Non Zimbra question and I hope that is ok if this type of thing is not abused.

[Steve Elliott <selliott@kennesaw.edu>]

Situation:  We have staff/faculty on our campus that don't realize that you give out your email login data, including password to phishing emails.   So we get compromised accounts.
We are in the works of putting an external MTA (barracuda system) that our Zimbra email will be filtered through if it leaves campus.   Of course this may hit some good emails with the bad ones.  Though I routinely check to see if we have a rogue account they usually have 2-4 hours of uninterrupted time, especially during the night hours where they can spam their hearts out.

Question:  What solutions do you use to help in those situations?