DOCSLIB.ORG

Protecting Your Zimbra Collaboration Environment Zimbra Security and Privacy White Paper Table of Contents

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Protecting Your Zimbra Collaboration Environment Zimbra Security and Privacy White Paper Table of Contents Protecting Your Zimbra Collaboration Environment Zimbra Security and Privacy White Paper Table of Contents The Zimbra Approach to Security and Data Privacy Open Source Commitment Adherence to Open Standards Flexible, Open Architecture Tour of the Security Life Cycle Identity and Access Management Information Security and Privacy Administration Zimbra Partner Ecosystem MTA-Level Integration Zimlets Conclusion Acronyms Protecting Your Zimbra Collaboration Environment The Zimbra Approach to Security and Data Privacy for improvements to security is no longer an option. Normal modes of businessWith the risecommunication of mobile and have cloud shifted computing, from personal sacrificing computers user experience to mobile devices. With this shift, organizations must update legacy messaging and collaboration systems to better address the changing threat and technology landscape. As a messaging and collaboration platform, Zimbra Collaboration is at the core of business communication, a mission-critical component of the organization’s information infrastructure. Since no two organizations are of any information security and technology program. the same, the need for flexible, extensible software is critical to the success What is open source software? Software licensed with a copyright Collaboration. As organizations look to create comprehensive compliance license compliant with the andThis governance paper explores practices, the native and proactivelysecurity and mitigate privacy maliciousfeatures of activity, Zimbra Zimbra’s approach to security and privacy will help guide evaluations of SoftwareOpen is distributed Source Definition. with its source Zimbra Collaboration as a cornerstone of your information infrastructure. code in a human readable format. Software is developed in an open and Open Source Commitment collaborative way by groups of developers. As a commercial open source vendor, Zimbra offers customers and partners accountability as well as transparency. The open source Source: community reinforces visibility into the software code, while Zimbra Open Software Initiative ensures that the software meets ongoing requirements for deployments within enterprise and service provider infrastructure environments. This security and data privacy. combination results in joint innovation that benefits user experience, Zimbra Collaboration is built on established and trusted open source components, including the Linux file system (message store), Jetty (Web others.server and Each Java draws servlet from container), its own open MariaDB source (database), community, Postfix which (mail further improvestransfer agent), software OpenLDAP quality and (configuration thus software data security. and user directory) and Copyright © 2015 Synacor. All rights reserved. 1 Protecting Your Zimbra Collaboration Environment As an active participant in the open source community, Zimbra contributes code to open source projects. Not only does this give back to the community that provides so much value—it helps Zimbra Collaboration by validating, enhancing and streamlining the architecture through community input. Commitment to open source provides business continuity, which protects your messaging and collaboration technology investment by ensuring that the core product has a strong, diverse and developer-led open source community. Adherence to Open Standards Zimbra Collaboration uses widely adopted industry standards: An open standard is a standard that is • publicly available and has various rights to use associated with it, and may also have • Lightweight Directory Access Protocol (LDAP) various properties of how it was • Secure Sockets Layer/Transport Layer Security (SSL/TLS) designed (e.g. open process) interpretations vary with usage. • Simple Mail Transfer Protocol (SMTP) There is no single definition and • Secure/Multipurpose Internet Mail Extensions (S/MIME) Source: Wikipedia CommitmentSecurity toAssertion standards Markup improves Language interoperability (SAML) 2.0 across mobile, desktop and cloud environments, as well as ensures partners are making users can create their own security and privacy tools or layer in a third- partycalls into solution. a consistent set of APIs. By using open standards, sophisticated Copyright © 2015 Synacor. All rights reserved. 2 Protecting Your Zimbra Collaboration Environment Flexible, Open Architecture Web Client Protocols theirZimbra unique Collaboration information uses infrastructure. a modular architecture Additionally, that the supports use of a flexible, modular HTTPS secure deployments and helps organizations easily fit the software into infrastructure, limiting the need to rip and replace. platform allows organizations to use existing components of their IMAPS/IMAP+STARTTLS POP3S/POP3+STARTTLS Non-Web Client Protocols Non-W eb SMTP Clients Clients LMTP+STARTTLS DNS MTA Components AS/AV MTA Proxy DKIM Proxy DMARC ZCS Components Zimbra ActiveSync External Collaboration Databases LDAP Message Store Server OpenLDAP (ZCS) Zimbra Web Clients (ZWC) APIs Admin UI REST/SOAP/DAV ExtensionsZimlets Copyright © 2015 Synacor. All rights reserved. 3 Protecting Your Zimbra Collaboration Environment Tour of the Security Life Cycle increase the security of the system as a whole, is still considered one of the Defense in depth, the coordinated use of multiple security measures to richbest interfacesapproaches to to administrators, securing your organizationsinformation infrastructure. can dramatically Identity improve and theirinformation security security posture. are central to Zimbra Collaboration, and by exposing Identity and Access Management Identity Lifecycle Management The Lightweight Directory Access Protocol users and their rights and privileges. Zimbra Collaboration leverages a for accessing distributed directory (LDAP) is an Internet protocol nativeThe first step to ensuring organizational security is understanding your data and service models. Lightweight Directory Access Protocol (LDAP) Directory for all services that act in accordance with X.500 Create, Read, Update and Delete (CRUD) functionality related to user Source: administration specific to Zimbra Collaboration. The use of an external LDAP Directory is optional; however, all attributes specific to Zimbra IETF Collaboration are stored and managed through the native LDAP Directory. First-factor Authentication The primary authentication method into mail clients (Zimbra appropriateCollaboration login or third-party) credentials. is When username the native and password. directory isThe leveraged, user all authenticationstore, whether Zimbratakes place Collaboration within Zimbra or external, Collaboration, is used whichto store ships the withZimbra OpenLDAP. Collaboration automatically stores a salted hash of the password. The hash is used for comparison against the entered password’s salted hash, which is then rejected or accepted for login. If an external directory (LDAP or Active Directory) is preferred, the appropriate login credentials can be stored within this external LDAP directory, or similar. Additional attributes, specific to Zimbra Collaboration, are maintained within the native OpenLDAP Directory. Zimbra Collaboration AdministratorFor setting up externalGuide. user stores or customer external authentication, refer to Section 5 (Zimbra LDAP Service) of the Copyright © 2015 Synacor. All rights reserved. 4 Protecting Your Zimbra Collaboration Environment Mobile Device Authentication For certain mobile devices, Zimbra Collaboration can ensure that the device complies with ActiveSync mobile security policies before allowing access. These policies might include timeouts, personal identification entered,numbers the (PINs) device and performs local device a local wipe. wipe. For example, the user must enter a PIN to unlock the device; if a preconfigured number of incorrect PINs are Identity Federation and Single Sign-On (SSO) To help organizations reduce user identity proliferation, Zimbra Federated identity management enables identity information to be Collaboration can be set up as a Relying Party (RP) in a federated identity developed and shared among several ecosystem, as well as streamline the user login process through SSO. entities and across trust domains. Tools and standards permit identity As an RP, Zimbra Collaboration can consume identity assertions from SAML attributes to be transferred from one (including Shibboleth), OAuth and Connect ID Identity Providers (IDP). trusted identifying and authenticating entity to another for authentication, throughThe IDP andto Zimbra Zimbra Collaboration, Collaboration which mutually will authenticate.allow or reject Once access. a secure, trusted connection is established, the IDP will pass an identity assertion authorization and other purposes, thus To reduce friction for users, Zimbra Collaboration can pass through providing “single sign-on” convenience authenticated credentials to connected services that rely on the same identity providers and relying parties. and efficiencies to identified individuals, credentials. To achieve SSO, Zimbra Collaboration uses Kerberos (and an Source: associated Kerberos5 service) or an LDAP pre-authentication key. Zimbra Gartner, Inc. CollaborationFor setting up Administratora Kerberos service Guide or. becoming an RP (custom authentication), refer to Section 5 (Zimbra LDAP Service) of the Two-factor Authentication For organizations looking to augment their security, an additional layer of identity security can be overlaid onto Zimbra Collaboration via
Load more

Recommended publications
  • Exchange Server Is a Microsoft S Messaging D Collaboration System
    What is Exchange Server? Exchange Server is a Microsoft͛s Messaging d collaboration system which provides Industry leading Email, calendaring and unified Messaging Solutions. What are the minimum hardware requirements for Exchange Server 2003? Processor ʹ Pentium 133 MHz Operating System ʹ Windows 2000 SP3 Memory ʹ 256 MB Disk Space ʹ 200 MB for system files and 500 MB where Exchange Server installation. File System ʹ NTFS What are the steps involved in Exchange Server installation? Prerequisites Installation ʹ ASP .Net, IIS, SMTP, NNTP and WWW services Installation Forest Preparation Domain Preparation Exchange Server 2003 Installation What are the differences between Exchange Sever 2003 Standard and Enterprise Editions? Standard Edition : 1 Storage group 2 Database per Storage Group 16 GB Limit per Database. Exchange Cluster is Not Supported. X.400 Connector is not included. Enterprise Edition 4 Storage Group 5 Databases per Storage Group 16 TB or limited to hardware Exchange Clustering is Supported. X.400 Connector is included. 5. What are the main differences between Exchange 5.5 and Exchange 2000/2003? - Exchange 2000 does not uses its own Directory Service as Exchange 5.5 but rely on Active Directory. - Exchange 2000/2003 uses native components of windows (SMTP, NNTP,Asp.net. IIS, W3SVC and many more) for many core functions. - Active/Active Clustering is now supported in Exchange 2000/2003 - It now provided better Conferencing and Instant Messaging Solution. Name a Few Configuration options for Exchange Recipients ? Exchange Recipient parameters are values/attributes which can change exchange recipients message behaviour. 1. MicrosoftExchangeRecipientEmailAddresses: This parameter specifies one or more email address for the same user, maybe internal email associated with external email.
    [Show full text]
  • Vmware Zimbra Collaboration Server Administrator's
    VMware Zimbra Collaboration Server Administrator’s Guide Release 7.1 Open Source Edition May 2011 Legal Notices Copyright ©2005-2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware and Zimbra are registered trademarks or trademarks of VMware, Inc. in the United states and/ or other jurisdiction. All other marks and names mentioned herein may be trademarks of their respective companies. VMware, Inc. 3401 Hillview Avenue Palo Alto, California 94304 USA www.zimbra.com ZCS 7.1 Rev 2 for 7.1.2 July 2011 Table of Contents 1 Introduction . 9 Intended Audience . 9 Available Documentation . 9 Support for Recommended Third-Party Components . 10 Support and Contact Information . 10 2 Product Overview . 11 Core Functionality . 11 Zimbra Components . 13 System Architecture . 13 Zimbra Packages . 15 Zimbra System Directory Tree . 17 Example of a Typical Multi-Server Configuration . 19 3 Zimbra Mailbox Server . 23 Incoming Mail Routing . 23 Disk Layout . 23 Message Store . 24 Data Store. 24 Index Store . 24 Log . 25 4 Zimbra Directory Service. 27 Directory Services Overview . 27 LDAP Hierarchy . 28 Zimbra Schema . 29 Account Authentication . 30 Internal Authentication Mechanism. 30 External LDAP and External Active Directory Authentication Mechanism 30 Custom Authentication - zimbraCustomAuth . 31 Kerberos5 Authentication Mechanism . 33 Zimbra Objects . 33 Company Directory/GAL . 36 Flushing LDAP Cache . 38 Themes and Locales . 38 Accounts, COS, Domains, and Servers . 38 Global Configuration . 39 5 Zimbra MTA. 41 Zimbra MTA Deployment . 41 Postfix Configuration Files .
    [Show full text]
  • Concept of Mail Protocols Format of an Email Email Addressing
    Concept of Mail Protocols Format of an Email Email Addressing A unique addressing system ,has two parts in addressing. Local part defines user mailbox and domain name mention the destination [email protected] Email alias:Create a group email to send email to many people like multicast. Email message fields Here are the meanings of the fields to be filled in when you send an email: ● From: this is your email address; most of the time you will not have to fill in this field, because it is generally set by the email client according to your preferences. ● To: This field is used for the recipient's email address. ● Subject: this is the title that your recipients will see when they want to read the email ● Cc (carbon copy): this allows an email to be send to a large number of people by writing their respective addresses separated by commas ● Bcc (blind carbon copy): This is a Cc, except that the recipient does not see the list of people in the Bcc field ● Message: This is the body of your message Other email functions are: ● Attached Files, Attachments: A file can be attached to an email by specifying its location on the hard drive. ● Signature: If the email client allows it, you are often able to set a signature, meaning a few lines of text which will be added to the end of the document. Email Delivery Queue Unlike ftp/http it is not necessarily to deliver email in real time.Delivery not instantaneous ,It will wait in the queue of outgoing,incoming ,intermediate MTA message queue.
    [Show full text]
  • Exchange Server Fundamentals Every Email Administrator Should Know
    EXCHANGE SERVER FUNDAMENTALS EVERY EMAIL ADMINISTRATOR SHOULD KNOW Read this Guide to get essential knowledge on Exchange Server architecture, Exchange mail flow mechanism, Exchange planning & deployment, Exchange mailbox management, maintenance and more. © Copyright Stellar Information Technology Pvt. Ltd. All Trademarks Acknowledged. www.stellarinfo.com CONTENTS EXECUTIVE SUMMARY 01 WHAT IS EXCHANGE SERVER? 02 HOW DOES EXCHANGE SERVER WORK? 02 EXCHANGE SERVER ARCHITECTURE: AN OVERVIEW 04 EXCHANGE SERVER PLANNING 08 EXCHANGE SERVER DEPLOYMENT 13 MAILBOX SERVER MANAGEMENT IN EXCHANGE 14 EXCHANGE SERVER MAINTENANCE CHECKLIST 16 CLOSING NOTES 19 REFERENCES 19 EXCHANGE SERVER FUNDAMENTALS — GUIDE 00 EXECUTIVE SUMMARY Email is widely used in business communication to facilitate an immediate exchange of messages with a systematic trail across different email platforms. Unlike personal communication, where individuals may also use instant messengers, business communication mostly needs to rely on a “centralized email service” such as on-premises server to allow sending out messages, calendar invites, etc., daily. These email services allow 24x7 exchange of messages and data files among all users with valid email addresses, irrespective of their physical location, email platform, and network. Such global transmission of messages through any network is enabled and managed using a mail server such as Microsoft Exchange Server in the backend. A mail server or Message Transfer Agent (MTA) is a software that uses a communication protocol called Simple Mail Transfer Protocol (SMTP) to transmit the messages to and from other mail servers in the network. An enterprise mail server technology such as Exchange Server allows the frontend users to readily access the emails through an email client such as Microsoft Outlook, a web service, or mobile devices apart from other applications.
    [Show full text]
  • The Qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 Pages)
    < Free Open Study > The qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 pages) This guide begins with a discussion of qmail s history, architecture and features, and then goes into a thorough investigation of the installation and configuration process. Table of Contents The qmail Handbook Introduction Ch apt - Introducing qmail er 1 Ch apt - Installing qmail er 2 Ch apt - Configuring qmail: The Basics er 3 Ch apt - Using qmail er 4 Ch apt - Managing qmail er 5 Ch apt - Troubleshooting qmail er 6 Ch apt - Configuring qmail: Advanced Options er 7 Ch apt - Controlling Junk Mail er 8 Ch apt - Managing Mailing Lists er 9 Ch apt - Serving Mailboxes er 10 Ch apt - Hosting Virtual Domain and Users er 11 Ch apt - Understanding Advanced Topics er 12 Ap pe ndi - How qmail Works x A Ap pe ndi - Related Packages x B Ap pe ndi - How Internet Mail Works x C Ap pe ndi - qmail Features x D Ap pe - Error Messages ndi x E Ap pe - Gotchas ndi x F Index List of Figures List of Tables List of Listings < Free Open Study > < Free Open Study > Back Cover • Provides thorough instruction for installing, configuring, and optimizing qmail • Includes coverage of secure networking, troubleshooting issues, and mailing list administration • Covers what system administrators want to know by concentrating on qmail issues relevant to daily operation • Includes instructions on how to filter spam before it reaches the client The qmail Handbook will guide system and mail administrators of all skill levels through installing, configuring, and maintaining the qmail server.
    [Show full text]
  • ICS 451: Today's Plan
    ICS 451: Today's plan ● email – overview – structure ● protocols: – SMTP – POP – IMAP Email overview ● A mail client is used to prepare and read email – Message User Agent, MUA ● A mail server forwards and stores email – Message Transfer Agent, MTA – providing Message Handling Service, MHS ● Global service providing user-to-user transmission of messages – everything, including multimedia, encoded using 7-bit ASCII Email structure ● Email consists of a header and a body, separated by an empty line – similar to HTTP, but structure visible to user ● Each line in the header has the form field-name: field value – From, To, Subject, Date ● Received fields indicate the path of the message (see book, p. 39) ● Message-id unique for each message MIME ● Multipurpose Internet Mail Extension ● A way to send non-ASCII data across email – non-English text: 江戸 – multimedia: images, sounds, video ● Mime-Version, Content-Type ● Content-Transfer-Encoding: – quoted-printable (=xx is char xx, =3D is =) – base64 (6 bits per character A-Za-z0-9+/) ● padded with = to make multiple of 3 chars – 7bit Email Clients ● Used to prepare email and send it to the first server, and used to read email – local application or webmail ● Once email is composed, sent using Simple Mail Transfer Protocol, SMTP – server may be default server for machine – server may be given by MX record Typical email transmission ● Sender's MUA sends to local MTA (Mail Submission Agent, MSA) ● MSA sends to MTA indicated by MX record ● MTA sends to receiver's local MTA (Mail Delivery Agent, MDA,
    [Show full text]
  • Zimbra™ Collaboration Suite Administrator's Guide
    Zimbra™ Collaboration Suite Administrator’s Guide Release 6.0 Network Edition Rev: July 2010 Legal Notices Copyright 2005-2010 Zimbra. All rights reserved. No part of this document may be reproduced, in whole or in part, without the express written permission of Zimbra. Trademark and Licensing MySQL is a registered trademark of MySQL AB in the United States, the European Union and other countries. OpenLDAP is a registered trademark of the OpenLDAP Foundation. Postfix is copyright © 1999 International Business Machines Corporation and others and it was created by Wietse Venema <[email protected]>. SpamAssassin is a trademark of Deersoft, Inc. This product includes software developed by the Apache Software Foundation (http://www.apache.org/). All other marks are the property of their respective owners. Building Better Products within the Open Source Community Zimbra Collaboration Suite leverages many great technologies from the open source community: MySQL, OpenLDAP, Postfix, SpamAssassin, and Apache. Zimbra believes that great products come from contributing to and leveraging open source technologies. We are thankful for the great contributions that led to the creation of MySQL, OpenLDAP, Postfix, SpamAssassin, and Apache software. Zimbra, a division of VMware, Inc. 3401 Hillview Avenue Palo Alto , California 94304 USA www.Zimbra.com September 2009 - ZCS 6.0 Revised for 6.0.8 July 12, 2010 Table of Contents Chapter 1 Introduction. 11 Intended Audience . 11 Zimbra Collaboration Suite License . 11 Available Documentation . 12 Support for Recommended Third-Party Components . 12 Support and Contact Information . 12 Chapter 2 Product Overview . 15 Core Functionality . 15 Zimbra Components . 17 System Architecture . 17 Zimbra Packages .
    [Show full text]
  • Linux Sendmail Installation/Configuration
    Sendmail Installation & Configuration: (26 Jan 2006) SMTP (Simple Mail Transfer Protocol) Email Primer: An email address: emailId@domainà [email protected] à bms is email Id & iitk.ac.in is domain Mail client: A system from where a sender (person) can send an email using any email client like mail, mh, elm, pine, Netscape messenger, Mozilla, Outlook Express, Eudora, Horde, Squirrelmail etc. Mail host: It is able to decode any address and reroutes the mail within the domain. Relay Host: It manages communication with network outside the domain. If you want a local mail system for your organization then relay host is not required. A good system for relay host is a router to internet. Gateway: It is a system between differing communication networks, like a mail from a Unix user must pass through a gateway to reach a VMS user. Mail Server: A mail storage system. This server keeps all mail boxes in /var/spool/mail (Linux) or /var/mail (Solaris) Standard Practice: Practically only one machine can act as: (Mailhost + MailRelay+ MailServer). Another configuration: Use separate servers for incoming & outgoing mails. Email Address resolution: When email sender sends an email. Destination address will be match with sender’s local aliases kept in .mailrc|.addressbook (pine uses it)|.elm/aliases.text etc. In second step it will try to expand/resolve destination address using local /etc/mail/aliases In third step it will try to expand/resolve the address using NIS aliases (If NIS is running and aliases are kept in NIS database) In fourth step it will use /etc/mail/aliases of mailhost to expand the destination Address.
    [Show full text]
  • Rfc4409.Txt.Pdf
    Network Working Group R. Gellens Request for Comments: 4409 QUALCOMM Obsoletes: 2476 J. Klensin Category: Standards Track April 2006 Message Submission for Mail Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This memo splits message submission from message relay, allowing each service to operate according to its own rules (for security, policy, etc.), and specifies what actions are to be taken by a submission server. Message relay and final delivery are unaffected, and continue to use SMTP over port 25. When conforming to this document, message submission uses the protocol specified here, normally over port 587. This separation of function offers a number of benefits, including the ability to apply specific security or policy requirements. Gellens & Klensin Standards Track [Page 1] RFC 4409 Message Submission for Mail April 2006 Table of Contents 1. Introduction ....................................................3 2. Document Information ............................................4 2.1. Definitions of Terms Used in This Memo .....................4 2.2. Conventions Used in This Document ..........................5 3. Message Submission ..............................................5
    [Show full text]
  • Email Authentication Via Domainkeys Identified Mail (DKIM)
    IronPort Email Authentication W H I T E P A P ER Executive Summary The problems of spam, viruses, phishing and most email denial-of-service attacks can all be traced back to a single common cause – lack of authentication in the email protocol SMTP. TABLE OF CONTENTS 1 Executive Summary This lack of authentication means that a receiving mail server cannot reliably 2 Definitions verify that a particular message is in fact from the sender it purports to be from, making it harder to identify friend from foe. 2 History 3 The Authentication Problem The industry has recognized this shortcoming, and a great deal of effort 4 Sender ID and DomainKeys has been put into developing a new standard that will “overlay” SMTP Identified Mail and provide the sender authentication that is so desperately needed. This 9 Adoption Status paper will present a brief history of how this problem evolved, explore the pluses and minuses of the leading standards proposals, and highlight some 10 Why Authenticate? recommendations. 11 The Solution To Bounce Attacks 11 IronPort Systems’ Adoption Recommendations 12 Appendix D O C R E V 0 2 . 0 8 1 IRONPORT EMAIL AUTHENTICATION WHITE PAPER DEFINITIONS Email nomenclature can be a bit confusing, so it is useful to start with some definitions. An email message has an addressing scheme similar to a postal message: HELO/EHLO: The initial contact command between a sending and a receiving mail server, indicating an SMTP conversation. Envelope sender: The address of the sending mail server; not exposed to the end-user, used for managing bounces.
    [Show full text]
  • Zimbra Collaboration Administrator Guide
    Zimbra Collaboration Administrator Guide Zimbra Collaboration 8.7 Open Source Edition Legal Notices Copyright © 2016 Synacor, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. ZIMBRA is a trademark of Synacor, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies. Synacor, Inc. 40 La Riviere Drive, Suite 300 Buffalo, New York 14202 www.synacor.com Zimbra Collaboration 8.7 April 2016 Table of Contents 1 Introduction . 13 Audience . 13 Third-Party Components . 13 Support and Contact Information . 13 2 Product Overview . 15 Architectural Overview . 15 Core Email, Calendar and Collaboration Functionality . 16 Zimbra Components . 16 Zimbra Application Packages . 17 Mail Flow—Multi-Server Configuration . 19 Zimbra System Directory Tree . 20 Zimbra Web Clients . 22 Security Measures . 23 Identity and Access Management . 23 Information Security and Privacy . 24 System Logs . 24 3 Licensing . 27 License Types . 27 License Requirements . 28 License Usage by Account Type . 28 License Activation . 29 Automatic License Activation . 29 Manual License Activation . 29 When Licenses are not Installed or Activated . 29 Obtain a License . 30 Managing Licenses . 30 License Information . 30 License Expiration . 31 Renewal . 31 Updating Your License . 32 4 Zimbra Mailbox Server . 33 Mailbox Server . 33 Message Store . 33 Data Store . 34 Index Store . 34 Web Application Server . 35 Mailstore Services . 35 User Interface Services . 35 Web Application Server Split . 35 Installation and Configuration of the Web Application Server Split . 35 Mailbox Server Logs . 36 5 Zimbra LDAP Service . .37 LDAP Traffic Flow .
    [Show full text]
  • Deploying the BIG-IP System with SMTP Servers
    IMPORTANT: This guide has been archived. While the content in this guide is still valid for the products and version listed in the document, it is no longer being updated and may refer to F5 or 3rd party products or versions that have reached end-of-life or end-of-support. See https://support.f5.com/csp/article/K11163 for more information. Deploying the BIG-IP System with SMTP servers This document contains guidance on configuring the BIG-IP system version 11.4 and later for most SMTP server implementations, resulting in a secure, fast, and available deployment. This guide shows how to quickly and easily configure the BIG-IP LTM (Local Traffic Manager) and AFM (Advanced Firewall Manager) modules. Products and versions Product Version BIG-IP LTM 11.4 - 13.0 BIG-IP AFM 11.5 - 13.0 SMTP Server Not generally applicable; see the Monitor section for specifics iApp version f5.smtp.v1.0.0rc9 Deployment Guide version 1.9 (see Document Revision History on page 42) Last updated 08-28-2019 Important: Make sure you are using the most recent version of this deployment guide, available at http://f5.com/pdf/deployment-guides/f5-smtp-dg.pdf. To provide feedback about this deployment guide or other F5 solution documents, contact us at [email protected]. For previous versions of this and other guides, see the Deployment guide Archive tab on f5.com: https://f5.com/solutions/deployment-guides/archive-608Archived Contents Terminology 3 Supported Configurations 3 Initial configuration tasks 5 Importing SSL certificates 5 SNAT Pool considerations and configuration
    [Show full text]