[exim-dev] [Bug 1511] Need to run code (string expansion) fo…

Top Pagina
Delete this message
Reply to this message
Auteur: Lena
Datum:  
Aan: exim-dev
Onderwerp: [exim-dev] [Bug 1511] Need to run code (string expansion) for AUTH failures
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1511

Lena <Lena@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |Lena@???





--- Comment #4 from Lena <Lena@???> 2014-07-30 18:21:25 ---
> Seeing more and more attempts to login with bogus criteria
> so a "message" modifier for all the authenticators would be useful.
> Thus the IPs concerned can be placed in a blacklist.


> A message along the lines of:
> "535 Too many wrong login attempts, account has been locked"
> or
> "535 You cannot login from this blacklisted host"
> would be useful for users.


Config code which places such IP-addresses in a local blacklist
and locks further connection attempts:
https://github.com/Exim/exim/wiki/BlockCracking
That code both locks IP-addresses which repeatedly try wrong
username+password combinations
and locks accounts abused for outgoing spam
(with authentication using stolen passwords).


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email