Re: [exim] protecting privileged users from SMTP-AUTH attack…

Page principale
Ce message fait partie du fil suivant :
M\Arborescence complète du fil triée par date
MM+\Jeremy Harris à <-
MMMMHeiko Schlittermann à ->
Supprimer ce message
Répondre à ce message
Auteur: Richard Jones
Date:  
À: exim-users
Sujet: Re: [exim] protecting privileged users from SMTP-AUTH attacks
On Dec 02, Cyborg via Exim-users wrote
> It was only a small example, the logfiles are full of it.
>
> And by blocking, I mean "blocking in the entire cluster" ;)

Why not use Fail2Ban?

https://www.fail2ban.org/wiki/index.php/Main_Page

I have it running with the default exim jail, with Spamhaus's Zen, and
some other bits and bobs I have hacked together.

You could create a custom action to block at the cluster, provided you
can script it.

Thanks,

Richard

--
junix.systems/privacy

Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] protecting privileged users from SMTP-AUTH attacksRe: [exim] remote access vulnerability in version 4.92-8+deb10u3->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)