Here’s how to configure Zimbra services to bind to a specific IP address. These instructions apply to ZCS 5.x only. Assume that the IP address is [IP].
SMTP (TCP 25)
Edit /opt/zimbra/postfix/conf/master.cf.
Change:
1 |
smtp inet n - n - - smtpd |
To:
1 |
[IP]:smtp inet n - n - - smtpd |
WEB (TCP 80/443/admin ports)
Edit /opt/zimbra/jetty/etc/jetty.xml.in
After every line starting with:
1 |
<Set name="port"> |
Add:
1 |
<Set name="host">[IP]</Set> |
POP/IMAP
Su to zimbra account.
Start zmprov:
1 |
./zmprov -s [IP] |
Determine server name:
1 |
gas |
Change bind addresses:
1 2 3 4 |
ms [DOMAIN] zimbraPop3BindAddress [IP] ms [DOMAIN] zimbraPop3SSLBindAddress [IP] ms [DOMAIN] zimbraImapBindAddress [IP] ms [DOMAIN] zimbraImapSSLBindAddress [IP] |
One additional trick is needed. Add these two IPTables rules to map 127.0.0.1:7071 to [IP]:7071.
1 2 3 4 5 6 7 8 9 10 |
/sbin/iptables -t nat -A PREROUTING -p tcp --destination 127.0.0.1 \ --dport 7071 -j DNAT --to-destination [IP] /sbin/iptables -t nat -A OUTPUT -p tcp --destination 127.0.0.1 \ --dport 7071 -j DNAT --to-destination [IP] /sbin/iptables -t nat -A PREROUTING -p tcp --destination 127.0.0.1 \ --dport 80 -j DNAT --to-destination [IP] /sbin/iptables -t nat -A OUTPUT -p tcp --destination 127.0.0.1 \ --dport 80 -j DNAT --to-destination [IP] /sbin/service iptables restart /sbin/service iptables save |