[SOLVED] My Zimbra server sending out spam emails

General discussion about Zimbra Desktop.
abamkacamata
Posts: 7
Joined: Mon Aug 06, 2018 1:29 pm

[SOLVED] My Zimbra server sending out spam emails

Postby abamkacamata » Thu Oct 18, 2018 12:54 am

We're having a problem as of this morning as some of our email accounts are sending spam to different emails. it sends out estimated 9000+ emails. I think it started on weekend.
Almost all accounts are currently "locked" and others were deleted also I try changing the password but it still sends spam.
Our zimbra (email server) is installed on Centos 7.0
Last edited by abamkacamata on Fri Oct 19, 2018 1:17 am, edited 1 time in total.


User avatar
DualBoot
Outstanding Member
Outstanding Member
Posts: 854
Joined: Mon Apr 18, 2016 8:18 pm
Location: Earth
ZCS/ZD Version: ZCS FLOSS - 8.7.11 Mutli servers

Re: My Zimbra server sending out spam emails

Postby DualBoot » Thu Oct 18, 2018 7:10 am

Hello,

check first if your Zimbra is open relay, it should not be the case by default.
Then grep sasl_username in /var/log/zimbra.log to get account who is spamming.
Use iptables to drop connection on SMTP to stop it.

Regards,
abamkacamata
Posts: 7
Joined: Mon Aug 06, 2018 1:29 pm

Re: My Zimbra server sending out spam emails

Postby abamkacamata » Fri Oct 19, 2018 1:16 am

DualBoot wrote:Hello,

check first if your Zimbra is open relay, it should not be the case by default.
Then grep sasl_username in /var/log/zimbra.log to get account who is spamming.
Use iptables to drop connection on SMTP to stop it.

Regards,


I used this as my solution. Apart from it I also shutdown zimbra services and run clamav. This combo seems to do the trick

Return to “General Questions”

Who is online

Users browsing this forum: No registered users and 4 guests