Email messages and attachments can be intercepted as they are sent over the Internet. Many email providers support secure connections for incoming and outgoing email. However, the email protocol has a flaw: it falls-back to unsecure connections if an error happens. Zimbra supports S/MIME a standard for encryption and signing email. By using S/MIME encryption […]
Zimbra Security and PCI DSS
Emails are accessible to most people anywhere and anytime. However, when it comes to handling sensitive data like credit card information, you need to rethink your messaging options. The Payment Card Industry Data Security Standard (PCI DSS) is an information security framework intended to help merchants and service providers protect credit and debit card transactions […]
Security Update – make sure to install pax/spax
All Zimbra administrators should make sure the pax package is installed on their Zimbra server. Pax is needed by Amavis to extract the contents of compressed attachments for virus scanning. If the pax package is not installed, Amavis will fall-back to using cpio, unfortunately the fall-back is implemented poorly (by Amavis) and will allow an […]
Zimbra and Nextcloud deepen integration
Many users run both Zimbra and Nextcloud services and for this reason Zimbra and Nextcloud are partnering up to bring users a better experience. Nextcloud and Zimbra share a common mission – providing the best digital collaboration tools, and keeping data private. That’s why it makes sense for Zimbra and Nextcloud to work together to […]
Proxy the Admin Console via Zimbra Proxy increase TLS security
The Admin Console web-ui is the go-to place for managing your Zimbra installation. Historically the Zimbra Admin Console was accessed directly without Zimbra Proxy. However there is no longer a need to access the Admin Console without using Zimbra Proxy. And to make sure the Admin Console uses the best TLS security you need to […]
Zimbra Email Security Webinar Series: TLS and DANE (updated)
Many Zimbra administrators have setup TLS encryption to protect their users’ login credentials and email in transit. But TLS is a complex standard, and often unknowingly misconfigured. Deploying TLS correctly does not require a university degree in cryptography, but rather a working knowledge of some key concepts and awareness of pitfalls to avoid. And, with […]