[Users] Mail spoofing vulnerability Zimbra 8.7.11 / 8.8 bugzilla 108709

Barry de Graaff info at barrydegraaff.tk
Mon Dec 11 17:33:16 CET 2017 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello All,

Please note:
 Mail spoofing vulnerability Zimbra 8.7.11 / 8.8 bugzilla 108709

Details:
 - - Bug 108709 - ZWC affected by Mailsploit due to default zimbraPrefShortEmailAddress TRUE since ZCS 7.0
  https://bugzilla.zimbra.com/show_bug.cgi?id=108709

You can enforce the safe setting by deploying:
https://github.com/Zimbra-Community/spoofing-and-phishing-alert-zimlet

Here is an example of the wrong setting:
https://zetalliance.org/nextcloud/index.php/s/eFaCfwfudwZ6n3G

So in short, the Zimbra UI is aware of the utf-8, but the default setting does
not show the correct address, and thus allows for spoofing.

Kind regards,

Barry de Graaff
Zeta Alliance
Co-founder & Developer
zetalliance.org | github.com/Zimbra-Community

+31 617 220 227 | skype: barrydegraaff.tk
Fingerprint: 97f4694a1d9aedad012533db725ddd156d36a2d0

 - ----- Forwarded Message -----
From: "Phil Pearl" <phil.pearl at synacor.com>
To: "Barry de Graaff" <info at barrydegraaff.tk>
Cc: "security" <security at zimbra.com>, "Jorge De La Cruz" <jorge.delacruz at synacor.com>, "Adam Cody" <ajcody at zetalliance.org>
Sent: Monday, December 11, 2017 5:25:11 PM
Subject: Re: mails spoofing vulnerability Zimbra 8.7.11

Hi Barry,

You should be able to track this bug:

 - - Bug 108709 - ZWC affected by Mailsploit due to default zimbraPrefShortEmailAddress TRUE since ZCS 7.0
  https://bugzilla.zimbra.com/show_bug.cgi?id=108709

Phil

 - ----- Original Message -----
From: "Barry de Graaff" <info at barrydegraaff.tk>
To: "Phil Pearl" <phil.pearl at synacor.com>
Sent: Monday, December 11, 2017 7:45:54 AM
Subject: Re: mails spoofing vulnerability Zimbra 8.7.11

Hello Phil,

Do you have a bug number for me, so I can track it in the release notes.

Thanks!

Kind regards,

Barry de Graaff
Zeta Alliance
Co-founder & Developer
zetalliance.org | github.com/Zimbra-Community

+31 617 220 227 | skype: barrydegraaff.tk
Fingerprint: 97f4694a1d9aedad012533db725ddd156d36a2d0



This message and any attachment may contain information that is confidential and/or proprietary. Any use, disclosure, copying, storing, or distribution of this e-mail or any attached file by anyone other than the intended recipient is strictly prohibited. If you have received this message in error, please notify the sender by reply email and delete the message and any attachments. Thank you.
-----BEGIN PGP SIGNATURE-----
Version: OpenPGP.js v2.5.12
Comment: https://openpgpjs.org

wkYEAREIABAFAlous0YJEHJd3RVtNqLQAABpFQCfQ47hxNhoy+N2q0PiSKh+
ujgnBq0An0MMt7syYlqE+F1t5fhfOjq4tcrf
=6QfR
-----END PGP SIGNATURE-----

More information about the Users mailing list