[Owasp-Malaysia] Spamming In Zimbra By Users Account With Weak Password

Harisfazillah Jamel linuxmalaysia at gmail.com
Mon Oct 18 06:48:11 EDT 2010


Assalamualaikum and salam sejahtera,

I have this occurs problem to a Zimbra server. Spammer will used any
account they can breach to spam. More than 6000 spam email will be
send for every successfully try.

Ok I know you know we know, we need to ask users to change and use
harden password. Yes we and system admin are doing it, so its going to
take time until the users used to it. At this moments, sysadmin busy
with locked accounts due to accounts try by outsider. We have set the
policy after 3 times login failure, account will locked.

For information, this attack is using the login using HTML.

http://www.sfu.ca/~hillman/zimbra-hied-admins/msg00206.html

http://www.zimbra.com/forums/zimbra-education/26158-help-compromised-accounts.html

I have use this script to delete the account email, after locked the account.

http://www.ustrem.org/en/articles/postfix-queue-delete-en/

That all for now....


More information about the Owasp-Malaysia mailing list