| « Alternate SMTP Port | LFTP mirror script » |
Bind Zimbra On Specific IP Address
03/05/08
Bind Zimbra On Specific IP Address
Here's how to configure Zimbra services to bind to a specific IP address. These instructions apply to ZCS 5.x only. Assume that the IP address is [IP].
SMTP (TCP 25)
Edit /opt/zimbra/postfix/conf/master.cf.
Change:
smtp inet n - n - - smtpd
To:
[IP]:smtp inet n - n - - smtpd
WEB (TCP 80/443/admin ports)
Edit /opt/zimbra/jetty/etc/jetty.xml.in
After every line starting with:
<Set name="port">
Add:
<Set name="host">[IP]</Set>
POP/IMAP
Su to zimbra account.
Start zmprov:
./zmprov -s [IP]
Determine server name:
gas
Change bind addresses:
ms [DOMAIN] zimbraPop3BindAddress [IP]
ms [DOMAIN] zimbraPop3SSLBindAddress [IP]
ms [DOMAIN] zimbraImapBindAddress [IP]
ms [DOMAIN] zimbraImapSSLBindAddress [IP]
One additional trick is needed. Add these two IPTables rules to map 127.0.0.1:7071 to [IP]:7071.
/sbin/iptables -t nat -A PREROUTING -p tcp --destination 127.0.0.1 \
--dport 7071 -j DNAT --to-destination [IP]
/sbin/iptables -t nat -A OUTPUT -p tcp --destination 127.0.0.1 \
--dport 7071 -j DNAT --to-destination [IP]
/sbin/iptables -t nat -A PREROUTING -p tcp --destination 127.0.0.1 \
--dport 80 -j DNAT --to-destination [IP]
/sbin/iptables -t nat -A OUTPUT -p tcp --destination 127.0.0.1 \
--dport 80 -j DNAT --to-destination [IP]
/sbin/service iptables restart
/sbin/service iptables save
2 comments
Before getting my hand dirty on this... it surprised me that you don't mention clamav nor amavis-new in your post. Are you sure that is not necessary to modify anything in that sense?
No changes are needed to the anti-virus because they connect on localhost instead of a public IP address.
Thanks,
Lee
This post has 17 feedbacks awaiting moderation...
Comment feed for this post
