Posted by I found this useful information from Zimbra forum and Zeta alliance milist. These script will prevent search engine like Google to hide or disallow index Zimbra webmail.
If you type “Zimbra webmail” on Google, you will find a lot of Zimbra webmail from some organizations that indexed by Google.
zmprov mcf +zimbraResponseHeader "Strict-Transport-Security: max-age=31536000; includeSubDomains" zmprov mcf +zimbraResponseHeader "X-XSS-Protection: 1; mode=block" zmprov mcf +zimbraResponseHeader "X-Content-Type-Options: nosniff" zmprov mcf +zimbraResponseHeader "X-Robots-Tag: noindex" zmprov mcf zimbraMailKeepOutWebCrawlers TRUE zmmailboxdctl restart
If you run above script, it will be one method to prevent your Zimbra server from a target 🙂