Re: [exim] Stopping Bruteforceattacks

Top Page
This message is part of the following thread:
M---+--++\the complete thread tree sorted by date
M--\M-\MMMAndrew Colin Kissa at <-
M+\MM\MMDennis Davis at ->
Delete this message
Reply to this message
Author: Gandalf Corvotempesta
Date:  
To: Mihamina Rakotomandimby
CC: exim-users
Subject: Re: [exim] Stopping Bruteforceattacks
Il giorno mer, 25/07/2012 alle 11.44 +0300, Mihamina Rakotomandimby ha
scritto:
> If me, I'd filter at IP level, based on some reject log information.
> That's the job of fail2ban, but I dont know if it parses Exim logs.


I'm using this regex in fail2ban with success:

failregex = \[<HOST>\] .*(?:rejected by local_scan|Unrouteable address|
535 Incorrect authentication data)



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Stopping BruteforceattacksRe: [exim] Stopping Bruteforceattacks->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)