Friday, May 17, 2013

Sharing Files With Employees Via Email

I have been unhooking the last bits of software applications that were connected to Evolution and making them work with Zimbra.  I finished all of the places that allowed users to "attach" a file with the drag and drop technique described a few blogs ago.  Next up was the feature that allowed them to create a file:// link inside of their email.  This was used in order to try and get people to "share" files and not send multiple copies of the same file around the network via email.  We're all on the same server, so there isn't ever really a need to send a file to another user inside the's already here and centralized.  But many people still are thinking in terms of a PC or USB sticks and feel like that's how you get files from one person to another.

The file:// link was available inside of Evolution, but is now considered an exploit and not really used in browsers anymore.  We wanted to replace the functionality however, so I found a solution and it's being tested.  I created a new MIME type for files that end with '.lnk" inside of Firefox.   Inside of this file is the path to a file located internally.  The user is then able to open these linked/shared files without physically sending a copy.  This too is very quota friendly.

When users double-click on the file, the normal MIME UI appears.  The option circled in green is "Share Via Zimbra"

 Using the same UI that was used to solve the LibreOffice temp file issue (described two blogs ago), a link symbol appears.  User drags this into their composer window and a .lnk file is attached.

The recipient then clicks on the .lnk file and a box appears alerting them that a file has been shared, and then once opened the appropriate helper application (Evince, Acrobat Reader, LibreOffice, EOG, GIMP) opens based on the file type.  I also have circled the new MIME type as it appears in Firefox.

I am logging when users perform this step and it's already being used around the City.  This seems to be the simplest way to solve this problem, and hopefully will get more people to begin sharing files until we can move in the direction of a proper document management system.

Tuesday, May 14, 2013

Firefox 21 Changed Plugins Folder

Today was the day to install patches for Firefox and the various plugins, and at first I couldn't get Firefox to see the plugins at all.  It turns out they moved the folder and it's not really well documented, and doesn't seem to be in the release notes.  Maybe publishing the fix will help someone.  Seems like this is going to really break things on distros if users upgrade.

Previously plugins on a multi-user server were in


Now they are stored in


Tuesday, May 07, 2013


I just looked and my last blog was March 27th; The last 1+ month has been very busy.  Not a lot of things took place that warranted screenshots or R&D updates.  OpenLDAP and Zimbra deployments both occurred and took most of my time.  Status updates:

The change to centralized passwords went off very well.  During my prep work, I created a "Password Sandbox" application that allows you to test various passwords before actually making the change.  This proved to be very popular and effective.  Part of my time was then allocated monitoring all 800 of our users to ensure they all changed their passwords and sending out daily status reports to work on 100% completion.  It's now all done and our passwords have been hardened to current metrics.

Support Portal Application
I have been putting in some patches and features for our support staff.  They could see at a glance users with passwords that still had not been changed, and made it easier to create and upload LDIF records.  We've reached a milestone with this functionality where it's very simple to create new employees in LDAP.  We also can now auto-provision new people in the Zimbra post office with just a single click.  Within 10 minutes of checking the button, the user has email.

LDAP Sync To Zimbra.
Zimbra auto provisions email accounts, and I wrote a small python script that runs at 1am to push any updates that occur from OpenLDAP to Zimbra.  Phone numbers and job titles change, and all of this information is now synced.  Support staff only has to change the information in one place, saving us time.

Zimbra Is Live
After a long ramp up time of testing, we put Zimbra live and it replaced Evolution/Groupwise.  It was kind of sad to move away from Evolution, but unfortunately we just could not get bug fixes from Novell/Suse under our support contract in a timely manner.  Zimbra was deployed with virtually no problems.  We built one server and have about 250 concurrent connections via the web interface and then an equal number of connections from mail-notification(IMAP) on the lower panel to alert them of new messages for a total of 500+ connections.  Zimbra is flying and you can barely notice the difference with a full load.  Fast and crisp.

In the past our server which provided Firefox would have about 100 concurrent users, now that users are accessing email from a browser this has jumped to about 250.  The server took this load without a hiccup and is working very well.  With 100 concurrent the machine would be about 10% busy and now it's running about 15%.  We scaled this machine with the expectation of greatly increased Firefox loads and it's working like a champ.

And The One GOTCHA
There is always one, right? :)  LibreOffice (and OpenOffice) have features embedded in various places to hand off the current document, or the current document converted to another format directly to your email software.  This is a great feature because it eliminates the need for users to convert to other formats prior to sending to outside.  A document can be created in ODT format and retained here in that manner, and then converted to DOC on the fly...and the DOC is never saved to the local file system.  In case you didn't know it did this, here is where the magic happens:

Now the bad part, it basically does a mailto: to your email client and uses &attach which it turns out is not officially in the RFC and is only available in certain email software...including Evolution.  But many/most web based email software does not allow or support it.  I can certainly see that this could be a bad exploit.  Someone could create a mailto tag that requests files of an unsuspecting users desktop. 

You cannot just tell users to drag and drop the file out of Nautilus because in many cases, it's generated as a temp file and is never saved for them to be able to find.  You can't expect them to open Nautilus in /tmp and *maybe* find their file out of the hundreds of other temp files from the day.  Clunky to say the least.

Zimbra supports HTML 5 drag and drop reception, so I worked up a prototype idea.  Jasper and Federico were so kind to help me with the drag-and-drop mechanics of GTK and we're testing this concept now.  When a temp file is generated and needs to be attached to email from LibreOffice (and other applications if it pans out)...a popup window appears on the left edge with a thumbnail of the document.  The end user can then grab the document and drag it into their composer window.  In the shot below, user has selected the option to "Email as PDF" and the popup appears with thumbnail and Zimbra composer window opens (PURPLE).  The user then drags the file into the composer (RED). 

In the coming days, I'll be testing this concept and soliciting user feedback.  If it seems to be working, I'll connect it to the rest of our applications that previously auto-attached files to Evolution. 

Next up for me is creating LDAP groups and then getting Alfresco to auto-provision users and put people into those groups.  We're at the breaking point around here of maintaining documents only on a file system and are in need of a management system.  We'll be pilot testing this in IT to see how it works.

Other issues: 64bit HP thin client is sitting here for me to test, various portal changes have been requested, continued Zimbra troubleshooting and support, various Java/Flash/Firefox upgrades.