Production system of Zimbra (v 3.1.2 on 2.6.15_FC5). Yes, for an open source product I realize the version is old and running on a non-supported OS.
But if you can get past that this system has run relatively fine for this company's needs for over 1.5 years. On occasion there has been a build up of messages in the Active/Deferred queues. I handled these by putting them in Hold then restarting all zimbra services (/etc/init.d/zimbra stop|start). Sometimes I'd need to delete something that kept going into the deferred queue. I wasn't sure why the symptoms occured or the *solution* worked but it did.
Until now that is. Messages are piling up in the Active/Deferred queue and no matter what I have tried they just won't process.
Doing a postqueue -p reveals a lot of messages that say "spam_scan FAILED: timed out (in reply to end of DATA command)".
Tailing the zimbra.log shows things such as:
NOQUEUE: reject: RCPT from unknown[126.96.36.199]: 550 <former.user>@<ourcompany.com>: Recipient address rejected: <ourcompany.com>; from=<email@example.com> to=<former.user>@<ourcompany.com> proto=ESMTP helo=<[188.8.131.52]
NOTICE: Not sending DSN, spam level exceeds DSN cutoff level for all recips, mail intentionally dropped
There seems to be several hacks/spam going on connecting directly to the server (one address in particular is a big spammer). I'm not sure if this is the problem or a coincidental symptom.
Not sure where to go from here and need some hand holding. Can anybody help? Upgrading is not an option at this time. Just trying to get it back to a working state.