Tag Archives: SMTP

Zimbra Notes

Posted on by

This is going to be an ongoing post where I list useful commands that I happen across while managing various Zimbra installations. This is mainly for my own sanity but it has the added benefit of possibly being able to help out someone else. Enjoy!

Increasing the Maximum Allowable Attachment Size

By default, this setting is low. Nowadays it’s acceptable to send attachments larger than 10MB (but not obscenely larger). I don’t like it and I discourage my users from sending large attachments via e-mail but if you feel the need to loosen up this restriction, here are the commands to do that:

su -l zimbra
zmprov ms `zmhostname` zimbraFileUploadMaxSize 20971520
zmprov mcf zimbraFileUploadMaxSize 20971520
zmprov ms `zmhostname` zimbraMailContentMaxSize 20971520
zmprov mcf zimbraMailContentMaxSize 20971520
zmprov mcf zimbraMtaMaxMessageSize 20971520
zmmtactl restart

20971520 = 20MB in bytes.

Disabling the Spam Filter

Sometimes it might be desirable to disable spam filtering across an entire domain or COS. For example, if you pay a 3rd party service to do your spam filtering for you.

zmprov md domain.tld +amavisBannedFilesLover TRUE
zmprov md domain.tld +amavisSpamLover TRUE

The first command turns off all filetype filtering for the domain “domain.tld” while the second turns off all spam filtering. If you wanted to do this on a per-account basis, you’d do this:

zmprov ma user@domain.tld +amavisBannedFilesLover TRUE
zmprov ma user@domain.tld +amavisSpamLover TRUE

“ma” stands for “manage account” and “md” stands for “manage domain”. This is used to specify which type of object you are editing/managing. To reverse these changes you would just change the “+” to a “-” in the previous commands or change the “TRUE” to “FALSE”. My understanding is that this:

zmprov ma user@domain.tld -amavisBannedFilesLover TRUE
zmprov ma user@domain.tld -amavisSpamLover TRUE

Accomplishes the same exact thing that this does:

zmprov ma user@domain.tld +amavisBannedFilesLover FALSE
zmprov ma user@domain.tld +amavisSpamLover FALSE

(This is an assumption, someone please correct me if I’m wrong.)

Now, it’s also possible to completely disable spam and virus filtering, here’s how to do it:

zmprov -l ms `zmhostname` -zimbraServiceEnabled antivirus
zmprov -l ms `zmhostname` -zimbraServiceEnabled antispam

However, if you do this, you will end up with an ugly “***UNCHECKED***” tag inserted into the subject line of every e-mail. To get rid of that you’ll need to edit /opt/zimbra/amavisd/sbin/amavisd and change the following value:

$undecipherable_subject_tag = '***UNCHECKED*** ';

to:

$undecipherable_subject_tag = '';

And then restart Zimbra:

/etc/init.d/zimbra restart

Archiving/exporting/importing a user’s inbox

This is handy if you want to move a user from one server to another, or if you need to export and archive the mailbox of a user who no longer exists.

zmmailbox -z -m user@domain.tld getRestURL "//?fmt=tgz" > /tmp/user_inbox.tar.gz

Then, to import to another server:

zmmailbox -s -m user@domain.tld postRestURL "//?fmt=tgz&resolve=reset" /tmp/user_inbox.tar.gz

Further Reading:

What a n00b! | Zimbra junk mail options you didn’t know existed

Zimbra Forums » [SOLVED] ***unchecked***

Zimbra Wiki » Improving Anti-Spam System

Zimbra Account Export / Import from Command Line

Alternate SMTP port with iptables

Posted on by

Nowadays, more and more ISPs are blocking outbound port 25 (SMTP) for spam prevention or reduction purposes. This should be of concern to sysadmins who have users scattered across multiple ISPs (such as webhosting services) or corporate sysadmins who maintain e-mail for mobile users, for example. The workaround is to use the mail submission agent (MSA) port, 587. Most ISPs do not block outbound traffic for this port. On GNU/Linux, we can use iptables for this task. With a single command, we can configure any inbound traffic, destined for port 587 traffic to be redirected to port 25:

iptables -t nat -I PREROUTING -p tcp --dport 587 -j REDIRECT --to-port 25