• Zarafa

Zarafa on FreeBSD

the port described on this page wound up never being committed to FreeBSD. All of the information here is from 2012 and is thus stale -- MarkLinimon

This page is meant as an augmentation on the Zarafa Administrator Manual which references mostly Linux specific setups. This is by no means a replacement for the manual or a finish to start configuration guide. Even though Zarafa is the easiest to setup and maintain among its competitors it is still a complex product acting both as middleware for several other services and final service provider to end users.

What is Zarafa

In short, Zarafa is a MAPI service providing various groupware services. It is possible to replace a Microsoft Exchange server on a given site and in the process eliminate some of its annoyances, like mailbox size limits. For more information see Zarafa website.

The FreeBSD port

The FreeBSD port conforms to the known ports hierarchy and as such differs from the manual. One important difference is how the server locale is propagated to userscripts. The installed userscript wrapper that calls all custom scripts is patched to fetch its locale value from /etc/rc.conf where one would expect it on FreeBSD. The key difference is that we have also named this variable zarafa_locale rather than the uppercase version to be consistent with variable namings in /etc/rc.conf. This also means that one has to set zarafa_locale in /etc/rc.conf before creating users and folders note to self, explain why */. It also means that care should be taken when copying 3rd user scripts as they may use/override a differently named variable.

rc scripts

A wrapper script is provided that calls the rc scripts that exist for each component in the preferred order. The wrapper script intentionally does not support the reload command. When reloading configurations that have been changed the order in which the components should be reloaded may be different from the start up order and may cause interruption of service because a prerequisite for the new configuration has not been met. All rc scripts are installed in $PREFIX/etc/rc.d and the main zarafa script contains various comments about what variables one can set. Additionally, each component script has comments explaining it's variables.

shutdown sequence

The zarafa-server component makes various checks on shutdown and may take several seconds or even minutes pending your store size. The value for rcshutdown_timeout in /etc/rc.conf will need adjustment in most production environments. The default value for this setting is thirty seconds.

Zarafa-Dagent and Folders

As mentioned above, the Zarafa delivery agent can be used as an LTMP daemon and accept mail from a capable MTA. However, this mode is not capable of delivering mail to public (or private) folders. The zarafa-dagent itself is capable through the use of command line arguments. How to connect a mail alias to an invocation of a command, we will refer to the documentation of the MTA used. For the various delivery options that the agent supports when invoked as "mailbox command" see the zarafa-dagent(5) manual page. /* describe it's possible to use both, just to avoid mail and perhaps do give a postfix example

LDAP Notes

When using bdb or hdb backends, periodically check for index warnings:

        sed -nE 's,^.* (bdb_[^[:space:]]+_candidates: .*) not indexed$,\1,p' \
                /var/log/slapd.log | sort -u

what loglevel does this require again? Indexing mail and zarafaAliases is a good start however.

Group management and Email

Alias expansion for groups should be done in the mail server, because, like MS Exchange, Zarafa ties mail boxes to users and does not by itself expand group members to their email addresses. When working with the LDAP backend, this is slightly easier however it still requires you to manually add user email addresses to the group, as illustrated below:

# /usr/local/etc/postfix/ldap-aliases.cf
server_host = localhost
search_base = dc=zarafa,dc=local
version = 3
scope = sub
# can also use zarafa-user and zarafa-group here
query_filter = (&(|(objectClass=posixAccount)(objectClass=posixGroup))
        (zarafaAliases=%s))
result_attribute = mail

# Art Department, Departments, zarafa.local in LDIF format
dn: cn=Art Department,ou=Departments,dc=zarafa,dc=local
gidNumber: 10009
cn: Art Department
objectClass: posixGroup
objectClass: zarafa-group
objectClass: top
zarafaSecurityGroup: 1
zarafaAliases: art@zarafa.local
mail: joey_paint@zarafa.local
mail: lisa_colors@zarafa.local
mail: mike_brush@zarafa.local

Note that the zarafaAlias has a single value and expands to multiple mail attributes. The above translates to the following aliases(5) entry, commonly referred to as list expansion:

sales@zarafa.local      joey_paint@zarafa.local lisa_colors@zarafa.local
         mike_brush@zarafa.local

It's also possible to have multiple zarafaAliases values to accommodate different names and speling errors.

Nginx/FastCGI

Instead of the "officially supported" apache configuration it is possible to use nginx or any other FastCGI capable HTTP server to serve the webaccess. An example is given here using nginx:

server {
    listen         127.0.0.1:80;
    server_name    example.org www.example.org webaccess.example.org;
    root           /usr/local/www/zarafa;
    index          index.php;
    location ~ \.php$ {
        root       /usr/local/www/zarafa;
        fastcgi_pass /var/run/php-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include     fastcgi_params;
    }
}

describe problem with php-fpm

CategoryStale