Posted by If you want to obtain Exchange ActiveSync ability on your Zimbra Open Source Edition, you can integrate Zimbra and Z-push + Zimbra Backend. With it, you can synchronize email, contacts, and calendars between Zimbra and your mobile device.
This article only for Zimbra that installing Single Server. If you have Zimbra with multi-server installation, I recommend you to install Z-push + Zimbra Backend on a separate server.
This guidance has been tested on Zimbra 8.8.12 – 8.8.15
# Install dependencies
For CentOS 7
yum install epel-release -y yum install git php-cli php-soap php-process php-mbstring -y
For Ubuntu 16.04 and 18.04
apt update -y apt install git php-cli php-soap php-cgi php-mbstring php-curl -y
Clone repo
git clone https://github.com/imanudin11/zcs-zpush.git cd zcs-zpush/
Create folder for log
mkdir /var/lib/z-push /var/log/z-push chmod 755 /var/lib/z-push /var/log/z-push chown zimbra:zimbra /var/lib/z-push /var/log/z-push
Save z-push folder on /opt/
cp -rvf z-push /opt/
Note : I use Asia/Jakarta as my Timezone. Please open /opt/z-push/config.php and adjust/change Asia/Jakarta to your Timezone
Create symlink
ln -sf /opt/z-push /opt/zimbra/jetty/webapps/
Save php script on /usr/bin
cp php-cgi-fix.sh /usr/bin/php-cgi-fix.sh chmod +x /usr/bin/php-cgi-fix.sh
Change publicHostname domain on your Zimbra into localhost
su - zimbra -c 'zmprov md yourzimbradomain.tld zimbraPublicServiceHostname localhost zimbraPublicServiceProtocol https'
Note : If you have more than 1 domain, and that domain want to use Exchange ActiveSync, you should run above command for each domains
# Backup and replace jetty.xml.in
For Zimbra 8.8.6
cp /opt/zimbra/jetty/etc/jetty.xml.in /opt/zimbra/jetty/etc/jetty.xml.in.backup cp jetty.xml.in-for-zcs-886 /opt/zimbra/jetty/etc/jetty.xml.in chown zimbra.zimbra /opt/zimbra/jetty/etc/jetty.xml.in
For Zimbra 8.8.7
cp /opt/zimbra/jetty/etc/jetty.xml.in /opt/zimbra/jetty/etc/jetty.xml.in.backup cp jetty.xml.in-for-zcs-887 /opt/zimbra/jetty/etc/jetty.xml.in chown zimbra.zimbra /opt/zimbra/jetty/etc/jetty.xml.in
For Zimbra 8.8.8 – Zimbra 8.8.12
cp /opt/zimbra/jetty/etc/jetty.xml.in /opt/zimbra/jetty/etc/jetty.xml.in.backup cp jetty.xml.in-for-zcs-888-8812 /opt/zimbra/jetty/etc/jetty.xml.in chown zimbra.zimbra /opt/zimbra/jetty/etc/jetty.xml.in
For Zimbra 8.8.15
cp /opt/zimbra/jetty/etc/jetty.xml.in /opt/zimbra/jetty/etc/jetty.xml.in.backup cp jetty.xml.in-for-zcs-8815 /opt/zimbra/jetty/etc/jetty.xml.in chown zimbra.zimbra /opt/zimbra/jetty/etc/jetty.xml.in
For Zimbra 9
cp /opt/zimbra/jetty/etc/jetty.xml.in /opt/zimbra/jetty/etc/jetty.xml.in.backup cp jetty.xml.in-for-zcs-9 /opt/zimbra/jetty/etc/jetty.xml.in chown zimbra.zimbra /opt/zimbra/jetty/etc/jetty.xml.in
# Add zpush.ini into php
For CentOS 7
cp zpush.ini /etc/php.d/zpush.ini
For Ubuntu 16.04
cp zpush.ini /etc/php/7.0/cgi/conf.d/10-zpush.ini
For Ubuntu 18.04
cp zpush.ini /etc/php/7.2/cgi/conf.d/10-zpush.ini
Restart Zimbra Mailbox
su - zimbra -c 'zmmailboxdctl restart'
For testing, please access https://ip-of-zimbra/Microsoft-Server-ActiveSync from your browser. Log in with your Zimbra account. If it works, you can see the output as below. Or you can configure your mail apps on mobile devices and ensure choose exchange/activesync
Hi,thank you for your information.
I have something to ask you.
Is there jetty.xml.in for ZCS8.8.5(universal ui unofficial)
Hello,
You can use jetty for 886
Hi Ahmad, your tutorials are great! Thank you. I’ve tried to get this work, but something is not right, the schedules and the e-mails not pushing to the phones. I’m using Ubuntu 18.04.03 with the latest Zimbra build.
Hi Tamas,
Please make sure your mobile phone :
– Enable sync
– Please choose Automatic (Push) on Sync frequency. This configuration is there on your Mail client apps
I tried, but it does not work in Centos 7 and the latest version of zimbra
HTTP ERROR 404
Problem accessing /service/extension/zimbrasync. Reason:
Not Found
Hello,
If see your error. The jetty file not replaced by jetty from me.
Dear,
We are using single server, 8.8.15P3 on Centos 7.7 with 4 vCPU and 8GB RAM. Server will serve about 200-300 accounts. Do you think we can have z-push on this spec?
Many thanks and best regards,
Minh.
Hello,
Yes. It’s more than enough
Sorry, it work`s
thanks for instruction 🙂
Hello,
Glad to hear that 🙂
Hello,
Seems something wrong.
I get :
. * * Consult LICENSE file for details ************************************************/ ob_start(null, 1048576); // ignore user abortions because this can lead to weird errors – see ZP-239 ignore_user_abort(true); require_once ‘vendor/autoload.php’; if (!defined(‘ZPUSH_CONFIG’)) define(‘ZPUSH_CONFIG’, ‘config.php’); include_once(ZPUSH_CONFIG); // Attempt to set maximum execution time ini_set(‘max_execution_time’, SCRIPT_TIMEOUT); set_time_limit(SCRIPT_TIMEOUT); try { // check config & initialize the basics ZPush::CheckConfig(); Request::Initialize(); ZLog::Initialize(); ZLog::Write(LOGLEVEL_DEBUG,”——– Start”); ZLog::Write(LOGLEVEL_DEBUG, sprintf(“cmd=’%s’ devType=’%s’ devId=’%s’ getUser=’%s’ from=’%s’ version=’%s’ method=’%s'”, Request::GetCommand(), Request::GetDeviceType(), Request::GetDeviceID(), Request::GetGETUser(), Request::GetRemoteAddr(), @constant(‘ZPUSH_VERSION’), Request::GetMethod() )); // always request the authorization header if (! R………………..
Hello Stiwans,
Please make sure :
– SELinux has been disabled
– PHP dependencies have been installed
– What your Zimbra and OS version?
Hello Iman,
greetings from Italy.
what about going through the (now) recommended procedure for z-push installation, detailed here
https://wiki.z-hub.io/display/ZP/Installation
(add Yum/Apt repo to the system, installing via OS package management)?
Which steps would be still to be performed?
Thanks in advance.
Best regards
Hello Ferdinando,
I am should try first on my dev server. I have not tried with apt/yum method
Hello Iman,
I noticed that your z-push source version is 2.3.4, while there’s now v2.5.1 final available.
I’m going to experiment the “source” way (i.e. procedure outlined on your article) replacing your z-push subdir with the updated source from here https://stash.z-hub.io/projects/ZP/repos/z-push/browse/src?at=refs%2Ftags%2F2.5.1 (plus, of course, the Zimbra backend v68).
May I fork your GitHub repo for this activity?
Additionally, I believe that it isn’t strictly necessary to set zimbraPublicServiceHostname to “localhost”, you should instead whitelist the server’s public IP address within the Zimbra’s DoSFilter configuration section, as explained here https://wiki.zimbra.com/wiki/DoSFilter
Does this sound correct to you?
Hello Ferdinando,
Sure. You can fork my GitHub repo and it’s open. zimbraPublicServiceHostname refers to the localhost because I define localhost on ZIMBRA_URL config. So, the log is clean and not appear warning about ZIMBRA_URL
Yes, I noticed that, reviewing the various configurations files.
I was only concerned (as a Zimbra newbie) about possible negative interactions with other Zimbra services of setting “public hostname” to localhost.
Hello Iman,
This solution for Exchange Active-Sync for Zimra open source is great help. However, one problem with setting the Hostname as “localhost” (zimbraPublicServiceHostname localhost) is that one of the Admin Zimlet (com_zimbra_viewmail) stopped working. It uses the Hostname to open the mailbox for a user and now it is unable to do so.
Can you help solve this problem?
Hello,
You can skip configure zimbraPublicServiceHostname to localhost. That configuration is optional
Hi there thank you for the guide, as for the zpush version it seems that it’s on 2.3.4 the current version is 2.5 is there a possibility to upgrade it?
Hello Farzad,
Yes possible to upgrade. You can save zimbraBackend and config on z-push folder. Then upgrade z-push with the new version
Thank you for the reply, as for the localhost i ran the command but how to revert it back? and whitelist ?
su – zimbra -c ‘zmprov md mail.domain.com zimbraPublicServiceHostname localhost zimbraPublicServiceProtocol https’
Thank you
Hi Iman,
Your guide works fine and ActiveSync was set up correctly.
I’m on version 8.8.15, but ActiveSync breaks when proxy port is changed from 443.
I want to change proxy port to 9444 then use a reverse proxy to serve clients on port 443.
Can you please help out.
Thanks,
Darren
Hi Darren Ramen,
In this article, ActiveSync listen on Jetty. It’s mean ActiveSync active on mailbox services. If you have reverse proxy, you can try pointing to port 8080 or 8443 where service mailbox listen
Hi Iman,
Thanks for the instructions for setting up Activesync for Zimbra! Iphone mail/calender apps work line a charm.
Do you know if Outlook App for iPhone is supported? The only error I get is “Can not sign in”. I’m using Patch 8.8.15_P8 on Ubuntu 18.04.4 64b.
Hi Joost Brenters,
I have not tried on Outlook apps. I usually use default apps 🙂
Hi Iman,
Thank you for this nice post.
I configured and it worked well in my environment. However, it seems the internal GAL is not syncing with PC Outlook. At the same time, email contact is syncing properly in mobile default app and webmail.
Could you please help me on this?
Hi Afsher,
I have not tried on Outlook. I usually use mobile apps instead of desktop apps 🙂
Thank you for your feedback. Do you use webmail instead of Outlook in Desktop?
Hi Afsher,
Yes, I Do.
Morning Iman,
The best informative guide I have seen out there. Great work.
Just a quick question, I noticed z-push showing zimbra IP for all the devices connected via activesysnc rather than the actual IP. This makes it tricky to implement Fail2Ban etc.
In z-push “config.php” I have included define(‘HTTP_X_FORWARDED_FOR’, ‘HTTP_X_REAL_IP’) or define(‘USE_X_FORWARDED_FOR_HEADER’, true); however I have not been able to get real IP of the devices.
Do you have any trick up your sleeve how to fix this?
Thanks Mate.
Hi Chris,
zmprov mcf +zimbraMailTrustedIP 127.0.0.1 +zimbraMailTrustedIP {IP of nginx-1}
Please run the following command
zmmailboxdctl restart
Hi Iman,
Tried that but still showing the local IP address of zimbra server and not real IP address of the device.
Have you had a chance to make z-push work on Zimbra 9 with latest Zimbra z-push backend from SourceForge?
Hi Tony,
I will try and update the article
Hi iman!
Ok, looking forward for the results.
Thanks!
Thank you for the highest quality article.
What parameter should I use in config.php to have the real ip?
I tried in some ways and I couldn’t.
Thank you
Hi Willian,
You can check the original IP from /var/log/z-push log
Can you help me resolve this?
I am getting this error
Problem accessing /z-push/index.php. Reason:
Failed to exec CGI
I am running this on CentOS 8 and Zimbra 9 OSS
Hi Tenshou,
I haven’t tried it on Zimbra 9 and CentOS 8. So, I can’t give you an answer yet
Thank You Iman
It work well on Ms-Outlook 2019 32 bit – Zimbra 8.8.15 & Centos 7
Renato
Hi Ahmad, i tried to install Z-Push on my 8.8.15 Machine but i can’t get it work 🙁
When i try to login all i get is:
Z-Push – Open Source ActiveSync
Version 2.3.4
AuthenticationRequiredException
Access denied. Please send authorisation information
z-push.log:
[FATAL] [unknown] Exception: (AuthenticationRequiredException) – Access denied. Please send authorisation information
Zimbra->Logon(): END Logon – Proxy Error { connected = false }
25/08/2020 22:58:10 [30946] [ INFO] […] AuthenticationRequiredException: Access denied. Proxy unable to initiate a session on user mailbox server – code: 0 – file: /opt/z-push/backend/zimbra/zimbra.php:1208
I hope you have an idea. I use Ubuntu 18.04 with php 7.4
Hi Jan-Eric DreBler,
I haven’t tried using PHP 7.4. If possible, try downgrading PHP to version 7.2
Hi Iman,
Your guide works just fine with ActiveSync (Outlook mobile and Windows client) so far using Zimbra OSE 8.8.15 on Ubuntu 18.04
Trying make autodiscover to work but my mail.zimbradomain.com/autodiscover/autodiscover.xml getting:
Problem accessing /z-push/index.php. Reason:
Failed to exec CGI
Any hints?
Hi Antonio Filho,
Autodiscover does not work for this guidance. However, you can try to modify Z-Push to support it. I haven’t try Autodiscover
Hi! I installed z-push according to your instructions, please tell me how to set the limit for sending attachments. Emails with 20MB attachments remain in outgoing folder Outlook
Hi Maxim,
1. You should increase via Zimbra Admin | Configure | Global Settings | MTA | Maximum Message Size
2. You can increase in php.ini
Hi Iman, thanks for reply. I set zimbraMtaMaxMessageSize to 40960 and change php.ini (/etc/php.ini and /opt/zimbra/conf/php.ini) parameters upload_max_filesize and post_max_size to 40M. After that I run zmcontrol restart but I cannot sent 18Mb attachment from outlook, message stay at outgoing folder
Edit /opt/z-push/policies.ini
Add
; The maximum attachment size in bytes as determined by security policy.
maxattsize = ‘62914560’
use for 60MB
I added ini_set(‘memory_limit’, ‘-1’) to the /opt/z-push/index.php and the email was sent. Thank you
Hi Maxim,
Nice work. Thanks for sharing. Glad to hear that 🙂
Hi Iman, do you think this could still be functional also for the Zimbra 9 OSE version released by Zextras?
Hi Antonio,
I think so. I haven’t tried it on Zimbra 9 OSE 🙂
Hello
Is it possible get running z-push without Zimbra Proxy service? I have few users only. No proxy needed.
Hi,
Yes, it is. This guidance using Jetty to get z-push working with Zimbra
I got it working finally.
But I found that GAL and Calendars do not appear in Outlook 2016. If I understood correctly only shared contacts and calendars (folders) will work. Is it true?
Thank you for help!
Hi Sergiy K,
I usually use EAS on Mobile Phone and use built in Mail client
Hi Iman,
Thank you for the good information you shared.
How can I run it on zimbra 9.0 ?
Hi Firat,
You can try to use jetty for 8.8.15. I have not tried on ZCS 9 😀
I already install 9.0 , I try to install but , not working,
HTTP ERROR 500
Problem accessing /z-push/index.php. Reason:
Failed to exec CGI
Do you suggest using 9.0 ?
hi, I installed on: “centos 7 zimbra 8.8.15” according to your description, but whatever I do I get an error 500
HTTP ERROR 500
Problem accessing /z-push/index.php.
why is this happening?
Hi Pavel,
Please check the log on z-push.log and mailbox.log to see the problem. Please ensure you already install PHP too
Hi Iman,
I have enabled z-push.log debugging mode:
[DEBUG] [#unknown] ——– Start
[DEBUG] [#unknown] cmd=” devType=” devId=” getUser=’unknown’ from=’*MYSERVER_IP*’ version=’GIT’ method=’GET’
[ INFO] [#unknown] AuthenticationRequiredException: Access denied. Please send authorisation information – code: 0 – file: /opt/z-push/src/index.php:56
[ INFO] [#unknown] User-agent: ‘unknown’
[FATAL] [#unknown] Exception: (AuthenticationRequiredException) – Access denied. Please send authorisation information
[DEBUG] [#unknown] ZPush::PrintZPushLegal()
[DEBUG] [#unknown] InterProcessData:__construct type: ”
[DEBUG] [#unknown] TopCollector(): Initialized mutexid Resource id #43 and memid Resource id #44.
[DEBUG] [#unknown] TopCollector initialised with IPC provider ‘IpcSharedMemoryProvider’ with type ’20’
[ INFO] [#unknown] cmd=” memory=’2.29 MiB/2.75 MiB’ time=’0.01s’ devType=” devId=” getUser=’unknown’ from=’*MYSERVER_IP*’ idle=’0s’ version=’GIT’ method=’GET’ httpcode=’401′
[DEBUG] [#unknown] ——– End
mailbox.log:
INFO [qtp1225197672-128:https://*MYSERVER*/favicon.ico%5D [] AuthProvider – Adding auth provider: zimbra com.zimbra.cs.service.ZimbraAuthProvider
INFO [qtp1225197672-128:https://*MYSERVER*/favicon.ico%5D [] AuthProvider – Adding auth provider: sampleoauth com.zimbra.cs.service.ZimbraAuthProviderForOAuth
php -v
PHP 5.4.16 (cli) (built: Apr 1 2020 04:07:17)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
Hi. Any support for Zimbra 9?
Hi,
Yes. Please check my update for Zimbra 9
I got a error in Zimbra 9 🙁
Works great on on Centos 8 + Zimbra Collaboration Open Source Edition 8.8.15.
Thank you!
Hi Iman,
Thank you for the update on Zimbra 9 OSE! In our case, EAS on phone working for the primary mailbox of users. However, users with shared mailboxes and personas cannot send mail using the persona and cannot access the shared inbox. Is this the normal behavior of EAS? Can you please help with this?
Hi,
I think yes. I also have a shared mailbox and did not appear on my phone (EAS)
Excelente. Manual. Thanks but i got this error:
HTTP ERROR 404
Problem accessing /service/extension/zimbrasync. Reason:
Not Found
Hi,
Please re-run this step “# Backup and replace jetty.xml.in”
Hello,
In Oracle Linux 8 – Zimbra 8.8.15
HTTP ERROR 500
Problem accessing /z-push/index.php. Reason:
Failed to exec CGI
PHP 7.2.24
Does anyone have any idea what it might be?
have same problem
Hello
im experience whit z-push in another company. Now I install whit this guide but, y can’t see the original IP in the log /var/log/z-push or /opt/zimbra/log/audit.log, only see ip of server.
Can guide how can I see ?
Thank you
I can see now, only modify Proxy settings in config.php
Hi Christian,
Glad to hear you solve your problem. Could you share with us what you modify in config.php ?
Sure!
// When accessing through a proxy, the “X-Forwarded-For” header contains the original remote IP
define(‘USE_X_FORWARDED_FOR_HEADER’, false);
change for
// When accessing through a proxy, the “X-Forwarded-For” header contains the original remote IP
define(‘USE_X_FORWARDED_FOR_HEADER’, true);
I tried, but it does not work in Centos 7 and the latest version of zimbra
HTTP ERROR 404
Problem accessing /service/extension/zimbrasync. Reason:
Not Found
my zimbra version: Release 8.8.15_GA_3869.RHEL7_64_20190917004220 RHEL7_64 FOSS edition, Patch 8.8.15_P27
i followed exactly same steps for Backup and replace jetty.xml.in For Zimbra 8.8.15
Hi Muhammad Ilyas,
Please try re-copy jetty.xml.in. Sometime, I get same problem 🙂
Hi Iman,
We are using Zimbra 8.8.15 with Z-Push and it looks all working good.
However, it seems some users can only sync 1000 email per folder but some are 2000 email per folder.
How we can sync ALL email per folder like IMAP?
Appreciate your early reply .
Many thanks !!
Hi Harry H,
I recommend you not to sync all emails. I once synced ALL emails. However, all emails do not appear
Hello
Centos 9 zpush 2.3 install
Problem
08/12/2021 23:08:55 [358791] [FATAL] [xxxxx.xxxxxx.xxxx] Exception: (WBXMLException) – Unknown error in SendMail->Handle()
08/12/2021 23:08:55 [358791] [FATAL] [xxxxx.xxxxxx.xxxx] Exception: (WBXMLException) – Unknown error in SendMail->Handle()
08/12/2021 23:08:55 [358791] [FATAL] [xxxxx.xxxxxx.xxxx] Request could not be processed correctly due to a WBXMLException. Please report this including the ‘WBXML debug data’ logged. Be aware that the debug data could contain confidential information.
08/12/2021 23:08:55 [358791] [FATAL] [xxxxx.xxxxxx.xxxx] Request could not be processed correctly due to a WBXMLException. Please report this including the ‘WBXML debug data’ logged. Be aware that the debug data could contain confidential information.