[Pkg-exim4-users] [m40636067 at gmail.com: Protect against brute-force: how to use BADAUTH_LIMIT]
Andreas Metzler
ametzler at bebt.de
Sat Jan 11 12:29:20 GMT 2020
----- Forwarded message from Brian Wengel <m40636067 at gmail.com> -----
Date: Tue, 7 Jan 2020 00:31:20 +0100
From: Brian Wengel <m40636067 at gmail.com>
Subject: Protect against brute-force: how to use BADAUTH_LIMIT
Message-ID: <CADcL3SCSjupaB09giJNgP+ETVNUb2hdKv4gSoUVQ-yLJQE0-sA at mail.gmail.com>
I've read this thread:
https://lists.exim.org/lurker/message/20120709.015548.eb9d2ba2.en.html
This is how my "/etc/exim4/conf.d/acl/00_exim4-config_header" looks like:
----------------------------------------
BADAUTH_LIMIT = 5 / 2h
acl_smtp_connect = check_connection
acl_smtp_quit = check_quit
acl_smtp_notquit = check_notquit
begin acl
check_connection:
drop message = Too many failed authentication attempts
ratelimit = BADAUTH_LIMIT / noupdate / badauth:$sender_host_address
check_quit:
accept condition = ${if eq{$authentication_failed}{1}}
ratelimit = BADAUTH_LIMIT / badauth:$sender_host_address
check_notquit:
accept condition = ${if eq{$authentication_failed}{1}}
ratelimit = BADAUTH_LIMIT / badauth:$sender_host_address
----------------------------------------
Now when I make a telnet connection to the server I get this error:
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
550 Administrative prohibition
Connection closed by foreign host.
What did I do wrong?
Secondly, where could I have found information about BADAUTH_LIMIT etc?
Been searching the Debian readme and the upstream documentation file, but
couldn't find any.
----- End forwarded message -----
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-exim4-users
mailing list