Archive | Open Source

How to implement (external LDAP) authentication in a Zimbra Java Extension

Frequent readers of the Zimbra blog will know that Zimbra can be extended/customized by using Zimlets. By creating your own Zimlets you can add functionality to the UI (front-end) and the Java back-end, allowing you to cater to specific customer needs. Zimlets can be enabled globally or per user (group) Details on this can be […]

Continue Reading 0

SMTP Smuggling in Zimbra Postfix a technical deepdive

E-mail providers like Microsoft Exchange Online and GMX allowed to pass <LF>.<CR><LF> sequence unfiltered from their outbound (sending mails) SMTP server to the inbound (receiving mails) SMTP server (postfix in our case). In the case of Postfix serving as an outbound/inbound (sending mails/receiving mails) server, it does not ignore the sequence ‘<LF>.<CR><LF>’; rather, it interprets […]

Continue Reading 0

Get an email notification when Zimbra TLS certificates are about to expire

In many cases IT staff will have automated TLS certificates so they are renewed and deployed automatically. However sometimes the automation fails or deployments use an additional reverse proxy or web application firewall in front of Zimbra. In the latter case, sometimes the renewal of the Zimbra self-signed certificate is overlooked. Zimbra (LDAP) requires a […]

Continue Reading 2

Introducing Zimbra authentication module for SimpleSAMLphp

While a generic LDAP authentication module for SimpleSAMLphp exists, it is hard to set-up, it requires the use and storing of an admin bind credential and is in continous development making it impossible to install a working version of this module on a released version of SimpleSAMLphp. The Zimbra authentication module for SimpleSAMLphp makes it […]

Continue Reading 0

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures