[Owasp-Malaysia] Spamming In Zimbra By Users Account With Weak Password

Ang Chin Han ang.chin.han at gmail.com
Mon Oct 18 08:30:42 EDT 2010

On Mon, Oct 18, 2010 at 6:48 PM, Harisfazillah Jamel
<linuxmalaysia at gmail.com> wrote:
> Assalamualaikum and salam sejahtera,
> I have this occurs problem to a Zimbra server. Spammer will used any
> account they can breach to spam. More than 6000 spam email will be
> send for every successfully try.

Note also that zimbra by default may do a spamassasin check on the
outgoing email, causes really, really heavy load on the server. It
maybe more prudent to quickly block off the offending IP (unless

For ongoing attacks, netstat -an | grep :25
iptables -A INPUT -s x.x.x.x -j DROP

It may help to turn on additional checks in zimbra's admin under
Global Settings, esp. RBLs and other DNS checks.

More information about the Owasp-Malaysia mailing list