I use Zimbra OSE 8.8.15 single server. I see a strange log in nginx.log. Upstream server refers to the wrong host/server. Especially POPs and IMAPs connection. Below is my system
Code: Select all
OS : CentOS Linux release 7.8.2003 (Core)
Zimbra : Release 8.8.15_GA_3869.RHEL7_64_20190917004220 RHEL7_64 FOSS edition, Patch 8.8.15_P14
IP Address : 192.198.3.210
Code: Select all
2021/06/05 03:01:34 [info] 16642#0: *2616562 proxied session done, client: 123.xx.xx.xx:57782, server: 0.0.0.0:995, login: "user.xxxx@xxxxxxx.com", upstream: 31.7.62.81:7995 (123.xx.xx.xx:57782->192.198.3.210:995) <=> (192.198.3.210:36054->31.7.62.81:7995)
Code: Select all
Nmap scan report for 31.7.62.81
Host is up (0.12s latency).
PORT STATE SERVICE
80/tcp open http
443/tcp closed https
993/tcp open imaps
995/tcp open pop3s
7993/tcp open unknown
7995/tcp open unknown
8080/tcp closed http-proxy
8443/tcp closed https-alt
what I'm doing right now is
- Block connection from and to this IP 31.7.62.81
- purging route with this command /opt/zimbra/libexec/zmproxypurge
I have more than 3 servers that have similar problems. All upstream refers to 31.7.62.81