The (1) Webmail, (2) admin, and (3) SMTP services in Ability Mail Server 1.18 allow remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous connections to the service.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16677
http://www.securityfocus.com/bid/10695
http://securitytracker.com/id?1010672
http://secunia.com/advisories/12039
http://members.lycos.co.uk/r34ct/main/Ability_mail_server_1.18.txt