Re: [exim] Auth command used when not advertised

Top Page
Delete this message
Reply to this message
Author: Dennis Davis
Date:  
To: exim-users
Subject: Re: [exim] Auth command used when not advertised
On Mon, 26 Nov 2018, Nigel Metheringham via Exim-users wrote:

> From: Nigel Metheringham via Exim-users <exim-users@???>
> To: Russell King <rmk@???>
> Cc: exim-users@???
> Date: Mon, 26 Nov 2018 13:11:36
> Subject: Re: [exim] Auth command used when not advertised
> Reply-To: Nigel Metheringham <nigel@???>
>
> Fail2ban would be a reasonable method of adding (say) 8 hour firewall
> blocks when this sort of thing was seen...
>
> * http://www.fail2ban.org/wiki/index.php/Main_Page
> * https://alternativeto.net/software/fail2ban/


A *long*, *long* time ago Tom Kistner wrote some small perl scripts
to achieve this. Used iptables on Linux to achieve the end result.
See:

https://lists.exim.org/lurker/message/20060416.091402.c5100b67.en.html

https://lists.exim.org/lurker/message/20060502.201702.5ae738bb.en.html

Once nice feature was that the "timeban" script could be directly
called from exim to handle miscreants.

I remember successfully using the "timeban" script for a while after
converting it to use the packet filter on OpenBSD. I suspect Tom's
scripts would still be useful. Although I can't say for certain as
I'm no longer involved on this area.

The download link in the above messages no longer works. I'm fairly
sure I still have copies squirrelled away somewhere.
--
Dennis Davis <dennisdavis@???>