Re: [exim] protecting privileged users from SMTP-AUTH attack…

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Graeme Fowler
Data:  
Para: exim users
Assunto: Re: [exim] protecting privileged users from SMTP-AUTH attacks
On 2 Dec 2019, at 13:40, Cyborg via Exim-users <exim-users@???> wrote:
> So, the answere is "no, there is no way to intercept here." Is ok, take
> it as a FeatureRequest ;)


Jeremy’s answer was quite clear: use a DB backend such as a ratelimit DB.

I’ve been doing that for years - more than N failed auths in X time gets you in the connect blacklist. Bye bye.

How you do/track this is up to you, but the tools already exist.

Graeme