’t really matter whether you use the commercial offerings from Parallels, VMware or the Open Source VirtualBox, each of these should work flawlessly – I had VMware Fusion installed, so I went with that.
Preparing the Virtual Machine
The first step is to download a Ubuntu Server ISO image. You can choose between 32-bit and 64-bit editions, please choose the 32-bit edition. We don’t want the Desktop version, for it comes with a graphical desktop environment we don’t need. Let’s just keep it lean and mean.
Go to http://releases.ubuntu.com/8.04/, choose the PC (Intel x86) server install CD. It will download a 558MB ISO image.
Next, fire up your Virtualization software and create a new Virtual Machine using the downloaded ISO image. Configure the Virtual Machine as follows:
- Make sure Bridged Networking is enabled (in order to let it connect directly to your existing network);
- Configure at least 512MB of memory – I configured 768MB (it still seems to swap some memory to disk, just minimal). If your host can handle it, configure 1GB memory;
- Disable any 3D graphics, sound or printer device – these we do not need for Zimbra.
- Make sure this Virtual Machine is started automatically whenever the Virtualization software is started. Also, make sure that the virtualization software is started automatically whenever the machine starts
- Last-but-not-least, make sure this Virtual Machine image is excluded from any Time Machine backup.
Installing Ubuntu 8.04
- Run the Virtual Machine with the downloaded ISO image.
- Choose ‘Install Ubuntu server’ (default option)
- Choose your language, region and keyboard
- Enter your hostname:
mail - Create a new user: this is the user account you will use when accessing the Zimbra machine.
- Don’t install any additional service / package; only select
OpenSSH Serverin the list. Zimbra deploys its own set of services. - You are finished with the install – restart the Ubuntu virtual machine.
Setting up a static IP address
Now we need to know what IP address is assigned to your virtual machine. By default, it is dynamically assigned by means of DHCP, and we need a statically assigned IP address – your router must know where to send your email!
Log in using the account you just created and check your IP address:
ifconfig eth0
We need this address to open a shell connection from a Terminal app. A Terminal enables you to use the clipboard, for instance – convenient to copy snippets from this article to your Terminal session.
The result of the command looks like this:
bguijt@mail:~$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0c:29:b2:9d:64
inet addr:192.168.1.126 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb2:9d64/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:98633 errors:96223 dropped:0 overruns:0 frame:0
TX packets:70867 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:18624200 (17.7 MB) TX bytes:29166046 (27.8 MB)
Interrupt:16 Base address:0x2024
Note the IP address, which is printed in bold (in this case: 192.168.1.126).
Now open your Terminal app and login to your virtual machine (substitute username for your own):
ssh username@192.168.1.126
Upon connecting to your virtual machine, you are greeted with a question to accept a code – just type Y and press enter to accept the session. Whenever you need to access the virtual machine shell, you should do it like this.
Anyway, let’s make sure this virtual machine gets its own static IP address. Edit the /etc/network/interfaces file:
sudo nano /etc/network/interfaces
The file you opened looks like this:
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp
We need to change the last line and add additional configuration lines:
iface eth0 inet static address 192.168.1.2 gateway 192.168.1.1 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255
Use the following parameters:
- address
- As you see, we choose to use the IP address
192.168.1.2so we have a predictable address to get to our new virtual machine. Of course this address may not already be in use by one of your machines in the network! Make sure by ‘pinging’ to the address before you edit the file (ping 192.168.1.2). - gateway
- This is, in most circumstances, the IP address of your router. Mostly this corresponds with
192.168.1.1(Linksys),192.168.0.1or192.168.1.254. See this article to make sure what to enter here. - netmask
- This is
255.255.255.0in most cases. Again, see this article to make sure. - network
- In most cases the same value as your gateway, making the last digit to
.0. - broadcast
- In most cases the same value as your gateway, making the last digit to
.255.
After saving and closing the editor (crtl-o followed by ctrl-x) we need to restart the network service. Issue the following command:
sudo /etc/init.d/networking restart
Of course, now our Terminal session is broken, because networking is restarted. In your terminal app, reconnect to your session:
ssh username@192.168.1.2
Setting up DNS on your Ubuntu system
Zimbra needs a locally installed DNS to support its services. Zimbra is quite picky on this, so let’s just give it what it needs.
First we need to make sure our package index is up-to-date. Issue the following command:
sudo apt-get update
Next, we need the Bind9 software, so lets get it:
sudo apt-get install bind9
We need to edit a few files:
sudo nano /etc/bind/named.conf.options
Edit the file to look like this:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
xxx.xxx.xxx.xxx;
xxx.xxx.xxx.xxx;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
You should replace the xxx.xxx.xxx.xxx IP addresses with the addresses of your ISP’s nameservers. See this article to obtain these addresses. In your Terminal shell, you could also issue the command:-
cat /etc/resolv.conf
to obtain these addresses.
Next, edit the /etc/resolv.conf file:
sudo nano /etc/resolv.conf
Edit the file like this:
search yourdomain.com nameserver 192.168.1.2
Substitute yourdomain.com with your domain name, of course. Also, use the same IP address you configured for your machine as the nameserver address in this file.
Next, edit the /etc/bind/named.conf.local file:
sudo nano /etc/bind/named.conf.local
Edit the file as follows:
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "yourdomain.com" {
type master;
file "/etc/bind/db.yourdomain.com";
};
Next, create the /etc/bind/db.yourdomain.com file:
sudo nano /etc/bind/db.yourdomain.com
Paste these lines into the file:
;
; BIND config for yourdomain.com
;
$TTL 604800
@ IN SOA mail.yourdomain.com. admin.yourdomain.com. (
080929 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS mail
IN MX 10 mail
IN A 192.168.1.2
mail IN A 192.168.1.2
Make sure you substitute yourdomain.com and the IP address for your own.
Please note that the domain name is postfixed with a dot (.), this is NOT a typo! Also, admin.yourdomain.com will be your admin email address admin@yourdomain.com. Again, the dot instead of an @ symbol is not a typo here.
If you need to make changes to this file afterwards, please make sure you increment the number designated ‘Serial’ (080929), otherwise Bind won’t pick up the changes. You could enter the date here (formatted YYMMDD).
Finally, we need to edit the /etc/hosts file:
sudo nano /etc/hosts
Change the (2nd) line:
192.168.1.2 mail.yourdomain.com mail
and again, substitute the data to your own.
Reboot the virtual machine to let the changes take effect:
sudo reboot now
The connection will be lost – however, the machine is set and ready to install Zimbra!
Setting up DNS at your ISP
It is very important that the nameserver at your domain registrar knows where to find your mailserver! Sometimes this is configured by default when you register a domain name and point it to your external IP address, but you need to make sure there is a mail.yourdomain.com MX record configured for you. Consult your registrar!
Installing Zimbra
In your Terminal, login to your machine:
ssh username@192.168.1.2
Now we need to download Zimbra in the virtual machine. First, lets find out the URL to the download. Open a browser and go to http://www.zimbra.com/community/downloads.html. Locate the download link for Ubuntu 8.04 (mind you: the 32 bits version!), and copy that link to your clipboard.
Next, issue the following commands:
sudo bash
cd /tmp
In the following step, use the link you copied to your clipboard!
wget http://h.yimg.com/lo/downloads/5.0.10_GA/zcs-5.0.10_GA_2609.UBUNTU8.20080922131729.tgz
tar -xzf zcs*
cd zcs*
./install.sh
Now Zimbra lists the packages still missing from your system, and it can’t continue the installation. Use apt-get install to install these packages:
apt-get install libpcre3 libgmp3c2 libstdc++5 libltdl3
After installation, install Zimbra again:
./install.sh
Accept all the default configuration questions (just press <enter>). When the system asks The system will be modified. Continue? [N] answer with Y.
Change the domain name: Answer Yes, enter mail.yourdomain.com. If the question is repeated, something is wrong with your DNS setup! In that case, review your DNS configuration.
Finally, the console shows a menu, telling you to set a mandatory password for the admin account. Press 3 followed by <enter>, then press 4 followed by <enter>. You need to type a password for the admin@yourdomain.com account.
Return to the main menu (press r followed by <enter>) and press a to apply the configuration and continue the install process. Zimbra will be started when the install process finishes.
Finally, you need to enable Zimbra logging by issuing the following command:
crontab -u zimbra -l
Your Zimbra server is now ready!
Making Zimbra known to the outside world: Configure your router
Your Zimbra server is running behind a firewall, which is controlled by your router. We need to configure your router before anyone can send you an email
The feature we need in your router is called Port Forwarding. Any internet traffic coming at your router at specific ports can be configured to be ‘forwarded’ to a specific machine in your network. We want to route all email related traffic to our Zimbra server.
Please consult your Router manual (or the internet of course) on how to configure port forwarding on your router. You need to configure the following ports:
| Service name | Port# | Remarks |
|---|---|---|
| SSH | 22 | Only if you wish to have Shell access from the outside world |
| SMTP (MTA) | 25 | mandatory port |
| HTTP | 80 | Webmail |
| POP3 | 110 | Standard PO3 access |
| IMAP | 143 | Standard IMAP access |
| HTTPS | 443 | Secure webmail |
| IMAPS | 993 | IMAP over SSL (secure) |
| POPS | 995 | POP3 over SSL (secure) |
| HTTPS | 7071 | Administration Console (secure) |
Logging into Zimbra
Zimbra provides two web applications: one is the Administration Console, and the other is the Webmail service. These are the URL’s for these applications:
| Administration Console | https://mail.yourdomain.com:7071/zimbraAdmin/ |
| Plain webmail | http://mail.yourdomain.com/ |
| Secure webmail | https://mail.yourdomain.com/ |
The Administration Console is not supported in the Safari browser (yet), so you’ll need to access it from Firefox. The webmail app is provided in an Advanced (Ajax) mode and in a Standard (plain HTML) mode.
Creating Zimbra accounts
Open a Firefox browser (Safari is less supported 
) and go to https://192.168.1.50:7071/zimbraAdmin/ to open the admin console. The browser will warn you that the certificate is untrusted, so you need to add an exception to the browser. Click on Or you can add an exception... link and click on the Add Exception button. Click the Get certificate button and add the exception. The browser will greet you with a Zimbra login screen – now login with your admin account.
The Zimbra Administration Console is a simple interface to setup your accounts. At this point I’d say just go ahead and try There is some comprehensive documentation for the end users.
Adding Zimbra address book to OS X’s Address Book
Open your Address Book app, open its Preferences. Go to the ‘LDAP’ tab, and click on [+] to add a new LDAP server:
| name: | Zimbra |
| server: | 192.168.1.2 |
| port: | 389 |
| Don’t use SSL | |
| search base: | ou=people,dc=yourdomain,dc=com |
| scope: | subtree |
| authentication: | none |
Save the new configuration. If you click on the newly configured LDAP directory server, and type ‘admin’ in the search box (or another name of a newly created account), you see the account appearing in the search results! This lookup feature also works in your Mail app.
Adding Zimbra calendars to iCal
In Zimbra every mail account has also one or more Calendars. You can add these in iCal, which is then kept in sync with each other. This feature is awesome if you want to share a calendar with others!
Open iCal, open its Preferences. Go to the ‘Accounts’ tab, and click [+] to add an account. Enter a description, the credentials for a Zimbra account, click on ‘Server Options’. Enter an Account URL:
http://mail.yourdomain.com
WITHOUT a trailing slash (‘/’)! When you click ‘add’, the URL is completed automatically. Accept the security warning and you have an extra Calendar on you iCal list.
Now you should be able to add calendars from within iCal and Zimbra (e.g. ‘School’, ‘Business’ etc.). Please be advised to use calendar names without spaces, otherwise you might run into synchronization problems!
I hope you enjoy using Zimbra like I do! If you encounter any error in this article, please let me know!
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}