Email messages and attachments can be intercepted as they are sent over the Internet. Many email providers support secure connections for incoming and outgoing email. However, the email protocol has a flaw: it falls-back to unsecure connections if an error happens. Zimbra supports S/MIME a standard for encryption and signing email. By using S/MIME encryption […]
Tag Archives | Zimbra Community
Zimbra Security and PCI DSS
Emails are accessible to most people anywhere and anytime. However, when it comes to handling sensitive data like credit card information, you need to rethink your messaging options. The Payment Card Industry Data Security Standard (PCI DSS) is an information security framework intended to help merchants and service providers protect credit and debit card transactions […]
Zimbra Email Security Webinar Series: TLS and DANE (updated)
Many Zimbra administrators have setup TLS encryption to protect their users’ login credentials and email in transit. But TLS is a complex standard, and often unknowingly misconfigured. Deploying TLS correctly does not require a university degree in cryptography, but rather a working knowledge of some key concepts and awareness of pitfalls to avoid. And, with […]
Configuring Fail2Ban on Zimbra
This article is a how-to guide on installing Fail2Ban to block attacking hosts using a null route or blackhole routes. This can help mitigate brute force attacks on Zimbra. Especially brute force attacks on SMTP are very common. Prerequisite: It is required the OIP configuration must be done before configuring Fail2Ban service. For a Single-Server […]
Zimbra with Let’s Encrypt Certificates a step-by-step guide
By Barry de Graaff on August 10, 2022 in Community, Security & Privacy, Zimbra Server, Zimbra SkillZ
This article is a step-by-step instruction on setting up a Zimbra with Let’s Encrypt certificates. If you are running a multi server installation of Zimbra it is recommended you set-up a dedicated VM for obtaining the Let’s Encrypt certificate and follow this blog. Prerequisites This guide assumes you are using Ubuntu 20 and you have […]
Zimbra SkillZ: Add an External Email Warning in Zimbra via the Admin Console
Hello Zimbra Customers, Partners & Friends, New with 9.0.0 Patch 25 and 8.8.15 Patch 32, you can add an external email warning in Zimbra using the Admin Console. An external email warning message alerts you when you receive email from an external domain. This is done using a Sieve filter, and it can be enabled […]