Search found 74 matches

by gabrieles
Thu May 16, 2019 8:37 am
Forum: Users
Topic: Out of office HTML
Replies: 0
Views: 251

Out of office HTML

Hi all, is there a way to use html in Out-Of-Office messages? I've done some search but there's no much. I found that Out-Of-Office are considered MDN, and therefore must be compliant to RFC 2298. RFC 2298 is very strict about the message format. Among the restriction there are: - Specific format, o...
by gabrieles
Fri May 10, 2019 12:09 pm
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 103
Views: 45870

Re: CVE-2019-9670 being actively exploited

complete with usernames and passwords? The only cleartext passwords that zimbra stores on a file are those on /opt/zimbra/conf/localconfig.xml. And are the passwords that let access the ldap. And you can change them in no time with zmldappasswd Passwords are not stored anywhere. Only salted hashes....
by gabrieles
Mon May 06, 2019 2:32 pm
Forum: Administrators
Topic: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp
Replies: 15
Views: 3796

Re: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

Ok, have you looked if your installation is actually compromised?
That 100% cpu, and the crontab issues are typical symptoms of the dblaunchs infection.

viewtopic.php?f=15&t=66089
by gabrieles
Mon May 06, 2019 12:38 pm
Forum: Administrators
Topic: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp
Replies: 15
Views: 3796

Re: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

maillo wrote:After replacing jetty directory there is still problem with 100% CPU usage. Seems like digging. Anyone know how to stop it?

Have you patched? have you done a zmcontrol restart? What process is causing high CPU usage? Less info you give, less help you will get...
by gabrieles
Mon May 06, 2019 7:59 am
Forum: Administrators
Topic: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp
Replies: 15
Views: 3796

Re: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

I've just restored a compromised customer Do a quick search under the usual jetty folders: find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30 If you find files like: /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp /opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp you've been hacked. Un...
by gabrieles
Fri May 03, 2019 3:15 pm
Forum: Administrators
Topic: downloads folder compromised dblaunchs malware
Replies: 16
Views: 3042

Re: downloads folder compromised dblaunchs malware

The synmptoms seem to point to something similar to what is described here: https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html?_ga=2.82399958.1553387446.1556607869-527549934.1556607869 indicating it is related to a webdav vulnerability. One of the first line...
by gabrieles
Fri May 03, 2019 2:08 pm
Forum: Administrators
Topic: downloads folder compromised dblaunchs malware
Replies: 16
Views: 3042

Re: downloads folder compromised dblaunchs malware

I've already suggested this, read the forum thread on the recent CVE for Zimbra and you'll also find details on what needs to be done to clean your server. It's always good practice to search the forums before posting, you're most likely to find an answer. The CVE is the same but the attack vector ...
by gabrieles
Thu Mar 28, 2019 4:43 pm
Forum: Migration
Topic: MDaemon to Zimbra via imapsync
Replies: 2
Views: 1740

Re: MDaemon to Zimbra via imapsync

Can't find any deep article on administrative login on mdaemon. Usually when you need particular syntax (like dovecot's Master User), you'll find a lot of articles about it. Or when a particular system does not support it (like Axigen). It makes me suppose that mdaemon syntax could be quite simple (...
by gabrieles
Thu Mar 28, 2019 2:33 pm
Forum: Administrators
Topic: Download search for Delegated Admins
Replies: 0
Views: 427

Download search for Delegated Admins

Hi, i would like to give a delegated admin the ability do download a search result list. The feature is enabled for Global Admins, when you search anything you can save the results in csv: dwld.png That particular menu item lacks for delegated admins, and i can't find the correct right/view to give....

Go to advanced search