Authentication Bypass in MailboxImportServlet vulnerability (reminder)

Looking for an old zimlet

Interested in talking about Mash-up's? This is the place.
Posts: 2
Joined: Tue Nov 16, 2021 2:27 pm

Looking for an old zimlet

Postby tastle73 » Fri Jan 06, 2023 2:01 pm

I stumbled upon this blog online ... antly.html that refers to a seemingly long-gone zimlet by Barry Degraaf

What it does is look though the x-spam headers and if it finds certain spam tags, such as a spoofed domain or external email, it puts a yellow warning message in the body of the email message in the webui.

For the life of me, I cannot find this zimlet and my attempts to recreate it in javascript have been unsuccessful.

I'd love to find this if possible!

Posts: 27108
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: Looking for an old zimlet

Postby phoenix » Wed Jan 11, 2023 3:45 pm

You might find it more useful to install Rspamd as it already has a phishing module: - and, IMO, it's relatively trivial to install.


Rspamd: A high performance spamassassin replacement

Per ardua ad astra
User avatar
Zimbra Employee
Zimbra Employee
Posts: 181
Joined: Tue Jun 17, 2014 3:31 am

Re: Looking for an old zimlet

Postby barrydegraaff » Tue Jan 17, 2023 11:08 am

This Zimlet was removed as by itself it does not do anything, and it needs to be configured by the admin for it to become useful, in the end it is just not providing a good enough protection.

I re-uploaded the sources for your educational purpose here: ... doBJX9FKSo
Barry de Graaff
Admin of Zimbra-Community Github: and the
Zimlet Gallery

Return to “Zimlets”

Who is online

Users browsing this forum: No registered users and 2 guests