Re: [exim] auth attempts

Página Inicial
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
Para: exim-users
Assunto: Re: [exim] auth attempts
Heiko Schlittermann via Exim-users <exim-users@???> (Di 10 Sep 2019 17:02:26 CEST):
> Cyborg via Exim-users <exim-users@???> (Di 10 Sep 2019 16:06:10 CEST):
> > can we limit those tries anywere or slow them down?
> >
> > 2019-09-10 16:02:37 plain authenticator failed for (a domainname)
> > [156.223.90.207]: 535 Incorrect authentication data (set_id=nonsense)
>
> Yes, based on http://lucamattarozzi.blogspot.com/2014/09/exim-limitare-autenticazioni-fallite.html
>
>
> In the connect ACL:
>
>     deny    message = Too many unsuccessfull auth attempts.
>             ratelimit = 10/2h / badauth:$authenticated_fail_id / readonly


Nonsense. The connect ACL doesn't know anything about the
$authenticated_fail_id.

So replace all $authenticated_fail_id with $sender_host_address
or find a more sophisticated way in the server_condition. Jeremy uses

    server_condition = ${acl …}


This gives you more flexibility.

--
Heiko