著者: Sebastian Arcus 日付: To: exim-users 題目: Re: [exim] ACL to early reject connections from hosts which keep on
retrying after a permanent reject
On 24/01/18 22:09, Jeremy Harris wrote: > On 24/01/18 21:40, Sebastian Arcus via Exim-users wrote:
>> Does the above look right? I've had it in place on one server for about
>> a week, but I can't see in the logs ever kicking in - so now I'm not
>> sure if the syntax is wrong, or maybe I haven't had any persistent
>> offenders during this time.
>
> Try using exim_dumpdb and looking for your ratelimit-period of 24h
> in the keys. The sender_host_address will also be part of the key.
Thank you for that tip! I can see in the ratelimit db quite a few hosts
which have reached the 5/24h limit. But strangely in the Exim log I
can't see the appropriate reject messages - although I can see reject
messages for various other ACL's I've set up. Searching by the offending
IP addresses in the logs, I can see them retrying over and over again -
and yet my initial connect ACL never seems to kick in and deny the
connection. I can't really think of a reason for this.