[Exim] Pounded after drop in helo acl

Pàgina inicial
Delete this message
Reply to this message
Autor: Kevin Reed
Data:  
A: exim-users
Assumpte: [Exim] Pounded after drop in helo acl
Noticed that I had a host that was pounding the server after a drop in one
of my helo ACL checks.

2003-07-29 13:54:35 H=12-254-182-31.client.attbi.com [12.254.182.31]
rejected EHLO or HELO 209.114.190.200: HELO of this system's IP
2003-07-29 13:54:36 H=12-254-182-31.client.attbi.com [12.254.182.31]
rejected EHLO or HELO 209.114.190.200: HELO of this system's IP
2003-07-29 13:54:38 H=12-254-182-31.client.attbi.com [12.254.182.31]
rejected EHLO or HELO 209.114.190.200: HELO of this system's IP
2003-07-29 13:54:39 H=12-254-182-31.client.attbi.com [12.254.182.31]
rejected EHLO or HELO 209.114.190.200: HELO of this system's IP

More than 1000 of them...

Apparently, they are just reconnecting?

The ACL is...

        # Don't HELO with my IP!!!
        drop    message = You may not use an HELO of this system's IP
address
                condition = ${if
eq{$sender_helo_name}{209.114.190.200}{yes}{no}}


Other than blocking that IP, is there another way to deal with this? I've
seen this now several times on different IP's.