Cyborg via Exim-users <exim-users@???> (Di 10 Sep 2019 16:06:10 CEST):
> can we limit those tries anywere or slow them down?
>
> 2019-09-10 16:02:37 plain authenticator failed for (a domainname)
> [156.223.90.207]: 535 Incorrect authentication data (set_id=nonsense)
Yes, based on
http://lucamattarozzi.blogspot.com/2014/09/exim-limitare-autenticazioni-fallite.html
In the connect ACL:
deny message = Too many unsuccessfull auth attempts.
ratelimit = 10/2h / badauth:$authenticated_fail_id / readonly
accept
And in the QUIT *and* NOTQUIT ACLs:
warn condition = $authentication_failed
ratelimit = 10/2h / badauth:$authenticated_fail_id / strict
accept
Completly untested, because when implementing it, I ran into another
issue.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
