Autor: Cyborg
Data:
A: <exim-users@exim.org>
Assumpte: [exim] script execution in case of 535 Incorrect authentication
data ?
Hi,
is it possible to add a ${run{}} ( of any sort ) in case a 535 message
is generated ?
Example:
2014-08-11 11:01:13 LOGIN authenticator failed for (ylmf-pc)
[58.61.70.235]: 535 Incorrect authentication data (set_id=failed)
Those messages get produced by brute forcers.
What i need is an execution of a script to add them the attackers
database, like this:
condition = ${run{/java/rdt/tools/addspammer
$sender_host_address}{yes}{$value}}
Just a way to execute the script with the given ip is needed.
best regards,
Marius