Tag Archives | zimbra security

Zimbra SkillZ: How to use Zimbra with multiple HTTPS domains (Server Name Indication)

This article is a short how-to on making your Zimbra reachable via multiple HTTPS domains. This will allow your users to reach Zimbra using different URL’s such as: https://mail.zimbra.com and https://mail.zimbra.org. Set-up initial TLS certificate Set-up Zimbra to work with the fist HTTPS domain. Install the certificate obtained from your Certificate Authority by using one […]

Continue Reading 2

Zimbra SkillZ: How to create the certificate chain

Hello Zimbra Customers, Partners & Friends, This video is a practical how to on creating the certificate chain file. The certificate chain file usually named commercial_ca.crt and it is needed to deploy TLS certificates on Zimbra. If you’re interested, you can also read our Wiki article about Creating the Certificate Chain. Thanks, Your Zimbra Team

Continue Reading 0

Implementing a CSRF check on a Zimbra extension

Hello Zimbra Customers, Partners & Friends, In this article you will learn how to implement a CSRF check in a Zimbra extension. The Java project and source code can be found at https://github.com/Zimbra/zm-extension-guide. In many cases the Cross-Origin-Resource-Policy in the web browser and the setting of the SameSite=Strict attribute on the authentication cookie will provide […]

Continue Reading 0

Email security webinar about MTA STS, TLS RPT, and BIMI

Hello Zimbra Customers, Partners & Friends, Zimbra’s Barry de Graaff and Randy Leiker from Skyway Networks team up for a new webinar series focused on Email Security. These hands-on webinars will include practical how-to information and best practices to help you maximize Zimbra. Learn how to fine-tune key security standards like SPF, DKIM, DMARC, MTA-STS, […]

Continue Reading 0

Zimbra SkillZ: Confidential Header Zimlet

Hello Zimbra Customers, Partners & Friends, The Confidential Header Zimlet implements the reading and setting of the Sensitivity header RFC2156 in the Zimbra Modern UI. For consistency, it is implemented the same way as in MS Outlook. Configuring Zimbra To allow the setting of the Sensitivity header, enable it on the Zimbra server: zmprov mcf […]

Continue Reading 2

Zimbra SkillZ: Enable DANE Verification for Incoming Email in Zimbra

Hello Zimbra Customers, Partners & Friends, In this post, you’ll learn how to enable DANE for incoming email in Zimbra. DANE is a security protocol that adds additional verification of a TLS certificate. We covered setting up DANE for outgoing email in this post. Here’s some background … Email is sent over the internet with […]

Continue Reading 0

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures