Ajcody-Notes-Archive-Discovery

From Zimbra :: Wiki

Jump to: navigation, search
Attention.png - This article is NOT official Zimbra documentation. It is a user contribution and may include unsupported customizations, references, suggestions, or information.

Contents

Archive & Discovery

Actual Archive & Discovery Notes Homepage

Ajcody-Notes-Archive-Discovery

References for A&D

Updated A&D Documentation In Admin Manual

Please see:

Zimbra ZSC Version 8.x

http://www.zimbra.com/docs/ne/8.0.2/administration_guide/wwhelp/wwhimpl/js/html/wwhelp.htm#href=ZCS_8_0_2_Admin_Guide.Archiving_and_Discovery.html

The version 7.x manual is more comprehensive. Version 8 Documentation is missing a lot of content available in Version 7 documentation.

Zimbra ZSC Version 7.x

http://www.zimbra.com/docs/ne/latest/administration_guide/wwhelp/wwhimpl/js/html/wwhelp.htm#href=ZCS_Admin_Guide_7.2.1.Zimbra_Archiving_and_Discovery.html

Older Notes About ZAD

Important Note:

I think we need to clean up the documentation that refers to this "download" as no longer being necessary as it's bundled in the zcs-network edition tar ball now. I found an old email to the development team where I inquired about this - I didn't get a response from on it at the time.

If this assumption is true [Like I see with the 5.x setups I've helped with] then I think we need to adjust the documents for 4.5.x stuff to state:

You'll need to download your version of 4.5.x zcs network edition tarball, untar it, and then run the install script . Which effectively will allow you to now select the "archive" package which will also include the search zimlet [zmbxsearch].


The two main A&D references are :

http://wiki.zimbra.com/index.php?title=ZAD

http://www.zimbra.com/pdf/Zimbra%20Archiving%20and%20Discovery%20Release%20Notes.pdf

But I Just Want Some BCC's To Happen - Not All This A&D Stuff

Please see Ajcody-MTA-Postfix-Topics#Automatic_BCC instead then.

But We Have A Non-Zimbra MTA - zimbraSmtpHostname & zimbraMtaRelayHost Pointed To External Device

Please see this RFE I made:

  • "RFE: Ability to handle A&D when another MTA systems is being specified"

Notable Bugs Or RFE's

Pre-Deployment Type Questions

How To Add OLD Data Or Retroactively Add Data To A&D Account

You'll want to have A&D all setup and then you can use imapsync to 'sync' the old data from the one account into the A&D account.

Recommendations:

  • Confirm imap is enabled on the mailstores
  • Setup a sub-folder in A&D account to hold data that existed prior to the A&D account being in use.
  • Test the various imapsync flags you'll want to use first before running against all your accounts.

See also:

Can we set the archive settings for only sent mail?

Question: Can we set the archive settings for only sent mail?

Answer: No, archiving is done for any message that passes through the MTA for an account that has archiving enabled. You can setup separate MTA's for in/out bound delivery and enable archiving for only the inbound servers to achieve this goal.

Can we set the archive settings for only form port 25?

Question: Can we set the archive settings for only form port 25?

Answer: No, there are no per port level configurations. You can configure which accounts have archiving enabled and you can enable/disable the service on a per server level.

If Zimbra implemented an archive feature, is something in the following MTA files changes?

Question: If Zimbra implemented an archive feature, is something in the following MTA files changed? [ zmmta.cf , main.cf , main.cf.default , master.cf.in , master.cf ]

Answer: Nothing is specifically changed in the files you listed but settings in zmmta.cf determine how the postfix content filter is configured when archiving is enabled. Archiving functionality is handled by the amavis process on the Zimbra MTA.

Using One Archive Account For Multiple Accounts

You could also include other variable's here if they are needed, ex. - archive-cos COS_NAME

zmarchiveconfig enable user1@domainname archive-address user-archives@domainname.archive
zmarchiveconfig enable user2@domainname archive-address user-archives@domainname.archive archive-create FALSE
zmarchiveconfig enable user3@domainname archive-address user-archives@domainname.archive archive-create FALSE

You'll see the mapping in the primary email account settings that state what archive account is being used:

zmprov ga user1@example.com zimbraArchiveAccount
 zimbraArchiveAccount: user-archives@domainname.archive
zmprov ga user2@example.com zimbraArchiveAccount
 zimbraArchiveAccount: user-archives@domainname.archive
zmprov ga user3@example.com zimbraArchiveAccount
 zimbraArchiveAccount: user-archives@domainname.archive


External Host For Archive Accounts Setup

I installed 5.0.11 on a test box, selecting the archiving package during the installation.

The main domain was "zimbra.INTERNAL.com" and the servername is mail3.zimbra.INTERNAL.com .

'Note, I did have an external MTA relay server setup for zimbra. I was doing this test from home.

Once it was done, I then created a test account - ajcody@zimbra.INTERNAL.com

I then ran this from the CLI [on a multi-server environment, this is ran on the mta server]:

zmprov ms mail3.zimbra.INTERNAL.com +zimbraServiceInstalled archiving  +zimbraServiceEnabled archiving

I confirm that I can send emails to the external account that I will be using with the zimbra admin account:

  • Logged into zimbra admin web console , accounts > admin > View Mail
    • Composed new message for ajcody@EXTERNAL-DOMAIN.com

I confirmed the external account received the email and did a reply back. Again, confirming now that the admin account gets the email as well from the external account.

Created the archive account to be used:

zmarchiveconfig enable ajcody@zimbra.INTERNAL.com archive-address ajcody@EXTERNAL-DOMAIN.com archive-create false

I then stopped/started zimbra.

zmcontrol stop
zmcontrol start

Confirmed that amavis (antispam & antivirus) and archive show up as running process:

[zimbra@mail3 ~]$ zmcontrol status
Host mail3.zimbra.INTERNAL.com
	antispam                Running
	antivirus               Running
	archiving               Running
	ldap                    Running
	logger                  Running
	mailbox                 Running
	mta                     Running
	snmp                    Running
	spell                   Running
	stats                   Running

Checked my zimbra account to confirm the archive variables:

[zimbra@mail3 ~]$ zmprov ga ajcody@`hostname -d` | egrep -i archive  
amavisArchiveQuarantineTo: ajcody@EXTERNAL-DOMAIN.com
zimbraArchiveAccount: ajcody@EXTERNAL-DOMAIN.com
zimbraArchiveAccountDateTemplate: yyyyMMdd
zimbraArchiveAccountNameTemplate: ${USER}-${DATE}@${DOMAIN}.archive

Tests I then performed:

  • I sent an email from the zimbra admin account to the ajcody@zimbra.INTERNAL.com account. Confirmed that the external account [ajcody@EXTERNAL-DOMAIN.com] received a copy.
  • I sent an email to ajcody@zimbra.INTERNAL.com from my ajcody@BUSINESS.com account and confirmed a copy went to ajcody@EXTERNAL-DOMAIN.com .
  • I sent an email from ajcody@zimbra.INTERNAL.com to the zimbra admin account, again confirming a copy went to ajcody@EXTERNAL-DOMAIN.com .

What didn't work as expected:

  • Messages to/from the two accounts don't create copies. If ajcody@zimbra.INTERNAL.com sends to ajcody@EXTERNAL-DOMAIN.com a "copy" will not be generated and vis-versa .
  • The subject lines weren't altered as stated in the official A&D document.
    • p3 , "When a message is received to a mailbox with archiving enabled, a copy of the message is sent to the archive mailbox with the text “to be archived” added to the subject line."

I've sent off a request about these two items to the developers to get their feedback on them.

Multi-Server & New Mailstore A&D Setup

I also created a RFE for documentation on this.

http://bugzilla.zimbra.com/show_bug.cgi?id=25135

The following is a very rough draft document I made for multi-server / new mailstore A&D setups.

Attention.png - This article is NOT official Zimbra documentation. It is a user contribution and may include unsupported customizations, references, suggestions, or information.

Actual Multi-Server & New Mailstore A&D Setup Homepage

Please see Ajcody-Notes-Archive-Discovery-Mailstore-Setup

Issues That Have Caused Confusion

What Gets Installed Where?
zimbra-archive package/rpm - Mailstores

zimbra-archive (the package/rpm you see from the installer) should be installed on all mailstores which you want to use for cross mailbox search. This also sets the zimbraComponentAvailable archiving config attribute which allows the mta(s) to turn on archiving. zimbra-archive is not installed directly on the mta, it's just enabled.

Note, you install zimbra-archive on a mailbox server but the service runs on the mta node.

MTA's - Require Configuration

If you add zimbra-archiving to an existing install you need to :

  • Install zimbra-archiving on one or more of your mailbox servers
  • Then set zimbraServiceInstalled archiving and zimbraServiceEnabled archiving on all the mta servers
  • Restart the mta services

For example:

zmprov ms mta.example.com +zimbraServiceInstalled archiving +zimbraServiceEnabled archiving

On the mta server:

zmmtactrl restart

You'll be able to then notice in the /var/log/zimbra.log file if the redirect to the A&D account is happening [once A&D accounts are setup that is]. Example uses example.com.archive as the archive domain I setup for the A&D accounts :

grep "example.com.archive" /var/log/zimbra.log
 Dec 11 13:38:52 mta-server amavis[1978]: (01978-19) SEND via SMTP: <> -> 
    <user-20081211@example.com.archive>,ENVID=AM.8ISxcrQG8uAj.20081211T193852Z@mailstore.example.com 
    BODY=7BIT 250 2.6.0 Ok, id=01978-19, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 
    5ADF8F120C4
 Dec 11 13:38:52 mta-server postfix/lmtp[21864]: 5ADF8F120C4: 
    to=<user-20081211@example.com.archive>, relay=archive.example.com[X.X.X.93]:7025, 
    delay=0.07, delays=0/0/0/0.06, dsn=2.1.5, status=sent (250 2.1.5 OK)
zimbra_xmbxsearch zimlet

For 5.x installs, this zimbra_xmbsearch zimlet will get configured on each mailstore that you install the zimbra-archive package on. The documentation in various places might cause confusion on this matter, because for the 4.x releases it was a separate step.

You should find the zimlet already located at /opt/zimbra/zimlets-network/zimbra_xmbxsearch.zip

After they installation, you should see when you goto the admin web console on the mailstore you install the zimbra-archive package on that the cross-mailbox search zimlet is there. It shows up in two locations:

  • Left Pane : Configuration > Admin Extensions > zimbra_xmbxsearch
  • Left Pane : Tools > Search Mail

If you wanted this zimlet to also be available on a server that didn't have the zimbra-archiving packaged installed you could then deploy it on that server.

cd /opt/zimbra/zimlets-network/
zmzimletctl deploy zimbra_xmbxsearch.zip
## ls the directory and confirm the full name - you might need this:
zmzimletctl deploy com_zimbra_xmbxsearch.zip

The How-To

Reference Documents

http://www.zimbra.com/docs/ne/latest/multi_server_install/multi-server_install.5.1.html

http://www.zimbra.com/docs/ne/latest/administration_guide/Archiving.16.1.html

Assumptions

This install how-to assumes you have an existing LDAP/Mailstore/MTA server(s) for your normal production environment, the Zimbra license and logger are installed on the primary ZCS server(s), and that you are NOT running the proxy module.

Example archive mailstore hostname is : archive.example.com

Example primary ZCS hostname is : mail.example.com

Preliminary Items

Things to do or check before install:

  • DNS entry for new mailstore and primary ZCS server(s) can resolve to it.
  • DNS configured properly on mailstore server.
  • Master Root LDAP Server mail.example.com
  • Master Root LDAP Password
    • On LDAP server do : su – zimbra ; zmlocalconfig –s | grep ldap_root_password
  • Master LDAP port – default is 389
  • SMTP Server
Installation Of New Mailstore That Will Have A&D
Install Modules
  • Type y to install the zimbra-store, zimbra-archiving and zimbra-spell (optional) packages.
    • Do Not Install MTA! These Instructions Do Not Take That Into Account.
    • When zimbra-spell is installed the zimbra-apache package is also installed.
  • Installing: zimbra-core zimbra-store zimbra-apache zimbra-spell
Modify Configuration

Press Enter to modify the system. The selected packages are installed on the server.

At this point the Main menu displays the default entries for the Zimbra component you are installing.

To expand the menu to see the configuration values type x and press Enter.

To navigate the Main menu, select the menu item to change. You can modify any of the defaults.

  • Common Configuration
    • LDAP
      • Ldap master host: [set this to the FQDN of your LDAP server]
      • Ldap port: 389 [set this if your LDAP server isn’t using default]
      • Ldap Admin password: [this is your LDAP servers Root LDAP password]
        • On LDAP server do : su – zimbra ; zmlocalconfig –s ldap_root_password
      • TimeZone: [set this]
  • For zimbra-store
    • Set the Admin Password
      • +License filename: UNSET [if you see this, then something is wrong with your
    • LDAP configuration. It should of pulled the license info from the LDAP server.
    • Set the SMTP host

Type r to return to the Main menu, if you aren’t there already.

When the mailbox server is configured, return to the Main menu and type a to apply the configuration changes.

Press Enter to save the configuration data.

When Save Configuration data to a file appears, press Enter.

The next request is where to save the files. To accept the default, press Enter.

To save the files to another directory, enter the directory and then press Enter.

When “The system will be modified - continue?” appears type y and press Enter.

The server is modified.

Installing all the components and configuring the server can take a few minutes.

When Installation complete - press return to exit displays, press Enter.

The installation of the mailbox server is complete.

After Install

Confirm server status

su – zimbra ; zmcontrol status

Populate the ssh keys, on each server in your environment

su - zimbra ;  zmupdateauthkeys 

The key is updated on /opt/zimbra/.ssh/authorized_keys.

Upgrading A Zimbra Server For An Archive & Discovery Mailstore
Adding Package For A&D

This will retain your current settings for the system. Your server will experience downtime during the upgrade.

untar zcs*.tar that matches your existing system

 cd zcs-version-directory
 ./install
  choose upgrade
  select zimbra-archiving

The upgrade of the mailbox server is complete.

After Upgrade

Confirm server status

su – zimbra ; zmcontrol status

Note, zimbra-archiving only runs as a service on a MTA server.

Populate the ssh keys, on each server in your environment

su-zimbra ;  zmupdateauthkeys 

The key is updated on /opt/zimbra/.ssh/authorized_keys.

Configure Zimbra For Use Of The New Mailstore and A&D

Example A&D mailstore hostname is : archive.example.com

  • Go to your primary admin console url. [https://[example.com]:7071/zimbraAdmin]
  1. Confirm you see the new mailstore under Configuration > Servers
    1. Under Configuration > Servers > [MTA servername(s)] > Services
      1. [each MTA server needs this]
      2. You’ll see a box for Archiving and Discovery
        1. Check this to enable the MTA server(s) for Archiving and Discovery. If this is grayed out, run the command below (modified for your server) on your one of your mailstores.
          • This effectively does:
          • zmprov ms mta.example.com +zimbraServiceInstalled archiving  +zimbraServiceEnabled archiving
            • Remember, zmprov uses the variable below. A mta only server can't be set for localhost, change it to point to a mailstore.
            •  [root@mta ~]# zmlocalconfig | grep zmprov
            •     zimbra_zmprov_default_soap_server = localhost
            •  [root@mta ~]# zmlocalconfig -e zimbra_zmprov_default_soap_server=mailstore.example.com
  2. Go to Configuration > Class of Service > default [or your primary domain] > Server Pool
    1. You’ll want to make sure it’s limited to the correct server pools
      1. Your new mailstore for A&D should be unchecked.
    2. Click on New for a new Class of Server (COS)
      1. Call it archive or something similar
        1. Under Server Pool > Limit > have only the new mailstore checked
Setup Initial A&D With First Account - Creation Of The Archive Domain
Revisit To COS - Naming Scheme Of Archive Accounts

When archive accounts are created they use the zimbraArchiveAccountNameTemplate variable from the COS. The default is:

$ zmprov gc default | grep -i archive
  zimbraArchiveAccountDateTemplate: yyyyMMdd
  zimbraArchiveAccountNameTemplate: ${USER}-${DATE}@${DOMAIN}.archive

I, personally, don't like the use of the $DATE variable in this. I change my ARCHIVE COS to use the normal username but retain the .archive for the domain.

zmprov mc archive zimbraArchiveAccountNameTemplate '${USER}@${DOMAIN}.archive'

Bug to be aware of:

The Creation

On server with zmarchiveconfig (most likely mailstore you installed A&D on) and as zimbra (su – zimbra) do the following to setup your first A&D account.

format : zmarchiveconfig –s servername enable user@example.com archive-cos <cos>

example :

zmarchiveconfig –s archive.example.com enable account@example.com archive-cos archive

NOTE

If the above command doesn't seem to create the archive account/domain. Drop the use of [ -s servername ]. Basically, just run this on the A&D mailstore:
zmarchiveconfig enable account@example.com archive-cos archive

The above command will create the mail domain for the archive accounts using the template defaults, user@example.com to make example.com.archive

On your main ldap server or where ever you usually access the zimbra admin web console, login to the admin web console.

  1. Confirm the archive domain was setup.
    1. Configuration > Domains > [domainname].archive > General
    2. Confirm or adjust the archive domain to use the right COS
      1. Configuration > Domains > [domainname].archive > General Information
        1. Change “Default Class of Service” to your COS [archive], if needed for your configuration.
  2. Now check for the new archive account you made
    1. Address > Accounts
    2. Click on account and hit the edit button
    3. In the top summary section you'll be able to confirm the COS and Mail Server being used for the account.
      1. NOTE, if it's showing the account is on the primary mailstore and NOT the A&D mailstore.
        1. Remove the A&D account
          •  zmprov ra [user]@[domainname].archive
        2. Add the account back again using the zmarchiveconfig command
          • zmarchiveconfig enable account@example.com archive-cos archive
        3. Now confirm, as above, that the account is using the A&D mailstore.
          • This might be a bug related to the archive domain being created for the first time.

Send the primary account a test email and then shortly afterwards do a "View Mail" within the admin console for the archive account. You should see the archive message in the archive account.

RFE's On Archive Accounts
Testing Of Archive Mail Flow

Send the primary account a test email and then shortly afterwards do a "View Mail" within the admin console for the archive account. You should see the archive message in the archive account.

You should confirm mail flow copies occur with the following:

  1. Inbound
    1. External Account (email) to the primary zimbra account setup for archive.
    2. A zimbra account that ISN'T the archive account in question to the primary account setup for archive.
  2. Outbound
    1. With primary account setup for archive, send an email to an external email address.
    2. With primary account setup for archive, send an email to another internal zimbra email address.
Archive Account Isn't Getting Email

Let's double check everything was done correctly up above.

Assumption on syntax of account creation:

zmarchiveconfig enable user@example.com archive-cos archive

Let's check what actually was done:

zmprov ga user@example.com | grep -i archive
 amavisArchiveQuarantineTo: user-20081211@example.com.archive
 zimbraArchiveAccount: user-20081211@example.com.archive
 zimbraArchiveAccountNameTemplate: ${USER}-${DATE}@${DOMAIN}.archive

It should reference an account that's like, if you are using the archive templates:

user-[date]@example.com.archive

that account should exist and reference lmtp, rather than smtp, for the transport:

zmprov ga user-20081211@example.com.archive | grep -i trans
  zimbraMailTransport: lmtp:archive.example.com:7025
Checking Logs For Archive Operations

On the mta-server, you should find a reference to the archive account in /var/log/zimbra.log

grep archive /var/log/zimbra.log
 Dec 11 13:38:52 mta-server amavis[1978]: (01978-19) SEND via SMTP: <> -> 
    <user-20081211@example.com.archive>,ENVID=AM.8ISxcrQG8uAj.20081211T193852Z@mailstore.example.com 
    BODY=7BIT 250 2.6.0 Ok, id=01978-19, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 
    5ADF8F120C4
 Dec 11 13:38:52 mta-server postfix/lmtp[21864]: 5ADF8F120C4: 
    to=<user-20081211@example.com.archive>, relay=archive.example.com[X.X.X.93]:7025, 
    delay=0.07, delays=0/0/0/0.06, dsn=2.1.5, status=sent (250 2.1.5 OK)

On the archive-server, you should find reference to the delivery in /opt/zimbra/log/mailbox.log

grep archive /opt/zimbra/log/mailbox.log
 2008-12-11 14:45:32,923 INFO  [LmtpServer-9] 
  [name=user-20081211@example.com.archive;mid=7;] mailop - Adding Message: id=257,
  Message-ID=<1350363939.41021229024728317.JavaMail.root@EXTERNAL-MTA.DOMAIN.com>, parentId=-1,
  folderId=2, folderName=Inbox.
Mass Accounts Configuration
Update, our 6.0 release will have a zmarchiveconfig -f command for batch processing from a file input.

CHECK YOUR AVAILABLE LICENSES BEFORE YOU PROCEED!!

One could put all the accounts in a txt file and then use a for-loop to process the account@example.com variable.

zmprov -l gaa > /tmp/accounts.txt

Remove any accounts you've already done and those not necessary for archiving (ex. admin, ham, spam, etc.)

You can give gaa other options, look at zmprov help account. For example, you could also narrow this down to a dump of accounts in a domain:

zmprov -l gaa [DOMAIN] > /tmp/accounts.txt

Note, the below uses the above setup for A&D - You'll need to modify for your environment.

for i in `cat /tmp/accounts.txt`
do
zmarchiveconfig –s archive.example.com enable $i archive-cos archive
sleep 3
done

You can be tailing /opt/zimbra/log/mailbox.log on the archive server to watch the progress.

Searches After Configuration Is Done

Please see Ajcody-Server-Misc-Topics#Cross_Mailbox_Searches_and_Tracing

Searches Limited To 500 or 1000 Maximum Results

See Ajcody-Server-Misc-Topics#Searches_Limited_To_500_or_1000_Maximum_Results

Domain Admin Searches For ZCS6

For setting up domain admin rights, please see the following : User:Vladimir-DomainAdminSetup-v6

And you'll see about half way down a screen shot of the "Rights" panel view -- the screen shot shows the ACL right called :

adminConsoleCrossMailboxSearchRights --- Admin Console Cross Mailbox Search Rights

You'll also need to make sure domain admins have the following ACL right :

AdminLoginAs

service.UNKNOWN_DOCUMENT Error When Trying Search

The service.UNKNOWN_DOCUMENT error generally means that there is no handler for specified document. Try redeploying the zimlet, restarting the mailboxd service and let us know how it goes. The xmbxsearch zimlet is located in /opt/zimbra/zimlets-network directory.

 su - zimbra
 cd /opt/zimbra/zimlets-network
 zmzimletctl undeploy zimbra_xmbxsearch.zip
 zmzimletctl deploy zimbra_xmbxsearch.zip
 zmmailboxdctl restart

How To Turn Off / Disable ALL A&D Processing From Admin Web Console

From a "server" level, you would uncheck the "Archiving and Discovery" box in the admin web console under:

Configurations > Servers > [MTA's] > right pane > Services tab

This would stop the mta's from splitting the emails for archive.

How To Turn Off / Disable A&D For An Account

Disabling A&D at a user level, requires it to be done via the CLI:

zmarchiveconfig disable user@domainname

Need To Find A&D Accounts On Wrong MailStore To Move Them

Searching For Accounts On A Particular Mailstore

To do ldapsearch for the account, and see if there are any related entries in ldap.

su - zimbra
source ~/bin/zmshutil
zmsetvars
ldapsearch -x -H $ldap_master_url -D $zimbra_ldap_userdn -w $zimbra_ldap_password "zimbraMailHost=YOURMAILSTORE.COM" | grep "archive.domain.com"

Renaming Production Domain And Want To Also Rename Archive Domain

This was tested against ZCS 608p1.

There is no 'automatic' process to rename the associated targeted archive email addresses of the user or the archive domain when changing/renaming the domain.

  1. Get all the account details from the production users in regards to the archive acct they are using
    • zimbraMailDeliveryAddress & amavisArchiveQuarantineTo
    • Example via CLI. My initial production domain was primary.DOMAIN.com and the archive domain was primary.DOMAIN.com.archive :
      • $ zmprov ga arch-prod@primary.DOMAIN.com zimbraArchiveAccount
        • [Returns] zimbraArchiveAccount: arch-prod@primary.DOMAIN.com.archive
      • $ zmprov ga arch-prod@primary.DOMAIN.com amavisArchiveQuarantineTo
        • [Returns] amavisArchiveQuarantineTo : arch-prod@primary.DOMAIN.archive
  2. Prepare a script that will redo those variables, you'll run it after the domain renames.
    • Example via CLI. My initial archive domain was primary.zimbra.homeunix.com.archive :
      • $ zmprov ma arch-prod@primary71.DOMAIN.com zimbraArchiveAccount arch-prod@primary71.DOMAIN.com.archive
      • $ zmprov ma arch-prod@primary71.DOMAIN.com amavisArchiveQuarantineTo arch-prod@primary71.DOMAIN.archive
    • Since this is ran after the domain renames, both references in the command about a domain will use the 'new' domainnames.
    • Ref: Bulk_Provisioning
  3. Put domains into maintenance mode during a schedule downtime window
  4. Rename/forward the production domain
  5. Rename/forward the archive domain
  6. Run the script you had prepared earlier that will reset the user variable to their new archive domain.
  7. Put domains into active mode:
    • Example [notice I have the 'new' domainname here] :
      • $ zmprov md primary71.DOMAIN.com zimbraDomainStatus active
      • $ zmprov md primary71.DOMAIN.com.archive zimbraDomainStatus active
  8. Send a test message to a prod address and you can see/confirm the transaction in the /var/log/zimbra.log on the mta .


Confirmation of things working [examples]:

### From /var/log/zimbra.log on the MTA ###
Nov 17 14:42:27 mail71 amavis[7210]: (07210-01) SEND via SMTP: <> -> <arch-prod@primary71.DOMAIN.com.archive>,
  ENVID=AM.BYPyb4z8Cl0N.20101117T204227Z@mail71.DOMAIN.com BODY=7BIT 250 2.0.0 Ok, id=07210-01, 
  from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as C54F623E0E
Nov 17 14:42:27 mail71 postfix/smtpd[7446]: DDA5323E10: client=localhost[127.0.0.1]
Nov 17 14:42:27 mail71 postfix/cleanup[7262]: DDA5323E10: 
 message-id=<201011172042.oAHKgKG1024723@mail3.zimbra.homeunix.com>
Nov 17 14:42:27 mail71 postfix/qmgr[7530]: DDA5323E10: from=<root@mail3.DOMAIN.com>, 
 size=1644, nrcpt=1 (queue active)
Nov 17 14:42:27 mail71 amavis[7210]: (07210-01) FWD via SMTP: <root@mail3.DOMAIN.com> -> 
 <arch-prod@primary71.DOMAIN.com>,BODY=7BIT 250 2.0.0 Ok, id=07210-01, 
 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as DDA5323E10

You can also use the CLI to confirm delivery into the archives & production accounts Inbox. For example:

$ zmmailbox -z -m arch-prod@primary71.DOMAIN.com gaf | grep Inbox
         2  mess           3           3  /Inbox

$ zmmailbox -z -m arch-prod@primary71.DOMAIN.com.archive gaf | grep Inbox
         2  mess           3           3  /Inbox

On Why You Have To Change The User Variables


I confirmed in my test that you do have to reset the user variables rather than just relying on the archive domain having a global forwarding. This is what shows up in /var/log/zimbra.log if you just use the domain rename/forwarding and don't reconfigure the user variable.

 
Nov 17 14:27:05 mail71 postfix/error[26043]: 8E5DD23E0E: to=<arch-prod@primary.DOMAIN.com.archive>, 
 relay=none, delay=0.04, delays=0/0/0/0.03, dsn=5.0.0, status=bounced (User unknown in virtual alias table)

sending directly to archive account, works:

Nov 17 14:37:28 mail71 amavis[7209]: (07209-01) FWD via SMTP: <root@mail3.DOMAIN.com> -> 
 <arch-prod@primary71.DOMAIN.com.archive>,BODY=7BIT 250 2.0.0 Ok, id=07209-01, 
from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 1FCA523E0E
Personal tools