. using fail2ban
I second the idea of using fail2ban (or something similar). It's completely non-invasive.
It can be a slight inconvenience if you have users behind NAT firewalls coming to your server (which includes most home routers). One clumsy person mistyping a webmail password a couple of times looks out everybody using that shared public IP address. OTOH, fail2ban is tunable and is typically configured to only block the IP address for 10-20 minutes. That's enough to turn back most attacking bots (or at least give your machine a rest) and tolerable for the false alarm cases.
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
