Re: [exim] Authentication Failure Question

Top Page
Delete this message
Reply to this message
Author: Dave Restall - System Administrator,,,
Date:  
To: exim-users
Subject: Re: [exim] Authentication Failure Question
Hi Marc,

> Is there a way for an ACL to do something on authentication failure? I'm
> trying to trap the IP addresses of hackers trying to guess passwords.
>
> Thanks in advance


Have a look at acl_smtp_auth. I also use an extended or condition on the authentication :-

....

    server_condition                =       ${if or {${authenticated_lookup} {${perl{Run_A_PERL_SCRIPT_HERE}}}}}


My actual condition is a bit more complicated but the above serves
to illustrate.

It basically says if the authenticated lookup succeeds, then continue
if it fails then run the perl script. You can then do the processing
with the perl script - I use it to count failed attempts and log them
to a file - it could quite easily be used to firewall IP addresses etc.

Typical old fashioned shell script short circuit.

Regards,




D
lists/exim/users/2013-06-05.tx                                 exim-users
+----------------------------------------------------------------------------+

| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245      Skype: dave.restall             Radio: G4FCU  |
| email : dave@???  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |

+----------------------------------------------------------------------------+
| Q:    What do you call a half-dozen Indians with Asian flu?  A:            |
| Six sick Sikhs (sic).                                                      |

+----------------------------------------------------------------------------+