I've been using Zimbra for about 1.5 to 2 years now with no problems (or very few problems). However, all of a sudden today my Zimba server would not come up. After I rebooted the server multiple times and was finally able to ssh into the server, I shutdown zimbra (zmcontrol stop). I think restarted it and was able to get into the Admin panel where I noticed that the graph of outgoing messages showed 75,000+ for today alone. I went into the queue deleted everything and looked at the daily report that is emailed to the admin account. There I noticed that an account I created (and never use) was hacked. When I created it I was stupid and put a dictionary simple password on it. Well someone got in and started spamming. Now I need to get my IP removed from some RBL's like Baracuda.

Anyway... My question is... Does Zimbra come with a Firewall installed?
(Release 7.1.2_GA_3268.UBUNTU10_64 UBUNTU10_64 FOSS edition)

I ask because the only way someone could get into that account is through a brute force attack (I would assume). However if I was to install APF firewall and BFD, I could automatically blacklist any IP's that have XX number of failed login attempts, therefore lowering my chances of getting hacked again.

Are there any recommended strategies for this?