How to configure Zimbra + CSF – The Best Zimbra Firewall Configuration
- Category : Linux Helpline (Easy Guide)
- Posted on : Apr 10, 2019
- Views : 1,963
- By : Marcus J.
CSF is one of the best opensource firewalls that using in most of the hosting servers like cPanel and Directadmin . Also it is one of the best firewall for installing Zimbra Mail server . This documentation will help you to configure the CSF firewall in a Zimbra Standalone installation server.
Before starting the installation , you may need to read the documentation available on http://wiki.zimbra.com/wiki/Ports , this will help you to get a quick understanding of ports that required to open in a Zimbra server.
Install CSF :
You can download CSF from http://configserver.com/cp/csf.html and install it . After that open the CSF configuration and enable the following ports,
TCP_IN = "22,25,53,80,110,143,443,465,587,993,995,7071" TCP_OUT = "22,25,53,80,110,113,443,465,587,993,995,7071"
Now you need to open the file /etc/csf/csf.pignore and add the following zimbra packages paths.
exe:/opt/zimbra/amavisd/sbin/amavisd exe:/opt/zimbra/clamav/bin/freshclam exe:/opt/zimbra/clamav/sbin/clamd exe:/opt/zimbra/cyrus-sasl/sbin/saslauthd exe:/opt/zimbra/httpd-2.4.3/bin/httpd exe:/opt/zimbra/httpd/bin/rotatelogs exe:/opt/zimbra/java/bin/java exe:/opt/zimbra/libexec/logswatch exe:/opt/zimbra/libexec/zmmailboxdmgr exe:/opt/zimbra/mysql/bin/mysqld exe:/opt/zimbra/opendkim/sbin/opendkim exe:/opt/zimbra/openldap/sbin/slapd exe:/opt/zimbra/postfix/libexec/master
This will help to white list these binaries in CSF
Now you can start the CSF as follows and test it.
# /etc/init.d/csf start
You may need to test the mail server and its functionalities . After that you can disable the testing mode in csf.conf and reload CSF. You can also perform other generic CSF tweaks after that.
Categories
Subscribe Now
10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!Archive Calendar
Sat | Sun | Mon | Tue | Wed | Thu | Fri |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | 20 |
21 | 22 | 23 | 24 | 25 | 26 | 27 |
28 | 29 | 30 | 31 |
Recent Articles
-
Posted on : Jul 25
-
Posted on : Jul 07
-
Posted on : Apr 07
-
Posted on : Mar 19
Optimized my.cnf configuration for MySQL 8 (on cPanel/WHM servers)
Tags
- layer 7
- tweak
- kill
- process
- sql
- Knowledge
- vpn
- seo vpn
- wireguard
- webmail
- ddos mitigation
- attack
- ddos
- DMARC
- server load
- Development
- nginx
- php-fpm
- cheap vpn
- Hosting Security
- xampp
- Plesk
- cpulimit
- VPS Hosting
- smtp
- smtp relay
- exim
- Comparison
- cpu
- WHM
- mariadb
- encryption
- sysstat
- optimize
- Link Building
- apache
- centos
- Small Business
- VPS
- Error
- SSD Hosting
- Networking
- optimization
- DNS
- mysql
- ubuntu
- Linux