Tag Archives | email security

SMTP Smuggling in Zimbra Postfix a technical deepdive

E-mail providers like Microsoft Exchange Online and GMX allowed to pass <LF>.<CR><LF> sequence unfiltered from their outbound (sending mails) SMTP server to the inbound (receiving mails) SMTP server (postfix in our case). In the case of Postfix serving as an outbound/inbound (sending mails/receiving mails) server, it does not ignore the sequence ‘<LF>.<CR><LF>’; rather, it interprets […]

Continue Reading 0

What are the benefits of using Zimbra OpenSSL in FIPS mode?

If you installed or upgraded to Zimbra version 9.0.0.P34, 8.8.15.P41, 10.0.2 or higher, Zimbra will use OpenSSL 3.0.x and FIPS compliance for OpenSSL will be enabled by default. To check if your Zimbra OpenSSL is using FIPS you can run the following command, that should fail with Error setting digest: /opt/zimbra/common/bin/openssl md5 /dev/null There are […]

Continue Reading 0

New phishing attacks may use .zip, .mov and other new Internet domains

Beware of fraudulent activities using the newly launched .zip and .mov top-level domains. Phishing attacks have already targeted well-known brands like Microsoft and Okta. Apart from phishing, the new .zip and .mov TLDs have also been used for various malicious purposes like hosting zip bombs, redirecting to YouTube videos, and offering file compression services. Here […]

Continue Reading 0

A Milter for using Spamhaus HBL with Zimbra Postfix

In this article you will learn how to use Spamhaus Hash Blocklist (HBL) to improve email protection in Zimbra. For a long time administrators of Zimbra have relied on Spamhaus to fight incoming spam by configuring Postfix using traditional blacklists. These traditional blocklists work by blocking IP (ranges) and domains of known spammers. When an […]

Continue Reading 0

Improve email Zimbra protection with Spamhaus HBL

In this article you will learn how to use Spamhaus Hash Blocklist (HBL) to improve email protection in Zimbra. For a long time administrators of Zimbra have relied on Spamhaus to fight incoming spam by configuring Postfix using traditional blacklists. These traditional blocklists work by blocking IP (ranges) and domains of known spammers. When an […]

Continue Reading

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures