SPAM attack through the SOAP protocol??.
The IP is not in trusted_networks.


Here I copy a sequence of actions
/opt/zimbra/log/mailbox.log


2013-04-04 05:05:00,432 INFO [btpool0-3://localhost/service/soap/GetInfoRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - GetInfoRequest
2013-04-04 05:05:01,152 INFO [btpool0-3://localhost/service/soap/SearchRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - SearchRequest
2013-04-04 05:05:02,677 INFO [btpool0-3://localhost/service/soap/GetAvailableSkinsRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - GetAvailableSkinsRequest
2013-04-04 05:05:58,431 INFO [btpool0-2://localhost/service/soap/SearchRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - SearchRequest
2013-04-04 05:06:42,977 INFO [btpool0-0://localhost/service/soap/SendMsgRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - SendMsgRequest
2013-04-04 05:06:42,999 INFO [btpool0-0://localhost/service/soap/SendMsgRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] smtp - Sending message to MTA at srv-mail.test.com: Message-ID=<746491801.6.1365062802996.JavaMail.root@srv-mail.test.com>, replyType=r
2013-04-04 05:07:10,551 INFO [btpool0-3://localhost/service/soap/SendMsgRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - SendMsgRequest
2013-04-04 05:07:57,920 INFO [btpool0-0://localhost/service/soap/SendMsgRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - SendMsgRequest
2013-04-04 05:07:57,943 INFO [btpool0-0://localhost/service/soap/SendMsgRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] smtp - Sending message to MTA at srv-mail.test.com: Message-ID=<115923247.12.1365062877940.JavaMail.root@srv-mail.test.com>, replyType=r
2013-04-04 05:13:09,506 INFO [btpool0-0://localhost/service/soap/SendMsgRequest] [name=atencionalcliente@test.com;mid=302;ip=94.78.8 4.35;ua=zclient/6.0.16_GA_2998;] soap - SendMsgRequest
2013-04-04 05:13:09,934 INFO [LmtpServer-516] [name=atencionalcliente@test.com;mid=302;ip=10.100. 48.2;] mailop - Adding Message: id=36762, Message-ID=<20130404081209.EECF3198E75F@smtp-bsf2.o1.com>, parentId=36723, folderId=2, folderName=Inbox.


I stopped for now with this:

blacklist_from atencionalcliente@test.com

body LOCAL_RULE /IMPORTANT CONSIGNMENT DELIVERY/ #this is subject of message
score LOCAL_RULE 5.5



Is there any fix or settings to prevent this exploit

Thanks.