Re: [exim] auth attempts

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMCyborg at <-
MOdhiambo Washington at ->
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: Re: [exim] auth attempts
Cyborg via Exim-users <exim-users@???> (Di 10 Sep 2019 16:06:10 CEST):
> can we limit those tries anywere or slow them down?
>
> 2019-09-10 16:02:37 plain authenticator failed for (a domainname)
> [156.223.90.207]: 535 Incorrect authentication data (set_id=nonsense)

Yes, based on http://lucamattarozzi.blogspot.com/2014/09/exim-limitare-autenticazioni-fallite.html


In the connect ACL: 

    deny    message = Too many unsuccessfull auth attempts.
            ratelimit = 10/2h / badauth:$authenticated_fail_id / readonly


    accept


And in the QUIT *and* NOTQUIT ACLs: 

    warn    condition = $authentication_failed
            ratelimit = 10/2h / badauth:$authenticated_fail_id / strict


    accept


Completly untested, because when implementing it, I ran into another
issue. 

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] auth attemptsRe: [exim] auth attempts->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)