Search found 1694 matches

by L. Mark Stone
Thu Oct 18, 2018 12:21 pm
Forum: Installation and Upgrade
Topic: Installation architecture
Replies: 8
Views: 1210

Re: Installation architecture

Thanks for your input Mark ! Glad that helped! And to your original question "Are there any other considerations I should take into account on the new setup ?" I'd recommend leveraging the variety of new security services within Zimbra. -- Postscreen will reduce the number of junk emails ...
by L. Mark Stone
Thu Oct 18, 2018 12:12 pm
Forum: Administrators
Topic: High Availability Server Clustering
Replies: 3
Views: 91

Re: High Availability Server Clustering

Hi, Thanks for update. I'm planning to purchase "Professional Edition" to configure HA cluster with Zimbra. My requirement is to configure two servers in two DC, so if there any problem in one DC, i can still have my service from other DC. Before purchasing just want to make sure, if its ...
by L. Mark Stone
Wed Oct 17, 2018 9:44 pm
Forum: Installation and Upgrade
Topic: Installation architecture
Replies: 8
Views: 1210

Re: Installation architecture

No benefit to security. Spam checks are by domain as well as by IP (and content). So if you allow compromised mailboxes to send enough spam to get you blacklisted, changing MTAs or ip addresses won’t fix anything. If anything, ip addresses that are new sources of email are ranked with heightened sus...
by L. Mark Stone
Wed Oct 17, 2018 2:52 am
Forum: Administrators
Topic: Securing Zimbra
Replies: 2
Views: 286

Re: Securing Zimbra

So FWIW 8.8.8 is now past end of General Support https://www.zimbra.com/support/support-offerings/product-lifecycle/ But an upgrade I suspect won't fix your issue. The attribute you changed controls only how mailboxd listens for connections from the nginx proxy; it does not control how the backend o...
by L. Mark Stone
Wed Oct 17, 2018 2:36 am
Forum: Administrators
Topic: ranked autocomplete lookup fails after upgrade to 8.8.8
Replies: 3
Views: 314

Re: ranked autocomplete lookup fails after upgrade to 8.8.8

Hi everyone, Just a bump here. If anyone can offer assistance with this, it would be greatly appreciated! FWIW, 8.8.8 is now past End of General Support. See https://www.zimbra.com/support/support-offerings/product-lifecycle/ Suggest upgrading to 8.8.10 (Patch 1 was released today) and retest. Hope...
by L. Mark Stone
Tue Oct 16, 2018 3:34 pm
Forum: Administrators
Topic: [Zimbra FOSS 8.8.10] Multi-server installation cannot authenticate against ldap replica
Replies: 5
Views: 735

Re: [Zimbra FOSS 8.8.10] Multi-server installation cannot authenticate against ldap replica

Let's check some more basics then. Please also don't obfuscate your FQDNs and IP addresses. If you environment is secured properly your actual FQDNs and IP addresses cannot help facilitate an exposure, and in any event most will be contained in all of your outbound email headers anyway. So on every ...
by L. Mark Stone
Mon Oct 15, 2018 3:38 pm
Forum: Installation and Upgrade
Topic: Installation architecture
Replies: 8
Views: 1210

Re: Installation architecture

For 250 users to get a little redundancy I’d install a standard single standalone server, and then add a second server as an LDAP replica, proxy and MTA server.

Hope that helps,
Mark
by L. Mark Stone
Sun Oct 14, 2018 5:54 pm
Forum: Administrators
Topic: reveal IP connection source from bruteforce authentication attempt
Replies: 13
Views: 1739

Re: reveal IP connection source from bruteforce authentication attempt

This scenario is what Zimbra’s DoSFilter or fail2ban are intended to address: block an offending IP address for some amount of time — before an account is hacked. Probably you already know that 8.6 is past end of life, so no more security fixes. Nginx is much better at handling this sort of nonsense...
by L. Mark Stone
Sun Oct 14, 2018 2:03 pm
Forum: Administrators
Topic: reveal IP connection source from bruteforce authentication attempt
Replies: 13
Views: 1739

Re: reveal IP connection source from bruteforce authentication attempt

First step is to configure Zimbra to log the originating IP address; there's a wiki for that: https://wiki.zimbra.com/wiki/Log_Files#Logging_the_Originating_IP You don't say what version of Zimbra you are running but I am going to presume you have Zimbra proxy running (required on all supported vers...

Go to advanced search