Hello.!!
my idea is to block the IP that makes the unsuccessful login attempts to the
smtp service.
On the web I found the following rule, but not if it is what I need.
acl_smtp_auth:
drop message = authentication is allowed only once per
message
set acl_m_auth = ${eval10:0$acl_m_auth+1}
condition = ${if >{$acl_m_auth}{2}}
delay = 30s
accept
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
