In this article, you will learn how to set up Email retraction for Zimbra. For SorbSecurity Cloud Email Security(SCES) to be able to retract emails from Zimbra mailboxes, you need to create a PreAuth Key on Zimbra.
What is PreAuth?
Preauth stands for pre-authentication, and is a mechanism to enable a trusted third party to “vouch” for a user’s identity. For example, if a user has already signed into a portal and wants to enter the mail application, they should not have to be prompted again for their password.
This can be accomplished by having the mail link they click on in the portal construct a special URL and redirect the user to the Zimbra server, which will then verify the data passed in the URL and create authentication token (the standard mechanism within Zimbra to identify users), save it in a cookie, and redirect the user to the mail app.
Preparing a domain for PreAuth
In order for preauth to be enabled for a domain, you need to run the zmprov command and create a key:
zmprov generateDomainPreAuthKey domain.com preAuthKey: 4e2816f16c44fab20ecdee39fb850c3b0bb54d03f1d8e073aaea376a4f407f0c Note: Replace "domain.com" with the customer's production domain matches the domain on SCES. The PreAuth Key is the per domain key.
For more information about PreAuth Key, please refer to Zimbra WiKi.
To get SOAP URL, please refer to ZMSOAP.
Now, we can configure it on SCES Admin Portal,
1. Login to SCES Admin Portal and go to Administration -> Threat Remediation as shown below,
2. Fill out the SOAP URL and the key created on Zimbra, save in each field.
You are done configuration. Now, you are able to do the additional action on the delivered emails at Message Trace -> Mail Query page.
3. Secure Zimbra SOAP URL
SorbSecurity will only use the documented network resource to access Zimbra SOAP. We highly recommend you to allow the connections from these known source and reject the rest on the firewall or any ACL system in the middle. (SorbSecurity Network)