Re: [exim] protecting privileged users from SMTP-AUTH attack…

Góra strony
Delete this message
Reply to this message
Autor: Richard Jones
Data:  
Dla: exim-users
Temat: Re: [exim] protecting privileged users from SMTP-AUTH attacks
On Dec 02, Cyborg via Exim-users wrote
> It was only a small example, the logfiles are full of it.
>
> And by blocking, I mean "blocking in the entire cluster" ;)


Why not use Fail2Ban?

https://www.fail2ban.org/wiki/index.php/Main_Page

I have it running with the default exim jail, with Spamhaus's Zen, and
some other bits and bobs I have hacked together.

You could create a custom action to block at the cluster, provided you
can script it.

Thanks,

Richard

--
junix.systems/privacy