Results 1 to 7 of 7

Thread: Securing Zimbra

Hybrid View

  1. #1
    Join Date
    Jan 2011
    Posts
    14
    Rep Power
    4

    Default Securing Zimbra

    Recently I decided to install the zimbra open source edition on a virtual machine at home. I gave it a good administrator password during installation, will be setting up a firewall, and set zimbra to always redirect users to the https page, so the client connections are always encrypted.

    As far as security goes, is there anything else that I'm missing that I should do before I let clients connect to my zimbra server over the internet?
    I realize that security is a huge topic, but I'm just wondering if there is anything obvious that I am missing that must be done before a nearly default install of zimbra can be opened to the internet.

    PS. I have already run tests to see if it actually works, and I can send and receive email without a problem from gmail, so I'm not worried about functionality here - only security.

  2. #2
    Join Date
    Jan 2011
    Posts
    14
    Rep Power
    4

    Default

    Anyone? I could really use some advice.

  3. #3
    Join Date
    Feb 2009
    Location
    Lecco, Italy
    Posts
    554
    Rep Power
    7

    Default

    As long as you secured your operating system Zimbra itself doesn't have any special configuration. It's pretty safe as is. Use secure passwords and open just ports you need outside and you're done.
    YetOpen S.r.l. ~ Your open source partner
    Lecco (LC) - ITALY
    http://www.yetopen.it

  4. #4
    Join Date
    Jan 2011
    Posts
    14
    Rep Power
    4

    Default

    Quote Originally Posted by maxxer View Post
    As long as you secured your operating system Zimbra itself doesn't have any special configuration. It's pretty safe as is. Use secure passwords and open just ports you need outside and you're done.
    Awesome! Thanks!

  5. #5
    Join Date
    Jul 2007
    Posts
    343
    Rep Power
    8

    Default

    Keep zmtlsctl mode to https.
    ~=Prashant=~

  6. #6
    Join Date
    Jan 2011
    Posts
    14
    Rep Power
    4

    Default

    Quote Originally Posted by prashant View Post
    Keep zmtlsctl mode to https.
    I set it to "redirect" so that clients that punch in an HTTP url get redireted to the HTTPS one. Is there some problem doing it that way?

  7. #7
    Join Date
    Jul 2007
    Posts
    343
    Rep Power
    8

    Default

    Quote Originally Posted by hellspawn View Post
    I set it to "redirect" so that clients that punch in an HTTP url get redireted to the HTTPS one. Is there some problem doing it that way?
    No Problem...
    ~=Prashant=~

Similar Threads

  1. Securing a zimbra server, fail2ban
    By batfastad in forum Administrators
    Replies: 9
    Last Post: 03-27-2014, 07:06 AM
  2. Securing Ubuntu Server running Zimbra
    By AutootuA in forum Administrators
    Replies: 5
    Last Post: 02-17-2010, 06:53 AM
  3. Securing Zimbra Desktop
    By xpinx2pin in forum General Questions
    Replies: 0
    Last Post: 08-04-2009, 01:18 AM
  4. Securing Zimbra in a DMZ
    By fivefive1978 in forum Migration
    Replies: 0
    Last Post: 01-16-2008, 11:31 AM
  5. Securing Zimbra MTA
    By tron in forum Administrators
    Replies: 14
    Last Post: 02-16-2006, 08:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •