Results 1 to 5 of 5

Thread: Preventing admin from reading certain mailboxes

  1. #1
    Join Date
    Nov 2006
    Rep Power

    Default Preventing admin from reading certain mailboxes

    We'd like to know if there's a way to prevent the Zimbra admin from reading certain mail accounts of senior management, as their mailboxes will contain certain confidential material.

    Is there a way to do this? Many thanks in advance.

  2. #2
    Join Date
    Mar 2006
    Beaucaire, France
    Rep Power



    Anyway the messages are written on the server's harddrive in a readable format...

  3. #3
    Join Date
    Oct 2005
    Thatcher, AZ
    Rep Power


    You run into the "who polices the police" problem.

    I'm sure you could file a bug enhancement request for this feature, but anyone with root access can see the eml files anyway.

    You could set up a cron job to mail, rsync, or sftp the audit.log to someone. . .Allthough the log itself is still open to tampering.

  4. #4
    Join Date
    Feb 2006
    Rep Power


    You could use an email client (thunderbird, outlook (I assume), apple mail) that supports s/mime encryption. I assume that this is not yet supported by the zimbra web interface.

    Each person in the secure group would need certificates and public/private keys, which can be obtained from a certificate authority like Thawte.

    You will find lots of instructions if you google s/mime thawte. Add apple to the search if you are using a mac.
    Last edited by nxnw; 12-03-2006 at 10:34 AM.

  5. #5
    Join Date
    Aug 2005
    Rep Power


    There is an outstanding bug for fine-grained admin access control, which is slated for an upcoming release.

    After it is implemented, you'll be able to say at a fine-grained level what access you want an admin to have. For example, you could grant one admin access to reset passwords on certain accounts, but not change anything else, and another admin access to create domains but not change server info, etc.

    You'll also be able to grant "view mail" access to an admin on only certain mailboxes. Of course, if they have physical access to the machine and/or a root/zimbra login they will still be able to access the data.
    Bugzilla - Wiki - Downloads - Before posting... Search!

Similar Threads

  1. Replies: 6
    Last Post: 08-21-2007, 09:51 PM
  2. Replies: 9
    Last Post: 08-31-2006, 08:02 AM
  3. From POP3 and 100 scattered mailboxes to Zimbra
    By spiderman in forum Administrators
    Replies: 5
    Last Post: 08-11-2006, 08:00 PM
  4. How do I set Admin password?
    By sjames in forum Installation
    Replies: 4
    Last Post: 07-24-2006, 04:01 PM
  5. Move server to different OS
    By EriSan500 in forum Administrators
    Replies: 7
    Last Post: 03-05-2006, 12:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts