Archive | Security & Privacy

Zimbra SkillZ: Add an External Email Warning in Zimbra

Hello Zimbra Customers, Partners & Friends, In today’s blog, I’ll show you how to add an external email warning message in Zimbra when receiving an email from an external domain. This is done using a Sieve filter, and it can be enabled per account, COS, domain and server. First, create /tmp/myfilters su – zimbra nano […]

Continue Reading 5

Security – Check out Email Threat Checklist + Introducing… Janusmail

Hello Zimbra Customers, Partners and Friends, We all know about spam, viruses, malware and other threats to email security. We teach our Zimbra users how to best protect themselves from these threats. Our Zimbra admins optimize anti-spam and anti-virus tools. The Zimbra Product Team builds in as much AS/AV protection as possible. But the threats […]

Continue Reading 2

Zimbra Now with TLS 1.3 Support!

Hello Zimbra Partners, Customers & Friends, In the latest Zimbra patch, Zimbra 9.0.0 “Kepler” Patch 13 and 8.8.15 “James Prescott Joule” Patch 20, the following packages are now GA: OpenSSL 1.1.1h support for TLS 1.3. OpenSSL 1.1.1h with FIPS module support. Postfix 3.5.6 support for TLSv1.3 Nginx 1.19.0 support for TLSv1.3 Why is this important […]

Continue Reading 3

Zimbra Admin Reminder … Block “memcrashd” Port 11211

Hello Zimbra Friends & Admins, This is a friendly reminder that Zimbra memcached may face the “memcrashd” attack on port 11211. By default, memcached listens on a server IP address that is accessible on the network and via the internet if there is no firewall. If your Zimbra memcache servers are behind a firewall, we […]

Continue Reading

Zimbra Wiki to Latest Patches & More!

Hello Zimbra Friends,   Looking for the latest Zimbra Patch?   This Zimbra wiki page lists all Zimbra product releases with a link to the current Patch: https://wiki.zimbra.com/wiki/Zimbra_Releases   Click a Patch link for additional details + installation instructions. Important Patch install info: Patches are cumulative, so you usually don’t need to install any prior patches. […]

Continue Reading

[REPOST] Recent Zimbra XXE / SSRF Vulnerability Disclosure

This is a reposting of Rene’s original blog announcement on March 18, 2019. Please read and be sure that your Zimbra Patches are up-to-date! Hello Zimbra Friends, Background The Zimbra Security team has been working with security researcher An Trinh in advance of his recently-published blog post. In the blog, Trinh details his findings regarding […]

Continue Reading