Szerző: Exim Mailing List Dátum: Címzett: exim-users Tárgy: Re: [exim] Drop smtp connection before authentication
On Wed, Oct 28, 2009 at 01:00:42PM +0000, Mike Cardwell wrote: > > Dean Brooks wrote:
> >> Here's what we use to automatically control failed authentication
> >> attempts.
>
> If a client makes a single connection to your SMTP server then makes a
> million attempts to authenticate using different credentials each time,
> wouldn't that only increment the ratelimit value by 1 as it only
> increments the value on Exit... Eg, in the following example I make
> three different authentication failures but only quit once:
Took me a few minutes to remember why this wasn't a problem and finally
remembered.
A failed auth attempt counts as a "non-mail" command and increments
the counter against the global "smtp_accept_max_nonmail" setting.
It defaults to 10 but we have it set to "3" on our system:
smtp_accept_max_nonmail = 3
So, essentially, they can at most execute 3 attempts per connection
and a maximum of 15 connection failures using the ratelimits.
Essentially up to 45 failed auth attempts.