Search found 87 matches

by GlooM
Fri May 29, 2020 8:27 am
Forum: Administrators
Topic: Checking authorization from local nodes
Replies: 0
Views: 241

Checking authorization from local nodes

Greetings! On one of our third-party services, the script that sends out reports to users broke down. As a result, spam was sent to users mailboxes. When I blocked the mailbox used for sending reports, spam did not stop being sent until the mailing script itself was disabled. The script was able to ...
by GlooM
Sun Apr 12, 2020 10:35 pm
Forum: Administrators
Topic: Zimbra 9 now available - in case anyone missed the blog post
Replies: 42
Views: 14282

Re: Zimbra 9 now available - in case anyone missed the blog post

Please specify. Zimbra 9 will only be available as paid version (NE), or it will be available as free but closed source version? If I don't need to see open source, can I use the product for free (without Modern UI)?
by GlooM
Tue Feb 18, 2020 9:05 am
Forum: Administrators
Topic: A way to forward all incoming mails to another adresss in Posfix/Zimbra
Replies: 1
Views: 501

Re: A way to forward all incoming mails to another adresss in Posfix/Zimbra

Try to use recipient_bcc_maps or sender_bcc_maps separately, not always_bcc
by GlooM
Tue Feb 18, 2020 8:55 am
Forum: Administrators
Topic: Question about SpamAssasin customization
Replies: 5
Views: 822

Question about SpamAssasin customization

Hello! Release 8.7.11.GA.1854.UBUNTU16.64 UBUNTU16_64 FOSS edition, Patch 8.7.11_P14. I want to block phishing emails based on certain words in the email body. 1) In this instruction "https://imanudin.net/2015/02/13/zimbra-tips-blacklist-email-based-on-body-email/" need to edit /opt/zimbra...
by GlooM
Fri Aug 23, 2019 6:50 am
Forum: Administrators
Topic: Reject blank "to"
Replies: 0
Views: 473

Reject blank "to"

Hello! -)!

How can I tune anti-spam filters to block all letters with blank field "to" (to=<>).
by GlooM
Thu Aug 08, 2019 7:08 pm
Forum: Administrators
Topic: New type of spammers
Replies: 2
Views: 456

Re: New type of spammers

Is there any way to protect against these connections from other servers to mine?
by GlooM
Thu Aug 08, 2019 6:15 pm
Forum: Administrators
Topic: New type of spammers
Replies: 2
Views: 456

New type of spammers

Hello everyone! Since last month I have faced new types to spam. I administer the server with ~2000 users and they often receive fishing emails. Previously, compromised accounts were used to send spam via smtp-bots. Hacked accounts were identified by analyzing zimbra logs (sasl_username parameter - ...
by GlooM
Fri Apr 19, 2019 1:25 pm
Forum: Administrators
Topic: zimbra not listen in 443 port
Replies: 6
Views: 5978

Re: zimbra not listen in 443 port

Yes, there is a files zmswatch and zmswatch.out virustotal says its a bitcoin miner As I understand it, the hacking technique is the same. zmswatch - miner, Ajax.jsp - shell? Last patch is required to solve the problem. But this is not the same as described here: https://lorenzo.mile.si/zimbra-cve-...
by GlooM
Thu Apr 18, 2019 7:03 pm
Forum: Administrators
Topic: zimbra not listen in 443 port
Replies: 6
Views: 5978

Re: zimbra not listen in 443 port

seryoga_p wrote:fixed
1. upgrade to 8.7.11
2. Patch P10
now everything is working


Hello Seryoga -)!
Please, check this question: viewtopic.php?f=15&t=66031&p=289821#p289821
I think I was hacked the same way. Do you have a file : /opt/zimbra/log/zmswatch?
by GlooM
Thu Apr 18, 2019 7:00 pm
Forum: Administrators
Topic: zmswatch high cpu usage
Replies: 8
Views: 15287

Re: zmswatch high cpu usage

Update!

viewtopic.php?t=66005

Ajax.jsp - The content of the file is exactly like the author of the question!

Go to advanced search