Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: My zimbra is being used to send spam by malicious outsiders!

  1. #11
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Also, if you have a website hosted on the same server as your Zimbra installation check if you are using a form2email script and if so that it has some sort of validation method.

  2. #12
    Join Date
    Jun 2009
    Posts
    21
    Rep Power
    6

    Default

    Thank you uxbod and phoenix.
    It seems everything is OK after I checked my server by ./chkrootkit and /var/log/secure.
    I have deleted all the spam mails in the queue and change the mail account's password that could be compromised.
    What I want to know is how I can avoid the same thing if another mail account is compromised in the future.
    Is there any measure can be done such as some setting in zimbra or postfix?

  3. #13
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Use complex passwords and ensure that within the Admin GUI you have set that if somebody enters a incorrect password three time the account is locked out.

  4. #14
    Join Date
    Jun 2009
    Posts
    21
    Rep Power
    6

    Default

    Quote Originally Posted by uxbod View Post
    Also, if you have a website hosted on the same server as your Zimbra installation check if you are using a form2email script and if so that it has some sort of validation method.
    There is no any website hosted on my zimbra server.

  5. #15
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by higeon View Post
    What I want to know is how I can avoid the same thing if another mail account is compromised in the future.
    Is there any measure can be done such as some setting in zimbra or postfix?
    There's nothing you can do against an account being compromised except to use strong passwords and set them to expire regularly and make sure you enforce the policy, users don't like that but in the interests of safety for your server (and users) you must set and follow good practice.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #16
    Join Date
    Jun 2009
    Posts
    21
    Rep Power
    6

    Default

    Is it possible to set zimbra/postfix to restrict the number of sending mails in one connection or restrict the number of mails can be sent in a period of time such as a minute?

    And can it be restricted that the "from" mail addresses of the sending mails must be my domain's accounts?

  7. #17
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    You could use something like PolicyD to limit the amount of emails sent.

Similar Threads

  1. Replies: 8
    Last Post: 01-12-2012, 01:20 AM
  2. Replies: 8
    Last Post: 01-20-2009, 12:06 PM
  3. slapd message error
    By smoke in forum Administrators
    Replies: 7
    Last Post: 04-27-2008, 03:23 PM
  4. Replies: 16
    Last Post: 09-07-2006, 06:39 AM
  5. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 12:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •