Hi, There’s a very good reading about this: https://github.com/Exim/exim/wiki/BlockCracking
> Le 18 avr. 2015 à 02:46, Always Learning <[email protected]> a écrit : > > > Exim 4.72 (Centos 6) > > > A MTA experienced 20 minutes (circa 1,722 attempts) of: > > (from logwatch) > > 2015-04-17 22:56:16 SMTP protocol error in "AUTH LOGIN" > H=(SRV) [88.119.254.244]:50272 I=[xx.xx.xx.xx]:25 AUTH > command used when not advertised: 1 Time(s) > > Have changed:- > > smtp_accept_max = 5 > smtp_accept_max_per_connection = 5 > smtp_accept_max_per_host = 5 > > whilst assuming it will not prevent future abuse. > > > If I create acl_smtp_auth = acl_reject_auth > > acl_reject_auth: > > warn message = ${run{SHELL -c "PHP EXIM_ALERT > (code to bloke IP address in IPtables......) > > deny message = (rejection message) ...... > > > will this ACL only intercept log-on attempts ? > > > Thank you. > > -- > Regards, > > Paul. > England, EU. Je suis Charlie. > > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
