[exim] AUTH command used when not advertised

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM 
Always Learning at ->
Delete this message
Reply to this message
Author: Always Learning
Date:  
To: Exim
New-Topics: [...]
Subject: [exim] AUTH command used when not advertised

Exim 4.72 (Centos 6)


A MTA experienced 20 minutes (circa 1,722 attempts) of:

(from logwatch) 

    2015-04-17 22:56:16 SMTP protocol error in "AUTH LOGIN"
    H=(SRV) [88.119.254.244]:50272 I=[xx.xx.xx.xx]:25 AUTH
    command used when not advertised: 1 Time(s)


Have changed:- 

    smtp_accept_max                   = 5
    smtp_accept_max_per_connection    = 5
    smtp_accept_max_per_host          = 5


whilst assuming it will not prevent future abuse.


If I create acl_smtp_auth = acl_reject_auth

acl_reject_auth: 

       warn message = ${run{SHELL -c "PHP EXIM_ALERT
                          (code to bloke IP address in IPtables......)


       deny message = (rejection message) ......



will this ACL only intercept log-on attempts ?


Thank you.

--
Regards, 

Paul.
England, EU.      Je suis Charlie.




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Changing email headers to reflect server IP when they pass through Exim[...]->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)