The Zimbra team had a fulfilling schedule in May. The two recent Partner Summits at Rome and Bangkok were filled with the buzzing energy of collaboration. It was a powerful reminder of the incredible partnerships we have forged. Our keynote speakers At the Partner Summit, our keynote presenters touched on the notable trend of […]
Archive | Partners
How to fix Samsung Phones not being able to send mail (ActiveSync)
In this article you will find a short how-to on how to fix the issue that some Samsung phones can receive mail, see calendars, but cannot send mail via Zimbra. Users will see messages go immediately to the outbox with a warning that the message was not sent. ActiveSync protocol version This issue affects only […]
Mobileconfig in Settings menu Zimlet
This Zimlet adds a menu option in the Settings menu to download mobileconfig file to configure your Zimbra account on Apple devices. The same is included in Modern UI by default under Settings->Accounts then expand your account and scroll down. This Zimlet exposes the feature more prominently and makes it easier to find. You can […]
SMTP Smuggling in Zimbra Postfix a technical deepdive
E-mail providers like Microsoft Exchange Online and GMX allowed to pass <LF>.<CR><LF> sequence unfiltered from their outbound (sending mails) SMTP server to the inbound (receiving mails) SMTP server (postfix in our case). In the case of Postfix serving as an outbound/inbound (sending mails/receiving mails) server, it does not ignore the sequence ‘<LF>.<CR><LF>’; rather, it interprets […]
CentOS 7 and CentOS8 Stream EOL dates are closing in
Keeping your Zimbra up-to-date by installing patches is essential for maintaining the security of your Zimbra servers. However patches are only available for supported (not end-of-life) versions. Recently the 8.8 versions of Zimbra went end-of-life and the Zimbra 9 versions are going end-of-life soon as well. Make sure all your Zimbra servers are on a […]
Zimbra and SMTP Smuggling attack on Postfix
Recently an SMTP Smuggling attack on Postfix was published, as mentioned by the Postfix project: Days before a 10+ day holiday break and associated production change freeze, SEC Consult has published an email spoofing attack that involves a composition of email services with specific differences in the way they handle line endings other than <CR><LF>. […]