Hello,
Previous sysadmin left the company and now I have inherited an installation of Zimbra 8.7.0... yes, 8.7.0... I know: cve-2019-9670 vulnerability in http/s and IMAP... and now its impossible to find 8.7.11 and patches because zimbra removed open source edition downloads... So I planning to migrate ASAP to something similar to zimbra, and I think carbonio is a good match because is using all the legacy of zimbra.
I have a very minimal configuration: single server and its being in use only with IMAP ( and being vulnerable with this, which made me full anxious ), POP and SMTP in public network, and webmail only in internal network.
I want to install carbonio in the same way, but the documentation says that single servers are not supported anymore, the tutorial is a five node installation... but that is too much for my requeriments... It's possible to install only in two node? somethinng like SRV1: PostgreSQL, DB connection, provided by pgpool, Directory Server, Carbonio Mesh, Carbonio Monitoring, Carbonio Advanced (AppServer) and SRV2: MTA, the mail server, Proxy, User management or maybe moving the appserver role to SRV2?
Apart from that, guys, can you tell me if lateral movement is possible with cve-2019-9670? as this is a 5 year old vulnerability I'm afraid that hackers can have better knowledge of the network than me 😖 😖 😖
any of you deal with this cve in the past? any recommendation is more than welcomed.
i'm using this to know about the cve: https://lorenzo.mile.si/zimbra-cve-2019-9670-being-actively-exploited-how-to-clean-the-zmcat-infection/961/
Hi,
You know that you can use virtualization to match the "5 server scenario", right? For instance using proxmox and create 5 vms? Do you have server resources?
contact if you need some help
Regards
So... yes you can have Carbonio in one single-server.... I do and it works great.
1 - this is the guide to have it
2 - You may consider using my migration tool Z2C available here
Anyway I'll suggest you to install Proxmox and create a VM in there so you can have spanshots available in case things doesn't work well after upgrades. remember to leave 15% of the disk unused to allow snapshots to be done.
Wish you the best of luck!
Hi,
You know that you can use virtualization to match the "5 server scenario", right? For instance using proxmox and create 5 vms? Do you have server resources?
contact if you need some help
Regards
I'm using virtualization right now, but we are very tight on resources, specially on hard disk 🙄
So... yes you can have Carbonio in one single-server.... I do and it works great.
1 - this is the guide to have it
2 - You may consider using my migration tool Z2C available here
Anyway I'll suggest you to install Proxmox and create a VM in there so you can have spanshots available in case things doesn't work well after upgrades. remember to leave 15% of the disk unused to allow snapshots to be done.
Wish you the best of luck!
as is stated here: https://docs.zextras.com/carbonio/html/upgrade.html
Starting with version 23.6, the Single-Server installation of Carbonio is not supported anymore. If you have a Single-Server Installation, you must add a few Nodes to your installation and redistribute the Roles on them, to ensure you continue to productively use Carbonio.
I don't want to be outside requeriments from all the support the forum can give... another guy was running on almalinux and was left without help because almalinux is not a supported OS... I think it will be the same for me in single server installation... but also I don't know either if I will have help if i'm running a two nodes installation...