Talk:Zarafa
note to contributors
Please put you suggestions on the main page, we don't want to create a parallel page of instructions. If in doubt, add a pointer to the Talk page and expand
If you can advise on standard configuration, make it a bug so it is added to the rpm
Bugs
Search all bugs for smeserver-zarafa at bugs.contribs.org for history
Mobile synchronisation
To enable synchronization of your mobile phone through ActiveSync with Zarafa, Z-push needs to be installed.
You can find the original Z-push installation documentation here: http://download.zarafa.com/zarafa/release/docs/z-push_installation_manual.en.pdf
Download the latest Z-push version (see: http://z-push.sourceforge.net).
# wget http://download2.berlios.de/z-push/z-push-1.2.tar.gz
Extract the files:
# tar -zxvf z-push-1.2.tar.gz -C /var/www/html
'State'-dir needs to be writable for apache:
# cd /var/www/html/z-push/ # chmod 755 state # chown www:www state
Make a new template fragment:
# mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ # pico /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/86Z-PushAlias
Edit the fragment and add:
Alias /Microsoft-Server-ActiveSync /var/www/html/z-push/index.php <Directory /var/www/html/z-push/> Options -Indexes AllowOverride None order allow,deny allow from all AddType application/x-httpd-php .php php_flag magic_quotes_gpc off php_flag register_globals off php_flag magic_quotes_runtime off php_flag short_open_tag on </Directory>
Expand the template:
# expand-template /etc/httpd/conf/httpd.conf
Restart httpd (the currently for Zarafa only save way):
# sv restart httpd-e-smith
Synchronise using SSL
Know working hardware
Tested and working with WinMobile 6.1 on a HTC TyTN II over a NON SSL connection (mail-push not yet tested).
Additional Notes
Darrell, I have installed Zarafa manually using custom-templates/db settings and have most everything working flawlessly including the Outlook plugin, and z-push to a WM6 device and I am EXTREMELY impressed. I have a desktop, laptop and my Samsung i760 in perfect sync. The z-push actually "pushes" and emails, calendar, contact changes happen almost instantaneously.
I have a couple of pointers if you are still working on this project.
I notice you use the "db" setting for your users. I found the unix plugin a superb tool. It automatically adds all system users and keeps them in sync including password changes and user additions/deletions. It works on the fly. The only drawback is the fact SME uses weird user/group numbering so you have to include users from 5000 up and then exclude all groups by configuring uniz.cfg to a high range like 10001-10001. I also did not include admin as one of the users due to the limitations on how the unix plugin handles users/groups.
1- I also placed a rewrite rule to force https.
RewriteRule ^/Microsoft-Server-ActiveSync(/.*|$) https://%{HTTP_HOST}/Microsoft-Server-ActiveSync$1 [L,R]
2- You can sort junk email to zarafa and have it automatically placed in the Junk E-mail folder. This works in the .qmail-junkmail template. Note the -qj switch. This tells zarafa-dagent to place the email in the Junk E-mail folder.
http://bugs.contribs.org/show_bug.cgi?id=4705
Some other notes: I totally disabled horde (no big loss there) and pop and imap and my implementation either uses horde OR zarafa but not both. I run zarafa on the standard ports and transitioned 15 users last night. Some using Outlook (pop) and they didn't notice anything. A few use webmail and I left the alias alone and those users all logged in this morning to a big surprise and they were all extremely happy.
For this to work, you need to configure zarafa to use the certs already generated in SME. Hope this helps.
Paul
Hi Paul, please submit separate bug reports detailing all your customization notes. Darrell
SSL
I've been trying to get SSL working for both IMAP and the Outlook configuration. For IMAP, I edited the gateway.cfg template to point to the SME Server certificate and key files:
File with RSA key for SSL:
ssl_private_key_file = /home/e-smith/ssl.key/host.domain.com.key
File with certificate for SSL:
ssl_certificate_file = /home/e-smith/ssl.crt/host.domain.com.crt
On restart of the daemon, I was successfully able to connect. In looking further at the Outlook side, SSL support for the server is configured in server.cfg, where it requires a path to CA certificates. Using the steps outlined in the zarafa-server man page, I created a CA and certificate which I then specified in server.cfg. I was then able to configure the Outlook profile to use port 237 and connect successfully.
N.B. There is a typo in the man page - the shell script should be /usr/share/zarafa/ssl-certificates.sh - the man page is missing the "s" in certificates.
NOTE: There is no need to create any additional certificates, the SME self signed certificates work just fine for Outlook SSL connections. In server.cfg in the SSL section (on or about line 104) you need to point to the correct certs and paths like this:
server_ssl_key_file = /home/e-smith/ssl.pem/host.domain.com.pem
server_ssl_ca_file = /home/e-smith/ssl.crt/host.domain.com.crt
server_ssl_ca_path = /home/e-smith/ssl.crt/
sslkeys_path = /home/e-smith/ssl.pem/