Hi, See this tutorial.
https://github.com/Exim/exim/wiki/BlockCracking Best Regards. >-------- Оригинално писмо -------- >От: Andy Smith [email protected] >Относно: [exim] block hacker helo's >До: [email protected] >Изпратено на: 07.02.2017 14:04 Hi list, I've already configured fail2ban to block brute force attacks on my Exim server but thought it would be nice to be able to block outright known abusive helo's. So I've had a dig and I came up with this config: # Blacklist auth_advertise_hosts =\ ${lookup{$sender_helo_name}\ lsearch{/usr/local/etc/exim/heloblocks}{}{*}\ } But it doesn't seem to work so I'm hoping someone can give me a pointer. Also I have a general doubt, when using the term advertise in Exim does this mean purely to advertise funcionality or does it actually mean to provide or not that funcionality? Ie am I actually blocking auth by not advertising it, when talking about an abusive connection that isn't following the RFCs etc? thanks in advance, Andy. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
