grs blog

  • zimbra: multiple letsencrypt certificates and Unable to start TLS error

    The following guide is tested against zimbra 8.8: Installing a Let’s Encrypt SSL Certificate If this error occurs: ‘Unable to start TLS: hostname verification failed when connecting to ldap master.‘ make sure you have included your hostname in your letsencrypt signing domains and follow the guide once again. For instance, if your hostname is mail5.example.com, […]

  • how to configure dkim on zimbra

    Just type the following: su – zimbra /opt/zimbra/libexec/zmdkimkeyutil -a -d example.com Then add the output to a txt record in your dns config. Check your configuration using this link: https://mxtoolbox.com/dkim.aspx

  • how to install zimbra on ubuntu 16.04

    Guide for installing zimbra on ubuntu 16.04. If you use clouldflare or another dns service provider you can skip bind part. https://linoxide.com/ubuntu-how-to/setup-zimbra-suite-ubuntu-16/

  • migrate from zimbra to zimbra

    Guide below is tested against zimbra 8.6, 8.7, 8.8. It’s not a full zimbra to zimbra migration, missed some things, but it works to migrating most important stuff. There might also exist some minor bugs, but if you have a basic experience in linux shell you won’t have a problem tweaking commands. There’s also this […]

  • install certbot on ubuntu 16.04

    On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you’ll need to do is apt-get the following packages. $ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache Reference: https://help.ubuntu.com/community/Repositories/Ubuntu#Adding_PPAs

  • protect zimbra from memcached attack

    protect zimbra from memcached attack

    Zimbra uses memcached and if not properly configured could lead to a vulnerable system. If you want to read more on memcached attack read this: https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/ How to resolve this vulnerability in 3 steps: Enable firewall on your server Setup zimbra specific rules Bind memcached to localhost Deny memcached port from localhost Let’s start.

  • centralised vs decentrilised vs distributed

    This is nice short article clarifying the terms centralised, decentrilised and distributed with great examples. https://medium.com/@bbc4468/centralized-vs-decentralized-vs-distributed-41d92d463868

  • remove banned ip from microsoft ban lists

    This works for hotmail.com, live.com, outlook.com and possibly other microsoft related email addresses. Use this form to request removal: http://go.microsoft.com/fwlink/?linkid=614866 Make sure you ‘re registered: https://postmaster.live.com/snds/data.aspx This was an old one and does not seem to work anymore: https://support.live.com/eform.aspx?productKey=edfsmsbl3&ct=eformts&scrx=1 Source: https://answers.microsoft.com/en-us/outlook_com/forum/oemail-osend/hotmailoutlook-blacklist-removal-form/86c71c17-80c9-48e9-b822-1d3678f19673

  • osticket and self-signed-certificates on email server

    This has to do with PHP >= 5.6, where php changed its behavior with self signed certificates.  This has caused osticket users to keep old PHP versions in order to operate with self signed mail servers. But actually the fix is relatively simple: Go to {osTicket directory}/include/pear/Net/SMTP.php line 173 and change this line: ‘ssl’ => array(‘verify_peer_name’ => false) […]

  • rename mysql database using command line

    mysqladmin -u username -p create NEW_DB_NAME mysqldump -u root -pPASSWORD OLD_DB_NAME|mysql -u root -pPASSWORD NEW_DB_NAME

Get In Touch