Search found 107 matches

by gabrieles
Tue May 21, 2019 7:52 am
Forum: Migration
Topic: Difference in size of Mailboxes after migration
Replies: 1
Views: 1196

Re: Difference in size of Mailboxes after migration

It's related to the lable concept. Gmail does not works with folders and subfolder but with label. When it comes to "translate" that in an IMAP tree structure, Gmail maps every label to a folder. If you have a message that has two labels A and B, you will have two folders A and B each one ...
by gabrieles
Tue May 21, 2019 7:49 am
Forum: Administrators
Topic: storage
Replies: 1
Views: 315

Re: storage

The primary storage is frequently read/written, so an S3 bucket will be extremely expensive. Zimbra does not support it natively for the primary volume. If you want to test it, you must mount your volume as per your provider instructions. I tested it on AWS last year. One day of use of a test machin...
by gabrieles
Thu May 16, 2019 8:37 am
Forum: Users
Topic: Out of office HTML
Replies: 0
Views: 840

Out of office HTML

Hi all, is there a way to use html in Out-Of-Office messages? I've done some search but there's no much. I found that Out-Of-Office are considered MDN, and therefore must be compliant to RFC 2298. RFC 2298 is very strict about the message format. Among the restriction there are: - Specific format, o...
by gabrieles
Fri May 10, 2019 12:09 pm
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 138204

Re: CVE-2019-9670 being actively exploited

complete with usernames and passwords? The only cleartext passwords that zimbra stores on a file are those on /opt/zimbra/conf/localconfig.xml. And are the passwords that let access the ldap. And you can change them in no time with zmldappasswd Passwords are not stored anywhere. Only salted hashes....
by gabrieles
Mon May 06, 2019 2:32 pm
Forum: Administrators
Topic: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp
Replies: 16
Views: 5578

Re: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

Ok, have you looked if your installation is actually compromised?
That 100% cpu, and the crontab issues are typical symptoms of the dblaunchs infection.

viewtopic.php?f=15&t=66089
by gabrieles
Mon May 06, 2019 12:38 pm
Forum: Administrators
Topic: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp
Replies: 16
Views: 5578

Re: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

maillo wrote:After replacing jetty directory there is still problem with 100% CPU usage. Seems like digging. Anyone know how to stop it?

Have you patched? have you done a zmcontrol restart? What process is causing high CPU usage? Less info you give, less help you will get...
by gabrieles
Mon May 06, 2019 7:59 am
Forum: Administrators
Topic: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp
Replies: 16
Views: 5578

Re: HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

I've just restored a compromised customer Do a quick search under the usual jetty folders: find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30 If you find files like: /opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp /opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp you've been hacked. Un...
by gabrieles
Fri May 03, 2019 3:15 pm
Forum: Administrators
Topic: downloads folder compromised dblaunchs malware
Replies: 16
Views: 4518

Re: downloads folder compromised dblaunchs malware

The synmptoms seem to point to something similar to what is described here: https://confluence.atlassian.com/doc/confluence-security-advisory-2019-03-20-966660264.html?_ga=2.82399958.1553387446.1556607869-527549934.1556607869 indicating it is related to a webdav vulnerability. One of the first line...

Go to advanced search