Re: [exim] Authentication Failure Question

Top Page
Delete this message
Reply to this message
Author: Dave Restall - System Administrator,,,
Date:  
To: exim-users
Subject: Re: [exim] Authentication Failure Question
Hi Marc,

> Hi Dave,
>
> This looks useful. I don't see any docs on $authenticated_lookup. I
> assume it returns true if auth succeeds?


Sorry, I should have done it in all caps so it looked like a macro :-)

The full statement I use for authlogin is :-

server_condition = ${if or { \
    {eq {${lookup mysql{Q_Authorised_Mail_Box} {true} {false}}} {true}}\
    {eq {${lookup mysql{Q_Authorised_Alias} {true} {false}}} {true} } \
    } {yes} \
    {${perl{Log_Failed_Auth}{$auth1}{$auth2}{$sender_host_address}}} \
    }


where Q_Authorised_Mail_Box and Q_Authorised_Alias are SQL statement
macros that lookup the sender's account details and return 0 or 1 if the
user can send emails from that address - it's a multi domain virtual
user setup and I don't want authorised user tom@??? sending
mail from dick@???.

I'll leave you to pretty it up further :-)

I suspect some guru will now come back with a two line simpler version :-)

It does need a bit of tidying up and could be improved but it's sort of
grown organically from what it originally was.

Regards,




D
lists/exim/users/2013-06-05.2.tx                               exim-users
+----------------------------------------------------------------------------+

| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
| Mob +44 (0) 7973 831245      Skype: dave.restall             Radio: G4FCU  |
| email : dave@???  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |

+----------------------------------------------------------------------------+
| You will feel hungry again in another hour.                                |

+----------------------------------------------------------------------------+


>
>
>
> On 6/5/2013 11:01 AM, Dave Restall - System Administrator,,, wrote:
> > Hi Marc,
> >
> >> Is there a way for an ACL to do something on authentication failure? I'm
> >> trying to trap the IP addresses of hackers trying to guess passwords.
> >>
> >> Thanks in advance
> > Have a look at acl_smtp_auth. I also use an extended or condition on the authentication :-
> >
> > ....
> >
> >     server_condition                =       ${if or {${authenticated_lookup} {${perl{Run_A_PERL_SCRIPT_HERE}}}}}

> >
> > My actual condition is a bit more complicated but the above serves
> > to illustrate.
> >
> > It basically says if the authenticated lookup succeeds, then continue
> > if it fails then run the perl script. You can then do the processing
> > with the perl script - I use it to count failed attempts and log them
> > to a file - it could quite easily be used to firewall IP addresses etc.
> >
> > Typical old fashioned shell script short circuit.
> >
> > Regards,
> >
> >
> >
> >
> > D
> > lists/exim/users/2013-06-05.tx                                 exim-users
> > +----------------------------------------------------------------------------+
> > | Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger  |
> > | Mob +44 (0) 7973 831245      Skype: dave.restall             Radio: G4FCU  |
> > | email : dave@???  - Anti-SocialMediaist -  Web : Not Ready Yet :-( |
> > +----------------------------------------------------------------------------+
> > | Q:    What do you call a half-dozen Indians with Asian flu?  A:            |
> > | Six sick Sikhs (sic).                                                      |
> > +----------------------------------------------------------------------------+

> >
> >
> >
> >
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>