Search found 38 matches

by stefaniu.criste
Fri Jun 12, 2020 6:58 am
Forum: Administrators
Topic: Blocking SASL logins?
Replies: 10
Views: 7012

Re: Blocking SASL logins?

First of all, I must apologize for the previous post. I have pasted an incomplete rule (trimmed by nano editor) The correct rule is this: # log SASL auth if (($lgfile eq $config{CUSTOM2_LOG}) and ($line =~ /^\S+\s+\d+\s+\S+ \S+ postfix\/smtps\/smtpd\[\d+\]: warning:.*\[(\d+\.\d+\.\d+\.\d+)\]: SASL L...
by stefaniu.criste
Thu Jun 11, 2020 7:18 am
Forum: Administrators
Topic: Blocking SASL logins?
Replies: 10
Views: 7012

Re: Blocking SASL logins?

Hello we are using csf (configserver.com) as local firewall. Zimbra is running on CentOS 6 ( yes mom, we know EOL is near ) Please follow the firewall's documentation in order to properly install it. TEST before, not to lock tourself out! 1) edit /etc/csf/csf.conf and set the following constant (it ...
by stefaniu.criste
Fri Nov 01, 2019 11:11 am
Forum: Users
Topic: End of offline messages in browser ?
Replies: 0
Views: 6244

End of offline messages in browser ?

Hello all
Mozilla announces the deprecation of sideload extensions - https://blog.mozilla.org/addons/2019/10 ... xtensions/
I think this is going to affect the "offline messages" Zimbra feature
by stefaniu.criste
Mon Apr 01, 2019 9:06 am
Forum: Administrators
Topic: GuardianKey integration for painless high-security
Replies: 4
Views: 4560

Re: GuardianKey integration for painless high-security

Why should a provider send some (sensitive) data to be analyzed by a 3rd party provider, when Zimbra has builtin 2-factor authentication ?
by stefaniu.criste
Thu Feb 07, 2019 12:05 pm
Forum: Administrators
Topic: Migration Tool for Zimbra 8.8.11
Replies: 8
Views: 4173

Re: Migration Tool for Zimbra 8.8.11

Maybe imapsync is not the best tool, but worths a try
https://imapsync.lamiral.info/
by stefaniu.criste
Fri Aug 03, 2018 6:31 am
Forum: Administrators
Topic: Nginx fail to match virtual server name for imap and pop3
Replies: 5
Views: 2924

Re: Nginx fail to match virtual server name for imap and pop3

..... So is not possible in any way to have this feature on single server with single ip, maybe with one ip for each domain? .... You can use a compromise solution, at the other end of the issue chain. Suppose you have the main server hostname as zimbra.domain.tld and a few other domains running on...
by stefaniu.criste
Mon Jul 30, 2018 8:52 am
Forum: Administrators
Topic: Dictionary attack via IMAP ??
Replies: 4
Views: 3120

Re: Dictionary attack via IMAP ??

Besides this, wherever possible, use the 2 factor authentication feature.
by stefaniu.criste
Sun Jul 01, 2018 7:10 pm
Forum: Administrators
Topic: hardenize.com
Replies: 0
Views: 1136

hardenize.com

Site still in beta, but has some nice tests on both web and email security settings.
by stefaniu.criste
Tue May 22, 2018 10:01 am
Forum: Administrators
Topic: Blocking spoofed address
Replies: 1
Views: 1322

Re: Blocking spoofed address

Two quick ideas (you need however to find their outgoing IPs)

- you could block their sending IPs at the firewall level (rough and brute)
- you can set a local RBL and add their IPs, as well as other nasty spammers (harder to implement, but very elegant)