Author: Emanuel Gonzalez
Date:
To: exim-users@exim.org
Subject: [exim] ACL block incorrect authentication data
Hello.!!
I use fail2ban with iptables to block the brute-force attack, but on some virtual servers I do not use iptables.
2017-11-29 09:40:56 fixed_login authenticator failed for (shkhHHO7Wf) [220.164.38.211]: 535 Incorrect authentication data (set_id=zu)
2017-11-29 09:41:11 fixed_login authenticator failed for (7ouBtZ1fzi) [220.164.38.211]: 535 Incorrect authentication data (set_id=zu)
2017-11-29 09:41:29 fixed_login authenticator failed for (ADM-TRIANON) [200.9.221.213]: 535 Incorrect authentication data (set_id=info@???)
2017-11-29 09:42:25 fixed_login authenticator failed for (ADMIN) [52.175.18.205]: 535 Incorrect authentication data (set_id=info@???)
Is it possible to block these attacks through some rule from exim?