Hi Marc,
> Hi Dave,
>
> This looks useful. I don't see any docs on $authenticated_lookup. I
> assume it returns true if auth succeeds?
Sorry, I should have done it in all caps so it looked like a macro :-)
The full statement I use for authlogin is :-
server_condition = ${if or { \
{eq {${lookup mysql{Q_Authorised_Mail_Box} {true} {false}}} {true}}\
{eq {${lookup mysql{Q_Authorised_Alias} {true} {false}}} {true} } \
} {yes} \
{${perl{Log_Failed_Auth}{$auth1}{$auth2}{$sender_host_address}}} \
}
where Q_Authorised_Mail_Box and Q_Authorised_Alias are SQL statement
macros that lookup the sender's account details and return 0 or 1 if the
user can send emails from that address - it's a multi domain virtual
user setup and I don't want authorised user tom@??? sending
mail from dick@???.
I'll leave you to pretty it up further :-)
I suspect some guru will now come back with a two line simpler version :-)
It does need a bit of tidying up and could be improved but it's sort of
grown organically from what it originally was.
Regards,
D
lists/exim/users/2013-06-05.2.tx exim-users
+----------------------------------------------------------------------------+
| Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger |
| Mob +44 (0) 7973 831245 Skype: dave.restall Radio: G4FCU |
| email : dave@??? - Anti-SocialMediaist - Web : Not Ready Yet :-( |
+----------------------------------------------------------------------------+
| You will feel hungry again in another hour. |
+----------------------------------------------------------------------------+
>
>
>
> On 6/5/2013 11:01 AM, Dave Restall - System Administrator,,, wrote:
> > Hi Marc,
> >
> >> Is there a way for an ACL to do something on authentication failure? I'm
> >> trying to trap the IP addresses of hackers trying to guess passwords.
> >>
> >> Thanks in advance
> > Have a look at acl_smtp_auth. I also use an extended or condition on the authentication :-
> >
> > ....
> >
> > server_condition = ${if or {${authenticated_lookup} {${perl{Run_A_PERL_SCRIPT_HERE}}}}}
> >
> > My actual condition is a bit more complicated but the above serves
> > to illustrate.
> >
> > It basically says if the authenticated lookup succeeds, then continue
> > if it fails then run the perl script. You can then do the processing
> > with the perl script - I use it to count failed attempts and log them
> > to a file - it could quite easily be used to firewall IP addresses etc.
> >
> > Typical old fashioned shell script short circuit.
> >
> > Regards,
> >
> >
> >
> >
> > D
> > lists/exim/users/2013-06-05.tx exim-users
> > +----------------------------------------------------------------------------+
> > | Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger |
> > | Mob +44 (0) 7973 831245 Skype: dave.restall Radio: G4FCU |
> > | email : dave@??? - Anti-SocialMediaist - Web : Not Ready Yet :-( |
> > +----------------------------------------------------------------------------+
> > | Q: What do you call a half-dozen Indians with Asian flu? A: |
> > | Six sick Sikhs (sic). |
> > +----------------------------------------------------------------------------+
> >
> >
> >
> >
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
