Archive for November, 2007

Zimbra with reverse proxy, mod_security and without external relay MTA

1 Nov, 2007  No Comment

If you have to install Zimbra on a single machine with a public IP, your life will be easy and relaxing.

But, if you have to install Zimbra on a server with private IP behind a public reverse proxy with mod_security (and other funny security stuff), and you don’t want to use external relay MTA, your life will be fully of terrible pains!

Obviously Byte-Code has this kind of internal mail server… so this week I’ve made a strange thing to made possible using Zimbra behind a reverse proxy :-)

Here you are some suggestions:

  • Remove some mod_security rules not compliant with Zimbra:
    • SecRuleRemoveById 960010 950006 960015 960017 970903
  • On Zimbra internal server setup some aliasing IP addresses, with real public ip (don’t worry. It’s only for localhost communications)… one for each real server configured (this is the key of the post! with this useless configuration you can cheat Zimbra about MTA server)
  • On Zimbra control panel check “DNS lookup” on both “Global Settings” and server panels.

Fedora and “harm reduction”

1 Nov, 2007  No Comment

Here you are a very interesting post about “harm reduction” and some reasons in order to implement this kind of concept in Fedora 8:

http://www.linux.com/feature/120703

-->