[exim] Re: smtp_accept_max & DDoS

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Slavko
日付:  
To: exim-users
題目: [exim] Re: smtp_accept_max & DDoS
Dňa 13. mája 2023 8:50:26 UTC používateľ Cyborg via Exim-users <exim-users@???> napísal:

>I suggest to choose your timeout for the kill wisely, as some servers send a big chunk of data slow as hell, but a reasonable amount would be 30s.


As i have separate MSA, would not be more easy to setup
that timeout right in exim? Will not this have the same effect?...

As there is AuthPolicy daemon in action, filling FW is done
by fail2ban parsing its logs. That allow me distinguish
auth rejection reason in more precise way than simple
success/fail in exim, beside the fact, that fail2ban
provides repeat counting, ban persistance -- and unban
of course (as many of them seems to be end users, from
time to time cleaned infection and/or changed IP).

regards


--
Slavko
https://www.slavino.sk/

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/