Using Zimbra with strong TLS configuration

Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence. (further reading: https://www.internetsociety.org/deploy360/tls/basics)

In this article you will learn how to configure Zimbra to use only strong encryption ciphers for TLS.

Further reading: https://wiki.zimbra.com/wiki/Cipher_suites

Spoofing and Phishing Alert

In this post I like to introduce you to the Spoofing and Phishing Alert Zimlet (previously sa-alert). The goal of this Zimlet is to help users to identify spoofing and phishing and thus offer protection against it. While some parts of this Zimlet work automatically, it is not meant to be a fully automated plug-and-play solution and it is recommended you deploy it with a knowledgeable helpdesk/support staff to back it up.

This zimlet checks the result from Spam Assassin and alerts the user when certain tags are found. In addition it enforces the zimbraPrefShortEmailAddress setting to be FALSE as that allows the user to see the used email FROM address. The Zimlet also checks for suspicious characters in headers, like the NULL character etc. See also Mailsploit and bug 108709.

I deployed the Zimlet in an organisation with 700 users, and pointed the alertmail property to the helpdesk ticketing system, after a few weeks of increased incoming tickets and configuring the ignorelistReplyTo and ignorelistReturnPath the number of false positives dropped, and now the alert is really valuable to the user.