Shurn the Awesomer
Setup Zimbra 8.8 on Ubuntu 16.04

Setup Zimbra 8.8 on Ubuntu 16.04

Written on Thu, 12 April 2018

Optional Prerequisite: Install TCP BBR

TCP BBR is designed to counter traffic congestion. If your application frequently suffer from performance due to congestion, try TCP BBR.

Optional Prerequisite: Set up LVM

LVM is an excellent abstraction tool for storage. Highly recommended if you want to expand your storage needs in the future. Check out a related article on setting up infinite storage for web server but ignore the part on web server. Zimbra is commonly install on /opt/ so set the LVM to this folder.

Optional Prerequisite: Set up Swap Partition

Zimbra recommends a minimum of 8GB RAM. However, if you are faced with a situation where you do not have enough RAM and you can't just add more ram easily, you could use swap space partition or file.

Configure hostname

Edit /etc/hosts and add the following line: mail

Change to your ip address and the hostname to your hostname.

Edit /etc/hostname to this:


Reboot your server and test that you see your hostname:

root@mail:~# hostname -f
root@mail:~# hostname

Install and Configure BIND DNS

Install bind9

root@mail:~# apt install bind9 bind9utils

Edit /etc/bind/named.conf.options, uncomment the forwarders, and add DNS server IP:

forwarders {;;

The DNS server is hosted by Google. Choose your own DNS server if you have a preference.

Add the following to /etc/bind/named.conf.local:

zone "" {
type master;
file "/etc/bind/";
zone "" {
type master;
file "/etc/bind/db.0.0.10";
zone "" {
type master;
file "/etc/bind/db.0.0.127";

Change 0.0.10 to the reverse of your first 3 octet of your IP address, and to your top level domain name.

Create /etc/bind/ and add the following:

$TTL 604800
@ IN SOA (
20180217 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800);Negative Cache TTL
@ IN NS mail
IN MX 10 mail
mail IN A

Change the domain and IP address accordingly.

Create /etc/bind/db.0.0.127 and add the following:

@ IN SOA (
2 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D);Minimum TTL
1 PTR localhost.

Change the domain accordingly

Create /etc/bind/db.0.0.10 and add the following:

@ IN SOA (
1 ; Serial
8H ; Refresh
2H ; Retry
4W ; Expire
1D);Minimum TTL
10 PTR

Change the domain and IP address accordingly.

Restart bind service

root@mail:~# /etc/init.d/bind9 restart
[ ok ] Restarting bind9 (via systemctl): bind9.service.

Configure static IP address in /etc/network/interfaces:

source /etc/network/interfaces.d/*.cfg
auto eth0
iface eth0 inet static

Change the domain and IP address accordingly.

Edit /etc/resolvconf/resolve.conf.d/base to the following:


CHange the domain and IP address accordingly. Then regenerate resolve.conf with:

root@mail:~# resolvconf -u

Download and install Zimbra

Disable firewall first:

root@mail:~# service ufw stop

Download and install the latest stable version of Zimbra. At the time of writing, the latest version is 8.8.8.

root@mail:~# wget
root@mail:~# tar xf zcs-8.8.8_GA_2009.UBUNTU16_64.20180322150747.tgz
root@mail:~# cd zcs-8.8.8_GA_2009.UBUNTU16_64.20180322150747
root@mail:~# ./

Read the instructions and answer accordingly to your requirements:

Do you agree with the terms of the software license agreement? [N] y
Use Zimbra's package repository [Y] y
Install zimbra-ldap [Y]
Install zimbra-logger [Y] y
Install zimbra-mta [Y] y
Install zimbra-dnscache [Y] n
Install zimbra-snmp [Y] y
Install zimbra-store [Y] y
Install zimbra-apache [Y] y
Install zimbra-spell [Y] y
Install zimbra-memcached [Y] y
Install zimbra-proxy [Y] y
Install zimbra-chat [Y] y
Install zimbra-drive [Y] y
Install zimbra-imapd (BETA - for evaluation only) [N] n
The system will be modified. Continue? [N] y
Change domain name? [Yes] Yes
Create domain: []
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes] y
Save config in file: [/opt/zimbra/config.12345]
The system will be modified - continue? [No] y

Note: This is an abstract of the full installation details. You may experience different installation path.
Highly recommended to set the admin password. Notifying zimbra of your installation is entirely optional.

Go to your favourite browser and browse to your domain like :// Take note of the port 7071, which is the administive login. Without it, you will be presented with the mailbox login.

Send and receive a mail and see that it works.

Installing SSL Certificate

Follow the instructions here to install certbot for your system.

Follow the instructions here for the script to automate letsencrypt installation, except the following:

Location of sudoers.conf

On point 4, the configs/sudoers.conf is located at /opt/letsencrypt-zimbra/configs/sudoers.conf. So you should run the command like this:

root@mail:~# cp /opt/letsencrypt-zimbra/configs/sudoers.conf /etc/sudoers.d/zimbra_certbot

Zimbra restart might fail

The maintainer has taken note that there is a restart issue at the time of this writing. As such, you need to manually restart zimbra with:

root@mail:~# sudo -Hu zimbra /opt/zimbra/bin/zmcontrol restart

zmlogswatch does not start due to Date::Parse not installed

If zmlogswatch does not start, check /opt/zimbra/log/zmlogswatch.out and see if it reports any error related to Date::Parse and Swatchdog. If it does, you should proceed with the installation. Then attempt to restart zimbra again. Obtain the URL from Swatchdog here.

root@mail:~# apt install build-essential
root@mail:~# cpan
cpan[1]> install Date::Parse
cpan[2]> install Time::HiRes
cpan[3]> install Date::Calc
cpan[4]> install Date::Format
cpan[5]> install Date::Manip
cpan[6]> install File::Tail
cpan[7]> install Term::ANSIColor
cpan[8]> exit
root@mail:~# wget
root@mail:~# tar -zxvf swatchdog-3.2.4.tar.gz
root@mail:~# mv swatchdog-3.2.4 swatchdog
root@mail:~# cd swatchdog
root@mail:~# perl Makefile.PL
root@mail:~# make
root@mail:~# make test
root@mail:~# make install
root@mail:~# make realclean
root@mail:~# sudo -Hu zimbra /opt/zimbra/bin/zmcontrol restart

Renewing SSL Certificate

You may set up cron job to renew the certificate. Edit your cron job file with:

root@mail:~# crontab -e

Add the following:

12 12 * * * sudo -Hu zimbra /opt/letsencrypt-zimbra/obtain-and-deploy-letsencrypt-cert.shsudo -Hu zimbra /opt/zimbra/bin/zmcontrol restart