On 2 Dec 2019, at 13:40, Cyborg via Exim-users <exim-users@???> wrote: > So, the answere is "no, there is no way to intercept here." Is ok, take
> it as a FeatureRequest ;)
Jeremy’s answer was quite clear: use a DB backend such as a ratelimit DB.
I’ve been doing that for years - more than N failed auths in X time gets you in the connect blacklist. Bye bye.
How you do/track this is up to you, but the tools already exist.
