Navigation

Archive | Security & Privacy

Implementing a CSRF check on a Zimbra extension

By on May 18, 2022 in Community, Open Source, Security & Privacy, Zimbra SkillZ, Zimlets

Hello Zimbra Customers, Partners & Friends, In this article you will learn how to implement a CSRF check in a Zimbra extension. The Java project and source code can be found at https://github.com/Zimbra/zm-extension-guide. In many cases the Cross-Origin-Resource-Policy in the web browser and the setting of the SameSite=Strict attribute on the authentication cookie will provide […]

Continue Reading

Security Update: Zimbra not vulnerable to recent OpenSSL and Spring RCE Vulnerabilities

By on April 8, 2022 in Product News, Security & Privacy

Hello Zimbra Friends, Customers & Partners, New vulnerabilities in the OpenSSL and Spring Framework projects have been all over the news lately. The Zimbra Engineering team has spent some time digging into these issues to understand any potential impact to Zimbra. The good news is Zimbra does not appear to be affected by the recent […]

Continue Reading

Email Security Webinar – SPF and DKIM

By on March 16, 2022 in Product News, Community, Security & Privacy, Webinars, Zimbra Server

Hello Zimbra Customers, Partners & Friends, Zimbra’s Barry de Graaff and Randy Leiker from Skyway Networks team up for a new webinar series focused on Email Security. These hands-on webinars will include practical how-to information and best practices to help you maximize Zimbra. Learn how to fine-tune key security standards like SPF, DKIM, DMARC, MTA-STS, […]

Continue Reading

Did You Know? Zimbra Two-Factor Authentication (2FA)

By on March 16, 2022 in Product News, Did You Know, PowerTips – Users, Security & Privacy, Zimbra Web Client

Hello Zimbra Customers, Partners & Friends, Has your email ever been hacked? Set up two-factor authentication (2FA) for an extra layer of security for your Zimbra account. With 2FA enabled, you use your password and a code generated on your smartphone to log into your Zimbra account. Enabling 2FA is easy. You’ll need access to […]

Continue Reading

New Zimbra Webinar Series! Kicks Off 8 March with Email Security

By on February 18, 2022 in Community, Events, Security & Privacy

Hello Zimbra Customers, Partners & Friends, Zimbra’s Barry de Graaff and Randy Leiker from Skyway Networks are teaming up for a new webinar series. These hands-on webinars will include practical how-to information and best practices to help you maximize Zimbra. The first webinar on 8 March focuses on email security and using modern email authentication and encryption. Introduce and […]

Continue Reading

Hotfix Available 5 Feb for Zero-day Exploit Vulnerability in Zimbra 8.8.15

By on February 4, 2022 in Product News, Community, Security & Privacy

Hello Zimbra Friends, Customers & Partners, A new Zero-day exploit has been identified that affects Zimbra 8.8.15. Since learning of the reported vulnerability, Zimbra Engineering has verified the issue and produced a hotfix (for 8.8.15 p30). The hotfix will be available to Zimbra customers through Zimbra Support. A durable fix for the issue is undergoing […]

Continue Reading

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures