On 2016-08-10 12:47 PM, [email protected] wrote:
I'm having a hard time achieving that delay. As you can see it comes
back with the same IP every 10 seconds. Delay is not imposed on
condition as it is dropped already.
2016-08-10 09:13:01 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
2016-08-10 09:13:12 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
2016-08-10 09:13:23 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
Don't you have to record the current time stamp, in order to calculate
elapsed time for subsequent delays.
Accept the greeting, but if we previously generated a message in say
$acl_c1, stall the sender until 180 seconds has elapsed.
Did you test it by connecting to port 25 and saying 'helo ylmf-pc' and
see the delay before it drops the connection? The problem is, even
though *that* connection is stalled it doesn't stop them from making
another connection in the meantime. This kind of delay is actually a
good way to DOS yourself as all your incoming slots are tied up waiting
on the 180 second delay!
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
