Robin's Friends' blogs

The important role of the Zarafa community in Zarafa’s business model

April 22, 2015 by Felix Bartels  

With more details on future software development and a transition path for community users
Over the last 7 years Zarafa has made significant steps in establishing an ecosystem with partners, customers, community members and others. We’ve got a lot of energy of building an ecosystem together with you. At the same time Zarafa has been in a split between open source and close source components, where we were not able to unleash full potential in development and ‘distro’ adoption... Read full post

pam_mapi supports Zarafa 7.2

March 21, 2015 by Robert Scheck   Comments (0)

, , , , ,

I am happy to announce that my pam_mapi supports Zarafa 7.2 starting with version 0.2.1. At the same time I am very sorry that this update did not happen before the final release but Zarafa unfortunately broke their own rules for compliance for integrations (mentioned on their old website) by simply not publishing a release candidate (RC) of Zarafa 7.2 but directly the final after the second beta (and no, beta and release candidate are definately not the same).
Some frequently asked questions... Read full post

Zarafa Collaboration Platform vs. SSLv3/POODLE vulnerability

October 15, 2014 by Robert Scheck   Comments (0)

, , , , , ,

The press already wrote about it: Bodo Möller, Thai Duong and Krzysztof Kotowicz from the Google Security Team discovered a design vulnerability in SSLv3 also known as "POODLE". I would like to try to answer some questions that popped up today regarding Zarafa and POODLE.
Important: Even the vulnerability seems to only affect HTTPS, it might (!) apply to other protocols/services as well (if an attacker has control over the packets that also contain secret data), thus Zarafa might be... Read full post

pam_mapi supports Zarafa's feature management

July 1, 2014 by Robert Scheck   Comments (0)

, , , , ,

About 2.5 years ago I presented the first public version of pam_mapi. If you don't know pam_mapi, please have a look to my project.
Today I am happy to announce pam_mapi 0.2.0 - which is supporting Zarafa's feature management. What does this mean? Since Zarafa 7.0.0 some features can be enabled and disabled on a per-user basis. If e.g. IMAP is disabled for a specific user any IMAP login will fail. More about this can be read in the Zarafa documentation, section "8.7. Zarafa Feature... Read full post

iOS 7 meeting request hijacking

November 11, 2013 by Sebastian   Comments (0)

, , , ,

Hello all,
in the last weeks we had several reports that using iOS 7, an issue, which iOS presented last year, came back. It is the so called "Meeting organizer hijacking" bug. It means that a meeting attendee suddenly turns into the meeting organizer and is able to send updates and cancellations to the other attendees.The original issue was caused by iOS 6. You can read all about it on the Zarafa technical... Read full post

Final buildnumers sometimes other then latest Beta

January 3, 2013 by Remon van Gijn   Comments (0)

, , , ,

At times from internal or external people we get the question why the build numbers deviate between the latest build and the latest beta.It would be good and pure practice to only promote released Beta's to Finals, from a release perspective. But on the other hand releasing a Beta + the usual grease period would again mean a delay for usage of the large amount of fixes in the release being deployed. And what is it we change after a beta that causes the rebuild?Being a progressive company, and... Read full post

Securing WebApp

December 13, 2012 by Ivo Timmermans   Comments (2)

, , ,

While we take care that the WebApp contains no programming flaws that can reduce security, there are a few things that you, as system administrator, can do to improve security. The most obvious one is to only allow access to WebApp when using SSL, but there is more. For this article, we will assume that you serve WebApp using Apache, but other HTTP servers have similar options.

Use TLS/SSL, get an official certificate
Anyone knows you should use SSL, and of course you can run a web server... Read full post

Zarafa client update for the 7.0.x and 7.1.x ZCP versions with Outlook 2010

November 14, 2012 by Remon van Gijn   Comments (0)

, , ,

Zarafa has released a Zarafa client update for the 7.0.x and 7.1.x production versions in response to the public push by Microsoft of the Outlook 2010 update KB2687623.
 As a result the extra collaboration features are restored and new functionality has become available. After application of the new Zarafa client, the freebusy information of stores that a user has no direct read access to is available for the purpose of planning meetings. Also various stability and performance... Read full post

Z-Push 2.0.5 has been built at RPM Fusion

November 9, 2012 by Robert Scheck   Comments (0)

, , , ,

Hello everybody,
Z-Push 2.0.5 has been built at RPM Fusion for Fedora Rawhide, 18, 17, 16 as well as for Red Hat Enterprise Linux 6 and 5 - and should be pushed to the testing updates repository within the next days at latest.
Important: This is a major update, where manual work is involved. This is necessary, because the Z-Push 1.5.x series will reach end-of-lifetime with the end of this year. Please read carefully how the paths changed and how to upgrade correctly!
The packaging has been... Read full post

iOS 6 meeting 'hijacking' and Z-Push 2.0.5 RC release

October 18, 2012 by Sebastian   Comments (0)

, , , , , ,

Yesterday we posted a technical blog post about the iOS 6 meeting 'hijacking' issue. Using iOS 6 in some cases an attendee can "take over" a meeting and send meeting cancellations to all other attendees. Read the full story at the Zarafa technical blog.
We have just released Z-Push 2.0.5 RC which contains a fix for this (and other) issues. Get the full details about this release here.
Your feedback and thoughts are very much appreciated.