Zimbra Collaboration 8.6 – DNSMasq

In the previous articles we saw what Zimbra is and how to prepare the server with the necessary prerequisites to install it. We will now finish with these prerequisites by installing and configuring  DNSMasq on the server (you can read more here). This is necessary when our server does not have a public IP but is instead in a private network behind a firewall (which is the recommended option), because Zimbra requests a DNS MX LOOKUP followed by a DNS A LOOKUP and requires the server to have a DNS installed to perform a so called “Split-DNS“.

In this case we’re going to use DNSMasq since it is easier and faster to install than alternatives such as Bind9. DNSMasq does also include both a DHCP feature and a TFTP feature, but we’re not going to use these. A point to consider is that DNSMasq is not recommended for very large installations with thousands of users.

First of all, to install DNSMasq we use the following command:

sudo apt-get install dnsmasq

Once installed, we will proceed and configure DNSMasq to perform the “Split-DNS“. For this, we edit the /etc/dnsmasq.conf file. The file will already have quite a large amount of lines of text, all commented (with the # symbol in front). You can delete the whole content and only leave what you need, but I prefer to leave everything as it is and add my configuration at the bottom. In our case we will use a configuration similar to the following:

server=8.8.8.8
server=8.8.4.4
listen-address=127.0.0.1
mx-host=mailserver.com,mail.mailserver.com,0
mx-host=mail.mailserver.com,mail.mailserver.com,0

With this configuration we specify that the DNS server we want to use are the ones from Google (8.8.8.8 and 8.8.4.4), and that DNSMasq has to listen on the Loopback IP for DNS requests. We also specify with which domains to respond to the MX requests.

Once we have done this, we restart DNSMasq:

sudo service dnsmasq restart

Now we have to do a small modification to our network configuration for the DNS server to be “localhost”. Therefore we edit the /etc/network/interfaces file and change the following line:

dns-nameservers 8.8.8.8

to:

dns-nameservers 127.0.0.1

Once this is done, we can restart the networking service or the server with:

sudo service networking restart

Or:

sudo shutdown –r now

Finally, after restarting the service or server, everything should be ready to proceed with the installation of Zimbra. As a result, we can check that the configuration of DNSMasq is correct by running the following command:

host -t mx mailserver.com

The result should display what we have configured in our /etc/hosts file:

cat /etc/hosts