Results 1 to 8 of 8

Thread: Spam problem

  1. #1
    GaryC's Avatar
    GaryC is offline Junior Member
    Join Date
    Feb 2009
    Location
    Federal Way WA
    Posts
    8
    Rep Power
    6

    Default Spam problem

    I have hundreds of thousands of e-mails from the same address, when I look at /opt/Zimbra/data/postfix/spool/incoming and active. These are killing my e-mail server so the the users can not get e-mails.
    I am at a loss as to what I need to do I have searched the forums but am not finding what I need.

    I added the address to the salocal.cf.in as a blacklist line and restarted the zmamavisdctl. This did not seem to help.

    I have attached a copy of the message including header. How do I get this problem fixed so that e-mail will start flowing again?

    I can only access the zimbra from the server it self as I do not know what the password is for the Zimbra online console is.

    However I have root access and can su as zimbra.

    Please someone point me to somthing that may help.

    Thanks
    GC
    Attached Files Attached Files

  2. #2
    mtorres is offline Trained Alumni
    Join Date
    May 2008
    Location
    Sierra Vista, Az
    Posts
    74
    Rep Power
    7

    Default

    can you zmcontrol stop and go to /opt/Zimbra/data/postfix/spool/incoming and active and rm -rf all of the spams and start zimbra again?

  3. #3
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Quote Originally Posted by mtorres View Post
    can you zmcontrol stop and go to /opt/Zimbra/data/postfix/spool/incoming and active and rm -rf all of the spams and start zimbra again?
    And delete valid email aswell

    Check the headers and see whether the connecting IP is a valid MTA or not ... Why not just block it at your perimeter ?

  4. #4
    y@w's Avatar
    y@w
    y@w is offline Moderator
    Join Date
    Jan 2008
    Posts
    658
    Rep Power
    8

    Default

    Quote Originally Posted by uxbod View Post
    And delete valid email aswell

    Check the headers and see whether the connecting IP is a valid MTA or not ... Why not just block it at your perimeter ?
    Agreed. If they're only coming from one IP, it's much better to stop these messages as far away from your server as possible.

  5. #5
    GaryC's Avatar
    GaryC is offline Junior Member
    Join Date
    Feb 2009
    Location
    Federal Way WA
    Posts
    8
    Rep Power
    6

    Default

    I had already blocked at the perimeter. but had thousands of e-mails already on the server that were trying to resend to other e-mail address. I had to empty the defer, deferred, active, and incoming directories for the problem to stop.

    Does'nt antispam on Zimbra prevent this spam storm problems?

  6. #6
    mtorres is offline Trained Alumni
    Join Date
    May 2008
    Location
    Sierra Vista, Az
    Posts
    74
    Rep Power
    7

    Default

    Quote Originally Posted by uxbod View Post
    And delete valid email aswell

    Check the headers and see whether the connecting IP is a valid MTA or not ... Why not just block it at your perimeter ?
    Yeah, that is the best, just block it at the firewall. But, I was in a jam one time like the o.p and I had to empty the active/incoming etc. folders for mail to start flowing again. Not the best, but it worked for me in a jam.

  7. #7
    mtorres is offline Trained Alumni
    Join Date
    May 2008
    Location
    Sierra Vista, Az
    Posts
    74
    Rep Power
    7

    Default

    Quote Originally Posted by GaryC View Post
    I had already blocked at the perimeter. but had thousands of e-mails already on the server that were trying to resend to other e-mail address. I had to empty the defer, deferred, active, and incoming directories for the problem to stop.

    Does'nt antispam on Zimbra prevent this spam storm problems?
    Hi Gary,

    zimbra out of the box has some good anti-spam measures, but for me, I have searched the forums and read different wikis on tweaking it. I also blocked most foreign IP's at the firewall (although most spam comes from the U.S, it helped a lot). After just tweaking for a while and using some rbl's I can truthfully say that it is VERY rare if a spam gets through *knocks on wood*.

  8. #8
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Quote Originally Posted by GaryC View Post
    Does'nt antispam on Zimbra prevent this spam storm problems?
    It depends on the type of SPAM ... What RBLs are you using ?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Zimbra Spam Control v5
    By zimadminnew in forum Administrators
    Replies: 7
    Last Post: 02-23-2009, 04:11 PM
  2. Missing Email Problem
    By prox in forum Zimbra Connector for Outlook
    Replies: 6
    Last Post: 03-16-2008, 10:01 PM
  3. Replies: 3
    Last Post: 02-25-2008, 06:33 AM
  4. Spam training problem...
    By TaskMaster in forum Installation
    Replies: 2
    Last Post: 05-08-2007, 09:49 AM
  5. Training spam and ham
    By Justin in forum Developers
    Replies: 2
    Last Post: 10-31-2006, 03:39 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •