Re: [exim] ACL block incorrect authentication data

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Emanuel Gonzalez
Data:  
Para: exim-users@exim.org, Olaf.Hopp@kit.edu
Asunto: Re: [exim] ACL block incorrect authentication data
IP addresses change constantly so adding them to a file is not useful.


Regards,

________________________________
De: Olaf Hopp <Olaf.Hopp@???>
Enviado: miércoles, 29 de noviembre de 2017 12:39:06
Para: exim-users@???
Cc: emanuel_gonzalez@???
Asunto: Re: [exim] ACL block incorrect authentication data

On 11/29/2017 02:43 PM, Emanuel Gonzalez wrote:
> Hello.!!
>
>
> my idea is to block the IP that makes the unsuccessful login attempts to the smtp service.
>
>
> On the web I found the following rule, but not if it is what I need.
>
>
> acl_smtp_auth:
>                  drop    message = authentication is allowed only once per message
>                          set acl_m_auth = ${eval10:0$acl_m_auth+1}
>                          condition = ${if >{$acl_m_auth}{2}}
>                          delay = 30s
>                  accept

>



I am using in my acl_smtp_connect

        defer    hosts  = /opt/exim/blackips


The file "blackips" is dynamically build up by a cron-Job grepping through the exim log.
The good magic is that exim is aware of modification on my blacklist file
without HUP / reload / restart.

Regards, Olaf


--
Karlsruher Institut für Technologie (KIT)
ATIS - Abt. Technische Infrastruktur, Fakultät für Informatik

Dipl.-Geophys. Olaf Hopp
- Leitung IT-Dienste -

Am Fasanengarten 5, Gebäude 50.34, Raum 009
76131 Karlsruhe
Telefon: +49 721 608-43973
Fax: +49 721 608-46699
E-Mail: Olaf.Hopp@???
atis.informatik.kit.edu

www.kit.edu<http://www.kit.edu>

KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft

Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert.