Two dots in a domain makes Zimbra go something something
Feb 15 15:13:22 mail postfix/smtpd: connect from mail.mydomain.com[172.24.0.4]
Feb 15 15:13:22 mail postfix/smtpd: warning: Illegal address syntax from mail.mydomain.com[172.24.0.4] in RCPT command: <dsaid@mydomain..com>
Feb 15 15:13:22 mail postfix/smtpd: disconnect from mail.mydomain.com[172.24.0.4]
So I notice this morning that somehow a user managed to make a typo. Just a simple little mistake that put an extra dot in the user's email address.
Now, every second or two I see that message above in my zimbra.log file. It's around 5 gigs already, just from the last day or two. The load on the system is up around 20.0 and the network connections are almost totally maxxed out, I actually get "connection refused" to the web server now and then.
Two questions then I guess:
How do I kill this message from the queue? It's already been SENT by the offending local user, but I see it nowhere in postfix-2.6.whatever/spool/
Is this really all it takes to bring Zimbra to a halt? Wow. That's the easiest DoS attack ever. Just send an email to the local domain with extra dots!
It shouldn't have been accepted for delivery in the first place.
Any help is most appreciated, I am not very familiar with how Zimbra is storing it's mail that it tries to deliver locally and though I am a commercial user it has been most than 5 hours since I opened a U1 "omg help" ticket, appears that nobody is home over at Zimbra today. (it's a holiday, mail servers never break on holidays)
Dual Xeon.Dell SC1425