Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: My zimbra is being used to send spam by malicious outsiders!

  1. #11
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Also, if you have a website hosted on the same server as your Zimbra installation check if you are using a form2email script and if so that it has some sort of validation method.

  2. #12
    higeon is offline Intermediate Member
    Join Date
    Jun 2009
    Posts
    21
    Rep Power
    6

    Default

    Thank you uxbod and phoenix.
    It seems everything is OK after I checked my server by ./chkrootkit and /var/log/secure.
    I have deleted all the spam mails in the queue and change the mail account's password that could be compromised.
    What I want to know is how I can avoid the same thing if another mail account is compromised in the future.
    Is there any measure can be done such as some setting in zimbra or postfix?

  3. #13
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Use complex passwords and ensure that within the Admin GUI you have set that if somebody enters a incorrect password three time the account is locked out.

  4. #14
    higeon is offline Intermediate Member
    Join Date
    Jun 2009
    Posts
    21
    Rep Power
    6

    Default

    Quote Originally Posted by uxbod View Post
    Also, if you have a website hosted on the same server as your Zimbra installation check if you are using a form2email script and if so that it has some sort of validation method.
    There is no any website hosted on my zimbra server.

  5. #15
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,486
    Rep Power
    56

    Default

    Quote Originally Posted by higeon View Post
    What I want to know is how I can avoid the same thing if another mail account is compromised in the future.
    Is there any measure can be done such as some setting in zimbra or postfix?
    There's nothing you can do against an account being compromised except to use strong passwords and set them to expire regularly and make sure you enforce the policy, users don't like that but in the interests of safety for your server (and users) you must set and follow good practice.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #16
    higeon is offline Intermediate Member
    Join Date
    Jun 2009
    Posts
    21
    Rep Power
    6

    Default

    Is it possible to set zimbra/postfix to restrict the number of sending mails in one connection or restrict the number of mails can be sent in a period of time such as a minute?

    And can it be restricted that the "from" mail addresses of the sending mails must be my domain's accounts?

  7. #17
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    You could use something like PolicyD to limit the amount of emails sent.

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 8
    Last Post: 01-12-2012, 02:20 AM
  2. Replies: 8
    Last Post: 01-20-2009, 01:06 PM
  3. slapd message error
    By smoke in forum Administrators
    Replies: 7
    Last Post: 04-27-2008, 03:23 PM
  4. Replies: 16
    Last Post: 09-07-2006, 06:39 AM
  5. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •