SecureConfiguration
- This is certified documentation and is protected for editing by Zimbra Employees & Moderators only.
Article Information |
---|
This article applies to the following ZCS versions. |
Best-Practice Recommendations for a Secure Zimbra Configuration
The following recommendations are provided to ensure a best-practice security configuration. This includes the following:
- Require encrypted logins
- Requiring secure interprocess communications
Encrypted Logins
1. HTTPS
zmprov gs `zmhostname` zimbraMailClearTextPasswordEnabled zmprov ms `zmhostname` zimbraMailClearTextPasswordEnabled FALSE
2. IMAP4-SSL
zmprov gs `zmhostname` zimbraImapCleartextLoginEnabled zmprov ms `zmhostname` zimbraImapCleartextLoginEnabled FALSE
3. POP3-SSL
zmprov gs `zmhostname` zimbraPop3CleartextLoginEnabled zmprov ms `zmhostname` zimbraPop3CleartextLoginEnabled FALSE
Header 2
Text