Il giorno mer, 25/07/2012 alle 11.44 +0300, Mihamina Rakotomandimby ha scritto: > If me, I'd filter at IP level, based on some reject log information. > That's the job of fail2ban, but I dont know if it parses Exim logs.
I'm using this regex in fail2ban with success: failregex = \[<HOST>\] .*(?:rejected by local_scan|Unrouteable address| 535 Incorrect authentication data) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
