• Home

Reply by Filter Zimlet

While you could always configure Zimbra filters to send automated replies over CLI using:
/opt/zimbra/bin/zmmailbox -z -m account@domain.com afrl "Filter_name" 
active any address "to,cc" all is "alias@domain.com" reply "Auto reply message" stop
This feature was not available to the end user in the Web Interface. This Zimlet adds a button in Preferences -> Filters -> Create Filter to add this functionality. https://github.com/Zimbra-Community/reply-by-filter

2019 Crowdfunding poll

We have completed the Survey Monkey and the winner is Zimbra FOSS Two Factor authentication.

Based on the survey our initial focus will be Zimbra FOSS 2FA and that will probably be based on PrivacyIDEA and PrivacyIDEA LDAP proxy and will probably be made available via dockerhub.


Spoofing and Phishing Alert

In this post I like to introduce you to the Spoofing and Phishing Alert Zimlet (previously sa-alert). The goal of this Zimlet is to help users to identify spoofing and phishing and thus offer protection against it. While some parts of this Zimlet work automatically, it is not meant to be a fully automated plug-and-play solution and it is recommended you deploy it with a knowledgeable helpdesk/support staff to back it up.

This zimlet checks the result from Spam Assassin and alerts the user when certain tags are found. In addition it enforces the zimbraPrefShortEmailAddress setting to be FALSE as that allows the user to see the used email FROM address. The Zimlet also checks for suspicious characters in headers, like the NULL character etc. See also Mailsploit and bug 108709.

I deployed the Zimlet in an organisation with 700 users, and pointed the alertmail property to the helpdesk ticketing system, after a few weeks of increased incoming tickets and configuring the ignorelistReplyTo and ignorelistReturnPath the number of false positives dropped, and now the alert is really valuable to the user.