Dear All,
this is a university case(zcs 5.0.9 open source edition) and we found there are some Auth log for some users from outside and sent lots of spam.
Code:
2009-06-05 07:18:10,161 INFO [btpool0-22444] [oip=41.220.75.3;ua=zclient/5.0.9_GA_2533.RHEL4;] security - cmd=Auth; account=xxx@xxx.xxx.xxx; protocol=soap;
We totally understand that we should ask for higher passwd policy to protect from such situation. However, as a quick workaround, can someone advise what we can do ?
So far, I've made some changes :
1. disable SMTP authentication from Global -> MTA (uncheck smtp authentication) because we have another spam gateway which is for smtp authentication purpose.
2. check MTA trusted network (it's already set to 127.0.0.* and our local IP)
3. "Drop" that IP from iptables configuration. (we don't like this way, though)
(anything else ???)
is it possible to disable the soap access for users (except the Webclient login)?
Thanks.
Bugzilla
Wiki
Source
relay by external sites 
Linear Mode
