On 02/12/2019 08:23, Cyborg via Exim-users wrote: > This seems to be the newest brute force tactic: > > 2019-12-01 23:43:10 SMTP protocol synchronization error (next input sent > too soon: pipelining was not advertised): rejected "root" > H=node-1am2.pool-101-51.dynamic.totinternet.net [101.51.235.250] next > input="999999999\r\n" > > executed with a badly written script :) but, as a bot net did it, it > badly hurt a small vm and blocking the attackers would be nice. > > @Jeremy: > > Is it possible to detect it in an ACL before exim itself rejects the > client by the default number of protocol violations?
Detect what, precisely? -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
