A partner has requested a script to implement the Security tips and TLS settings documented at https://wiki.zimbra.com/wiki/Cipher_suites and https://wiki.zimbra.com/wiki/Secopstips . At Zimbra we love scripts! This article shows a script that configures Zimbra with strong TLS and security settings. Prerequisites You have set up a correct hostname and DNS, to check, run the following as […]
Zimbra Referrer-Policy best practice
By Barry de Graaff on February 1, 2023 in Product News, Did You Know, PowerTips – Admins, Security & Privacy
The “Referer” header is a HTTP header that is added by the web browser whenever a request is made. A Zimbra user who receives an email with links or images in the Zimbra web interface may unknowingly share information of the Zimbra server when clicking the link or viewing inline-images. For example when an email […]
Introducing Zimbra Microsoft Teams integration
Teams Power is an integration with Zimbra and Teams and is provided via Innovazionedigitale. With this integration customers using Outlook with a 365 subscription can use Teams from both the Zimbra calendar and Microsoft Outlook. The integration is available for Zimbra Classic and Modern UI on Zimbra 8 and above. More information on this Zimlet […]
Did you know? Zimbra HTTP Strict Transport Security (HSTS)
By Barry de Graaff on January 18, 2023 in Community, Did You Know, Partners, PowerTips – Admins, Security & Privacy
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. What does HSTS do for improving security? You have HSTS configured on Zimbra and have configured a correct TLS […]
Protecting Zimbra with Sucuri web application firewall
By Barry de Graaff on January 11, 2023 in Product News, Partners, PowerTips – Admins, Security & Privacy
You can enhance the security of your Zimbra servers by using a web application firewall (WAF). By using a web application firewall you can add the following protections to Zimbra: Geo blocking, geo fencing Blocking or allow IP addresses Emergency DDoS protection Block anonymous proxies Block top three attack countries Manage HTTP Security Headers Limited […]
How to write to log files from a Zimbra Extension
In MyTest.java you can find some examples of how to write to the Zimbra log files. The most common ones are: ZimbraLog.extensions.info(“this is an info message that will show up in /opt/zimbra/log/mailbox.log”); ZimbraLog.extensions.error(“this is an error message that will show up in /opt/zimbra/log/mailbox.log”); To see the logging in action run a tail on the log […]