> On Thu, Nov 22, 2012 at 08:07:12AM -0300, Jorge wrote:
> > Daily I found in rejectlog file hundreds of lines like:
> >
> > 2012-mm-dd hh: mm: ss fixed_login authenticator failed for
> > ([www.xxx.yyy.zzz]) [ww.xx.yyy.zz]: 535 Incorrect authentication data
> > (set_id = xyz)
> >
> > And in most of them the IP is the same.
> >
> > How I can prevents access to EXIM of those IPs?
On Fri, Nov 23, 2012 at 07:48:43AM +0000, Bernard Hurley wrote:
> On my Debian system I block IP's using iptables like this:
>
> iptables -A INPUT -s XX.XX.XX.XX -p tcp --dport 25 -j REJECT
...and if you want this automated you can use fail2ban
http://www.fail2ban.org
/Richard