Kerio MailServer contains a flaw that may allow a remote denial of service attack. The issue is triggered when SYN packets are sent to one of the following services: POP3, SMTP, IMAP, Secure IMAP, POP3S, WebMail, or Secure WebMail. The result is loss of availability for the service. The service resumes functionality after a short period of time.
Upgrade to version 5.1.7 or higher, as it has been reported to fix this vulnerability. It is also possible to minimize your risk of attack by implementing the following workaround(s):
Filter all mail services to restrict access to only trusted sources from within the network.