Results 1 to 2 of 2

Thread: Two dots in a domain makes Zimbra go something something

  1. #1
    Join Date
    Nov 2007
    Rep Power

    Default Two dots in a domain makes Zimbra go something something

    Feb 15 15:13:22 mail postfix/smtpd[14464]: connect from[]

    Feb 15 15:13:22 mail postfix/smtpd[14464]: warning: Illegal address syntax from[] in RCPT command: <>

    Feb 15 15:13:22 mail postfix/smtpd[14464]: disconnect from[]

    So I notice this morning that somehow a user managed to make a typo. Just a simple little mistake that put an extra dot in the user's email address.

    Now, every second or two I see that message above in my zimbra.log file. It's around 5 gigs already, just from the last day or two. The load on the system is up around 20.0 and the network connections are almost totally maxxed out, I actually get "connection refused" to the web server now and then.

    Two questions then I guess:
    How do I kill this message from the queue? It's already been SENT by the offending local user, but I see it nowhere in postfix-2.6.whatever/spool/

    Is this really all it takes to bring Zimbra to a halt? Wow. That's the easiest DoS attack ever. Just send an email to the local domain with extra dots!

    It shouldn't have been accepted for delivery in the first place.

    Any help is most appreciated, I am not very familiar with how Zimbra is storing it's mail that it tries to deliver locally and though I am a commercial user it has been most than 5 hours since I opened a U1 "omg help" ticket, appears that nobody is home over at Zimbra today. (it's a holiday, mail servers never break on holidays)

    CentOS 6.1
    Dual Xeon.Dell SC1425

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Vannes, France
    Rep Power


    You can get rid of messages from the queue by following the following article: Ajcody-MTA-Postfix-Topics - Zimbra :: Wiki - the inevitable warning, make sure you know exactly which message you're deleting and read the article in full before trying.


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. ldap id2entry.bdb has bad LSN
    By pixelplumber in forum Administrators
    Replies: 5
    Last Post: 02-03-2010, 09:44 PM
  2. postfix relay=none status=bounced for local mails
    By vdd in forum Administrators
    Replies: 1
    Last Post: 08-06-2009, 08:05 AM
  3. Upgrade to ZCS 5.10
    By blozancic in forum Installation
    Replies: 0
    Last Post: 10-21-2008, 08:03 AM
  4. zimbra install with perpetually broken logger/stats
    By jptech in forum Installation
    Replies: 8
    Last Post: 09-29-2008, 02:33 PM
  5. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts