UserOnline

, 5 Guests,

Archives

Print This Post Print This Post

WordPress 3.0.3 released today

This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.

These issues only affect sites that have remote publishing enabled.

Remote publishing is disabled by default, but you may have enabled it to use a remote publishing client such as one of the WordPress mobile apps. Fixes issues in the XML-RPC remote publishing interface which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish or delete posts.  I have already upgrade my blog but I have remote publishing turned off.  You can turn it off by unchecking the Atom and xml-rc check boxes by going to Settings and selecting Writing.

You can read more about the problem by reading the WordPress trac post at http://core.trac.wordpress.org/changeset/16803.

List of Files Revised

wp-includes/version.php
xmlrpc.php
readme.html
wp-admin/includes/update-core.php
Print This Post Print This Post

Email and more with Zimbra

I was trying to replace my current email system with something that had more use than just email. So in my research I found Zimbra and it is truly a great piece of software. It is owned by Vmware and has several different versions out there to include a community version that is free to use. The current version is 6.0.9 and installs on several operating systems:

6.0.9 GA Release Platforms

  • Red Hat Enterprise Linux 5 64bit x86 32bit x86
  • Red Hat Enterprise Linux 4 64bit x86 32bit x86
  • Ubuntu 10.04 LTS 64bit x86
  • Ubuntu 8.04 LTS 64bit x86 32bit x86
  • Ubuntu 6.06 LTS 64bit x86 32bit x86
  • SUSE Linux Enterprise Server 11 64bit x86
  • SUSE Linux Enterprise Server 10 64bit x86 32bit x86
  • Debian 5 64bit x86 32bit x86
  • Debian 4 32bit x86
  • Fedora 11 64bit x86 32bit x86
  • Fedora 7 32bit x86
  • Source Code Building Zimbra using Perforce GNR-609

Core Functionality

The Zimbra Collaboration Suite is an innovative messaging and collaboration application that offers the following state-of-the-art messaging and collaboration solutions:

Email
Group Calendars
Address Books
Task Management
Web document management and authoring.

The core functionality within ZCS is as follows:

Mail delivery and storage
Indexing of mail messages upon delivery
Mailbox server logging
IMAP and POP support
Directory services
Anti-spam protection
Anti-virus protection

Administrators can easily manage domains, servers, and accounts from the browser based administration console.

Manage classes of service
Add accounts and domains
Set account restrictions either for an individual account or by COS
Create and edit distribution lists
Import Microsoft Exchange user accounts
Set up virtual hosts on a domain
Manage servers
View and manage system status
Monitor usage

Zimbra offers two browser based web clients, Advanced Zimbra Web Client that offers a state-of-the-art Ajax web client; and Standard Zimbra Web Client as an HTML client. Some of the features that can be found in the web client include:

Compose, read, reply, forward, and use other standard mail features
View mail by conversation threads
Tag mail to easily group messages for quick reference
Perform advanced searches
Save searches
Use Calendar to schedule appointments
Share calendar, email folders, address book lists with others
Create address books and share with others
Set mailbox usage preferences, including defining mail filtering options
Use ZCS Documents to create, organize and share web documents
Use the Tasks feature to create to-do lists and manage tasks through to completion.

I installed it on Fedora 11 32bit because that is the only compatible version I had. The install comes as a simple TGZ compressed file and installation is a breeze. You simply uncompress it and run the install.sh script. This will run you through several questions about the system you are installing the software on. One important thing to mention is that you need to have the hostname and IP address for the server configured correctly in the /etc/hosts file. You will still get an error when it searches for MX records for the host name in DNS however you will be fine. The install will continue through several step and then come to a text based menu that lets you configure several option to include the administrator password. Insure you set the password here, I didn’t the first time and had to rerun the configuration so I could set the password for access to the administrator web interface.

The web interface is really nice when you use the Ajax interface, but you can also use a mobile or HTML interfaces as well. Here are some pics of the web interfaces.

Ajax

HTML

Mobile

There is also a Zimbra Desktop client allows you to sync the online and offline worlds, storing and synching your email, calendar, contacts, files and documents in the cloud, yet having them locally accessible when on the road. Zimbra Desktop aggregates information across accounts and social networks to help make communicating & sharing information easier than ever. The desktop application look similar to Outlook, here is a pic of the desktop app.

The Administrator web interface is looks just as nice as the webmail and can be accessed through the admin Webmail. Here is a pic of the admin web interface.

You can setup user accounts and all of the information for the user very easily. There is also settings for the account Aliases, distro lists, domain information, and all kinds of server settings. You can also check a number of monitors to include server status for what services are up and running, server statistics in a graph format and mail queries for account access. Another part is Zimlets configuration. This allows you to select what Zimlets can be used by the users.

ZIMLETS

There are quite a few Zimlets out there and they add all kinds of extra abilities to Zimbra. They can be viewed at http://gallery.zimbra.com/. There are Zimlets that allow for popup notification, Google translation for emails, appointment summaries, and Yahoo maps to add to emails. Several other allow for Holidays to be added to your calendar, and even add Social networks to your webmail interface. There are tons, just check them out.

Other Features

Some of the features of the webmail interface is the calendar that is full of features. It allows you to keep track of all of your appointments and share your calendar with other user accounts. In the moth view of the calendar you can click on the day and it will enlarge the day into a box that can be scrolled through and check appointments by hours of the day. You can also create basic text documents using the document feature and save them to the server and share them with others as well. The last feature I really like is the IM feature, here is a pic.

You can have it automatically sign in when you log into Webmail. You can also use SSL you allow for secure communication between users. It also has all of the emotions and statues such as online, busy, and offline. You can also access transcripts of the conversations so you can look back on earlier conversations. For me I like the fact that the info is stored on my server and not on a server I have no control over.

Zimbra CLI commands

I am only going to cover commands that I used.

ZMCONTROL

  • Allows you to check service status and start and stop services.
  • Switches
  1. -v Displays ZCS software version.
  2. -h Displays the usage options for this command.
  3. -H Host name (localhost).
  4. maintenance Toggle maintenance mode.
  5. restart Restarts all services and manager on this host.
  6. shutdown Shutdown all services and manager on this host. When the manager is
  7. shutdown, you cannot query that status.
  8. start Startup manager and all services on this host.
  9. startup Startup manager and all services on this host.
  10. status Returns services information for the named host.
  11. stop Stop all services but leaves the manager running.

Zmtlsctl

This command is used to set the Web server zimbraMailMode to the communication protocol options: HTTP, HTTPS, Mixed, Both and Redirect. I like this to allow for use of SSL when logging in and http for usage.

  • HTTP. HTTP only, the user would browse to http://zimbra.domain.com.
  • HTTPS. HTTPS only, the user would browse to https:/zimbra.domain.com.  http:// is denied.
  • Mixed If the user goes to http:// it will switch to https:// for the login only, then will revert to http:// for normal session traffic. If the user browses to https://, then the user will stay https://
  • Both A user can go to http:// or https:// and will keep that mode for the entire session.
  • zmmailbox help filter help on filter-related commands
  • zmmailbox help folder help on folder-related commands
  • zmmailbox help item help on item-related commands
  • zmmailbox help message help on message-related commands
  • zmmailbox help misc help on miscellaneous commands
  • zmmailbox help permission help on permission commands
  • zmmailbox help search help on search-related commands
  • zmmailbox help tag help on tag-related commands
  • Redirect Like mixed if the user goes to http:// it will switch to https:// but they will stay https:// for their entire session.

ZMMYPASSWD

zmmypasswd [–root] <new_password>.

ZMPROV

This is only a few due to the sear number of switches this command has. But this command can be used to add account to the Zimbra server. You can go here to get all of the switches http://wiki.zimbra.com/wiki/Zmprov .

zmprov [cmd] [argument]

The following objects use this syntax:

  • ModifyAccount
  • ModifyDomain
  • ModifyCos
  • ModifyServer
  • ModifyConfig
  • ModifyDistributionList
  • ModifyCalendarResource

You can look up the CLI commands in the Zimbra Administrator Guide in Appendex A.

All in all this is a very good collaboration suite that has an open source version that can be used by everyone. There are a few versions.

ZCS Open Source
ZCS Appliance Basic (100 users) and Standard (1000 usres)
ZCS Networks Starter (15 users), Standard, and Pro (license what you need)

Each version has different features, such as the access for mobile devices is in the Network edition and that you have to keep the Zimbra emblems on the webmail for the Open Source edition according to the user license. I am currently working on switching over to Zimbra and will post any problems that I have with the transition. If you want to try it out just go to the Zimbra website and you can do an online test run to check out some of the features and function of Zimbra. I am sure you will like it.

Print This Post Print This Post

WordPress 3.0.2 mandatory security update

This is a mandatory security update for all previous WordPress versions.

This maintenance release fixes a moderate security issue where a malicious Author-level user could gain further access to the site. This release also addresses a handful of bugs, and provides some additional security enhancements.

Summary

  • Fix moderate security issue where a malicious Author-level user could gain further access to the site.

Other bugs and security hardening:

  • Remove pingback/trackback blogroll whitelisting feature as it can easily be abused.
  • Fix canonical redirection for permalinks containing %category% with nested categories and paging.
  • Fix occasional irrelevant error messages on plugin activation.
  • Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin.
  • Clarify the license in the readme
  • Multisite: Fix the delete_user meta capability
  • Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins
  • Multisite: Fix ms-files.php content type headers when requesting a URL with a query string
  • Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs

List of Files Revised

wp-includes/ms-files.php
wp-includes/version.php
wp-includes/comment.php
wp-includes/functions.php
wp-includes/load.php
wp-includes/canonical.php
wp-includes/capabilities.php
readme.html
wp-admin/includes/plugin.php
wp-admin/includes/file.php
wp-admin/includes/update-core.php
wp-admin/plugins.php
Page 19 of 49« First...10...1718192021...3040...Last »