Fail2Ban and PCRE Script Using Zimbra’s Daily Mail Report

While Fail2Ban’s automation works great, we find that reviewing the “Recipient address rejected” section of Zimbra’s Daily Mail Report yields evidence of potential Advanced Persistent Threats as well as probes from senders whom you’d like to block. Manually grepping through /var/log/zimbra.log* on the logger host to find the sender’s IP …

InboxExpo Key Email Deliverability Takeaways for B2B Senders

Enhancing Email Deliverability for B2B senders’ outbound transactional and marketing emails was a core track at last week’s InboxExpo. This post covers several key takeaways to help you improve your B2B email deliverability. In case you missed it, to further reduce spam and domain spoofing specifically,  Google and Yahoo (affectionately …

Zimbra Fail2Ban Best Practices – Updated for 2024

This post contains our current Zimbra Fail2Ban Best Practices and will show you how to configure Fail2Ban optimally on your Zimbra servers. Bad actors, overly aggressive marketing companies and others clog up our Inboxes with unwanted emails, and increase the load on our Zimbra servers. While Fail2Ban will effectively block …

Host Your MTA-STS Text File on Amazon Web Services For Pennies Per Month

We know that deploying MTA-STS better secures inbound email and can prevent MITM and downgrade attacks. But you need a public web server to host the ~/.well-known/mta-sts.txt file.  Not everyone has access to a web server they can use for this purpose, and even if they did, securing, patching, monitoring …

Zimbra Security Tip – Regulate Outbound Traffic With Stateful Firewalls

Historically, Zimbra firewalling has focused on regulating only Inbound traffic, but we can better protect our Zimbra systems if we also regulate Outbound traffic by using a Stateful Firewall. What Is a Stateful Firewall? Stateful firewalls, which now account for the majority of SMB and enterprise grade firewalls, can track …

Secure Your Zimbra Distribution Lists From Bad Actors

Zimbra’s Distribution Lists are widely deployed on account of their powerful productivity-enhancing features, but in a default Zimbra installation, anyone anywhere can send email to any of your distribution lists — lists like “everyone@mycompany.com” are particularly ripe for exploitation by bad actors.  This post will show you how to secure your …