Cyborg via Exim-users <[email protected]> (Di 10 Sep 2019 16:06:10 CEST): > can we limit those tries anywere or slow them down? > > 2019-09-10 16:02:37 plain authenticator failed for (a domainname) > [156.223.90.207]: 535 Incorrect authentication data (set_id=nonsense)
Yes, based on http://lucamattarozzi.blogspot.com/2014/09/exim-limitare-autenticazioni-fallite.html In the connect ACL: deny message = Too many unsuccessfull auth attempts. ratelimit = 10/2h / badauth:$authenticated_fail_id / readonly accept And in the QUIT *and* NOTQUIT ACLs: warn condition = $authentication_failed ratelimit = 10/2h / badauth:$authenticated_fail_id / strict accept Completly untested, because when implementing it, I ran into another issue. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
