Edison F Carbol wrote: > Hi, > > Is it possible to drop smtp connection before authentication per username? > > My server is congested with many attempts to authenticate with a deleted > account. > > Thanks, > > > Edison > >
Easily. However ..... unless those unwanted attempts have characteristics, such as arriving from the same IP, wherein no other active account might also exist, (old/new, husband/wife) or at least from the same 'pool' of IP, such as a dynamically-assigned 'connectivity' ISP user community, wherein you have *neither* a valid user, *nor* a potential 'proper' correspondent MTA -- in which case you can reject on source IP or source CIDR range either in Exim's 'connect' phase or just a bit later, (or even in a firewall ahead of Exim...) -- in any other case, you will have to do enough 'qualifying' to prevent harm to other arrivals... ...that you might just as well let the authorization fail. You could be saving the 'cost' of setting-up an encrypted session and doing some form of DB lookup to fail the auth so it IS worth the attempt. Personally, I'd be tempted to divert the connection and sort of tarpit it, and/or allow a POP/IMAP read connection and pop a 'no longer active' notice into his 'Mailbox' (or known forwarding address) each time he makes an attempt to auth onto Exim for sending. That might motivate the former user to change the MUA settings that are trying to automagically log in to the dead account. HTH, Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
