Zimbra Security Tip – Block Nested Spoofed “From:” Email Addresses

Email is one of the top attack vectors for getting inside an organization, and it is a known fact that we are more likely to open an email that purports to come from someone we know. The spammers of course know this too, and recently, they have been exploiting it …

Using Zimbra’s DoSFilter and Failed Login Lockout Policy Together

Zimbra’s DoSFilter (Denial of Service Filter) is a mechanism to throttle or block IP addresses that have a repeated number of failed logins to your Zimbra system.  Zimbra’s Classes of Service include a Failed Login Lockout policy that will put a mailbox in Locked Out mode, hopefully before a brute …

Zimbra Unattended Upgrades – Yes or No?

Security vs. Stability One challenge facing Linux system administrators is the tradeoff between security and the potential loss of stability when considering whether or not to enable “unattended upgrades”. When enabled, the operating system self-updates and reboots as necessary whenever package updates are released. In the case of public-facing Zimbra …