On Fri, Jul 15, 2022 at 01:54:56PM +0100, Julian Bradfield via Exim-users wrote:
> I should like exim to drop the connection on a client AUTH failure.
> (Because as soon it's seen in the log, fail2ban will DROP the client IP,
> and so the exim process will hang around until the SMTP session times
> out.)
Note that fail2ban is not a realtime service, it scans logs in timely
manner (typically by cron, every 10-15 min). So probability for active
connection to be blocked by fail2ban is very low.
Nevetheless, if you want to keep active connections unblocked, you may
insert before fail2ban's rules your own rule, which allows packets for
established connection to be passed. Example for Linux:
iptables -I INPUT 1 -p tcp -m multiport --destination-ports 25,465,587 \
-m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
--
Eugene Berdnikov