In many cases IT staff will have automated TLS certificates so they are renewed and deployed automatically. However sometimes the automation fails or deployments use an additional reverse proxy or web application firewall in front of Zimbra. In the latter case, sometimes the renewal of the Zimbra self-signed certificate is overlooked. Zimbra (LDAP) requires a […]
Archive | PowerTips – Admins
Zimbra with on Cisco Duo cloud based Single Sign-On
In this article you will learn how to set-up Zimbra on Cisco Duo. Cisco Duo is a cloud based identity and access management solution developed by Cisco. Cisco Duo focusses on Two-Factor Authentication (2FA) and integrations with on premise Active Directory, and cloud based SAML IDP’s such as Azure AD, AD FS, Google, Okta, OneLogin, […]
Zimbra Dropbox integration (Admin guide)
This guide will take you through the steps to set-up the Dropbox integration in Zimbra. Once you have completed the steps in this guide you can follow the end-user guide at https://wiki.zimbra.com/wiki/Dropbox_integration_end_user_guide for the final OAuth set-up. Create a Dropbox Application (OAuth) To be able to use the Dropbox integration you have to create a […]
Zimbra’s Per Domain Disclaimer/Signature Feature
With Zimbra’s per domain disclaimer/signature feature, you can set a mandatory signature or disclaimer to all outgoing email. How to Enable the Per Domain Disclaimer/Signature Feature Enabling the per domain disclaimer/signature feature is easy. Follow these simple steps: Enable the disclaimer feature on the global configuration by running the following command: zmprov mcf zimbraDomainMandatoryMailSignatureEnabled TRUE […]
Sending incoming email with bad headers to Junk
Email is always evolving and recently Gmail has started to reject email with bad headers for some customers. Rejecting email with bad headers may help protect against DKIM replay attacks (more on replay attacks in an upcoming blog). When we are talking about messages with bad headers, we mean messages that are not compliant with […]
When your security scanner alerts for jspawnhelper in Zimbra
Many administrators rely on third-party security scanners such as Crowdstrike Falcon to analyze their Zimbra server for malicious activity. One process that is frequently reported is jspawnhelper. What is jspawnhelper? While this is not very well documented, jspawnhelper can be run as the result of a call to ProcessBuilder.start() or Runtime.exec() in a java application. […]