And of course add: auth_advertise_hosts = <colon-separated list of networks your clients come from>
If you have a common ISP that your clients use (for example a corporate mobile ISP), add the CIDR of that operator's ASN. Thus you limit the attack surface, since bots will not go and guess passwords. -----Ursprungligt meddelande----- Från: Slavko via Exim-users <[email protected]> Skickat: den 25 februari 2022 15:48 Till: [email protected] Ämne: Re: [exim] Hit with some kind of hidden multiple recipients relay hack? Ahoj, Dňa Fri, 25 Feb 2022 13:18:27 +0100 Cyborg via Exim-users <[email protected]> napísal: > acl_check_data: > > deny condition = ${if eq{$authenticated_id}{} {1}{0}} > domains = ! +local_domains > will not be better to do this check in RCPT ACL and simplify it as this (eventualy add relayed domains): deny !authenticated = * !domains = +local_domains #: +relay_to_domains regards -- Slavko https://www.slavino.sk -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
