[exim] Taming bruteforce auth attacks

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Lena
Data:  
Para: exim-users
Assunto: [exim] Taming bruteforce auth attacks
Hi,

Does following look reasonable? The "2" is because of
http://www.exim.org/lurker/message/20031019.140442.419ec907.en.html

acl_check_auth:
  drop message = authentication is allowed only once per message in order \
                 to slow down bruteforce cracking
       condition = ${if def:acl_m_auth}
       condition = ${if >{$acl_m_auth}{2}}
       delay = 20s


  warn condition = ${if !def:acl_m_auth}
       set acl_m_auth = 0


accept set acl_m_auth = ${eval:$acl_m_auth+1}