Re: [exim] Iptables/other blocking ylmf-pc clients

Page principale
Supprimer ce message
Répondre à ce message
Auteur: list2@captainnet.net
Date:  
À: Daryl Richards, exim-users
Sujet: Re: [exim] Iptables/other blocking ylmf-pc clients
I'm having a hard time achieving that delay. As you can see it comes
back with the same IP every 10 seconds. Delay is not imposed on
condition as it is dropped already.

2016-08-10 09:13:01 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
2016-08-10 09:13:12 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
2016-08-10 09:13:23 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist

Don't you have to record the current time stamp, in order to calculate
elapsed time for subsequent delays.
Accept the greeting, but if we previously generated a message in say
$acl_c1, stall the sender until 180 seconds has elapsed.


On 8/10/16 8:52 AM, Daryl Richards wrote:
> On 10/08/2016 11:47 AM, list2@??? wrote:
>> Is it possible to implement delay of say 3 minutes on the ip in a helo
>> acl? Anyone can show an example?
>
> Just add a line with delay = 180s to the config shown....
>
>> On 8/10/16 6:46 AM, Daryl Richards wrote:
>>> This doesn't block the IP, it just drops the connection. Trivial to
>>> add a call to add the sender IP to a file or directly to iptables...
>>>
>>> acl_check_helo:
>>> ...
>>>   drop
>>>     message = Crack-bot
>>>     log_message = Common crack-bot host name
>>>     condition = ${if eq{$sender_helo_name}{ylmf-pc}}

>