Extracting email from Zimbra is not all that challenging. These simple steps show you how.
Zimbra is one of the most popular enterprise-class email, calendar, and collaboration solution. It is cloud-based but can also be treated as a standard POP3 mail server. Zimbra offers a web-based interface for users and can be held in a personal or corporate cloud.
Zimbra can be supported with the following specifications.
Cloud Platforms
The following Cloud Platforms are supported:
- Oracle Cloud Infrastructure as a Service New
- VMware vCloud Director
- VMware vCloud Air
- Image editing can be undone (cropping, rotation, etc.)
Virtualization Platforms
The following hypervisors are supported:
- VMware vSphere 4.x
- VMware vSphere 5.x
- XenServer 6.2
- XenServer 6.5
- KVM
Operating Systems
The following Operating Systems are supported:
- Red Hat® Enterprise Linux® 7 (64-bit)
- Red Hat Enterprise Linux 6 (64-bit), patch level 4 or later is required
- Oracle Linux 7.2
- Oracle Linux 6.6
- CentOS Linux® 7 (64-bit)
- CentOS Linux 6 (64-bit), patch level 4 or later is required
- Ubuntu 14.04 LTS Server Edition (64-bit)
- Ubuntu 12.04.4 LTS Server Edition (64-bit) running the saucy (3.11) or later kernel is required
With Zimbra being cloud-based, you do not tackle it for forensics at the server itself. Instead, you can deal with each mail archive separately. This is a great option when the discovery of email processing might be limited to a single custodian.
If you go into Zimbra and select the following options you will be provided with an offline backup of the mail archive associated with that account:
Exporting all account data:
– Go to Preferences>Import/Export
– In Export, select the Type as Account
– Make sure Source displays All folders.
– Click Export.
– In the dialog that opens, select Save File and select where to save the file.
The account data is saved as a tgz file.
The .tgz file is an archive which you can extract and add folders with emails as Email file evidence (E3/Add Evidence/E-mail database/Email file).
There is also an option to convert Zimbra mail files into PST files using 3rd party tools. You can see more details on this option here:
We made the support of Zimbra mail even easier in the 1.7 version of the E3 Platform with a quick parsing of the mail archives.
Related Articles
Making an Investigations Sock Puppet
Transcript Hello and welcome to the next edition of, the Forensic Impact blog. I'm Amber Schroader. I have been off the video blog for a hot minute because I have broken my ankle, as you can see by my scooter. This is the best background I can get going right now. So,...
Empowering Small Businesses: The Significance of Data Governance
Guest Blog Post In today's digitally driven world, data is the lifeblood of businesses, regardless of their size. Small businesses, in particular, stand to gain significantly from harnessing the power of data. This article from Paraben Corporation delves into the...
Customer experience improvements and new features in E3 3.8
When looking for a whole package for technology it is more than just the tool you need to look at it is the company behind it. The 3.8 release of Paraben’s E3 Forensic Platform reminds us of that with a whole new customer download experience incorporated into the E3...
