MailScanner + Zimbra...anyone done it before?

Martin.Hepworth martinh at solidstatelogic.com
Mon Sep 10 17:30:58 IST 2007


James

Here's how I do it for my communigate server which his behind the MS gateway.

On the CGP I run the inbound SMTP on port 465 for external hosted and ONLY accept authenticated sessions on this. I can config this easy via communigate, dunno about PF/zimbra.

--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of James Gray
> Sent: 09 September 2007 01:06
> To: MailScanner discussion
> Subject: Re: MailScanner + Zimbra...anyone done it before?
>
> Thanks for the suggestions folks.  The consensus seems to be "run a
> separate box" but the problem is we have a number of people who work
> remotely and that would introduce a whole raft of new custom-hacks to
> get authenticated SMTP relaying going for the remote users via the
> separate box (assuming it becomes the "Internet-facing" part of the
> SMTP chain).  Then the remote users would (probably) need a different
> mail config when the venture into the office.  The way things stand
> at the moment the roaming users can use EXACTLY the same mail setup
> externally as those in the office without the need for VPN,  making
> the transition seamless (management LOVE that crap...personally, I
> don't care).  So long story short - it's gotta run on a single box
> with Zimbra being the MTA.  Not a big deal, I've already set Zimbra
> up with a couple of RBL's and MTA-level anti-spam measures and it's
> doing fine.
>
> As for the resources Zimbra chews up, yes, it is VERY hungry.
> However, its constituent components can be separated as the system
> grows.  The OpenLDAP, MySQL, Tomcat and Postfix/MTA components are
> completely separable thus spreading the love amongst different
> machines etc.  It's actually kinda neat :)  However, we are running
> everything on the one machine for the time being but it's a bit of a
> beast: dual Xeon's, 6GB ECC RAM, couple-of-hundred GB U320 SCSI RAID
> 5, dual gigabit (bonded) Ethernet....and we only have 30
> mailboxes! :P  I think it will handle the 4-5 MailScanner children
> and Mailwatch running along side.
>
> Worst case scenario: I mount/export the Postfix spools via NFS and do
> the opposite on a "filter" box running MS+MW.  That introduces a new
> set of "what if's" the first that springs to mind is file locking.
> So Postfix guru's: can you think of anything that would barf on
> either the MailScanner or Postfix sides by using NFS for the mail
> spool?  What would be better: mounting the spools on a MailScanner
> box (exporting from the Postfix box), or the other way around?  I'd
> be using a RAM disk for the MailScanner children's scratch space so I
> can't see performance being a show-stopper.
>
> I'm trying to keep the Zimbra box as close to standard as possible,
> so hacking the bejeezus out of it is off the cards.  Minor changes to
> the operating system (CentOS) such as NFS frufru wouldn't be a big
> problem as this is all handled through our configuration management
> system :)  Unfortunately, most of the config for Zimbra is stored in
> its LDAP directory making it very difficult to manage that with a
> file-based configuration management system.  See the problem? *sigh*
> Nothing is ever easy ;)
>
> Thanks again folks!
>
> James




**********************************************************************
Confidentiality : This e-mail and any attachments are intended for the 
addressee only and may be confidential. If they come to you in error 
you must take no action based on them, nor must you copy or show them 
to anyone. Please advise the sender by replying to this e-mail 
immediately and then delete the original from your computer.
Opinion : Any opinions expressed in this e-mail are entirely those of 
the author and unless specifically stated to the contrary, are not 
necessarily those of the author's employer.
Security Warning : Internet e-mail is not necessarily a secure 
communications medium and can be subject to data corruption. We advise 
that you consider this fact when e-mailing us. 
Viruses : We have taken steps to ensure that this e-mail and any 
attachments are free from known viruses but in keeping with good 
computing practice, you should ensure that they are virus free.

Red Lion 49 Ltd T/A Solid State Logic
Registered as a limited company in England and Wales 
(Company No:5362730)
Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, 
United Kingdom
**********************************************************************



More information about the MailScanner mailing list