Results 1 to 5 of 5

Thread: Integration of zimbra server with ironport

  1. #1
    Join Date
    Jan 2009
    Rep Power

    Default Integration of zimbra server with ironport

    hi can any one help me to give some direction to integrate ironport with zimbra hosted installation for multiple domain

  2. #2
    Join Date
    Aug 2011
    Rep Power


    You just need to add all hosted domain name in the RAT table of Ironport.

    And then...

    edit Ironport smtp routes table to send hosted domain messages to the right zimbra server

    To route outbound messages, please add your zimbra's IP into your Ironport's HAT table >> Relaylist

    Dont' forget to commit the settings on your Ironport

  3. #3
    Join Date
    Jul 2011
    Rep Power


    You can use also a integration schemes like Cisco IronPort (MX position) - Exim (simple real time backup and advance route driver) - Zimbra (end user agent).

    Zimbra and IronPort integration (single and bundle solutions) is simple and can be implemented in two good ways. Ironport works like simple mailgateway and can route (route section) a messages wherever you show (configure) for each of your internal domain - Manfred Zhu described it in the above post . Zimbra can also route to external smtp server all messages (external and internal Zimbra messages too). It's very importnat, because, if you use a IronPort e-mail encryption feature (RES) for internal and external users you cann add to your Zimbra config external smtp server (GUI: Global settings - MTA - Network, Mta for external route). Do not forget to Zimbra mail to route the internal interface of the IronPort. You must define in Zimbra GUI a internal (inside) IP/hostname to IronPort service.

    But I prefer Zimbra integration with IronPort and exim, because the exim has more powerful in my ability to control the messages, than in the Zimbra postfix. But if you want, you don't need use exim solution!
    Simple way is use a Zimbra like a classic webmail (colaborate) and pop/imap server and IronPort like incomming and outgoing smtp server (IronPort can be external and internal smtp server, with support auth internal users with any ldap to send e-mails). In my opinion this way is not sufficiently secure.

    Simple route with Zimbra, IronPort (your MX) and Exim (exim can backup all incomming and outgoing messages, it's easy and free):

    (incomming external message from outside users) -> IronPort -> Exim (live backup solution) -> Zimbra (local user).

    (outgoing internal message to outside users) Zimbra (local user) -> Exim -> Ironport -> external user

    (outgoing internal message to internal users) Zimbra (local user)-> Exim -> Ironport -> Exim -> Zimbra (local user) or Zimbra (local user)->Exim ->Ironport ->Zimbra (local user)

    To identify and authenticate your internal users for IronPort and Zimbra, you can use the Zimbra (Open) ldap or external ldap server, like OpenLdap / Sun One Directory. - It's depends on your model solutions.


    Basic problem with IronPort Spam messages and Zimbra (Unify your SYSTEM Spam quarantine, without IronPort quarantine store):
    Best way: Disable your SPAM quarantine in IronPort and tag (define header or subject like [**SPAM**] or [**SUSPECTED SPAM**] ) all spam messages and suspected messages with deliver options. Zimbra users can add a system filters in zimbra client and store SPAM messages in local Zimbra folders. I don't know yet how to set the global system filters configuration of the Zimbra.

    If you don't want disable a IronPort SPAM quarantine, you can also configure the IronPort in such a way as to send e-mails with links to spam messages to your internal users (eg. once a hour / day / week).
    Last edited by; 09-04-2011 at 03:49 AM.
    # ZCS 7.1.3 SLES11 SP1

  4. #4
    Join Date
    Mar 2006
    Beaucaire, France
    Rep Power


    Follow the "Global filters for all users" link in previous post to get a solution to filter spam messages to the spam folder, server wide.

  5. #5
    Join Date
    Jul 2011
    Rep Power


    This is the best way to create more powerfull and scalability mailbox solution for more than 1k users (see attached file).

    This is the modular system and if you want to replace or add a component (such as other external SPAM and antivirus or cryptographic solutions) you can do it easily (use external exim routers or internal Zimbra postfix / amavisd routers).

    For a more scalable your mail solution you can buy and use a Zimbra Appliance (with VMware ESXi).

    Simple external live e-mail backup with exim solution:
    Users can add a external imap server in Zimbra client and get the all backup incomming and outgoing messages with exim server infrastructure. You can also get the backup messages with standard client, like MS Outloock or Thunderbird (use the imap cconnectiom to exim server).
    Attached Files Attached Files
    Last edited by; 09-04-2011 at 11:44 AM.

Similar Threads

  1. Did I miss something? (Zimbra GA 6.0.8 on Ubuntu 10.04)
    By vpetersson in forum Installation
    Replies: 2
    Last Post: 10-26-2010, 06:29 AM
  2. My Zimbra Server crashed this morning...
    By glitch23 in forum Administrators
    Replies: 3
    Last Post: 04-07-2008, 01:28 PM
  3. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 04:43 AM
  4. 3.1 on FC4 problems
    By cohnhead in forum Installation
    Replies: 8
    Last Post: 05-26-2006, 11:16 AM
  5. Mail logs
    By Rick Baker in forum Installation
    Replies: 8
    Last Post: 01-17-2006, 03:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts