Re: [exim] Block access to certain IPs

Top Page
Delete this message
Reply to this message
Author: Bernard Hurley
Date:  
To: Jorge
CC: exim-users
Subject: Re: [exim] Block access to certain IPs
On Thu, Nov 22, 2012 at 08:07:12AM -0300, Jorge wrote:
> Hi,
>
> Daily I found in rejectlog file hundreds of lines like:
>
> 2012-mm-dd hh: mm: ss fixed_login authenticator failed for
> ([www.xxx.yyy.zzz]) [ww.xx.yyy.zz]: 535 Incorrect authentication data
> (set_id = xyz)
>
> And in most of them the IP is the same.
>
> How I can prevents access to EXIM of those IPs?
>


On my Debian system I block IP's using iptables like this:

     iptables -A INPUT -s XX.XX.XX.XX -p tcp --dport 25 -j REJECT


where you obviously have to fill in the correct address for the X's.

You can also block a range of IP's with code like:

     iptables -A INPUT -s XX.XX.XX.0/16 -p tcp --dport 25 -j REJECT


If you do this the connections are blocked at the firewall and exim
never sees them. I hope this helps.

Bernard

> Thanks in advance.
>
> Jorge Colaccini
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/