Am 25.07.2012 13:05, schrieb Dr Andrew C Aitchison:
2012-07-25 07:09:11 no IP address found for host
static-216-214-153-238.isp.broadviewnet.net (during SMTP connection
from [216.214.153.238])
2012-07-25 07:09:11 plain authenticator failed for ([192.168.0.232])
[216.214.153.238]: 535 Incorrect authentication data (set_id=aidan)
Maybe I'm misreading the logs, but isn't 192.168.0.232
the HELO/EHLO address ? In which case the rogue machine is on a
private network belonging
to a broadviewnet customer and somewhere behind 216.214.153.238 ?
it is.
Which ACL is controlling the message : "535 Incorrect authentication
data" *?*
it should be possible to add this to the ACL :
condition = ${run{ ...../tools/addspammer
$sender_host_address}{yes}{$value}}
Marius
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
