Hi,
See this tutorial.
https://github.com/Exim/exim/wiki/BlockCracking
Best Regards.
>-------- Оригинално писмо --------
>От: Andy Smith a.smith@???
>Относно: [exim] block hacker helo's
>До: exim-users@???
>Изпратено на: 07.02.2017 14:04
Hi list,
I've already configured fail2ban to block brute force attacks on my
Exim server but thought it would be nice to be able to block outright
known abusive helo's. So I've had a dig and I came up with this config:
# Blacklist
auth_advertise_hosts =\
${lookup{$sender_helo_name}\
lsearch{/usr/local/etc/exim/heloblocks}{}{*}\
}
But it doesn't seem to work so I'm hoping someone can give me a pointer.
Also I have a general doubt, when using the term advertise in Exim does
this mean purely to advertise funcionality or does it actually mean to
provide or not that funcionality? Ie am I actually blocking auth by not
advertising it, when talking about an abusive connection that isn't
following the RFCs etc?
thanks in advance, Andy.
--
## List details at
https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
