Hi, thank you very much for your help, it will be very appreciated.
I am using zcs-8.8.9_GA_2055.UBUNTU16_64, My problem is an excesive Spam Sending from an unexisting account, I send mail via SendGrid, Using and external MTA relay. I have blocked the ip, I see the traffic in my network interface but iam unable to see how to fix this, please let me know what do you need to know in order to fix this, Support, in a modest price, algo its an option for us.
Thank you.
Best Regards
Danilo Gonzalez.
Zimbra Sending Lots of Spam.
- zimico
- Outstanding Member
- Posts: 225
- Joined: Mon Nov 14, 2016 8:03 am
- Location: Vietnam
- ZCS/ZD Version: 8.8.15 P3
- Contact:
Re: Zimbra Sending Lots of Spam.
Hi,
Please check your ZimbraMtaMyNetworks to ensure that you only allow authorized IP.s For example,
111.222.333.0/27 is my server subnet. In case your zimbra server is hosted in data center with public IP address, you should only allow local loopback IP and your zimbra server's IP. For example:
111.222.333.444/32 is my zimbra server's IP.
You also can check to see if any account is compromised by:
Regards,
Please check your ZimbraMtaMyNetworks to ensure that you only allow authorized IP.s For example,
Code: Select all
$zmprov gs `zmhostname` zimbraMtaMyNetworks
# name mail.zimilab.com
zimbraMtaMyNetworks: 127.0.0.0/8 111.222.333.0/27
Code: Select all
$zmprov ms `zmhostname` zimbraMtaMyNetworks '127.0.0.0/8 111.222.333.444/32'
$postfix reload
You also can check to see if any account is compromised by:
Code: Select all
#grep sasl_user /var/log/zimbra.log | sed 's/.*sasl_username=//g' | sort | uniq -c | sort -nr | head