Author: Nico Erfurth Date: To: George Szekely CC: exim-users Subject: Re: [Exim] dictionary attack
George Szekely wrote: > I've tried the following condition which seems to work only on
> request coming in at the same time.
>
> ${if = {${eval:$rcpt_fail_count}}{1}{yes}{no}}
>
> But I get hit every 5 to 10 seconds from the same IP (even the IP
> changes regularly after a while) for a different user address. Is it
> possible to insert a delay, like 3 minutes to hosts that just tried
> to hit a nonexistent user (Unrouteable address) - in the router
> section? Or anyone has a suggestion on how to get rid of them?