Hello.
How to catch brute foce smtp auth attempts only? (== bad login or
password provided)
Condition like:
${if eq{$authentication_failed}{1}}
doesn't work because it also catches cases where client cancelled smtp
auth attempt (rfc2554 and "*").
Exim internally sees difference:
535 Incorrect authentication data
501 Authentication cancelled
Ideas?
--
Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
How to catch brute foce smtp auth attempts only? (== bad login or
password provided)
Condition like:
${if eq{$authentication_failed}{1}}
doesn't work because it also catches cases where client cancelled smtp
auth attempt (rfc2554 and "*").
Exim internally sees difference:
535 Incorrect authentication data
501 Authentication cancelled
Ideas?
--
Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/