Alan Chandler<[email protected]> wrote: > I have just moved my mail server (exim4 split config based) from one > machine to another, and in doing so started examining the logs. I am > being hit with multiple attempts to relay - several a second. They come > in bursts from one host, then come from somewhere else.
On 29/06/10 11:46, Chris Davies wrote: > Fail2ban is remarkably good at helping deter probes such as relay > attempts [...] Alan Chandler <[email protected]> wrote: > I suppose that I can pick up the IP addressed from > /var/log/exim4/rejectlog and then use an iptables chain [..] Actually, fail2ban does this automatically for you. It adds a DROP for the source IP address into its own fail2ban chain. (And later removes them after a configurable period of time.) Chris -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
