Extracting email from Zimbra is not all that challenging.  These simple steps show you how.

Zimbra is one of the most popular enterprise-class email, calendar, and collaboration solution. It is cloud-based but can also be treated as a standard POP3 mail server. Zimbra offers a web-based interface for users and can be held in a personal or corporate cloud.

Zimbra can be supported with the following specifications.

Cloud Platforms

The following Cloud Platforms are supported:

• Oracle Cloud Infrastructure as a Service New
• VMware vCloud Director
• VMware vCloud Air
• Image editing can be undone (cropping, rotation, etc.)

Virtualization Platforms

The following hypervisors are supported:

• VMware vSphere 4.x
• VMware vSphere 5.x
• XenServer 6.2
• XenServer 6.5
• KVM

Operating Systems

The following Operating Systems are supported:

• Red Hat® Enterprise Linux® 7 (64-bit)
• Red Hat Enterprise Linux 6 (64-bit), patch level 4 or later is required
• Oracle Linux 7.2
• Oracle Linux 6.6
• CentOS Linux® 7 (64-bit)
• CentOS Linux 6 (64-bit), patch level 4 or later is required
• Ubuntu 14.04 LTS Server Edition (64-bit)
• Ubuntu 12.04.4 LTS Server Edition (64-bit) running the saucy (3.11) or later kernel is required

With Zimbra being cloud-based, you do not tackle it for forensics at the server itself. Instead, you can deal with each mail archive separately. This is a great option when the discovery of email processing might be limited to a single custodian.

If you go into Zimbra and select the following options you will be provided with an offline backup of the mail archive associated with that account:

Exporting all account data:

– Go to Preferences>Import/Export

– In Export, select the Type as Account

– Make sure Source displays All folders.

– Click Export.

– In the dialog that opens, select Save File and select where to save the file.

The account data is saved as a tgz file.

The .tgz file is an archive which you can extract and add folders with emails as Email file evidence (E3/Add Evidence/E-mail database/Email file).

There is also an option to convert Zimbra mail files into PST files using 3rd party tools. You can see more details on this option here:

https://zimbra.org/extend/items/view/how-to-convert-zimbra-emails-in-outlook-with-zimbra-to-pst-third-party-tool

We made the support of Zimbra mail even easier in the 1.7 version of the E3 Platform with a quick parsing of the mail archives.