On Sun, Dec 01, 2019 at 01:48:29PM +0000, Jeremy Harris via Exim-users wrote:
> On 29/11/2019 17:43, Cyborg via Exim-users wrote:
> > which brings me to a quick question: has exim any build in support to
> > protected privileged users like root from getting brute forced by this?
>
> Exim provides a toolkit; it's up to you to write your config to
> support your needs. Builtin stuff is more at the level of
> violations of documented SMTP protocol.
On my system SMTP PLAIN auth is backed by PAM, and the PAM config
file has:
# auth
auth required pam_group.so no_warn group=pamimap
auth required pam_unix.so no_warn
This means that only users in group "pamimap" can attempt to login with a
password, this excludes "root", and all the other system accounts. All users
in that "pamimap" group have strong machine-generated high-entropy passwords.
With just family and friends hosted on the server, I can maintain sufficient
security to ignore the AUTH scans, they're wasting their time.
--
Viktor.
