this is a university case(zcs 5.0.9 open source edition) and we found there are some Auth log for some users from outside and sent lots of spam.
We totally understand that we should ask for higher passwd policy to protect from such situation. However, as a quick workaround, can someone advise what we can do ?
2009-06-05 07:18:10,161 INFO [btpool0-22444] [oip=18.104.22.168;ua=zclient/5.0.9_GA_2533.RHEL4;] security - cmd=Auth; firstname.lastname@example.org; protocol=soap;
So far, I've made some changes :
1. disable SMTP authentication from Global -> MTA (uncheck smtp authentication) because we have another spam gateway which is for smtp authentication purpose.
2. check MTA trusted network (it's already set to 127.0.0.* and our local IP)
3. "Drop" that IP from iptables configuration. (we don't like this way, though)
(anything else ???)
is it possible to disable the soap access for users (except the Webclient login)?