Compromised account results in the server being used to send out spam mail

Revision as of 16:28, 11 July 2015 by Jorge de la Cruz (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Compromised account results in the server being used to send out spam mail

   KB 21927        Last updated on 2015-07-11  

(0 votes)


Compromised account results in the server being used to send out spam mail. Typically if you lock a user he should not be able to send email but that will not kick in if the smtp sessions already exists. See reported problem:


To deal with this, postfix introduced "check_sasl_access".

Per-account access control

Postfix can implement policies that depend on the SASL login name (Postfix 2.11 and later). Typically this is used to HOLD or REJECT mail from accounts whose credentials have been compromised


vi /opt/zimbra/conf/

Locate line "RESTART mta" The line before that add -

POSTCONF smtpd_sasl_local_domain    LOCAL postfix_smtpd_sasl_local_domain

Set LC attribute

zmlocalconfig -e postfix_smtpd_sasl_local_domain='$myhostname'

Steps 1 and 2 required because we wish to add the entire email address in the access control list, as per guidelines of postfix -

  1. Use this when smtpd_sasl_local_domain is empty.
username   HOLD
  1. Use this when HOLD
vi conf/zmconfigd/

Add line on top -

check_sasl_access lmdb:/opt/zimbra/conf/postfix_sasl_access
vi /opt/zimbra/conf/postfix_sasl_access    REJECT

Create db file for postfix_sasl_access

cd /opt/zimbra/conf/
postmap postfix_sasl_access

zmmtactl restart

The restart is for the config to kick in. If you wish to add/delete users then all you will need to do is -

cd /opt/zimbra/conf
vi postfix_sasl_access -- Make changes
postmap postfix_sasl_access

If a user is blocked he should see the attached error.


Additional Content

Verified Against: Zimbra Collaboration 8.6, 8.5, 8.0 Date Created: 05/05/2015
Article ID: Date Modified: 2015-07-11

Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Wiki/KB reviewed by SME1 SME2 Copyeditor Last edit by Jorge de la Cruz
Jump to: navigation, search