Zimbra Forums

The files mentioned in the patches do exist in 9.0 NE.

Hi. I was wondering if it's possible to delay all the outgoing email, something like the undo send zimlet, but done automatically for all the sent emails. I was looking at the undo send source code but I don't know where to find the APIs of the zimlet object. I mean, I found the API docs here , but ...

phoenix wrote:Correct and sad, isn't it?

Tony replied!!

https://bugzilla.zimbra.com/show_bug.cgi?id=109428

I guess we are too take them at their word that they looked into their code because it kind of looks like CVE-2019-17571 is a problem. It could also be that lunasec has included this hash when it should not have been but more than likely they feel that CVE-2019-17571 is a concern with so many eyes ...

Thanks everyone for investigating and reporting back! From what I could understand, the main attack vector are HTTP calls. Would it be of any help blocking all requests containing jndi in the URI or UA? I made up this rule for nginx: if ($http_user_agent ~* (jndi) ) { return 403; } location ~* jndi...

rholighaus wrote:I have created a bug to force Synancor into action:

https://bugzilla.zimbra.com/show_bug.cgi?id=109428

Unfortunately they don't use (care) about Bugzilla anymore

Thanks everyone for investigating and reporting back! From what I could understand, the main attack vector are HTTP calls. Would it be of any help blocking all requests containing jndi in the URI or UA? I made up this rule for nginx: if ($http_user_agent ~* (jndi) ) { return 403; } location ~* jndi ...

Ok searching with conv:"-something" works. From zmmailbox 'conv:"-id"'

Hi. I've deleted the wrong messages from my inbox, I've restored them from trash but I've lost their state (read/unread). I'd like to check them manually, so I extracted the message id and conversation id from mailbox.log, unfortunately I'm able to search only for positive conv id, negative ones (wh...

I added log4j.logger.zimbra.lmtp=DEBUG to conf/log4j.properties but all I can get is this 2021-06-17 09:43:32,431 DEBUG [LmtpServer-321] [ip=2.3.8.1;] lmtp - connected 2021-06-17 09:43:32,670 DEBUG [LmtpServer-321] [ip=2.3.8.1;] lmtp - Creating ParsedMessage from memory with attachment indexing enab...