Many Zimbra administrators have setup TLS encryption to protect their users’ login credentials and email in transit. But TLS is a complex standard, and often unknowingly misconfigured. Deploying TLS correctly does not require a university degree in cryptography, but rather a working knowledge of some key concepts and awareness of pitfalls to avoid. And, with […]
Archive | Product News
Configuring Fail2Ban on Zimbra
This article is a how-to guide on installing Fail2Ban to block attacking hosts using a null route or blackhole routes. This can help mitigate brute force attacks on Zimbra. Especially brute force attacks on SMTP are very common. Prerequisite: Fail2ban has been tested in combination with netfilter-persistent and iptables. If you use ufw or firewalld […]
Nextcloud Talk Zimlet
Zimbra loves Nextcloud! And that is why Zimbra and Nextcloud work together to make both products integrate seamlessly. The Nextcloud Talk Zimlet add a button in the new appointment window that allows you to create a Nextcloud Talk meeting from the Zimbra Calendar. Screenshots Installing This Zimlet depends on the installation of Nextcloud Zimlet for […]
Authentication Bypass in MailboxImportServlet vulnerability
Zimbra 8.8.15 patch 33 and Zimbra 9.0.0 patch 26 contain an important security update that fixes an authentication bypass in MailboxImportServlet (CVE-2022-37042 and CVE-2022-27925). If you are running a Zimbra version that is older than Zimbra 8.8.15 patch 33 or Zimbra 9.0.0 patch 26 you should update to the latest patch as soon as possible. […]
Zimbra Patches: 9.0.0 Patch 26 + 8.8.15 Patch 33
Hello Zimbra Friends, Customers & Partners, Zimbra 9.0.0 “Kepler” Patch 26 and 8.8.15 “James Prescott Joule” Patch 33 are here. The patches include What’s New, Security Fixes, Fixed Issues and Known Issues as listed in their respective release notes. Please refer to the release notes for the patch installation on Red Hat and Ubuntu platforms. […]
Automated installation of Zimbra and Lets Encrypt update!
Previously we introduced the zinstaller script that can be used for automating the installation of Zimbra. The zinstaller script will install a Zimbra 9 single server on Ubuntu 20 and will also obtain and install a 60-day trial license. It now also supports automated installation of Zimbra with Let’s Encrypt certificates and it will take […]