Zimbra Forums

Browsers (specifically Chrome) had already phased out the technology used by Offline mode, see viewtopic.php?f=15&t=68669

Additionally, 10.1.0 will be a bit more than 10.0.0 plus an additional tool. If you are a Network Edition customer, there is a Beta available (please contact the Sales for details). The Beta agreement includes an embargo, so you will not see information discussed here. Hi John What's the roadmap fo...

Hi Mark

I tried this, but I get an error "password login forbidden" when using curl this way. I can only access the vault with a browser (with the same password...), not with WebDAV.
Is this something Zimbra support needs to enable per location / per user?

Yes indeed. That's why I'm subscribed to (some of) their github repo's. But the proprietary parts are not visible there of course.

You can easily disable all DHE ciphers, just set zimbraSSLDHParam to an empty value: zmprov mcf zimbraSSLDHParam '' (that's an empty value between quotes). Btw, DHE ciphers are not vulnerable or "weak" in a cryptographic sense (when using a strong group), and FIPS mode will not disable the...

From time to time we have "runaway threads" that consume 100% CPU, a zmmailboxdctl restart "fixes" that (until it comes back).
Over the years we have had several exchanges with support about this, but so far no root cause has been identified.

Do you have zimbra-ldap-patch installed on your LDAP server(s)? Traditionally slapd was started as root (via sudo) to bind on port 389, and then dropped privileges to the zimbra user. This was changed some time ago to be started as zimbra, but with "cap_net_bind" capability to allow to bin...

No need for all this trickery, merely having cpio installed on your system doesn't make it vulnerable, only amavisd using it to extract untrusted input.
If you're on Zimbra 8.8.15 P40 / 9.0.0 P33 / 10.0.1 or newer, amavisd no longer uses cpio, even if pax is missing.

Removing cpio will break generation of initramfs on Red Hat based Linux distributions. This has been warned for on this forum before.

amavisd not using cpio anymore should be sufficient.