On Mon, 26 Nov 2018, Nigel Metheringham via Exim-users wrote: > From: Nigel Metheringham via Exim-users <[email protected]> > To: Russell King <[email protected]> > Cc: [email protected] > Date: Mon, 26 Nov 2018 13:11:36 > Subject: Re: [exim] Auth command used when not advertised > Reply-To: Nigel Metheringham <[email protected]> > > Fail2ban would be a reasonable method of adding (say) 8 hour firewall > blocks when this sort of thing was seen... > > * http://www.fail2ban.org/wiki/index.php/Main_Page > * https://alternativeto.net/software/fail2ban/
A *long*, *long* time ago Tom Kistner wrote some small perl scripts to achieve this. Used iptables on Linux to achieve the end result. See: https://lists.exim.org/lurker/message/20060416.091402.c5100b67.en.html https://lists.exim.org/lurker/message/20060502.201702.5ae738bb.en.html Once nice feature was that the "timeban" script could be directly called from exim to handle miscreants. I remember successfully using the "timeban" script for a while after converting it to use the packet filter on OpenBSD. I suspect Tom's scripts would still be useful. Although I can't say for certain as I'm no longer involved on this area. The download link in the above messages no longer works. I'm fairly sure I still have copies squirrelled away somewhere. -- Dennis Davis <[email protected]> -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
