we have an account that has been compromised and used for sending a lot of spam to random addresses and sometimes especially to yahoo addresses.
we're on a bunch of blacklists. (senderbase.org)
Any idea how to prevent this?
thanks.
Code: Select all
[zimbra@mail]$ zmcontrol -v
Release 8.7.1_GA_1670.RHEL7_64_20161025045328 RHEL7_64 NETWORK edition.
Code: Select all
more /var/log/zimbra.log | grep sasl_method
Apr 23 08:25:31 mail postfix/smtps/smtpd[9225]: 6BAE3302E2C32: client=unknown[205.196.185.238], sasl_method=LOGIN, sasl_username=xxxx
Apr 23 08:25:32 mail postfix/smtps/smtpd[4130]: 5B020302E2C26: client=unknown[66.85.8.55], sasl_method=LOGIN, sasl_username=xxxxx
Apr 23 08:25:32 mail postfix/smtps/smtpd[3555]: 6DCA1302E2C34: client=host-72-175-37-115.kls-mt.client.bresnan.net[72.175.37.115], sasl_method=LOGIN, sasl_username=xxxx