On 06/03/14 11:01, FABIO FERRARI wrote:
Hello,I have a problem about some users spreading their password to spammers. So I'm searching for a way to ban some authenticated users, or at least limit them to 1 message / hour with ratelimit. But I can't find how to do it, because the many discussions about this point to how to ban senders (that aren't usernames, but email address that can be spoofed) or hosts (spammers change them every miute). For example, is there a way to deny ldap authentication? If I modify the 'server_condition' line in this stanza: login_server: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = ${if ldapauth \ {user="uid=${quote_ldap_dn:$1},ou=people,dc=unimore,dc=it" \ pass=${quote:$2} \ ldaps:///}{yes}{no}} server_set_id = $1 it will be reloaded at every login or only when exim starts?
Stuff that's in the config is loaded when you tell exim to reload (or restart). Stuff that's in a file, DB or service interrogated thanks to stuff in the config, however, is looked-up anew any time it's needed.
Or is there a way to set a ratelimit for some users, and a ratelimit for some other?
Sure. If you need to get complicated, call an auth ACL. See the docs on authentication... -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
