Re: [exim] protecting privileged users from SMTP-AUTH attack…

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM+\Jeremy Harris at <-
MMMMHeiko Schlittermann at ->
Delete this message
Reply to this message
Author: Richard Jones
Date:  
To: exim-users
Subject: Re: [exim] protecting privileged users from SMTP-AUTH attacks
On Dec 02, Cyborg via Exim-users wrote
> It was only a small example, the logfiles are full of it.
>
> And by blocking, I mean "blocking in the entire cluster" ;)

Why not use Fail2Ban?

https://www.fail2ban.org/wiki/index.php/Main_Page

I have it running with the default exim jail, with Spamhaus's Zen, and
some other bits and bobs I have hacked together.

You could create a custom action to block at the cluster, provided you
can script it.

Thanks,

Richard

--
junix.systems/privacy

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] protecting privileged users from SMTP-AUTH attacksRe: [exim] remote access vulnerability in version 4.92-8+deb10u3->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)