Search found 226 matches

by barrydegraaff
Wed Feb 14, 2024 7:45 am
Forum: Administrators
Topic: New CPIO vulnerability (CVE-2023-7216). Zimbra affected?
Replies: 7
Views: 1051

Re: New CPIO vulnerability (CVE-2023-7216). Zimbra affected?

Meanwhile you can remove cpio from your OS installation if it is not used by anything else. The only thing in Zimbra that is using it is the init script for zmconvertd, so if you do not use that service, it should be OK to remove cpio.
by barrydegraaff
Thu Jan 25, 2024 6:40 am
Forum: Zimlets
Topic: Rocket Chat Zimlet IFrame not allowed in modern browsers
Replies: 3
Views: 8729

Re: Rocket Chat Zimlet IFrame not allowed in modern browsers

RocketChat iFrame integration only supports log-in, there is nothing that performs a log-out.
by barrydegraaff
Thu Dec 28, 2023 9:19 am
Forum: Administrators
Topic: SMTP Smuggling - Spoofing E-Mails Worldwide
Replies: 11
Views: 72157

Re: SMTP Smuggling - Spoofing E-Mails Worldwide

See also: https://blog.zimbra.com/2023/12/zimbra-and-smtp-smuggling-attack-on-postfix/ I did configure `smtpd_discard_ehlo_keywords=chunking` on my personal Postfix mail server, and I see in the logs: discarding EHLO keywords: CHUNKING This is also logged for some legitimate email, but even with the...
by barrydegraaff
Tue Dec 19, 2023 1:49 pm
Forum: Administrators
Topic: Another Letsencrypt method
Replies: 154
Views: 529835

Re: Another Letsencrypt method

JDunphy wrote: Tue Oct 24, 2023 4:34 pmHoping this is the last comment on this thread
You wish :D
by barrydegraaff
Tue Dec 19, 2023 1:47 pm
Forum: Administrators
Topic: Another Letsencrypt method
Replies: 154
Views: 529835

Re: Another Letsencrypt method

Support for ECDSA TLS (elliptic curve cryptography ECC) certificates has been added to Zimbra zmcertmgr from Zimbra versions 10.0.6, Joule-8.8.15-Patch-45, Kepler-9.0.0-Patch-38. Meaning you can run certbot without the need for --key-type rsa or using a manual key length. The wiki has been updated: ...
by barrydegraaff
Wed Nov 22, 2023 6:12 am
Forum: Administrators
Topic: after 1 month using new client modern
Replies: 17
Views: 49320

Re: after 1 month using new client modern

I have added more details on the enabling of this Zimlet in https://blog.zimbra.com/2023/11/how-to- ... gear-menu/
by barrydegraaff
Tue Nov 21, 2023 5:15 pm
Forum: Administrators
Topic: after 1 month using new client modern
Replies: 17
Views: 49320

Re: after 1 month using new client modern

To enable to option to go to Classic from Modern UI gear menu, you have to enable this Zimlet:
zdnFkXF2jd8wHuDy.jpeg
zdnFkXF2jd8wHuDy.jpeg (82.6 KiB) Viewed 6319 times
It will then show as follows:
Jo900Nrn7u06kj0y.jpeg
Jo900Nrn7u06kj0y.jpeg (94.65 KiB) Viewed 6319 times
by barrydegraaff
Thu Nov 16, 2023 8:43 am
Forum: Administrators
Topic: Where to find the latest Zimbra (upgrade) documentation?
Replies: 0
Views: 63342

Where to find the latest Zimbra (upgrade) documentation?

The latest documentation for Zimbra Network Edition can be found on our documentation Github page, here are some direct links: https://zimbra.github.io/documentation/zimbra-10/index.html Upgrade Instructions (EN) https://zimbra.github.io/documentation/zimbra-10/upgrade.html System Requirements (EN) ...
by barrydegraaff
Wed Nov 15, 2023 9:38 am
Forum: Administrators
Topic: Zimbra generates and validates DKIM but sent messages "not signed"
Replies: 2
Views: 4180

Re: Zimbra generates and validates DKIM but sent messages "not signed"

Check if your DKIM key is actually in LDAP: zmprov -l gd your-domain-here.tld | grep -i dkim -C 10 Then check if you have OpenDKIM service enabled (should return opendkim in the list): zmprov gs `zmhostname` zimbraServiceEnabled Then perhaps you have set Relay MTA for external delivery , check this ...
by barrydegraaff
Tue Nov 07, 2023 6:33 am
Forum: Administrators
Topic: [FIXED] Variation on the theme: invoke PKIX path building failed...
Replies: 5
Views: 8408

Re: [FIXED] Variation on the theme: invoke PKIX path building failed...

Double check you are getting an RSA certificate from Let's Encrypt use option: --key-type rsa

Throw away your old Let's Encrypt folder from /etc/letsencrypt and try again.