Re: [exim] ACL block incorrect authentication data

Páxina inicial
Esta mensaxe é parte do seguinte fío:
M+\Árbore completa do fío ordenada por data
MMMJeremy Harris o <-
.MEmanuel Gonzalez o ->
Borrar esta mensaxe
Responder a esta mensaxe
Autor: George L. Yermulnik
Data:  
Para: exim-users
Asunto: Re: [exim] ACL block incorrect authentication data
Hello!

On Wed, 29 Nov 2017 at 13:23:55 (+0000), Emanuel Gonzalez wrote:

> I use fail2ban with iptables to block the brute-force attack, but on some virtual servers I do not use iptables.

> 2017-11-29 09:40:56 fixed_login authenticator failed for (shkhHHO7Wf) [220.164.38.211]: 535 Incorrect authentication data (set_id=zu)
> 2017-11-29 09:41:11 fixed_login authenticator failed for (7ouBtZ1fzi) [220.164.38.211]: 535 Incorrect authentication data (set_id=zu)
> 2017-11-29 09:41:29 fixed_login authenticator failed for (ADM-TRIANON) [200.9.221.213]: 535 Incorrect authentication data (set_id=info@???)
> 2017-11-29 09:42:25 fixed_login authenticator failed for (ADMIN) [52.175.18.205]: 535 Incorrect authentication data (set_id=info@???)

> Is it possible to block these attacks through some rule from exim?

You can use fail2ban to add attackers IPs to a file which would be used
as a hostlist in a drop or deny acl (or using tcpwrappers if exim is
built with TCPwrappers support).

--
George L. Yermulnik
[YZ-RIPE]

Esta mensaxe foi enviada ás seguintes listas:
Exim-users
Información da lista | Mensaxes recentes		<-Re: [exim] ACL block incorrect authentication dataRe: [exim] ACL block incorrect authentication data->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)