Help Center

Setting up for Zimbra

Zimbra servers can route outgoing emails through anti-abuse relay services such as MailChannels. This article explains how to integrate the MailChannels Outbound Filtering platform in Zimbra-Postfix

Step 1: Setup an Authenticated Smarthost Relay

  1. Login to your Zimbra server via SSH as ‘root’ user. We recommend doing the following steps as zimbra user.
    Switching to zimbra user
    # su - zimbra                                                                             
  2. Setting a relay host: 
    # zmprov ms `zmhostname` zimbraMtaRelayHost smtp.mailchannels.net 25                     

    zmprov=> The zmprov tool performs all provisioning tasks in Zimbra LDAP, including creating accounts, aliases, domains, distribution lists

    ms => MS is the server Provisioning Command to modify server

  3. Enabling SMTP authentication: Create a text file with the username/password. Replace USERNAME with your Mailchannels Username and PASSWORD with your Mailchannels password.
    #echo smtp.mailchannels.net USERNAME:PASSWORD > /opt/zimbra/conf/relay_password                   
  4. Create a postfix lookup table
    #postmap /opt/zimbra/conf/relay_password                                                  
  5. To test that the lookup table is correct, the following command should return the USERNAME:PASSWORD
    # postmap -q smtp.mailchannels.net /opt/zimbra/conf/relay_password                                
  6. Configure postfix to use the new password map:
    # zmprov ms `zmhostname` zimbraMtaSmtpSaslPasswordMaps lmdb:/opt/zimbra/conf/relay_password
  7. Configure postfix to use SSL authentication:
    # zmprov ms `zmhostname` zimbraMtaSmtpSaslAuthEnable yes                                 
  8. Configure postfix to use the outgoing server name rather than the canonical server name:
    # zmprov ms `zmhostname` zimbraMtaSmtpCnameOverridesServername no                        
  9. Enable to use TLS:
    # zmprov ms `zmhostname` zimbraMtaSmtpTlsSecurityLevel may                               
  10. Enable Auth User Header
    # zmlocalconfig -e postfix_smtpd_sasl_authenticated_header=yes                           
  11. Enable Plaintext Authentication: 
    #zmprov ms `zmhostname` zimbraMtaSmtpSaslSecurityOptions noanonymous                     
  12. After updating the configurations, reload the postfix

    # postfix reload                                                                         

Fixing Common Issues

Step 1: Alternate SMTP Ports

MailChannels supports connections to alternative SMTP ports for Outbound Filtering. Smarthost relays can be configured to use ports 2525, 465 or 587 should 25 be inaccessible to you for any reason.

 

 

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

  • Avatar
    Tarek Nakbi

    This command doesn't work : # zmprov ms `zmhostname` zimbraMtaRelayHost smtp.mailchannels.net 25

    It must be : # zmprov ms `zmhostname` zimbraMtaRelayHost smtp.mailchannels.net:25

    Comment actions Permalink

Article is closed for comments.