Assalamualaikum and salam sejahtera, I have this occurs problem to a Zimbra server. Spammer will used any account they can breach to spam. More than 6000 spam email will be send for every successfully try.
Ok I know you know we know, we need to ask users to change and use harden password. Yes we and system admin are doing it, so its going to take time until the users used to it. At this moments, sysadmin busy with locked accounts due to accounts try by outsider. We have set the policy after 3 times login failure, account will locked. For information, this attack is using the login using HTML. http://www.sfu.ca/~hillman/zimbra-hied-admins/msg00206.html http://www.zimbra.com/forums/zimbra-education/26158-help-compromised-accounts.html I have use this script to delete the account email, after locked the account. http://www.ustrem.org/en/articles/postfix-queue-delete-en/ That all for now.... _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
