the internet company
Beratung aus Dithmarschen für die Welt

Running multiple MTAs on a single machine with multiple IP address in chroot'd environment can be a burden.

A couple of notes for Zimbra, Postfix, IP address binding for smtp et al that made it work for me

  • Do not use smtp_bind_address in main.cf - it will render your mailtransfer useless.
  • Instead use inet_interfaces = ip-address-to-bind-to, 127.0.0.1
  • Add the ip-address-to-bind-to into master.cf.in infront of all the services that you want to listen to that specific address (and restart Zimbra). If you want speed things up a bit, for tests, put it into master.cf instead, and restart postfix only.
  • If you receive Temporary Lookup Failure check if your logging is working. I had to start the rsyslog in the chroot specifically.

Crashes and memory problems

The web access for user and administrators was crashing a lot. Most of the time a simple init.d/zimbra restart made it work again. After looking a bit at the logfile, out of memory with permgenspace was the caused

Running the following configuration change as the user zimbra seems to have fixed the issue. Especially the CMSClassUnloadingEnabled seems to have helped.

zmlocalconfig -e mailboxd_java_options="-server -Djava.awt.headless=true \
    -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:NewRatio=2 \
    -XX:PermSize=196m -XX:MaxPermSize=350m -XX:SoftRefLRUPolicyMSPerMB=1 \
    -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCTimeStamps \
    -XX:+PrintGCApplicationStoppedTime \
    -XX:+CMSClassUnloadingEnabled \
    -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/opt/zimbra/log \
    -XX:ErrorFile=/opt/zimbra/log/hs_err_pid%p.log"

Processes needing to run in a chroot'd env for Zimbra

ssh and cron need to run for status messages and stuff.

rsyslog is important as well

Maybe some of the above information will help others.