Re: [exim] New compromise...?

Top Page
This message is part of the following thread:
M-+-\the complete thread tree sorted by date
M\M\MSebastian Nielsen at <-
MMMMRichard James Salts at ->
Delete this message
Reply to this message
Author: Julian Bradfield
Date:  
To: exim-users
Subject: Re: [exim] New compromise...?
On 2019-09-25, Sebastian Nielsen via Exim-users <exim-users@???> wrote:
> Another way to deal with compromises is to IP-restrict the user accounts so
> they can only login from where they are supposed to login from.
> If ALL of your users "belong" to the same country - for example i fits a
> company-internal email server, I would suggest set auth_advertise_hosts to a
> list of CIDR ranges that your country, or even better, your company, uses.
>
> If different users belong to different countries, for example if you run a
> webhosting company, I would suggest putting the country that was used to
> either register the account, or the country who did issue the credit card that
> was used to pay for the webhosting, in a database.

Um, some people do occasionally travel, you know.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] New compromise...?Re: [exim] New compromise...?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)