Thanks, Dean. Just to verify that I understood it right. When you define the "BADAUTH_LIMIT = 15 / 2h", 15 bad logins within 2 hours are accepted from one IP address. When will the client be able to start a new authentication again?
Thanks Torsten > Well, the configuration is listed in its entirety below actually. Just > copy/paste each particular portion into the specified section. > > Note that I added the following line into the global section below: > > smtp_accept_max_nonmail = 5 > > That will limit the number of failed auth attempts per connection and > the BADAUTH_LIMIT macro sets the number of connections that can fail > due to failed auth. > > How does it work? Essentially, when a connection ends, either the > check_quit or the check_notquit ACL is executed depending upon whether > it was a graceful disconnection or not. Either way, if it sees that > authentication failed in any way, it increments the "badauth" counter > that is keyed to the sender's IP address. > > When a new connection comes in, it checks the counter (without updating it) > to see if the limit has been hit within the BADAUTH_LIMIT timeframe. > > > -- > Dean Brooks > [email protected] > > -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
