Auteur: Dave C. Date: À: exim-users Sujet: Re: [Exim] Blocking incessant relay testers with Exim 4
On Wed, 12 Jun 2002, Philip Hazel wrote:
> On Tue, 11 Jun 2002, Dave C. wrote:
>
> > I'm not sure if there is a way to completely refuse connections from
> > within exim at all. host_reject_connections does the following:
> >
> > # telnet 127.0.0.2 25
> > Trying 127.0.0.2...
> > Connected to 127.0.0.2 (127.0.0.2).
> > Escape character is '^]'.
> > 554 SMTP service not available
>
> ... then drops the connection. That's all it can do. True "blocking" has
> to happen before the connection gets to Exim, that is, in a router or in
> the host's TCP/IP stack, or using TCPWrappers or similar.
Currently, there is no way to do this based on a dnsbl lookup in exim4
(that I can tell).
How hard would it be to add an "acl_smtp_call" ?
Currently, hosts listed in an dnsbl called from acp_rcpt, have the
opportunity to send a whole ton of RCPT TO's, each one getting a 5xx.
This takes up lots of resources.
Perhaps that above would help cut this down. It could have a sanity
delay of 5s or so, just to prevent such a host from repeatedly
connecting too frequently.