Project

zimbra_intercepting_proxy

0.01
No commit activity in last 3 years
No release in over 3 years
zimbra_intercepting_proxypbruna/zimbra_intercepting_proxyHomepageDocumentationSource CodeBug TrackerWiki
A HTTP intercepting Proxy for the Zimbra Proxy
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
21,298
Stars
2
Forks
4
Watchers
4
 Releases
Current version
0.0.5.2
Total releases
9
First release
2015-04-13
Latest release
2015-05-28
 Issues
Open Issues
5
Closed Issues
0
Total Issues
5
Issue Closure Rate
0%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2016-06-06
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.9
minitest-reporters
>= 0
rake
>= 0

Runtime

addressable
~> 2.3
em-proxy
~> 0.1.8
http_parser.rb
~> 0.6
thor
~> 0.19
uuid
~> 2.3
xml-simple
~> 1.1
 Project Readme

ZmProxy

This software is used to intercept and apply modifications to the traffic between a Zimbra Proxy and Zimbra Mailboxes. If you don't know what a Zimbra Proxy is, You can read about it here: https://wiki.zimbra.com/wiki/Zimbra_Proxy_Guide

This work for all kind of client access:

  • POP3
  • IMAP
  • Webmail
  • ActiveSync
  • Zimbra Outlook Connector

What this try to solve?

Zimbra Migrations

Suppose you need to move a lot of users and data from one Zimbra Platform to another, like we do at ZBox, and given the size of the migration, you can't move all the mailboxes at once, so you have to do it in groups.

This procedure have the following inconvenients:

  • You have to update the configuration of the clients for all the migrated users,
  • Your users will need to learn a new Webmail URL,
  • It's not transparent for the end user,
  • It's a lot of work for you

Network and OpenSource Deployments

Not a hot topic for Zimbra Inc., sorry guys, but lets be honest about it, some companies can't afford Zimbra Network for all the employees, so they use two setup platform.

The main problem with this is that you have to configure your clients with to kind of information.

Tutorial

This tutorial is based on the following setup:

  • One Zimbra Mailbox v6, that we want to migrate to,
  • Multi Server Zimbra, with 1 Zimbra Proxy, and 2 Zimbra Mailboxes

Also, the new Zimbra Proxy should be running on CentOS 7.

1. Install Docker on the Zimbra Proxy Server

$ yum install epel-release -y
$ yum install docker -y
$ systemctl enable docker
$ systemctl start docker

2. Configure Zimbra Nginx Templates

This config is going to use a running Docker listen on the 9090 port.

# Backup directory
$ cp -a /opt/zimbra/conf/nginx/templates /opt/zimbra/conf/nginx/templates.backup
$ curl -k https://raw.githubusercontent.com/ITLinuxCL/zimbra_intercepting_proxy/master/examples/nginx.conf.mail.template > /opt/zimbra/conf/nginx/templates/nginx.conf.mail.template
$ curl -k https://raw.githubusercontent.com/ITLinuxCL/zimbra_intercepting_proxy/master/examples/nginx.conf.web.template > /opt/zimbra/conf/nginx/templates/nginx.conf.web.template
$ curl -k https://raw.githubusercontent.com/ITLinuxCL/zimbra_intercepting_proxy/master/examples/nginx.conf.zmlookup.template > /opt/zimbra/conf/nginx/templates/nginx.conf.zmlookup.template
$ chown zimbra.zimbra -R /opt/zimbra/conf/nginx/templates/

3. Create and Admin User

We need an admin user to lookup the mailbox for the account, this admin needs to have a non-expiring token.

$ zmprov ca zmproxy@example.com Password \
  zimbraIsAdminAccount TRUE \
  zimbraAdminAuthTokenLifetime 100d \
  zimbraAuthTokenLifetime 100d

4. Start the Container

# Interactive Mode
$ docker run --rm -ti --dns=192.168.80.81 -p 9090:9090 \
  -e ZIMBRA_USER=zmproxy@example.com \
  -e ZIMBRA_PASSWORD=Password \
  -e NAMESERVERS=192.168.80.81 \
  -e ZIMBRA_SOAP=https://any_new_mailbox:7071/service/admin/soap \
  -e DEFAULT_MAILBOX_IP=192.168.80.81 \
  -e DEFAULT_DOMAIN=example.com \
  -e MAILBOXES_MAPPING='192.168.80.81:8080:7110:7143:true;192.168.80.61:80:110:143' \
  -e PREFIX_PATH=/zimbra \
  -e VERBOSE=true \
  itlinuxcl/zimbra_zip

# Background just change this line
$ docker run -d --name zimbra_zip --dns=192.168.80.81 -p 9090:9090 \
  ......

You can check de running docker in background with:

docker logs zimbra_zip -f

About the variables:

  • ZIMBRA_USER, is the admin user,
  • ZIMBRA_PASSWORD, password for the admin user,
  • NAMESERVERS, an IP address of a DNS server that can resolv all mailboxes, including old and new,
  • ZIMBRA_SOAP, url of a mailbox where to do the lookups,
  • DEFAULT_MAILBOX_IP, one of the mailboxes on the new platform
  • DEFAULT_DOMAIN, default domain to add when only the user part is sent
  • PREFIX_PATH, the Zimbra 6 use a prefix when sending requests,
  • MAILBOXES_MAPPING, this holds the information of the port used in every mailbox.

The syntax of MAILBOXES_MAPPING is:

IP,WEB_P,POP_P,IMAP_P:REMOVE_PREFIX;IP,WEB_P,POP_P,IMAP_P:REMOVE_PREFIX;

Where:

  • IP, ip of a mailbox
  • WEB_P,POP_P,IMAP_P, ports where listen the webmail, pop3, and imap services
  • REMOVE_PREFIX, it ZmProxy shoud remove the /zimbra prefix for this mailbox

You must list all the mailboxes here.

5. Re-configure Zimbra Proxy and restart

$ /opt/zimbra/libexec/zmproxyconfgen
$ /opt/zimbra/bin/zmproxyctl restart

6. Check status

If you run the container in Interactive mode, you should see the logs on your screen, if not you can run the following command:

$ docker logs zimbra_zip -f

Thanks

Contributing

  1. Fork it ( https://github.com/pbruna/zimbra_intercepting_proxy/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request