In this article you will learn how to use Spamhaus Hash Blocklist (HBL) to improve email protection in Zimbra. For a long time administrators of Zimbra have relied on Spamhaus to fight incoming spam by configuring Postfix using traditional blacklists. These traditional blocklists work by blocking IP (ranges) and domains of known spammers. When an […]
Archive | Security & Privacy
Optimizing Zimbra security and TLS settings via a script (updated May 2024)
By Barry de Graaff on February 8, 2023 in Product News, Community, Open Source, Partners, Security & Privacy, Zimbra SkillZ
A partner has requested a script to implement the Security tips and TLS settings documented at https://wiki.zimbra.com/wiki/Cipher_suites and https://wiki.zimbra.com/wiki/Secopstips . At Zimbra we love scripts! This article shows a script that configures Zimbra with strong TLS and security settings. Prerequisites You have set up a correct hostname and DNS, to check, run the following as […]
Zimbra Referrer-Policy best practice
By Barry de Graaff on February 1, 2023 in Product News, Did You Know, PowerTips – Admins, Security & Privacy
The “Referer” header is a HTTP header that is added by the web browser whenever a request is made. A Zimbra user who receives an email with links or images in the Zimbra web interface may unknowingly share information of the Zimbra server when clicking the link or viewing inline-images. For example when an email […]
Did you know? Zimbra HTTP Strict Transport Security (HSTS)
By Barry de Graaff on January 18, 2023 in Community, Did You Know, Partners, PowerTips – Admins, Security & Privacy
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. What does HSTS do for improving security? You have HSTS configured on Zimbra and have configured a correct TLS […]
Protecting Zimbra with Sucuri web application firewall
By Barry de Graaff on January 11, 2023 in Product News, Partners, PowerTips – Admins, Security & Privacy
You can enhance the security of your Zimbra servers by using a web application firewall (WAF). By using a web application firewall you can add the following protections to Zimbra: Geo blocking, geo fencing Blocking or allow IP addresses Emergency DDoS protection Block anonymous proxies Block top three attack countries Manage HTTP Security Headers Limited […]
Did you know? Zimbra Postscreen provides additional protection against mail server overload
In Zimbra you can optionally enable Postscreen as an additional Anti-SPAM strategy. Postscreen will offer additional protection against mail server overload. One postscreen process handles multiple inbound SMTP connections and decides which clients may talk to a Post-fix SMTP server process. By keeping spambots away, postscreen leaves more SMTP server processes available for legitimate clients […]