If you send an email to a non-existant address, most mail servers are polite and will send you your message back with a notice that it couldn’t be delivered (called a mail “bounce”).  Alas, this service can be hijacked to send spam. How?  By sending a spam message to a non-existant address and faking the return address to your intended recipient, the bounce will dutifully carry your spam to the target.

Recently and suddenly, our secondary mail server (running Zimbra) was being used as a transmitter for a tun of these spam messages. It was being used so much that it was temporarily placed on the Spamhaus Block List.  Eek!  So how can you stop them from using your server?

The easiest way (since you can’t turn off mail bounces directly) is to set up a catch-all address. The down-side is that real people won’t get error messages if they mis-type an address (but the plus-side is that you can get off of the SBL if you find yourself on it).  In Zimbra, first set up an account (I called it “spamcatcher”) and set up the catch all address on the command-line (replacing “domain.com” appropriately):

su - zimbra
zmprov modifyAccount spamcatcher@domain.com zimbraMailCatchAllAddress @domain.com

While will place would-be spam bounces into spamcatcher’s inbox.  So now set up a cronjob (on the zimbra account) to periodically run (replacing “domain.com”):

/opt/zimbra/bin/zmmailbox -z -m spamcatcher@domain.com emptyFolder /inbox

which automatically clears out the spamcather’s email box.  

I hope this helps!