The IP xxx.xxx.xx.xxx is exposing a Open Memcached Server service to the Internet. Such configuration could lead to Open Memcached Server amplification attacks.
There are two quick solutions to this problem and that is either configuring your Memcached to listen to localhost or completely stopping it.
Option 1: Configure Memcached Server listen to localhost
When running Zimbra mail server, memcached is a very important module because it helps proxy service achieve caching of upstream routes to mailstores on a per end-client basis - significantly reduces the route lookup time thus improving the total time required to process the request and boost performance.
Since now Memcached is necessary, let's configure our server memcached daemon to listen through localhost / 127.0.0.1 IP Address instead of public.
Access your Zimbra user
[zimbra@server1 ~]$ su - zimbra
[zimbra@server1 ~]$ /opt/zimbra/bin/zmprov ms `zmhostname` zimbraMemcachedBindAddress 127.0.0.1
Note: replace zmhostname with your zimbra server name i.e “mail.mydomain.com”
[zimbra@server1 ~]$ /opt/zimbra/bin/zmprov ms `zmhostname` zimbraMemcachedClientServerList 127.0.0.1
[zimbra@server1 ~]$ zmmemcachedctl restart
You can go ahead to test if your memcached is running fine, zmmemcachedctl status. And also test your proxy if working fine zmproxyctl status, if not check out Proxy Server not running in Zimbra.
Option 2: Stop Memcached
Some system administrators with standalone servers, tend not to use memcached and as it is a huge security risk to have it open to internet, they just stop it.
The following commands help you achieve that.
[zimbra@server1 ~]$ zmmemcachedctl stop
[zimbra@server1 ~]$ zmprov ms `zmhostname` -zimbraServiceEnabled memcached
[zimbra@server1 ~]$ zmcontrol stop
[zimbra@server1 ~]$ zmcontrol start