ZCS Administrator's Guide 8.0.4
ZCS Administrator's Guide 8.0.4
Network Edition

Monitoring ZCS Servers > Configuring Denial of Service Filter Parameters

Configuring Denial of Service Filter Parameters
The denial-of-service filter (DoSFilter) limits exposure to requests flooding. The DoSFilter throttles clients sending a large number of requests over a short period of time.
The DoSFilter is enabled by default on ZCS and is applied to all requests. You can modify the configuration to accommodate your specific environmental needs. Disabling the DoSFilter is not recommended.
Identifying False Positives
Sometimes Zimbra Connector for Outlook (ZCO), mobile ActiveSync clients, or running some zmprov commands trigger the DoSFilter. When this happens, the Zimbra mailbox service is unavailable. You can review the following logs to see if the DoSFilter was applied.
Example of a log entry showing the DoSFilter
2013-01-15 15:57:32.537:WARN:oejs.DoSFilter:DOS ALERT:ip=,session=null,user=null
Customizing DoSFilter Configuration
The following attributes are used with zmprov to configure the DoSFilter. These attributes can be configured as global settings and as server settings. If these attributes are set in the server, the server settings override the global settings.
You can modify these settings, but the default configuration is recommended.
A mailbox server restart is required after modifying these attributes. Type
zmmailboxdctl restart
Tuning Considerations for ZCS 8.0.3 and later
ZCS Member Servers: ZCS servers under the control of a single master LDAP server are automatically whitelisted by IP address. These hosts are discovered using a GetAllServersRequest . Type as zmprov gas.
External Provisioning Hosts/SOAP API: External provisioning hosts can be added to the IP whitelist to ensure that the DoSFilter does not block some requests. For example, a mailbox reindex might make several calls per second that can trigger the DoSFilter.
Copyright © 2013 VMware Inc.