IF(A73X) {TRUE;}

Open a terminal application or login to your server over the ssh session using ssh command. Open php.ini file using a text editor such as vim command or nano command:

$ sudo nano /etc/php.ini

Find disable_functions and set new list as follows:

# list of function to disable globally #
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

I also recommend to disable allow_url_include and allow_url_fopen for security reasons:

allow_url_fopen=Off
allow_url_include=Off
open_basedir = /var/www:/var/..

Save and close the file. Restart

# service apache2 restart

Login to server as root

$ letsencrypt renew

Change directory to Zimbra Letsecnrpyt SSL folder

# cd /opt/zimbra/ssl/letsencrypt/

Copy new SSL files to Zimbra Letsencrypt folder then change owner to Zimbra.

# cp /etc/letsencrypt/live/yourdomain.com/* .
# chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*

[Read more…]

1. Install the Let’s Encrypt Certbot

# Install Certbot on the linux box
yum install -y certbot
# Generate our first SSL cert. Subsequent certificates will be renewed by our script below
certbot certonly --standalone -d mail.protectigate.com -m [email protected] --agree-tos -n
# Prepare the Zimbra directory for the new certificate
mkdir /opt/zimbra/ssl/letsencrypt

2. Install the Certificate and create the Script for auto-renewal
a. Create script as /root/ssl.sh

#Change work dir to /tmp

cd /tmp

#Renew cert if needed

certbot certonly --standalone -d mail.protectigate.com -m [email protected] --agree-tos -n 

# Stop the nginx Zimbra service

sudo -u zimbra /opt/zimbra/bin/zmproxyctl stop

sudo -u zimbra /opt/zimbra/bin/zmmailboxdctl stop

#Rename existing Zimbra letsencrypt folder and create new

if [[  -e /opt/zimbra/ssl/letsencrypt ]]; then

    mv /opt/zimbra/ssl/letsencrypt  /opt/zimbra/ssl/letsencrypt$(date +'%Y%m%d')

    mkdir /opt/zimbra/ssl/letsencrypt

    chown -R zimbra:zimbra /opt/zimbra/ssl/letsencrypt

 fi

# Copy Let's Encrypt SSL cert into Zimbra SSL dir

/bin/cp -rf /etc/letsencrypt/live/mail.protectigate.com/* /opt/zimbra/ssl/letsencrypt/

#Download the Let's Encrypt root cert

wget https://letsencrypt.org/certs/trustid-x3-root.pem.txt -O /opt/zimbra/ssl/letsencrypt/root.pem

#Merge the root cert into the chain file

cat /opt/zimbra/ssl/letsencrypt/root.pem >> /opt/zimbra/ssl/letsencrypt/chain.pem

[Read more...]


				

Image does not exist: https://www.bleepstatic.com/images/news/ransomware/decryptors/n/nemty/nemty-decrypted-files.jpg
ຜູ້ຊ່ຽວຊານຈາກ Tesorion ໄດ້ສ້າງເຄື່ອງມີຖອດລະຫັດ Ramsomware ທີ່ມີຊື່ Nemty ອອກມາໃຫ້ຟຣີ ຖ້າທ່ານໃດມີບັນຫາກັບ Nemty Ransomware ກໍ່ສາມາດຕິດຕໍ່ຫາທີມ Tesorion CSIRT ເພື່ອຂໍເຄື່ອງມືດັ່ງກ່າວ

Image does not exist: https://i0.wp.com/imanudin.net/wp-content/uploads/2014/09/policyd-groups.jpg?resize=825%2C154

ມີຂັ້ນຕອນດັ່ງນີ້:

1. ເລືອກ Policies > Groups.
2. ໃນ action ເລືອກ add
3.ໃສ່ຄຳວ່າ list_domain ໃນຫ້ອງ Name ສ່ວນໃນຫ້ອງ comment ປະຫວ່າງເປົາ ແລ້ວກົດ Submit Query
4. ກັບຄືນມາລາຍການ ແລ້ວເລືອກ list_domain>Action>Change>ຫ້ອງ Disabled ເລືອກເປັນ no >Submit Query ແລ້ວກັບຄືນ
Image does not exist: https://i0.wp.com/imanudin.net/wp-content/uploads/2014/09/policyd-groups.jpg?resize=825%2C154
5. ເລືອກ list_domain>Action>Add ໃຫ້ໃສ່ຂໍ້ມູນ Name= @domain.com >Submit Query>Back to group #domain ແມ່ນໝາຍເຖິງໂດເມນຂອງທ່ານ
Image does not exist: https://i0.wp.com/imanudin.net/wp-content/uploads/2014/09/policyd-members-groups.jpg?resize=825%2C161
[Read more…]

Image does not exist: http://vavai.net/wp-content/uploads/2014/02/policyd_logo-300×130.png

ມີຂັ້ນຕອນຕິດຕັ້ງດັ່ງນີ້:

1. ເປີດໃຫ້ Policyd ທຳງານ

su - zimbra
zmprov ms `zmhostname` +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicyd
cd       
exit

2.ເປີດໃຊ້ Policyd WebUI ດ້ວຍຜູ້ໃຊ້ root

cd /opt/zimbra/httpd/htdocs/ && ln -s ../../cbpolicyd/share/webui

ຈາກນັ້ນໄປແກ້ໄຂໄຟລ໌ /opt/zimbra/cbpolicyd/share/webui/includes/config.php ແລ້ວເອົາເຄື່ອງໝາຍ “#” ໃສ່ທາງໜ້າ $DB_DSN ແລ້ວເພີ່ມອັນໃໝ່ໃສ່ກ່ອນ $DB_USER ດ້ວຍຂໍ້ມູນລຸ່ມນີ້.
[Read more…]

Image does not exist: https://i2.wp.com/imanudin.net/wp-content/uploads/2014/09/thunderbid-different-identity.jpg?resize=493%2C437

ຖ້າໃຊ້ຮຸ່ນ 8.5 ຂຶ້ນມາເຮັດຕາມຂັ້ນຕອນນີ້ໄດ້:
1. ເຂົ້າໃຊ້ຜູ້ໃຊ້ zimbra

su - zimbra
zmprov mcf zimbraMtaSmtpdSenderLoginMaps proxy:ldap:/opt/zimbra/conf/ldap-slm.cf +zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch

[Read more…]