Re: [exim] protecting privileged users from SMTP-AUTH attack…

Góra strony
Wiadomość jest częścią wątku:
M\pełne drzewo wątku posortowane wg daty
MM+\Jeremy Harris at <-
MMMMHeiko Schlittermann at ->
Delete this message
Reply to this message
Autor: Richard Jones
Data:  
Dla: exim-users
Temat: Re: [exim] protecting privileged users from SMTP-AUTH attacks
On Dec 02, Cyborg via Exim-users wrote
> It was only a small example, the logfiles are full of it.
>
> And by blocking, I mean "blocking in the entire cluster" ;)

Why not use Fail2Ban?

https://www.fail2ban.org/wiki/index.php/Main_Page

I have it running with the default exim jail, with Spamhaus's Zen, and
some other bits and bobs I have hacked together.

You could create a custom action to block at the cluster, provided you
can script it.

Thanks,

Richard

--
junix.systems/privacy

Wiadomość została wysłana do następujących list mailowych:
Exim-users
Informacja o liście mailowej | Najbliższe wiadomości		<-Re: [exim] protecting privileged users from SMTP-AUTH attacksRe: [exim] remote access vulnerability in version 4.92-8+deb10u3->
Tahini and Hummus and Cumin Development Archives administrowana przez cumin AdminsLurker (wersja 2.3)