Thanks for your help, Dean.
This works really good!
Regards
Torsten
>> Well, the configuration is listed in its entirety below actually. Just
>> copy/paste each particular portion into the specified section.
>>
>> Note that I added the following line into the global section below:
>>
>> smtp_accept_max_nonmail = 5
>>
>> That will limit the number of failed auth attempts per connection and
>> the BADAUTH_LIMIT macro sets the number of connections that can fail
>> due to failed auth.
>>
>> How does it work? Essentially, when a connection ends, either the
>> check_quit or the check_notquit ACL is executed depending upon whether
>> it was a graceful disconnection or not. Either way, if it sees that
>> authentication failed in any way, it increments the "badauth" counter
>> that is keyed to the sender's IP address.
>>
>> When a new connection comes in, it checks the counter (without updating it)
>> to see if the limit has been hit within the BADAUTH_LIMIT timeframe.
>>
>> Here is the original config items:
>>
>>
>> In the global config section of your config:
>>
>> BADAUTH_LIMIT = 15 / 2h
>>
>> acl_smtp_connect = check_connection
>> acl_smtp_quit = check_quit
>> acl_smtp_notquit = check_notquit
>> smtp_accept_max_nonmail = 5
>>
>> In the ACL section of your config:
>>
>> check_connection:
>> drop message = Too many failed authentication attempts
>> ratelimit = BADAUTH_LIMIT / noupdate /
>> badauth:$sender_host_address
>>
>> check_quit:
>> accept condition = ${if eq{$authentication_failed}{1}}
>> ratelimit = BADAUTH_LIMIT / badauth:$sender_host_address
>>
>> check_notquit:
>> accept condition = ${if eq{$authentication_failed}{1}}
>> ratelimit = BADAUTH_LIMIT / badauth:$sender_host_address
>>
>
> --
> Dean Brooks
> dean@???
