Hi list,
I've already configured fail2ban to block brute force attacks on my
Exim server but thought it would be nice to be able to block outright
known abusive helo's. So I've had a dig and I came up with this config:
# Blacklist
auth_advertise_hosts =\
${lookup{$sender_helo_name}\
lsearch{/usr/local/etc/exim/heloblocks}{}{*}\
}
But it doesn't seem to work so I'm hoping someone can give me a pointer.
Also I have a general doubt, when using the term advertise in Exim does
this mean purely to advertise funcionality or does it actually mean to
provide or not that funcionality? Ie am I actually blocking auth by not
advertising it, when talking about an abusive connection that isn't
following the RFCs etc?
thanks in advance, Andy.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
