Difference between revisions of "King0770-Notes"

(Handy Commands)
Line 118: Line 118:
10) su - zimbra
10) su - zimbra
11) /opt/zimbra/openldap/sbin/slapadd -f /opt/zimbra/conf/slapd.conf -l /tmp/ldap.ldif  
11) /opt/zimbra/openldap/sbin/slapadd -f /opt/zimbra/conf/slapd.conf -l /tmp/ldap.ldif  
===Clear SA DB===
===Clear SA DB===

Revision as of 19:40, 18 July 2008

Removing Messages with Zmmailbox based on the Subject

# rm_message.sh user@domain.com subject
if [ -z "$2" ]; then
echo "usage:  rm_message.sh user@domain.com <subject>"
exit 0
echo "Searching $addr  for Subject:  $subject"
for msg in `zmmailbox -z -m "$addr" s -l 999 -t message "subject:$subject"|awk '{ if (NR!=1) {print}}' | grep -v -e Id -e "-" -e "^$" | awk '{ print $2 }'`
echo "Removing "$msg""
zmmailbox -z -m $1 dm $msg

Copy/Paste the script into a file, call it what you want, something like, "rm_message.sh". The syntax using the script would be something like:

./rm_message.sh user@domain.com subjectName

If the subject contains more than one word, put double quotes around the subject.

./rm_message.sh user@domain.com "Hello World"

Special thanks to Matt Fox.

Reinitialize the Logger DB

Worst case scenario for the logger db's: If some for reason the USE_FRM option fails, you could move the old logger db out of the way and start over. The only bad part is that you would lose historical data, however it would resolve the corrupted table issue(s).

If you wish the start over with the logger db's, here are the steps (run as zimbra).

$ zmloggerctl stop
$ mv /opt/zimbra/logger/db /opt/zimbra/logger/db-old
$ source /opt/zimbra/bin/zmshutil 
$ zmsetvars 
$ /opt/zimbra/libexec/zmloggerinit ${mysql_logger_root_password}
$ zmlogswatchctl start

Spam Info

If you haven't already, try implementing the use of RBL's. This is from: http://wiki.zimbra.com/index.php?title=Configuring_and_Monitoring_Postfix_DNSBL

su - zimbra

zmprov mcf \
zimbraMtaRestriction reject_invalid_hostname \
zimbraMtaRestriction reject_non_fqdn_hostname \
zimbraMtaRestriction reject_non_fqdn_sender \
zimbraMtaRestriction "reject_rbl_client dnsbl.njabl.org" \
zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org" \
zimbraMtaRestriction "reject_rbl_client bl.spamcop.net" \
zimbraMtaRestriction "reject_rbl_client dnsbl.sorbs.net" \
zimbraMtaRestriction "reject_rbl_client sbl.spamhaus.org" \
zimbraMtaRestriction "reject_rbl_client relays.mail-abuse.org" 

zmmtactl reload
**don't forget to reload Postfix**

RBL's will usually cut 50% of unwanted mail flow off the top before scanning for spam.

You can also decrease kill and tag percentages, have a look what they are at now. Basically, the lower the numbers, the more aggressive a potential spam will be tagged; I believe we ship with those numbers a little high.

zmprov gacf | grep -e zimbraSpamTagPercent -e zimbraSpamKillPercent

If you decide to adjust zimbraSpamTagPercent & zimbraSpamKillPercent, don't forget to run this command:

zmamavisdctl restart

With the RBL's in place, with a lower threshold, wait for a couple of days, see what the spam traffic is like then.

License - Misc

TTL for the account count cache is either 1 minute when they are very close to the limit, or 1 hour if the total account count is less than 90% of the quota. In other words, the server will correct itself without restart in an hour in the worse case. See http://bugzilla.zimbra.com/show_bug.cgi?id=24009

  • Admin counts towards user count, admin@domain.com
  • Spam, Ham, Wiki accounts don't count toward user count total

Preferred Method Moving Users To New Machine

I believe the best method to transfer users from one ZCS machine to another ZCS machine would be to use the "move mailbox" method. The concept behind the move mailbox method is that the user's account is transferred from one host to another keeping their data intact, i.e. mail, contacts, and calendar. It will move accounts one at a time, and the account being moved will only be inaccessible for the duration of the move. Basically, you would make the new server to be an ldap replica to the old server; configure the old server to be the ldap master on the new server. Once you have moved all of the accounts to the new server/replica, promote the replica to be the master, documentation on promoting the replica to master is here: http://wiki.zimbra.com/index.php?title=Promoting_Replica_to_LDAP_Master. The move mailbox function can be accomplished by using the Admin Console, or by CLI. In the Admin Console, there is a button labeled "move mailbox" when you edit an account. From the CLI, here is an article detailing the zmmailboxmove, http://wiki.zimbra.com/index.php?title=Zmmailboxmove.

This is King0770's personal opinion, not Zimbra's official position.


This would be a good place to start. http://wiki.zimbra.com/index.php?title=LDAP#LDAP_replication

This url is good, however, this article is referring configuring a replica during zcs install. http://www.zimbra.com/docs/os/latest/multi_server_install/LDAP%20Replication.6.1.html

Handy Commands

Read the install history file in a readable format

perl -e 'while (<>) { ($date, $op) = split(/:/, $_); print scalar localtime($date) . "  " . $op; }' < /opt/zimbra/.install_history

Get the version in ZWC

Type the following in the search bar:

$set: get version

LDAP - DB Status

/opt/zimbra/sleepycat/bin/db_stat -c -h /opt/zimbra/openldap-data

LDAP - DB Recover

/opt/zimbra/sleepycat/bin/db_recover **make sure you are doing this as the zimbra user, and that slapd is not running**

LDAP - Slapindex

/opt/zimbra/openldap/sbin/slapindex -f /opt/zimbra/conf/slapd.conf

LDAP - Export & Reimport

1) su - zimbra
2) libexec/zmslapcat /tmp
3) mv /tmp/ldap.bak /tmp/ldap.ldif
4) zmcontrol stop
5) ps -aux | grep slapd **If ldap is still running, kill it**
6) su - root
7) mv /opt/zimbra/openldap-data /opt/zimbra/openldap-data.OLD
8) mkdir -p /opt/zimbra/openldap-data/logs
9) chown -R zimbra:zimbra /opt/zimbra/openldap-data/
10) su - zimbra
11) /opt/zimbra/openldap/sbin/slapadd -f /opt/zimbra/conf/slapd.conf -l /tmp/ldap.ldif 

Clear SA DB

This would be handy if you are getting a lot of false positives

/opt/zimbra/libexec/sa-learn -p /opt/zimbra/conf/salocal.cf.in --dbpath /opt/zimbra/amavisd/.spamassassin/ --siteconfigpath /opt/zimbra/conf/spamassassin --clear


/opt/zimbra/libexec/sa-learn -p /opt/zimbra/conf/salocal.cf --dbpath /opt/zimbra/amavisd/.spamassassin --siteconfigpath \ /opt/zimbra/conf/spamassassin --force-expire –sync

12) zmcontrol start </pre></code>

Excessive Load Info Needed - What you need to show Zimbra Support

In general, when troubleshooting performance issues, we would like to know the following:
1. What exactly is slow?
2. Timestamps when problem is observed
3. Repro steps, if applicable
4. When the problem occurs, generate a few threaddumps (30 seconds apart) and send us zmmailboxd.out:
5. generate zmstat charts covering the times when the problem occurs

There are a few commands you can run to help us diagnose; the only stipulation is to run these commands *during* the excessive high load. We'll need to see what's going on during the high load.

1) Run the following command *during* the high load, run this command as root. This should write the output to the /opt/zimbra/log/zmmailboxd.out file.

for i in 1 2 3; do /opt/zimbra/libexec/zmmailboxdmgr threaddump; sleep 30; done

2) On the day of the excessive high load, we'll need you to generate graphs; this will help the engineers see any problems. Run as the zimbra user

zmstat-chart -s /opt/zimbra/zmstat/<day of the excessive load> -d /tmp/zmstats
tar -czvf /tmp/zmstats.tar.gz /tmp/zmstats

3) Find out the PID of the jetty process and run pstack on it, send us the results from the pstack command. Please run this command during the excessive load.

ps -ef | grep jetty
pstack <jetty_pid>

Sometime, Zimbra engineers need to know as much as possible about your machine in these types of excessive load situations. Using the script below could be helpful - no such thing as too much info. :)


if [ `whoami` != "zimbra" ]; then
echo "Must be executed as the zimbra user."
exit 1
zmcontrol -v

echo "Number of users"
echo "---------------"
zmprov gaa | wc -l


echo "Processor Version"
echo "-----------------"
PROC_VER=`cat /proc/version`
echo "$PROC_VER"


echo "Processor Info"
echo "--------------"
PROC_INFO=`cat /proc/cpuinfo`
echo "$PROC_INFO"

echo "Mem Info"
echo "--------"
FREE=`free -m`
echo "$FREE"
echo "`dmesg | grep Mem`"


echo "FSTAB File"
echo "----------"
echo "`cat /etc/fstab`"


echo "Mtab file"
echo "---------"
echo "`cat /etc/mtab`"


echo "Disk Space"
echo "----------"
echo "`df -h`"


echo "Threads"
echo "-------"
zmprov gacf | grep -i threads
echo "Message Cache Size"
echo "------------------"
zmprov gacf | grep zimbraMessageCacheSize
echo "Info from zmlocalconfig"
echo "-----------------------"
zmlocalconfig -d | grep java_options
zmlocalconfig -n | grep maxActive
zmlocalconfig | grep max_uncommitted_operations
zmlocalconfig | grep percent

echo "Mysql Info"
echo "----------"
grep max_connections /opt/zimbra/conf/my.cnf
grep innodb_buffer_pool_size  /opt/zimbra/conf/my.cnf
grep innodb_max_dirty_pages_pct  /opt/zimbra/conf/my.cnf
grep innodb_flush_method  /opt/zimbra/conf/my.cnf


echo "Java Process"
echo "------------"
ps -ef | grep java


echo "LDAP Info"
echo "---------"
/opt/zimbra/sleepycat/bin/db_stat -m -h /opt/zimbra/openldap-data | head -n 11


/opt/zimbra/sleepycat/bin/db_stat -m -h /opt/zimbra/openldap-data | head -n 12

Small Favor

Please install the following tools, sometimes the engineers use pstack and/or strace for troubleshooting.
1) pstack
2) strace

Enable Away Messages (Vacation)

1) Access your account using the web interface, https://mail.domain.com
2) Once you have accessed your account, go to Preferences => Mail
3) If you scroll down in the Mail section, look for "Send auto-reply message:". You should then type your away message, and pick the start date and finish date.
4) Don't forget to click "Save" in the upper left hand.

Auto-Reply Not Working

Organizations using the Split-Domain configuration *may* encounter problems with the auto-replies not working.
Mail that is arriving to user@somedomain.com and the zimbra server only knows about user@mail.domain.com. So the code that tries not to send vacation message if the mail was not directly sent to the account kicks in. This is as intended. The "was it sent directly to this acct" check only checks To: and Cc: headers and not envelope RCPT TO address (as it should).


zmprov ma user@domain.com +zimbraPrefOutOfOfficeDirectAddress user@mail.domain.com
zmprov ma user@domain.com zimbraPrefOutOfOfficeReplyEnabled TRUE

Apple's .Mac Mail Service

It was recently discovered Apple's .Mac Mail Service removes messages in the Trash from their server after one week. This is not configurable.

Directory Permissions on /tmp

It is possible that during ZCS install, if the /tmp directory does not have the correct permissions, it could hinder your efforts to install ZCS. Make sure the /tmp directory has the following permissions.

drwxrwxrwt 17 root root 4096 2008-07-07 08:33 tmp

If your /tmp permissions do not match the above, run the following commands as root:

# chmod 777 /tmp
# chmod +t /tmp

The "t" in the end of the permissions is called the "sticky bit". It replaces the "x" and indicates that in this directory, files can only be deleted by their owners, the owner of the directory or the root superuser. This way, it is not enough for a user to have write permission on /tmp, he also needs to be the owner of the file to be able to delete it.

Columns are MisMatch in the GAL using ZCO

1) Remove ZCO profile(s) from Outlook - Start ==> Control Panel ==> Mail

2) Once the ZCO profile is removed, go into the following directories and remove everything in the specified directories:
c:\documents and settings\<user>\local settings\application data\microsoft\outlook
c:\documents and settings\<user>\application data\microsoft\outlook

3) Recreate ZCO profile for Outlook - Start ==> Control Panel ==> Mail

Once you have recreated the zco profile, open Outlook, then have a look again at the GAL.

Jump to: navigation, search