Search found 513 matches

by JDunphy
Fri Jun 02, 2017 12:47 pm
Forum: Administrators
Topic: Admin console services not running
Replies: 1
Views: 4351

Re: Admini console services not running

If zmcontrol status is working you are good. The admin console does the exact same thing. See this post for more information: https://forums.zimbra.org/viewtopic.php?f=13&t=60723&hilit=zmcontrol+status You need to figure out if the STATUS lines are being sent to the /var/log/zimbra-stats.log...
by JDunphy
Thu Jun 01, 2017 6:23 pm
Forum: Administrators
Topic: Mail Server was hacked
Replies: 3
Views: 2778

Re: Mail Server was hacked

This will sort by usage and list the ip's attempting access per account. It sort from highest to lowest with the ip access. My guess is you will see 100's of ip's for an account vs 1 ip address with 100's of accesses on the compromised account. It's a small single file perl script. Can grab the scri...
by JDunphy
Thu Jun 01, 2017 5:39 pm
Forum: Administrators
Topic: 8.7.x spam DMARC_FAIL_REJECT=9 for aol.com and zimbra.com
Replies: 13
Views: 8336

Re: 8.7.x spam DMARC_FAIL_REJECT=9 for aol.com and zimbra.com

As a followup of what I ended up doing. I went with a different solution for this rule instead of mitigating the problem for just AOL as I had initially planned. After more thought, I am staying with the approach that I have responsibility for email once the sending MTA hands off the email... no mat...
by JDunphy
Thu Jun 01, 2017 3:48 pm
Forum: Administrators
Topic: Mail Server for Private Usage Only
Replies: 9
Views: 2099

Re: Mail Server for Private Usage Only

Interesting... I know that I saw an admin zimlet but didn't enable it because it caused the java requirement after I did. I had thought it might add additional mgmt functions to create the keys/etc. What I did do is enable the s/mime java less feature for the user by clicking on that option under fe...
by JDunphy
Thu Jun 01, 2017 3:13 pm
Forum: Administrators
Topic: Mail Server for Private Usage Only
Replies: 9
Views: 2099

Re: Mail Server for Private Usage Only

About S/MIME... Mainly encryption is a job of the MUA (Mail User Agent), i.e. mail clients... As I can see Zimbra supports it in their web client but it needs Java, something that excludes smart phones. Anyway from a security perspective it's not so good to have all those private keys in a server.....
by JDunphy
Wed May 31, 2017 4:55 pm
Forum: Administrators
Topic: 8.7.x spam DMARC_FAIL_REJECT=9 for aol.com and zimbra.com
Replies: 13
Views: 8336

Re: 8.7.x spam DMARC_FAIL_REJECT=9 for aol.com and zimbra.com

Thanks Mark, It wasn't done like that but an unsophisticated aol user attempting to forward an email to a zimbra inbox to share some information. I am not sure the AOL users have the ability to 'edit as new' like zimbra users do. Its a sticky problem because AOL is the one asking for the reject in t...
by JDunphy
Wed May 31, 2017 2:56 pm
Forum: Administrators
Topic: 8.7.x spam DMARC_FAIL_REJECT=9 for aol.com and zimbra.com
Replies: 13
Views: 8336

Re: 8.7.x spam DMARC_FAIL_REJECT=9 for aol.com and zimbra.com

I now have this problem also. It doesn't seem reasonable to ask AOL users not to forward email. This meta rule is the cause of the problem and unique to Zimbra I believe. From salocal.cf: ifplugin Mail::SpamAssassin::Plugin::AskDNS askdns __DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT /^v\s*=DMARC1...
by JDunphy
Thu May 25, 2017 1:51 pm
Forum: Installation and Upgrade
Topic: 8.6 to 8.7 status shows stopped (SOLVED)
Replies: 5
Views: 14393

Re: 8.6 to 8.7 status shows stopped (SOLVED)

I had a similar issue and I've tried what you described here but didn't worked for me. My solution was: 1. open and edit the file: #nano /opt/zimbra/libexec/zmstatuslog 2. change the line: "my $TIMEOUT=60;" to "my $TIMEOUT=360;" 3. Save the file and wait around 5 minutes. This w...
by JDunphy
Fri Apr 28, 2017 1:44 pm
Forum: Administrators
Topic: Another Letsencrypt method
Replies: 111
Views: 186632

Re: Success with Another Letsencrypt method

2. Now you need to copy the: /home/your_non_root_user/.acme.sh folder with your new certs to your: /opt/letsencrypt directory. I added the following two lines to Jim's deploy-zimbra-letsencrypt.sh script: cd /opt/letsencrypt /bin/cp -rf /home/your_non_root_user/.acme.sh . Very nice! I will include ...
by JDunphy
Thu Apr 27, 2017 3:14 pm
Forum: Administrators
Topic: Another Letsencrypt method
Replies: 111
Views: 186632

Re: Another Letsencrypt method

Will I be allowed to replace the certs before expiry? Yes... acme.sh now uses 60 days as does letsencrypt I believe since I first began this thread last fall, but if you want to do it sooner... just add the --force option to acme.sh when you issue/renew them. This free cert thing is hard to get use...

Go to advanced search