Results 1 to 4 of 4

Thread: Zimbra Webclient behind Apache Reverse Proxy

Hybrid View

  1. #1
    Join Date
    May 2010
    Posts
    2
    Rep Power
    5

    Default Zimbra Webclient behind Apache Reverse Proxy

    Hi,

    I have the following situation:

    Zimbra FOSS edition behind an Apache Reverse Proxy.

    For accesing the mailboxes, users can either use a mail client like Outlook/Thunderbird/etc. or the Webmail client.

    For accesing with a mail client I've setup some port redirect rules for 25,110,143,993,995 ports, so every client can be seen by Zimbra Server with its originating ip. The originating IP goes into the logs.

    For the webclient, in the logs I can see only the ip of the Reverse Proxy.

    How can I configure Zimbra so that it will log the originating ip of the user and not the proxy ip???

    I mention that the Apache Reverse Proxy is setup to forward the originating ip. I've tested this with my webserver that it is also behind the same reverse proxy.

    Thanks a lot

    Mircea

  2. #2
    Join Date
    May 2009
    Location
    Bremen, Germany
    Posts
    122
    Rep Power
    6

    Default

    mod_rpaf can set the remote_addr of incoming clients connection to the vaule of X-Forwarded-For for a reverse proxy connection.

  3. #3
    Join Date
    May 2010
    Posts
    2
    Rep Power
    5

    Default

    As I said before, I have another web server (apache) with no mod_rpaf enabled which logs the originating ip just by using this line

    CustomLog /var/log/httpd/www-access.log "%{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""

    Notice the %{X-Forwarded-For}i ... this should be enough for zimbra, but from what I understand, Zimbra uses Apache Tomcat to generate it's webmail client so there should be a diferent kind of directive.

    Maybe I'm wrong somwhere ... please help

  4. #4
    Join Date
    May 2009
    Location
    Bremen, Germany
    Posts
    122
    Rep Power
    6

    Default

    I think it's better to get the Apache to set remote_addr to the originating ip than edit some files in the Zimbra distribution to get Jetty (or whatever) to log X-Forwarded-For instead of remote_addr. You need to edit the files again every time you upgrade the Zimbra distribution.

    Zimbra 6.0.X use Jetty as application server.

Similar Threads

  1. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM
  2. Cleanup after many upgrades
    By tobru in forum Installation
    Replies: 1
    Last Post: 12-23-2007, 08:21 AM
  3. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 08:55 AM
  4. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 09:39 AM
  5. Mail logs
    By Rick Baker in forum Installation
    Replies: 8
    Last Post: 01-17-2006, 03:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •