[exim] Count only rejected connections

Top Page
Delete this message
Reply to this message
Author: Sebastian Arcus
Date:  
To: Exim Users
Subject: [exim] Count only rejected connections
I would like to keep track of how many times connections from each IP
are rejected over a period of time (maybe 24 hours?), and when a limit
is reached, reject them much earlier in the acl's - at connection time -
to reduce resources used by Exim, and maybe discourage them from
connecting for a while.

The way it should work is:

1. On the connect acl, check if the failed connection counter has been
reached, and block if yes, but don't increase the counter otherwise.

2. In various subsequent acl's, increase the counter every time a
connection is rejected.

Does the acl below look syntactically correct? Am I correct in thinking
that the "ratelimit =" in the second acl is not reached and doesn't
increment the counter, unless the conditions above it are true?

acl_check_connect:

# check if we've reached the limit and block - but
# don't add to the counter here otherwise
drop  message      = Too many failed retries
       ratelimit    = 20 / 24h / per_conn / readonly


acl_check_helo:

# increase rejected connection counter if we fail here
drop   message      = Invalid HELO/EHLO
        condition    = ${if eq{$received_port}{25}}
        condition    = ${if match{$sender_helo_name}{.+\\\..+\\\..+} \
                           {no}{yes}}
        ratelimit    = 20 / 24h /per_conn