Not exactly.

If you don't use the zimbra repository (installing with the local files from the TGZ) you won't get the patch.
You have to enable the repo during setup, then setup will downloaded updated files with patches included.

This is because of the last patch.
Zimbra/Synacor is very aware of it.

You have to host your files elsewhere (on a web server) and include them as HTML in the signature.

The domain cert you're using only works in nginx, not postfix (there are several threads on this). If you want to "fix" this the easiest way is to use a single certificate based on a CSR that includes all the FQDN you want. You might want to check the last Let'sEncrypt tool for ZCS, as it ...

If you do that, you'll delete the BLOB (the file on the server) while the rest of the system (database containing the list of messages per user) will not be aware of it. For the system (IMAP, POP, webmail), the message will still exist but as the file won't be here any more you'll get "missing ...

Le forum francophone est ici : https://www.zimbrafr.org/

Are the domains (webex.com at least) allowed for the CoS you're using for these users?

I'll have a deeper look during the week-end. PS... learned of a zero day nginx this morning ZDI-CAN-8296. Doesn't effect Zimbra from my understanding but we need more tools because who can keep up??? Yes, seen that yesterday. 1.x versions of nginx are impacted. However, considering how nginx is comp...

You're back?

June is starting in a nice way.

The patch to avoid this have been available for more than a month now.

You're not fixing the hack until you have patched your server and clean it up fully.