zimbra use existing cert

Use existing private key:
cp private.key /opt/zimbra/ssl/zimbra/commercial/commercial.key

copy all cert file to /opt/zimbra/ssl/cert

Verify:
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/cert/485c010124755ddb.crt /opt/zimbra/ssl/cert/gd_bundle-g2-g1.crt

Deploy:
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/cert/485c010124755ddb.crt /opt/zimbra/ssl/cert/gd_bundle-g2-g1.crt

View:
/opt/zimbra/bin/zmcertmgr viewdeployedcrt

zmcontrol restart

OR create new private key:
/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject “/C=HK/ST=HK/L=HK/O=Zimbra/OU=Zimbra Collaboration Suite/CN=mail.domain.com” -subjectAltNames mail.domain.com

zimbra relay by destination domain without authentication

List Current setting
zmprov gcf zimbraMtaTransportMaps
zimbraMtaTransportMaps: proxy:ldap:/opt/zimbra/conf/ldap-transport.cf

Add destination domain to relay server or deny
vi /opt/zimbra/common/conf/transport
destination.com :xxx.xxx.xxx.xxx
dontsendto.com error:We don’t allow send to dontsendto.com

postmap /opt/zimbra/common/conf/transport

Add “lmdb:/opt/zimbra/common/conf/transport” in to zimbraMtaTransportMaps
zmprov ms mail.abc.com zimbraMtaTransportMaps “lmdb:/opt/zimbra/common/conf/transport,proxy:ldap:/opt/zimbra/conf/ldap-transport.cf”

zmcontrol restart

vCenter cron job not work

Find the top 10 for the large files in /var
du -a /var | sort -n -r | head -n 10

If below log too large we can clean it without delete
/var/log/audit/audit.log
truncate -s 0 audit.log

Check the cron job last run date
ls -l /var/spool/cron/lastrun/

Maybe root password expired
chage -l root
chage -m 0 -M 99999 root

Clean old password remember
true > /etc/security/opasswwd

Bind mail control

SPF

    1. IN TXT “v=spf1 ip4:123.123.123.1 ip4:123.123.123.2 -all”

DMARC
_dmarc IN TXT “v=DMARC1;p=quarantine;rua=mailto:rua@abc.com;ruf=mailto:ruf@abc.com”

DKIM
F4EEC778-4C21-11EA-AD84-83DCF040F65E._domainkey IN TXT ( “v=DKIM1; k=rsa; ”
“p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxICrPoI8+AZ85ney0JRnniswBUCeJSCCmV6eWgxotF7ncQdWLFvNadR5gQiWJi0EHnarsVez6ET+jL9IoHgV6QSyUwBraOKPlU+XzlZVUGUnAn1BdsS6LjdT0anJlu07RiLdgfIJL0zufhEsHVSx3EwWrWL3NQlcLIVi0rCThjwIDAQDB” )