[exim] Re: smtp_accept_max & DDoS

Top Page
Delete this message
Reply to this message
Author: Slavko
Date:  
To: exim-users
Subject: [exim] Re: smtp_accept_max & DDoS
Dňa 12. mája 2023 14:36:23 UTC používateľ Jeremy Harris via Exim-users <exim-users@???> napísal:

>Indeed, with the dovecot authenticator and that version of Exim
>I don't think there's anything special you can do if you can't
>fingerprint these connections in some way.


I did simplifíed adaption of python dovecot's SASL client
(available on PyPi) to do auth over unix socket and when
AuthPolicy rejects authentication, dovecot returns reason
from it in "reason" arg. If authentication fails (i tested
nonexistent user), the reason is not in response at all.

Thus exim can get it, but does it that? I guess that it doesn't
do that, perhaps because its AuthPolicy is relative new and
not widely used...

regards


--
Slavko
https://www.slavino.sk/

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/