Archive | Security & Privacy

Zimbra Now Works with Thales’ SafeNet Trusted Access

By Barry de Graaff on December 7, 2022 in Product News, Community, Security & Privacy, Zimbra Web Client

Hello Zimbra Customers, Partners & Friends, We’re happy to announce that Zimbra now works with Thales’ SafeNet Trusted Access (STA) to provide single sign-on (SSO), policy configuration and multi-factor authentication (MFA). This makes it easy to meet compliance mandates such as GDPR and PCI DSS by letting you decide who has access to Zimbra and how their identity is verified. Thales’ SSO Application […]

How to use DOMPurify in your Zimlet for XSS sanitizing

By Barry de Graaff on November 30, 2022 in Security & Privacy, Zimbra SkillZ, Zimlets

Cross-Site Scripting (XSS) attacks are a type of injection attack, in which malicious scripts are injected into otherwise benign and trusted websites. In case you are developing a Zimlet you should not trust any form of user input. If you integrate 3rd party services via your Zimlet, you probably also want to sanitize any data […]

Did you know? SELinux is not a Zimbra feature

By Barry de Graaff on November 16, 2022 in Did You Know, PowerTips – Admins, Security & Privacy

This blog is about something that is not a Zimbra feature, yes you read it correctly, usually on the blog we highlight new or existing features. But this blog is a little different. Every now and then people write in the Zimbra forums or comment on blog posts saying they run Zimbra with SELinux in […]

Zimbra not affected by critical OpenSSL issue

By Barry de Graaff on November 1, 2022 in Product News, PowerTips – Admins, Security & Privacy

The OpenSSL project is releasing a critical fix for OpenSSL version 3.x. Zimbra is using OpenSSL version 1.1.1q which is an older still supported version of OpenSSL. The version in Zimbra is not affected by the fix, which means no patches are needed for Zimbra. You should install operating system security updates and other 3rd […]

Zimbra installation integrity check

By Barry de Graaff on October 12, 2022 in Did You Know, PowerTips – Admins, Security & Privacy

The script in this article allows Zimbra administrators to create checksums of all the files in a Zimbra installation. The output of the script can be used to identify unintended changes and newly created files. Such changes can for example be caused by hackers. You can use this script pro-actively by scheduling it in a […]

Zimbra S/MIME encryption whitepaper

By Barry de Graaff on September 28, 2022 in Community, Partners, Security & Privacy, Whitepaper

Email messages and attachments can be intercepted as they are sent over the Internet. Many email providers support secure connections for incoming and outgoing email. However, the email protocol has a flaw: it falls-back to unsecure connections if an error happens. Zimbra supports S/MIME a standard for encryption and signing email. By using S/MIME encryption […]

← Previous 1 … 7 8 9 … 17 Next →

Navigation

Archive | Security & Privacy