Hi Marc,
> Is there a way for an ACL to do something on authentication failure? I'm
> trying to trap the IP addresses of hackers trying to guess passwords.
>
> Thanks in advance
Have a look at acl_smtp_auth. I also use an extended or condition on the authentication :-
....
server_condition = ${if or {${authenticated_lookup} {${perl{Run_A_PERL_SCRIPT_HERE}}}}}
My actual condition is a bit more complicated but the above serves
to illustrate.
It basically says if the authenticated lookup succeeds, then continue
if it fails then run the perl script. You can then do the processing
with the perl script - I use it to count failed attempts and log them
to a file - it could quite easily be used to firewall IP addresses etc.
Typical old fashioned shell script short circuit.
Regards,
D
lists/exim/users/2013-06-05.tx exim-users
+----------------------------------------------------------------------------+
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger |
| Mob +44 (0) 7973 831245 Skype: dave.restall Radio: G4FCU |
| email : dave@??? - Anti-SocialMediaist - Web : Not Ready Yet :-( |
+----------------------------------------------------------------------------+
| Q: What do you call a half-dozen Indians with Asian flu? A: |
| Six sick Sikhs (sic). |
+----------------------------------------------------------------------------+
