Difference between revisions of "Jkhondhu-Notes"

(Holding the Postfix Queue at time of server migration/maintenance)
(Blanked the page)
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Holding the Postfix Queue at time of server migration/maintenance==
Holding the postfix queue at the time of migration. Specifically at the time when you need mailboxd to be running so that imapsync can inject emails.
Hold the queue:
  postsuper -h ALL
Release the hold queue:
  postsuper -r ALL
To delete the mails from the queue: 
  'cat /tmp/deletelist | /opt/zimbra/postfix/sbin/postsuper -d -'
* Other way it to create a file and define the user's whose emails you want to hold.
1.Create a stub file called /opt/zimbra/conf/migration-hold that will be used by Postfix to HOLD messages and then "postmap" this file to create the .db hash file.
2. Modify /opt/zimbra/conf/postfix_recipient_restrictions.cf to include the line in bold below.
      check_recipient_access hash:/opt/zimbra/conf/migration-hold
3. Execute "postfix reload" as the zimbra user. main.cf will now reference the new migration-hold file
4. The migration-hold file will contain the full list of email addresses that will be migrated during the impending migration in the following format:
  address1@domain.com              HOLD migration in progress
  address2@domain.com              HOLD migration in progress
Now the MTA will accept the message, but place it in the HOLD queue as shown below:
postfix/smtpd[5584]: NOQUEUE: hold: RCPT from unknown[xx.xx.xx.xx]: <sender@domain>: Recipient address migration in progress; from=<sender@domain.org> to=<recepient@domain>
5.  Finally, the "postsuper -H ALL" command should be executed on each Zimbra MTA to allow all held mail to be moved back into the active queue for delivery.
6. After migration has been completed, all empty migration-hold file will be removed and postfix_recipient_restrictions.cf will have the check_recipient_access line deleted.
Credit to https://wiki.zimbra.com/wiki/Irfan-Notes
Single-Node Self-Signed Certificate
/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr createcrt -new -days 365
/opt/zimbra/bin/zmcertmgr deploycrt self
/opt/zimbra/bin/zmcertmgr deployca
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
Multi-Node Self-Signed Certificate
/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr deployca
/opt/zimbra/bin/zmcertmgr createcrt -new -days 1825 -subject "/C=US/ST=CA/L=NVA/O=ZCS/OU=ZCS/CN=*.example.com"
/opt/zimbra/bin/zmcertmgr deploycrt self -allserver
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
Single-Node Commercial Certificate
/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=US/ST=CA/L=Sunnyvale/O=Yahoo/OU=Zimbra Collaboration Suite" -subjectAltNames host.example.com
cat /tmp/ca_intermediary.crt /tmp/ca.crt > /tmp/ca_chain.crt
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/commercial.crt /tmp/ca_chain.crt
/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/ca_chain.crt
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
Multi-Node Commercial Certificate
Signed Certificate: /tmp/commercial.crt
Certificate Key (Private): /tmp/commercial.key
Root Certificate Authority (CA Root): /tmp/ca.crt
Any Intermediate CA Certs: /tmp/ca_intermediary.crt
# cat /tmp/ca_intermediary.crt /tmp/ca.crt > /tmp/ca_chain.crt
# mv /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.old# mkdir /opt/zimbra/ssl/zimbra
# mkdir /opt/zimbra/ssl/zimbra/ca
# mkdir /opt/zimbra/ssl/zimbra/commercial
# mkdir /opt/zimbra/ssl/zimbra/server
# chmod 740 /opt/zimbra/ssl/zimbra
# chmod 740 /opt/zimbra/ssl/zimbra/*
# cp /tmp/commercial.key /opt/zimbra/ssl/zimbra/commercial/
# chmod 640 /opt/zimbra/ssl/zimbra/commercial/commercial.key
# /opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/commercial.crt /tmp/ca_chain.crt
/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/ca_chain.crt
/opt/zimbra/bin/zmcertmgr viewdeployedcrt

Latest revision as of 10:31, 14 January 2015

Jump to: navigation, search