Marc Perkel wrote: > OK - we touched on this earlier but want to see if I can actually make > it work. What I want to do is use ratelimit to limit IP addresses so > that if I get several invalid users (dictionary attack) that the IP > address of the attacker get a defer until some time passes. I'm thinking > that one bad recitient gets you defered for 10 minutes.
On an invalid user, write the IP to a file. Rotate files from cron every five minutes. In your connect acl lookup the IP in the two most recent files. -J -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
