Results 1 to 4 of 4

Thread: Zimbra Mail Server Security Issue

  1. #1
    chintan.ghantiwala is offline Junior Member
    Join Date
    Sep 2013
    Posts
    6
    Rep Power
    1

    Exclamation Zimbra Mail Server Security Issue

    Hello,

    I have issue with my Zimbra Mail Server 6.0.7. In that i have configured HTTPS for client login and for whole session. but it stills communicate in http based authentication. due to that some sniffing softwares are easily sniffing details.

    So how do i configure completely HTTPS in Mail server from login session to end of session.

    Please provide some help to resolve this issue.

  2. #2
    chauvetp is offline Elite Member
    Join Date
    Apr 2008
    Location
    New Paltz, NY
    Posts
    335
    Rep Power
    7

    Default

    See this page for more info. You should probably set the mode to redirect where your users will be switched to https if they go to http.
    CLI zmtlsctl to set Web Server Mode - Zimbra :: Wiki
    ---
    Paul Chauvet
    State University of New York at New Paltz

  3. #3
    chintan.ghantiwala is offline Junior Member
    Join Date
    Sep 2013
    Posts
    6
    Rep Power
    1

    Default

    I have already set to zmtlsctl https. but it is still communicating in http mode while we enter username and password. Software are Cain and able are very easily steal account details.

    So Is there any way to stop stealing.

  4. #4
    chauvetp is offline Elite Member
    Join Date
    Apr 2008
    Location
    New Paltz, NY
    Posts
    335
    Rep Power
    7

    Default

    Just use redirect - not mixed. Then all traffic is (as it should be) https. The entire session should be over https for email. Its not like SSL adds any significant overhead with processing power as it is these days.
    ---
    Paul Chauvet
    State University of New York at New Paltz

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 8
    Last Post: 02-26-2012, 08:59 AM
  2. Replies: 3
    Last Post: 08-02-2011, 12:19 AM
  3. Security issue
    By esantos in forum Administrators
    Replies: 4
    Last Post: 07-20-2011, 06:45 AM
  4. More a hacker/security question than a Zimbra issue
    By rusty in forum Administrators
    Replies: 13
    Last Post: 09-22-2010, 04:30 AM
  5. [SOLVED] Zimbra Primary Server incoming mail issue
    By borngunners in forum Migration
    Replies: 2
    Last Post: 09-25-2009, 11:30 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •