lately we are suffering from dictionary attacks, as a prevention method I use "fail2ban", but in some cases users use passwords that are easy to guess and are used to send spam through bots.
Examples:
Subject: Remittance Advice
Subject: Remittance Advice
Subject: Rambert Nicolas SRS Invoice is ready
These bots are connected from countries such as Japan, China, etc.
41.169.76.242 ZA, South Africa
41.212.221.171 MU, Mauritius
102.164.219.218 ZA, South Africa
105.227.189.244 ZA, South Africa
112.134.249.221 LK, Sri Lanka
202.166.171.50 PK, Pakistan
211.203.71.253 KR, Korea, Republic of
212.12.14.33 RU, Russian Federation
Through exim created rules to block certain subjects but it constantly changes.
My question is, is there any module to block smtp authentication from certain countries?, or some idea of how to work with this problem.