Product SiteDocumentation Site

ZCP trunk (build 52028)

Zarafa Collaboration Platform

Release Notes

Edition 7.2

The Zarafa Team

Legal Notice

Copyright © 2016 Zarafa BV.
The text of and illustrations in this document are licensed by Zarafa BV under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at the creativecommons.org website. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Red Hat®, Red Hat Enterprise Linux®, Fedora® and RHCE® are trademarks of Red Hat, Inc., registered in the United States and other countries.
Ubuntu® and Canonical® are registered trademarks of Canonical Ltd.
Debian® is a registered trademark of Software in the Public Interest, Inc.
SUSE® and eDirectory® are registered trademarks of Novell, Inc.
Microsoft® Windows®, Microsoft Office Outlook®, Microsoft Exchange® and Microsoft Active Directory® are registered trademarks of Microsoft Corporation in the United States and/or other countries.
The Trademark BlackBerry® is owned by BlackBerry and is registered in the United States and may be pending or registered in other countries. Zarafa BV is not endorsed, sponsored, affiliated with or otherwise authorized by BlackBerry.
All trademarks are the property of their respective owners.
Disclaimer: Although all documentation is written and compiled with care, Zarafa is not responsible for direct actions or consequences derived from using this documentation, including unclear instructions or missing information not contained in these documents.
Abstract
The Zarafa Collaboration Platform (ZCP) combines the usability of Outlook with the stability and flexibility of a Linux server. It features a rich web-interface, the Zarafa WebAccess, and provides brilliant integration options with all sorts of clients including all most popular mobile platforms.
Most components of ZCP are open source, licensed under the AGPLv3, can therefore be downloaded freely as ZCP's Community Edition.
Several closed source components exist, most notably:
  • the Zarafa Windows Client providing Outlook integration,
  • the Zarafa BES Integration providing Blackberry Enterprise Server connectivity,
  • the Zarafa ADS Plugin providing Active Directory integration, and
  • the Zarafa Backup Tools.
These components, together with several advanced features for large setups and hosters, are only available in combination with a support contract as part of ZCP's Commercial Editions.
Alternatively there is a wide selection of hosted ZCP offerings available worldwide.
This document, the release notes, will describe all new features and architecture changes in the ZCP.
1. Introduction
1.1. Intended Audience
1.2. Additional information resources
2. Changes for end users
2.1. Outlook changes
2.1.1. Outlook offline storage engine
2.2. WebAccess changes
2.3. WebApp changes
3. Changes for Administrators
3.1. Subscription keys
3.2. Packaging layout change
3.3. Zarafa Search
3.4. Completely revamped SSL stack
3.5. Package format/distribution changes
3.6. Better performance by using newly supported transaction isolation levels
3.7. Official support for MariaDB
3.8. RHEL 7, SLES 12 and Univention 4.0
3.9. Obsoleted RHEL 5 and Debian 5.0
3.10. Zarafa presence daemon
3.11. Improved random number generator
3.12. Support for TCP FastOpen
3.13. WebApp plugins separation
4. Upgrading to ZCP 7.x
4.1. Upgrading to ZCP 7.2
4.2. Upgrading to ZCP 7.1
4.3. Config file changes
4.3.1. server.cfg
4.3.2. admin.cfg
4.3.3. archiver.cfg
4.3.4. backup.cfg
4.3.5. indexer.cfg
4.3.6. search.cfg
4.3.7. licensed.cfg
4.3.8. monitor.cfg
4.3.9. dagent.cfg
4.3.10. spooler.cfg
4.3.11. gateway.cfg
4.3.12. ical.cfg
4.3.13. ldap.propmap.cfg
4.3.14. ldap.openldap.cfg
4.3.15. ldap.active-directory.cfg
5. Changes in 7.1.1
5.1. Configuration file changes 7.1.1
6. Changes in 7.1.2
6.1. Configuration file changes 7.1.2
7. Changes in 7.1.3
7.1. Configuration file changes 7.1.3
8. Changes in 7.1.4
8.1. Configuration file changes 7.1.4
9. Changes in 7.1.6
9.1. Configuration file changes 7.1.6
10. Changes in 7.2.0
10.1. Configuration file changes 7.2.0

Chapter 1. Introduction

1.1. Intended Audience
1.2. Additional information resources
The Zarafa Collaboration Platform (ZCP) is an open source software suite capable of replacing Microsoft Exchange. It’s architecture is very modular, makes use of open standards wherever possible, and integrates with common open source components.
This release notes will give an overview of the new features and improvements as well any changes in the architecture of the ZCP version 7.2.
The ZCP 7.2 release contains many improvements and changes, especially with the introduction of the new zarafa-search-plus, utilizing the enterprise search engine xapian. The 7.2 release does not contain database upgrades, but it requires re-indexing of the zarafa-search indexes. As part of its philosophy Zarafa backports 95% of all bug report fixes to supported production versions in the general and extended support lifecycle phase. Please review the Zarafa Lifecycle Document in the client customer portal on http://portal.zarafa.com
These release notes focus on the differences beween the last 7.1.11 and the new 7.2.0 major version, for the many features and changes added in the 7.1 track please review the 7.1 Release Notes. All features and changes of 7.1.x are also present in 7.2.0 but may be more optimized.

Important

Although we, Zarafa, try our best to keep the information in these notes as accurate as possible, we withhold the right to modify this information at any time, without prior notice.

1.1. Intended Audience

These release notes are intended for end users and system administrators responsible for installing, maintaining, and supporting the ZCP software and its deployment.

1.2. Additional information resources

Chapter 2. Changes for end users

2.1. Outlook changes
2.1.1. Outlook offline storage engine
2.2. WebAccess changes
2.3. WebApp changes

2.1. Outlook changes

2.1.1. Outlook offline storage engine

The Zarafa client was updated to contain the latest MariaDB embedded edition for offline usage. The new storage engine was replacing the older version which removes a number of smaller internal storage issues for larger offline profiles, some older Unicode issues and provides massive performance improvements.
Offline users must expect an upgrade of their profile when starting Outlook the first time after the installation of the new Zarafa client. The upgrade time will take from 10 minutes to 2 hours depending on the size of the offline data profile and the PC performance. During the upgrade the user can work online with the Zarafa Server to continue the work.
The upgrade process may be interrupted by sleep mode or hibernation and will continue then at the next start. Offline mode is not available until the upgrade is completely finished.

Note

An upgraded 7.2 offline profile can not be downgraded for use with a 7.0 or 7.1 server. This would require removing and recreating the profile after the server and client downgrade.

2.2. WebAccess changes

The ZCP 7.2 release doesn’t contain any additional webaccess user features.

2.3. WebApp changes

The latest Webapp 2.0.1 final is included in ZCP 7.2. This release contains:
  • Improved HTML Editor WebApp 2.0 has an all-new HTML editor. We have switched to TinyMCE 4 (actually, version 4.1.7), which means a better user experience and an improved email layout. The toolbar skin is now more in line with the overall WebApp skin.
  • Improved plugin support WebApp already supported plugins. Version 2.0 brings integration options to a higher level and has support for tighter integration with WebApp features. New extensions & plugins have been developed and are currently in the (closed) beta state. Keep an eye open for announcements on the S/MIME, Zarafa Files Team and web meetings extensions.
  • Files plugin for individual usage This plugin enables the access to files in WebApp. A user can now work with his files wherever he goes. This first version features basic functionality. ownCloud backends and any other default WebDAV backend are supported.
  • Issues Many bugs have been found and fixed. The full list can be found in the changelog at https://download.zarafa.com/community/final/WebApp/2.0/changelog2.0.txt. The majority of bugs were related to the implementation of the new HTML editor, especially formatting problems. We were able to tackle all known issues.

Chapter 3. Changes for Administrators

3.1. Subscription keys
3.2. Packaging layout change
3.3. Zarafa Search
3.4. Completely revamped SSL stack
3.5. Package format/distribution changes
3.6. Better performance by using newly supported transaction isolation levels
3.7. Official support for MariaDB
3.8. RHEL 7, SLES 12 and Univention 4.0
3.9. Obsoleted RHEL 5 and Debian 5.0
3.10. Zarafa presence daemon
3.11. Improved random number generator
3.12. Support for TCP FastOpen
3.13. WebApp plugins separation

3.1. Subscription keys

When upgrading a supported ZCP version to a new major release, like 7.1.x to 7.2.x, the subscription key has to be converted. Converting subscription keys can be performed on our portal.

Note

During the Beta period the 7.1.x subscription key will remain valid. After this release the subscription key has to be converted.

3.2. Packaging layout change

To make it easier for system administrators to deploy specific components of ZCP on the servers, the packaging layout was refined in ZCP 7.2. In 7.2 the packaging has been altered to accommodate the new search engine functionality and follow common standards in distribution of software according to the filesystem hierarchy standard (FHS). Depending on the distribution, certain distribution included packages are utilized, for distributions where this is not the case, the extra dependencies are shipped with the full package. The packaging layout change is displayed in the following table:
Table 3.1. Package layout
Package name Description
zarafa-search
REMOVED
libvmime
REMOVED
libical
REMOVED
zarafa-libvmime
NEW: Contains vmime libraries for MIME message processing
zarafa-libical
NEW: Contains libical libraries for ICAL message processing
zarafa-search-plus
NEW: Contains the full text search service
gperftools
NEW: Contains the library for high-performance threading and memory management
zarafa-presence
NEW: Contains the presence daemon for presence service in WebApp
xapian-core/xapian
NEW: Contains the enterprise search engine used by zarafa-search-plus plus interfaces
python-MiniMock
NEW: Dependency shipped for usage with zarafa-presence
python-dnspython
NEW: Dependency shipped for usage with zarafa-presence
python-nose
NEW: Dependency shipped for usage with zarafa-presence
python-openssl
NEW: Dependency shipped for usage with zarafa-presence
python-sleekxmpp
NEW: Dependency shipped for usage with zarafa-presence
python-tlslite
NEW: Dependency shipped for usage with zarafa-presence
zarafa-gsoap
NEW: Contains modern gSOAP stack with various enhancements

With the release of WebApp 2.0 all included plugins are separately packaged, allowing only a defined stack of plugins to be installed and used by the administrator.

3.3. Zarafa Search

As part of the 7.2 release Zarafa has re-implemented the full text search feature. In this new implementation Xapian has been used for storage The new storage database will improve indexing performance with multiple threads, allow retrieval of better search results and enhance stability of the backend storage engine.
To reflect the changes of the new search component the Zarafa packaging has been altered to include a new zarafa-search-plus package, while the old zarafa-indexer and zarafa-search package is removed.
The new features of the indexer in 7.2 are:
  • Optimized towards multi-threading and stability: Indexing can now be threaded and the new engine format provides higher stability
  • Better memory management: Indexing memory requirements is now more specific to the actual data being indexed, lowering overall memory usage
  • Enhanced logging
  • Better data handling: More rugged handling to skip invalid data and continue with the indexing as before

Note

For higher performance during the data streaming the Zarafa Server is using a MySQL stored procedure. Please make sure the MySQL user used for zarafa has privileges to create this stored procedure.

Note

When upgrading you must install and configure zarafa-search-plus on all Zarafa Server nodes when using a distributed setup. The Zarafa Search (Plus) is by default enabled in 7.2.

3.4. Completely revamped SSL stack

As requested by many customers ZCP 7.2 now offers support for configurable SSL protocols and ciphers. This allows ZCP components to fully leverage enterprise security configurations specified with the new SSL settings, for example by abandoning commonly rated unsecure protocols such as SSLv2 or SSLv3.

Note

Newer settings will also require modern OpenSSL libraries provided by the operating system (openssl packages). With enhanced security settings please keep in mind to upgrade corresponding Zarafa clients first to 7.2.0 to upgrade to the newest SSL-functionality, otherwise clients might not be able to contact the Zarafa Server backend.

3.5. Package format/distribution changes

With the entire repackaging of ZCP, we’ve introduced non-colliding namespaces (libical → zarafa-libical, gsoap → zarafa-gsoap, libvmime → zarafa-libvmime) to allow companioned installs of other versions of the same library. Even as ZCP tries to be as much upstream compatible as possible, this not always is possible. An example is the removal of the SSLv3 protocol entirely from gSOAP which we made completely configurable. For this, we do need to ship these dependencies with the release of ZCP 7.2. The installation of a separate namespace with libraries installed under /opt/zarafa (according to the established Filesystem Hierarchy Standard - FHS), allows these packages to be provided with ZCP and not interfere with potentially other system-shipped libraries. Dependency tags have been introduced, so these packages are automatically referenced at installation time to allow simplified installation.

3.6. Better performance by using newly supported transaction isolation levels

With the release of 7.2 MySQL and MariaDB can be enabled to use transaction-isolation = READ-COMMITED which allows higher throughout performance and allows Zarafa-Server to perform way better, especially under higher load, as certain mechanisms such as GAP locking are deadlocking at the time of inserts. Benchmarks prove a massive benefit of over 200% under certain circumstances, allowing the overall user experience to gain massively.
With the release of 7.2 we recommend (though not require) the setting of MySQL / MariaDB do be used for better overall performance. Please note that when using transaction isolation level READ-COMMITTED, the binary logging format must be switched to ROW-based format (binlog_format=ROW).

3.7. Official support for MariaDB

With the release of ZCP 7.2 MariaDB is officially supported, and queries are optimized to gain from many improvements, especially under higher loads. Even though all MySQL versions from 5.1 are supported, we recommend to upgrade to at least MySQL 5.6 or the corresponding MariaDB version.

3.8. RHEL 7, SLES 12 and Univention 4.0

With the release of ZCP 7.2 we at once ship new packages for the most recent releases of Red Hat, SUSE and Univention. With the adoptions and improvements in these distributions ZCP directly benefits from the modern stacks provided. The improvements on ZCPs code base directly complement and leverage these changes, such as the use of modern kernels.

3.9. Obsoleted RHEL 5 and Debian 5.0

With the modernization of many components we do not support the distributions RHEL 5 and Debian 5.0 as these distributions do not provide many components required by ZCP 7.2, such as modern OpenSSL or required python versions. With upgrade of the distributions to at least RHEL 6 or Debian 6.0 ZCP 7.2 can be in-place upgraded without the requirement of a full re-install.

Note

More details can be found in: Zarafa Administrator Manual at http://doc.zarafa.com/7.2/Administrator_Manual/en-US/html-single/

3.10. Zarafa presence daemon

The new Zarafa presence daemon is for the distribution of presence information with WebApp with the interface to XMPP and to WebRTC, allowing presence information to be exchanged. With the release of Zarafa WebRTC this functionality allows WebApp to show presence information directly in GAB (Global Addressbook) such as directly in the messages panel.

3.11. Improved random number generator

With security auditing ZCPs code we realized that there is room for improvement with the random number generator used. Zarafa uses random numbers for scheduling (to prevent large spikes for example with cpu usage) but also for crypto. These improvements directly leverage security by using an even better number generation technique.

3.12. Support for TCP FastOpen

A new feature in the Linux kernel is "TCP FastOpen". This feature allows a client to skip one step in the 3 step TCP handshake (dramatically improving latency) for certain protocols. Especially HTTP will profit by this. This release of ZCP 7.2 enables TCP FastOpen for all HTTP-alike services. Clients supporting this feature will directly gain from lower latency with established connections.

3.13. WebApp plugins separation

With the separation of the WebApp plugins from the default WebApp package Administrators are able to explicitly install and upgrade the specific plugins that are intended to be used with WebApp, allowing an easy and specific installation of the plugins required. This also allows performance improvements for installation not requiring all plugins to be installed (and therefore activated).
For configuration of the plugins, please refer to the plugins config.php files for specific configuration of the plugin installed. Not all plugins require separate configuration, but many do allow options for auto-enabling the plugins for immediate availability to all users, for example.

Chapter 4. Upgrading to ZCP 7.x

4.1. Upgrading to ZCP 7.2
4.2. Upgrading to ZCP 7.1
4.3. Config file changes
4.3.1. server.cfg
4.3.2. admin.cfg
4.3.3. archiver.cfg
4.3.4. backup.cfg
4.3.5. indexer.cfg
4.3.6. search.cfg
4.3.7. licensed.cfg
4.3.8. monitor.cfg
4.3.9. dagent.cfg
4.3.10. spooler.cfg
4.3.11. gateway.cfg
4.3.12. ical.cfg
4.3.13. ldap.propmap.cfg
4.3.14. ldap.openldap.cfg
4.3.15. ldap.active-directory.cfg

4.1. Upgrading to ZCP 7.2

ZCP 7.2 has not received any changes to the database architecture on the server-side, but has received a massive rehaul of the components included in the Zarafa Windows Client. These changes do not allow a transparent upgrade of the Windows Client when using Profiles with offline mode - any Clients upgrading to 7.2 require the recreation of the Mail profile.
With the release of zarafa-search-plus the search backend database format has changed from kyotocabinet to xapian, which requires a full re-indexing of all data. This process can take many hours, yet are done in online mode. zarafa-search-plus is a drop-in replacement for zarafa-search from the view of the configuration file, with the changed backend format we though recommend to clear the old zarafa-search indexes by stopping zarafa-search and clearing the directory contents of the index directory configured as index_path in search.cfg. With the upgrade (and start of zarafa-search-plus) the index is rebuilt automatically.
Many security changes in the SSL related area introduce new SSL-related parameters which require attention when upgrading to ZCP 7.2.0, for details please see the corresponding changes in the Config file changes section below.
Python-zarafa drastically simplifies the way of interfacing ZCP, lowering barriers of developers to interface ZCP or to extend the functionality of ZCP. Python-zarafa has not been designed to be yet another MAPI interface for python, but more the most abstracted and easy way to work with Zarafa without in-depth knowledge of MAPI. Zarafa-search-plus utilizes python-zarafa, which makes this an installation requirement for using new Zarafa-search.
The upgrade to 7.2 was designed to not require any downtime except for the upgrade of the packages (and the corresponding update of config files for new parameters) themselves. Any post-installation tasks (such as the re-indexing with zarafa-search-plus) are done while the system is online.

4.2. Upgrading to ZCP 7.1

As described in the previous chapter ZCP 7.1 contains no significant database architecture changes.
The database updates are done automatically by the Zarafa server process at start time when already running the general version 7 previous releases. When you upgrade from a 6.40 version please review the 7.0 release notes additionally to this one. Systems with a version prior to 6.40 are recommended to be upgraded first to the last 6.40 minor versions available (6.40.17).
Upgrading the Zarafa database will take a short time, please keep in mind that the Zarafa system can’t be used during this upgrade.
The upgrade process to ZCP 7.0 is a medium size update, please read carefully the upgrade chapter in the Administrator Manual before doing the upgrade.

Note

When using CalDAV in order to open a shared calendar with 7.1.x the view folder permissions on the root folder are needed. Systems upgrading from 7.0.x miss these permissions and need to set them separately.

Important

Especially note when replacing config files with the newer versions to review each of the former settings.

4.3. Config file changes

The following config files changes are done after the start of 7.0.0, the final 7.1.0 and 7.2.0. Please review these lines for their values and presence in your current config file set as these also contain new advised defaults that work in relation to internal software.

4.3.1. server.cfg

# 7.0.3
The server.cfg is extended with two new configuration options. 
max_deferred_records
The server has a list of deferred writes to the tproperties table, to improve overall I/O performance. The number of deferred writes is kept below this value; setting it high will allow writes to be more efficient by grouping more writes together, but may slow down reading, and setting it low will force writes to complete directly, but speed up reading of tables. 
max_deferred_records_folder
Same as the max_deferred_records variable, but per folder instead of total.
# 7.0.4
The server.cfg is extended with new configuration options for the auto update logging and a new recommended defaults for attachment storage and cache parameters. 
# Where to place attachments. Value can be 'database' or 'files'
attachment_storage      = files
# Sync lifetime, removes all changes remembered for a client after x days of inactivity
sync_lifetime           = 90
# Size in bytes of the 'cell' cache (should be set as high as you can afford to set it)
cache_cell_size                         = 268435456
# System is a special internal user, which has super-admin privileges
# You may want to disable this user from the Global Addressbook by setting
# this option to 'yes'. Administrators will still be able to see the user.
hide_system = yes
# Recieve update information from the client (0 = disabled, 1 = only on error, 2 = log always)
client_update_log_level = 1
# Log location for the client auto update files
client_update_log_path = /var/log/zarafa/autoupdate
# 7.0.6
The server.cfg was changed with ZCP-8518 to allow setting minimum length for prefix searches. 
# Minimum length of a search term in characters to enable prefix searching
index_services_prefix_chars = 3
# 7.0.7
In ZCP 7.0.5 and 7.0.6 had an issue with the zarafa-licensed in large scale multi-server environments where the process could go out of file descriptors. To solve this issue a priority queue is introduced. The priority queue will handle incoming requests directly before other requests are handled.
For this option a new configuration option is introduced in the server.cfg. 
server_pipe_priority    = /var/run/zarafa-prio
As this is a default setting, the priority socket is also available when the above setting is not available in the server.cfg.
# 7.1.0 
# Enabling this option requires the zarafa-search service to
# be running.
search_enabled = yes
# SQL Procedures allow for some optimized queries when streaming with enhanced ICS.
# This is default disabled because you must set 'thread_stack = 256k' in your
# MySQL server config under the [mysqld] tag and restart your MySQL server.
enable_sql_procedures = no
# Path to the zarafa-search service, this option is only required
# if the server is going to make use of the indexing service.
search_socket = file:///var/run/zarafa-search
# Time (in seconds) to wait for a connection to the zarafa-search service
# before terminating the indexed search request.
search_timeout = 10
# Restrict the permissions that admins receive to folder permissions only. Please
# read the server.cfg manpage before enabling this option so you really understand
# the implications
restrict_admin_permissions = no
# The maximum level of attachment recursion; Defines the number of
# attachment-in-attachment in-attachment levels are allowed when saving and
# replicating objects in the database. If you really want a higher level of
# recursion than about 20, you probably have to increase MySQL's stack_size
# to allow replication to work properly.
embedded_attachment_limit = 20
# Header to detect whether a connection has been received through a proxy. The
# value of the header is not inspected. If the header exists then the connection
# is taken to be received via a proxy. An empty value disables proxy detection
# and the value of '*' is used to indicate that all connections are proxied
proxy_header =
# 7.2.0
The parameter server_ssl_enable_v2 has been removed in favor of the new server_ssl_protocols parameter to directly specify allowed/disallowed SSL protocols to be used 
# SSL protocols to use, set to '!SSLv2' for 'server_ssl_enable_v2 = no'
server_ssl_protocols = !SSLv2
# SSL ciphers to use, set to 'ALL' for backward compatibility
server_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL
# Prefer the server's order of SSL ciphers over client's
server_ssl_prefer_server_ciphers = no
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.2. admin.cfg

# 7.2.0
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.3. archiver.cfg

# 7.2.0
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.4. backup.cfg

# Use multiple threads when backing up multiple stores.
threads = 1
# 7.2.0
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.5. indexer.cfg

# 7.0.4
The indexer.cfg has a new default entry. 
# Should attachments be indexed
index_attachments       = no
# 7.1.0
The indexer config is depricated as of 7.1.0 and replaced by the new search.cfg file

4.3.6. search.cfg

A new file for 7.1.0 containing all previous general settings like the indexer.
# 7.2.0
With the release of zarafa-search-plus a new parameter named index_processes has been introduced, allowing paralellized indexing in favor of speed. The parameters optimize_start, optimize_stop and optimize_age are obsolete, as with the xapian backend search engine there is no optimization task required. With upcoming versions ZCP will provide a script which can be used as a cronjob to automatically compact databases to recurringly optimize databases online. The parameter search_engine is per default specified to xapian which is currently the delivered backend search engine. With very large stores xapian-compact can be used to improve performance on the xapian database if required. 
# Number of indexing processes used during initial indexing
# Setting this to a higher value can greatly speed initial indexing up,
# especially when attachments are indexed.
index_processes                =   1
# Backend search engine (currently only xapian is supported)
search_engine          =   xapian
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.7. licensed.cfg

# 7.0.7
The default location of the server_socket in the licensed.cfg is changed to use the priority socket. 
server_socket = file:///var/run/zarafa-prio

Important

The setting in the licensed.cfg is not automatically changed during the upgrade to ZCP 7.0.7. For customers running in a multi-server or archiving setup, it is recommended to manually change the server_socket in the licensed.cfg.
# 7.2.0
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.8. monitor.cfg

# 7.2.0
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.9. dagent.cfg

# 7.0.1 
# messages on delivery.
# This will do nothing if no archive is attached to the target mailbox.
archive_on_delivery = no
# 7.0.5
The dagent.cfg changed the log location and timestamp 
#change log_file in dagent.cfg to full patch instead of -.
log_file = /var/log/zarafa/dagent.log
# Log timestamp - prefix each log line with timestamp in 'file' logging mode
log_timestamp   =       1
# 7.1.0 
##############################################################
# DAGENT PLUGIN SETTINGS
# Enable the dagent plugin framework
plugin_enabled = yes
# Path to the dagent plugin manager
plugin_manager_path = /usr/share/zarafa-dagent/python
# Path to the activated dagent plugins.
#   This folder contains symlinks to the zarafa plugins and custom scripts. The plugins are
#   installed in '/usr/share/zarafa-dagent/python/plugins/'. To activate a plugin create a symbolic
#   link in the 'plugin_path' directory.
#
# Example:
#  $ ln -s /usr/share/zarafa-dagent/python/plugins/BMP2PNG.py /var/lib/zarafa/dagent/plugins/BMP2PNG.py
plugin_path = /var/lib/zarafa/dagent/plugins

4.3.10. spooler.cfg

# 7.0.1 
##############################################################
# SPOOLER ARCHIVING SETTINGS
# Enable archive_on_send to automatically archive all outgoing
# messages.
# This will do nothing if no archive is attached to the source mailbox.
archive_on_send = no
# 7.0.3
The spooler.cfg is extended with the following option. 
allow_send_to_everyone
Setting this option to no will disallow sending to the everyone group. The entire message will be bounced if this is attempted. When the option is set to yes, this allows sending to all users in the everyone group.
# 7.0.6
The spooler.cfg changed with ZCP-9481 to catch high chars in messages that have no charset defined. 
# The us-ascii charset will be upgraded to this charset, to allow more
# use of high-characters. Not used when always_send_utf8 is enabled.
charset_upgrade = windows-1252
# 7.1.0 
# Request SMTP Delivery Status Notifications if the MTA support it
enable_dsn = yes
# SPOOLER PLUGIN SETTINGS
# Enable the spooler plugin framework
plugin_enabled = yes
# Path to the spooler plugin manager
plugin_manager_path = /usr/share/zarafa-spooler/python
# Path to the activated spooler plugins.
#   This folder contains symlinks to the zarafa plugins and custom scripts. The plugins are
#   installed in '/usr/share/zarafa-spooler/python/plugins/'. To activate a plugin create a symbolic
#   link in the 'plugin_path' directory.
#
# Example:
#  $ ln -s /usr/share/zarafa-spooler/python/plugins/disclaimer.py /var/lib/zarafa/spooler/plugins/disclaimer.py
plugin_path = /var/lib/zarafa/spooler/plugins
# 7.2.0
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.11. gateway.cfg

# 7.0.3
The gateway.cfg is extended with the following option: 
imap_store_rfc822
By setting this option to no, the imap gateway will not store the whole rfc822 message on the filesystem. This option can be used when migrating data using the zarafa-gateway, where the users won’t use IMAP/POP3 after the migration.
# 7.2.0
The parameter server_ssl_enable_v2 has been removed in favor of the new server_ssl_protocols parameter to directly specify allowed/disallowed SSL protocols to be used 
# SSL protocols to use, set to '!SSLv2' for 'server_ssl_enable_v2 = no'
server_ssl_protocols = !SSLv2
# SSL ciphers to use, set to 'ALL' for backward compatibility
server_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL
# Prefer the server's order of SSL ciphers over client's
server_ssl_prefer_server_ciphers = no

4.3.12. ical.cfg

# 7.0.3
The ical.cfg is extended with the following option: 
enable_ical_get
This option enables the ical GET method to download an entire calendar. When set to yes, the GET method is enabled and allowed. If not, then calendars can only be retrieved with the CalDAV PROPFIND method, which is much more efficient. This option allows you to force the use of CalDAV which lowers load on your server.
# 7.2.0
The parameter server_ssl_enable_v2 has been removed in favor of the new server_ssl_protocols parameter to directly specify allowed/disallowed SSL protocols to be used 
# SSL protocols to use, set to '!SSLv2' for 'server_ssl_enable_v2 = no'
server_ssl_protocols = !SSLv2
# SSL ciphers to use, set to 'ALL' for backward compatibility
server_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL
# Prefer the server's order of SSL ciphers over client's
server_ssl_prefer_server_ciphers = no
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.

4.3.13. ldap.propmap.cfg

# 7.0.4
The ldap.propmap.cfg has additional entries for the Archiver 1.2 functionality 
# ldap relations to the archiver 1.2 functions for automatic archiver store mappings
# PR_EC_ARCHIVE_SERVERS
0x67C4101E      =       zarafaUserArchiveServers
# PR_EC_ARCHIVE_COUPLINGS
0x67C5101E      =       zarafaUserArchiveCouplings

4.3.14. ldap.openldap.cfg

# 7.0.4
The ldap.openldap.cfg has additional entries for the Archiver 1.2 functionality 
# Users will have a private archive store on these names servers.
# Optional, default zarafaUserArchiveServers
ldap_user_archive_servers_attribute = zarafaUserArchiveServers
# Users will have a many-to-one archive on these store:folder pairs.
# The expected result is a list of <username>:<foldername> pairs, where each
# username will be used to resolve the store in which the folder named
# foldername will be used as the archive.
# Optional, default zarafaUserArchiveCouplings
ldap_user_archive_couplings_attribute = zarafaUserArchiveCouplings
# 7.0.6
The ldap.openldap.cfg was altered with ZCP-9554 to better suite an used default of the LDAP group members relation. 
# LDAP: uid, matching users in ldap_loginname_attribute
ldap_groupmembers_relation_attribute = uid
The +ldap.active-directory.cfg / ldap.openldap.cfg+ was altered
# Default ADS MaxPageSize is 1000.
ldap_page_size = 1000
# 7.1
To support multiple LDAP servers, the ldap_uri option is added to the ldap.openldap.cfg. 
ldap_uri

4.3.15. ldap.active-directory.cfg

# 7.0.4
The +ldap.active-directory.cfg has additional entries for the Archiver 1.2 functionality # Users will have a private archive store on these names servers. # Optional, default zarafaUserArchiveServers ldap_user_archive_servers_attribute = zarafaUserArchiveServers 
# Users will have a many-to-one archive on these store:folder pairs.
# The expected result is a list of <username>:<foldername> pairs, where each
# username will be used to resolve the store in which the folder named
# foldername will be used as the archive.
# Optional, default zarafaUserArchiveCouplings
ldap_user_archive_couplings_attribute = zarafaUserArchiveCouplings
The +ldap.active-directory.cfg was altered 
# Default ADS MaxPageSize is 1000.
ldap_page_size = 1000
# 7.1
To support multiple LDAP servers, the ldapuri option is added to the ldap.active-directory.cfg. 
ldap_uri

Chapter 5. Changes in 7.1.1

5.1. Configuration file changes 7.1.1
This .1 minor is the first after the brand new general release of version 7.1 and is a maintenance release for this 7.1 Zarafa Collaboration Platform. The focus of the release in the primary support phase is on stability and security and compatibility with evolving 3rd party software clients and browsers.
In this minor especially stability and usability items, including documentation items to existing functions and the new functions of 7.1 were addressed related to all parts of ZCP. This minor included issues found during upgrades from 5.2 ZCP versions or up and performance optimisations related to PHP, corrections to maintenance tools for the ZCP database and distribution related minor adjustments. The Zarafa offline mysql engine settings have been reviewed and for compatibility reasons now set to 128M on installs and upgraded. The caldav function for opening shared folders had been restored, and works also for Ical6. Ical6 is now a supported version in combination with ZCP 7.1. Users are urged to read the user manual section on caldav for proper usage and understanding.
The minor feature additions in this release are:
  • Include OCF scripts to use with Pacemaker in a new pacemaker-zarafa package
  • Increase max_allowed_packet to 128M on offline clients
  • Use boost filesystem v3 if available

5.1. Configuration file changes 7.1.1

No new or altered configurations were made in 7.1.1

Chapter 6. Changes in 7.1.2

6.1. Configuration file changes 7.1.2
This .2 minor is a maintenance release for this 7.1 Zarafa Collaboration Platform.
In this minor has a focus on stability and functionality items to existing functions of ZCP. Residual DST issues have been addressed that are caused by nations changing the DST offset time last year. The Zarafa WebApp 1.2 had been made standard as base version as of this ZCP release as well.
The minor feature additions in this release are:
  • WebApp 1.2 inclusion
  • Zarafa server will always write a coredump file by default when it segfaults
  • zarafa-admin unhook-store will print the store guid of a found user

6.1. Configuration file changes 7.1.2

The server.cfg is changed to always create coredumps 
# create memory coredumps upon crash in the running_path directory
coredump_enabled = yes
The Zarafa schema file for OpenLDAP is slightly modified to have direct support for the default attributes in example ldap configuration files. The uidNumber attribute is added to MAY list of the zarafa-user objectClass and the gidNumber attribute is added to MAY list of the zarafa-group objectClass.

Chapter 7. Changes in 7.1.3

7.1. Configuration file changes 7.1.3
This .3 minor is a maintenance release for this 7.1 Zarafa Collaboration Platform.
The working of the zarafa client on Windows 8 was addressed as well as a number of issues preventing the offline Cached mode in Outlook to work optimally in different setups, when canceling a sync action that is ongoing. The sync process stopped too soon with network interruptions and errors and has been changed to recover from this better.
Also the inclusion if ics files in HTML emails could cause the body not to be displayed as the message was regarded as a meeting request. The extra spooler logging was repaired to work again with SYSLOG, and the zarafa-set-oof was adjusted to work with umlauts and to properly turn off again via the command line. Various Zarafa Archiver issues regarding logging are changed to include the used commands and the version of the Zarafa product as well. The option to search in read only archives has been restored.
The minor feature additions in this release are:
-The addition to use smime certificates in ldap. -Emailing to a usergroup including hidden users.

7.1. Configuration file changes 7.1.3

The server.cfg, gateway.cfg, ical.cfg, spooler.cfg are changed to disable SSLv2 and other less secure ciphers in different zarafa daemons 
# Accept SSLv2 only connections. Normally v3 connections are used.
server_ssl_enable_v2 = no

Chapter 8. Changes in 7.1.4

8.1. Configuration file changes 7.1.4
This .4 minor is a maintenance release for this 7.1 Zarafa Collaboration Platform during the primary support phase of this production version.
A good quality improvement on the code has been done by resolving a series of hard to find segfault causes that could be resolved now by the contributions of community and collection of the data, issues were found in the use of a not thread safe library in Red hat and in the Zarafa stats routines. This last release a focus has been made again as part of a re-occurring effort on the verification of Meeting request logic with interactions of various end user clients to enhance the proper functionality and recheck the compatibility of clients, this has resulted in issues found and resolved in this release, as well as in upcoming releases. As part of this a series of time zone changes have been implemented which will also get a follow up in the next major release of Zarafa ZCP. The integration of Zarafa in Outlook 2010 has again been improved by the enabling of the delegate users button, allowing easier access to the open shared stores.
The minor feature additions in this release are:
-Enabled the delegate users button in Outlook 2010.

8.1. Configuration file changes 7.1.4

No changes were made to the default configuration files during this release.

Chapter 9. Changes in 7.1.6

9.1. Configuration file changes 7.1.6
This .6 minor is a maintenance release for this 7.1 Zarafa Collaboration Platform during the primary support phase of this production version.
This release comes with completed support for SLES 11 SP3 (using PHP 5.3 packages). As the packages are utilizing boost it is required to add install the packages libboost_filesystem1 and libboost_system1 which are located on the first DVD image of the SDK provided by SUSE. Please make sure to install these packages before installing or upgrading Zarafa. Additionally xpdf-tools has been replaced as a requirement in favor of poppler-tools, which is now used per default as requirement.
Please note that with this and upcoming releases support for SLES 11 SP0 and SP1 are dropped, as they do not provide PHP 5.3-based packages.
We have also introduced fallback based dialects which support non-native locales to be supported at maximum such as with de_AT and de_CH to de_DE fallback. This means for example, that installations with austrian or swiss locale are also presented in german language.
This release includes official support for Outlook 2010 SP2 and Outlook 2013 - including the compatibility package and also on the Windows 8 platform.
MySQL 5.6 is now also supported to work with Zarafa. We also introduced a new technique to eliminate forwarding rules to generate mail loops. Updates and fixes to utilities such as MSR and zarafa-set-oof have been included as well.
The new "imap_max_fail_commands" parameter has been introduced, which has been introduced to protect Zarafa services from clients with DoS-like behaviour asking for folders which do not exist. For migrations for example with imapsync this setting should be set higher during migration scenarios.
The major feature additions in this release are:
  • Officially supported Outlook 2013
  • Officially supported Outlook 2010 SP2
  • All (supported Outlook versions) on Windows 8
  • MySQL 5.6
  • SUSE Linux Enterprise Server SP2 / SP3 (with PHP 5.3)

9.1. Configuration file changes 7.1.6

The gateway.cfg is changed to limit failing IMAP requests to 10 
# Maximum count of allowed failed IMAP command counts per client
imap_max_fail_commands = 10

Chapter 10. Changes in 7.2.0

10.1. Configuration file changes 7.2.0
The release of 7.2.0 is a major release of Zarafa Collaboration Platform during the primary support phase of this production version.
This release comes with completed support for SLES 12, RHEL 7, Univention 4.0 and also provides unsupported builds for short update cycle open source distributions such as Fedora and openSUSE.
With the release of 7.2.0 the storage engine of the offline database for windows clients has switched from MySQL to MariaDB - complementary with changes to ZCP offline client gaining speed and responsiveness on clients. As this change is not backward compatible, clients using offline profiles need to recreate their MAPI profiles so with the new offline database format a resynchronization is made.
The major feature additions in this release are:
  • Officially supported RHEL 7
  • Officially supported SLES 12
  • Officially supported Univention 4.0
  • Support for MariaDB (for example shipped per default with RHEL 7 and SLES12)
  • Switched offline backend engine to MariaDB
  • Upgrade of SOAP protocol components (with downwards compatibility) with speed enhancements
  • Upgrade to gperftools 2.4 for more speed and enhanced memory management
  • Shipping zarafa-search-plus with enterprise search engine xapian
  • Shipping python-zarafa as simplified python-mapi interface for easy interoperability with python
  • Shipping zarafa-presence as presence status collection daemon
  • Completely modernized SSL core, allowing configurable protocols and ciphers
  • Completely modernized Outlook client components, including MariaDB, OpenSSL, pthreads, gSOAP, gperftools and boost libraries
  • Distribution of community-supported distributions Fedora 20 and 21 such as openSUSE 13.1 and 13.2
  • Improved random number generator
  • Support for TCP FastOpen kernel feature

10.1. Configuration file changes 7.2.0

With the revamped SSL stack we have introduced the new parameters server_ssl_protocols, server_ssl_ciphers and server_ssl_prefer_server_ciphers to leverage the possibilities of OpenSSL to explicitly specifiy protocols and ciphers used for encrypted communication. An adoption of the new parameters is required for the upgrade to successfully run and utilize the new stack.
With some changes made to logging, if the parameters sslkey_file and sslkey_pass are specified to invalid certificates, it will be complained with each SSL related request, so these parameters have been commented out per default. Please make sure when using these parameters, the certificates in place are generated correctly.
In server.cfg, ical.cfg and gateway.cfg the following new parameters have been introduced:
The parameter server_ssl_enable_v2 has been removed in favor of the new server_ssl_protocols parameter to directly specify allowed/disallowed SSL protocols to be used 
# SSL protocols to use, set to '!SSLv2' for 'server_ssl_enable_v2 = no'
server_ssl_protocols = !SSLv2
# SSL ciphers to use, set to 'ALL' for backward compatibility
server_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL
# Prefer the server's order of SSL ciphers over client's
server_ssl_prefer_server_ciphers = no