Re: [exim] How to ban some authenticated users?

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Lena
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] How to ban some authenticated users?
> From: "FABIO FERRARI"

> I have a problem about some users spreading their password to spammers.
> So I'm searching for a way to ban some authenticated users, or at least
> limit them to 1 message / hour with ratelimit.
>
> But I can't find how to do it, because the many discussions about this
> point to how to ban senders (that aren't usernames, but email address that
> can be spoofed) or hosts (spammers change them every miute).


Username is in $authenticated_id . How to ban abused usernames
authomatically: https://github.com/Exim/exim/wiki/BlockCracking

> For example, is there a way to deny ldap authentication?


Yes, the code on the webpage linked above works with any type authentication.

> If I modify the
> 'server_condition' line in this stanza:
>
> login_server:
>   driver = plaintext
>   public_name = LOGIN
>   server_prompts = "Username:: : Password::"
>   server_condition = ${if ldapauth \
>    {user="uid=${quote_ldap_dn:$1},ou=people,dc=unimore,dc=it" \
>    pass=${quote:$2} \
>    ldaps:///}{yes}{no}}
>   server_set_id = $1

>
> it will be reloaded at every login or only when exim starts?


The server_condition line is expanded at every login.

--
Lena