Archive for December, 2017

Spoofing and Phishing Alert

In this post I like to introduce you to the Spoofing and Phishing Alert Zimlet (previously sa-alert). The goal of this Zimlet is to help users to identify spoofing and phishing and thus offer protection against it. While some parts of this Zimlet work automatically, it is not meant to be a fully automated plug-and-play solution and it is recommended you deploy it with a knowledgeable helpdesk/support staff to back it up.

This zimlet checks the result from Spam Assassin and alerts the user when certain tags are found. In addition it enforces the zimbraPrefShortEmailAddress setting to be FALSE as that allows the user to see the used email FROM address. The Zimlet also checks for suspicious characters in headers, like the NULL character etc. See also Mailsploit and bug 108709.

I deployed the Zimlet in an organisation with 700 users, and pointed the alertmail property to the helpdesk ticketing system, after a few weeks of increased incoming tickets and configuring the ignorelistReplyTo and ignorelistReturnPath the number of false positives dropped, and now the alert is really valuable to the user.



Zimbra Drive vs Nextcloud Zimlet

Now that Zimbra Drive is released as an installation option in Zimbra Open-Source edition, I often talk to people that are not aware that Zimbra Drive is developed separately from Nextcloud Zimlet (Zimbra WebDAV Client).

While both products allow you to integrate Nextcloud/ownCloud in your Zimbra, there are some differences. That I’ll show you in this post.
WebDAV Client Zimbra Drive
WebDAV protocol yes no
OnlyOffice yes no
Collabora no yes
Markdown yes* no *Support rendering Markdown. Directly edit from Zimbra, the text source file.
Document Preview yes yes
Require Nextcloud APP no yes
Support SSO to Nextcloud no* yes *WebDAV Client supports storing the password on Zimbra LDAP (in plain text)
Support Windows File Shares via external storage yes no* *You can store the credentials of a share in Nextcloud, but that means all users would use a single set of credentials
Supported by Zimbra no yes
Rebranding yes no


Zimbra WebDAV Client now fully supports previewing in OnlyOffice (Screenshot).

In my experience, Collabora (LibreOffice) creates documents that are 100% compatible with LibreOffice, while OnlyOffice creates documents that are 100% compatible with Microsoft Office. In addition when one exports to a PDF the documents from Collabora are more compatible with jsPDF (so you can embed it in WordPress).

If it comes to the configuration, Zimbra Drive is pre-configured by the administrator that can set the Nextcloud servers to use per cos/domain etc. Zimbra WebDAV Client allows the admin to set default settings (can be based on Zimbra’s public URL) and set a list of allowed domains. The user is able to configure the settings of Zimbra WebDAV Client to use whatever Nextcloud desired (if the admin allows the domain).

Did I overlook a feature? Comment below and I add it to the table.