Few days ago, i am migrating Zimbra 8.6 running on SLES into Zimbra 8.8 running on CentOS 7 at my client. All installation have been finished. I am try to access Webmail Zimbra 8.8 that running on CentOS 7. But, the webmail can not be accessed by IP address. However, webmail can be accecssed by name like mail.imanudin.net, webmail.imanudin.net and etc.
For solved the problem, perform the following command as Zimbra user
zmprov md imanudin.net zimbraVirtualHostname mail.imanudin.net zimbraVirtualIPAddress 192.168.1.11 libexec/zmproxyconfgen zmproxyctl restart
Note : mail.imanudin.net is virtual hostname and IP Address 192.168.1.11 is IP from Zimbra Proxy Server
Finally, i can access webmail by IP Address
Good luck and hopefully useful 🙂
Source : https://forums.zimbra.org/viewtopic.php?f=15&t=62695#p278628
Hi Imanudin, good tip, but do you realize that 8.8 still is a Release Candidate not ready for deployment in production servers.?
At least at the time of this writing.
Yes you right. When i am download binary from zimbra.com, i am not found notice about RC and production ready 😀
However, today i am check again on zimbra.com appear notice about that :D.
Thanks for your notice and warn
It worked for me too. Thank Iman.
How can I fix a blank page when accessing zimbra web console?
I can access it but no content on webpage.
How if you access from another browser? please try some fix below :
– clear cache on your browser
– clear cache on your server with performing below command
Sir my issue is vice versa to this as i can access it via virtual ip address but can’t access via hostname.
Please make sure you have been configured name resolve into IP on your DNS. Or you can try to input in your /etc/hosts
but came across with another problem as i cant access the zimbra admin web
nothing shows up
could you please your advice on this
You can check log on /opt/zimbra/log/mailbox.log and /opt/zimbra/log/zmmailboxd.out to see the problem. Ensure 7071 is listen on your server
how to restrict webmail access for certain user, its possible or not.
it’s not possible for this time
2020-02-05 00:00:07,399 INFO [qtp509886383-5461:https://127.0.0.1:7071/service/admin/soap/AuthRequest%5D [name=zimbra;ip=127.0.0.1;ua=zmprov/8.6.0_GA_1153;] soap – AuthRequest elapsed=6
2020-02-05 00:00:11,113 INFO [qtp509886383-5462:https://127.0.0.1:7071/service/admin/soap/GetAllServersRequest%5D [name=zimbra;ip=127.0.0.1;ua=zmprov/8.6.0_GA_1153;] soap – GetAllServersRequest elapsed=2
2020-02-05 00:00:16,388 INFO [MailboxPurge] [email@example.com;mid=99;] purge – Purging messages.
2020-02-05 00:01:16,440 INFO [MailboxPurge] [firstname.lastname@example.org;mid=100;] purge – Purging messages.
2020-02-05 00:02:16,487 INFO [MailboxPurge] [email@example.com;mid=101;] purge – Purging messages.
2020-02-05 00:03:16,588 INFO [MailboxPurge] [firstname.lastname@example.org;mid=102;] purge – Purging messages.
2020-02-05 00:04:16,638 INFO [MailboxPurge] [email@example.com;mid=103;] purge – Purging messages.
2020-02-05 00:05:16,681 INFO [MailboxPurge] [firstname.lastname@example.org;mid=104;] purge – Purging messages.
2020-02-05 00:06:02,904 INFO [LmtpServer-45] [ip=192.168.4.2;] lmtp – Delivering message: size=3733 bytes, nrcpts=1, email@example.com, msgid=
that the error appeared for vi /opt/zimbra/log/mailbox.log else
[root@mail ~]# vi /opt/zimbra/log/zm
[root@mail ~]# vi /opt/zimbra/log/zmmailboxd.out
The log that you given is normal. Nothing wrong with your log
Ok, so any advice on the web admin that still can’t not access??
Maybe you can upgrade to the last version of Zimbra
Zimbra Mail server is opening by both domain name and IP address. But unable to open in network connected PCs.
ZImbra Svr is installed in VMWare Machine and accessed by the client PCs on network. Suggest me soon please. Mail Svr is now down in my company, due to which I am receiving alerts on regular basis.
Waiting for your initiation
Please try this checklist :
– Check Zimbra services (su – zimbra -c ‘zmcontrol status’)
– Please try access Zimbra using peer to peer connection (cross cable)
If all services are running and you can access your Zimbra from P2P, please check your network connection from client to Zimbra server
Hi Ahmad Imanudin,,
Last few days I didn’t access Zimbra admin Console. other service are working smoothly.please help me .
2019-10-16 23:05:37,773 INFO [qtp1286783232-1177:https:https://localhost:7071/service/admin/soap/GetDomainInfoRequest%5D [ua=ZCS/8.8.10_GA_3758;soapId=5081178;] soap – GetDomainInfoRequest elapsed=0
2019-10-16 23:05:58,196 INFO [qtp1286783232-1174:https:https://localhost:7071/service/admin/soap/GetDomainInfoRequest%5D [ua=ZCS/8.8.10_GA_3758;soapId=5081179;] soap – GetDomainInfoRequest elapsed=0
I recommend you to upgrade your Zimbra to the last version. As you know, your Zimbra version may be affected by bug SSRF/XSS
I did tried this but not work still gives me blank page when i tried to access https://hostname:7071
What your Zimbra version? maybe your server affected bug XXE/SSRF
Release 8.6.0_GA_1153.RHEL6_64_20141215151155 RHEL6_64 FOSS edition.
hy iman, how to access zimbra webmail client from internet?
i have forwarding port 80,443,143,456,587,993,995,4334,5222,5223,9071,9443,7071,8080. and this look oke because accessing webadmin console :7071 is no problem from internet.
but i stiil cannot access web mail client http/https direct IP or domain from internet side.
If you can access Zimbra from local but did not access it from the Internet, the problem is on your router/gateway that performs forwarding. Or you can try to give Zimbra IP pub directly. If you have using IP pub directly on your Zimbra and still problem access from the Internet, maybe you can check the firewall on your server
thank for your time…
I have ip public on the server.
ss –listening –tcp –numeric
LISTEN 0 50 *:443 *:*
netstat -telpn | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 41205 5648/java
netstat -telpn | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
2 104 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 ctstate NEW,UNTRACKED
121 7240 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ctstate NEW,UNTRACKED
1 44 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 ctstate NEW,UNTRACKED
1 44 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ctstate NEW,UNTRACKED
7 404 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 ctstate NEW,UNTRACKED
7 404 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587 ctstate NEW,UNTRACKED
1 44 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 ctstate NEW,UNTRACKED
1 44 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3443 ctstate NEW,UNTRACKED
40 2384 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5222 ctstate NEW,UNTRACKED
0 0 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5223 ctstate NEW,UNTRACKED
3 128 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 ctstate NEW,UNTRACKED
2 88 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4443 ctstate NEW,UNTRACKED
1 44 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9071 ctstate NEW,UNTRACKED
1 44 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443 ctstate NEW,UNTRACKED
13 780 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:7071 ctstate NEW,UNTRACKED
2 104 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 ctstate NEW,UNTRACKED
0 0 ACCEPT udp — * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 ctstate NEW,UNTRACKED
nmap -sV myippublic -vv
Not shown: 986 filtered ports
Reason: 974 no-responses, 11 host-prohibiteds and 1 admin-prohibited
PORT STATE SERVICE REASON VERSION
22/tcp open ssh syn-ack ttl 50 OpenSSH 7.4 (protocol 2.0)
53/tcp open domain syn-ack ttl 50 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
80/tcp open nagios-nsca syn-ack ttl 250 Nagios NSCA
110/tcp closed pop3 reset ttl 50
143/tcp closed imap reset ttl 50
465/tcp open ssl/smtp syn-ack ttl 50 Postfix smtpd
587/tcp open smtp syn-ack ttl 50 Postfix smtpd
993/tcp closed imaps reset ttl 50
995/tcp closed pop3s reset ttl 50
4443/tcp closed pharos reset ttl 50
5222/tcp open xmpp-client? syn-ack ttl 50
8080/tcp closed http-proxy reset ttl 50
8443/tcp closed https-alt reset ttl 50
9071/tcp closed unknown reset ttl 50
Service Info: Host: mail.xxxxxxxxxxxxx.id; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
ISP blocked incoming 443 port?
please correct me & thanx
NB: at January 13, 2020 at 3:30 am mynetwork:
INTERNET——–| (ip pub)MIKROTIK—–|MAIL SERVER.
today January 15, 2020 at 12:41 pm mynetwork:
For easy trace the problem, you can try to disable/stop iptables/firewalld services. If the problem still exists, you can ask to your ISP why its happen
Hi Iman. Tq for your time. There are some of the user have blank page when accessing their account. The rest of the user have no problem at all.I’ve clear the cache but problem still occured.Do you have any recommendation.User using zimbra basic 8.7
Hi Sal Abdullah,
You can try to access webmail directly without Proxy. You can try on port 8080 or 8443
your blogs help me a lot. How can i set my zimbra webmail is only accessible by its domain name? thanks for your time
Maybe you can configure Nginx redirect to the domain name. I don’t know how to do that 🙂