Hackers often install webshells on onpatched Zimbra systems and then wait for some time before actually abusing the compromised system. Especially on systems where critical security patches where installed too late, it may seem all was OK, where in fact a hacker has already gained access to the system, but did not do any other […]
Tag Archives | administrators
Per user attachment size limits
Zimbra Postfix can be configured to use Postfwd. Postfwd can be seen as a firewall for Postfix and it allows the creation of rulesets to implement email restrictions. A new Admin UI Zimlet and extension leverage Postfwd to configure per user attachment size limits. More information and download is available on the Per user attachment […]
A Milter for using Spamhaus HBL with Zimbra Postfix
In this article you will learn how to use Spamhaus Hash Blocklist (HBL) to improve email protection in Zimbra. For a long time administrators of Zimbra have relied on Spamhaus to fight incoming spam by configuring Postfix using traditional blacklists. These traditional blocklists work by blocking IP (ranges) and domains of known spammers. When an […]
Improve email Zimbra protection with Spamhaus HBL
In this article you will learn how to use Spamhaus Hash Blocklist (HBL) to improve email protection in Zimbra. For a long time administrators of Zimbra have relied on Spamhaus to fight incoming spam by configuring Postfix using traditional blacklists. These traditional blocklists work by blocking IP (ranges) and domains of known spammers. When an […]
Setting up DNS before installing Zimbra
DNS is an important aspect of any Zimbra installation. This article will help those that are new on installing Zimbra to get an idea what needs to be configured to get started. There will also be some tips and best practices that will improve security and email deliverability that may be lesser know even to […]
Did you know? Zimbra HTTP Strict Transport Security (HSTS)
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. What does HSTS do for improving security? You have HSTS configured on Zimbra and have configured a correct TLS […]