Do you check your emails when you are traveling? Do you have intermittent internet access? Zimbra Desktop provides a seamless way to access your Zimbra content when connectivity is limited. It’s an app that you install on your computer (Windows or Mac) so you can read your emails, reply or forward an email, compose new […]
Update Zimbra TLS cipher suites to disable Diffie-Hellmann
This blog post is outdated since Zimbra version 9.0.0.P34, 8.8.15.P41, 10.0.2 where Zimbra introduced OpenSSL FIPS. Please follow the updated steps at https://wiki.zimbra.com/wiki/Cipher_suites. In a previous blog and wiki we have shown how to configure Zimbra with a strong TLS configuration. Since encryption is always evolving we have updated the previous blog and wiki to […]
Email Security Protect your email account and data
Identity theft, fraudulent use of your credit card, ransomware… cybercrime is always evolving. There are some simple things you can do to protect your email data and accounts. How can you protect yourself from the most common and real threats like: Identity and credit card information theft Theft of proprietary data Precise phishing attacks Ransomware […]
Zimbra Patches: 9.0.0 Patch 29 + 8.8.15 Patch 36
Hello Zimbra Friends, Customers & Partners, Zimbra 9.0.0 Kepler Patch 29 and 8.8.15 James Prescott Joule Patch 36 are here. This patch fixes 2 issues that where introduced with Kepler 9.0.0-Patch-28 & 8815 Joule-Patch-35 Patch. In the previous patch ClamAV was upgraded to the latest upstream version, unfortunately this broke attachment scanning, this new patch […]
Zimbra Now Works with Thales’ SafeNet Trusted Access
By Barry de Graaff on December 7, 2022 in Product News, Community, Security & Privacy, Zimbra Web Client
Hello Zimbra Customers, Partners & Friends, We’re happy to announce that Zimbra now works with Thales’ SafeNet Trusted Access (STA) to provide single sign-on (SSO), policy configuration and multi-factor authentication (MFA). This makes it easy to meet compliance mandates such as GDPR and PCI DSS by letting you decide who has access to Zimbra and how their identity is verified. Thales’ SSO Application […]
How to use DOMPurify in your Zimlet for XSS sanitizing
Cross-Site Scripting (XSS) attacks are a type of injection attack, in which malicious scripts are injected into otherwise benign and trusted websites. In case you are developing a Zimlet you should not trust any form of user input. If you integrate 3rd party services via your Zimlet, you probably also want to sanitize any data […]