Facebook  Twitter  Google +  Linkedin


The IP xxx.xxx.xx.xxx is exposing a Open Memcached Server service to the Internet. Such configuration could lead to Open Memcached Server amplification attacks.

There are two quick solutions to this problem and that is either configuring your Memcached to listen to localhost or completely stopping it.

Option 1: Configure Memcached Server listen to localhost

When running Zimbra mail server, memcached is a very important module because it helps proxy service achieve caching of upstream routes to mailstores on a per end-client basis - significantly reduces the route lookup time thus improving the total time required to process the request and boost performance.

Since now Memcached is necessary, let's configure our server memcached daemon to listen through localhost / IP Address instead of public.


Access your Zimbra user

[zimbra@server1 ~]$   su - zimbra

Configure MemcachedBindAddress

[zimbra@server1 ~]$   /opt/zimbra/bin/zmprov ms `zmhostname` zimbraMemcachedBindAddress

Note: replace zmhostname with your zimbra server name i.e “mail.mydomain.com”

Configure MemcachedClientServerList

[zimbra@server1 ~]$   /opt/zimbra/bin/zmprov ms `zmhostname` zimbraMemcachedClientServerList

Restart memcached:

[zimbra@server1 ~]$   zmmemcachedctl restart

 You can go ahead to test if your memcached  is running fine, zmmemcachedctl status. And also test your proxy if working fine zmproxyctl status, if not check out Proxy Server not running in Zimbra.

Option 2: Stop Memcached

Some system administrators with standalone servers, tend not to use memcached and as it is a huge security risk to have it open to internet, they just stop it.

The following commands help you achieve that.

[zimbra@server1 ~]$  zmmemcachedctl stop

[zimbra@server1 ~]$  zmprov ms `zmhostname` -zimbraServiceEnabled memcached

[zimbra@server1 ~]$  zmcontrol stop

[zimbra@server1 ~]$  zmcontrol start