Re: Deterring mail relay attempts
Alan Chandler<alan@chandlerfamily.org.uk> wrote:
> I have just moved my mail server (exim4 split config based) from one
> machine to another, and in doing so started examining the logs. I am
> being hit with multiple attempts to relay - several a second. They come
> in bursts from one host, then come from somewhere else.
On 29/06/10 11:46, Chris Davies wrote:
> Fail2ban is remarkably good at helping deter probes such as relay
> attempts [...]
Alan Chandler <alan@chandlerfamily.org.uk> wrote:
> I suppose that I can pick up the IP addressed from
> /var/log/exim4/rejectlog and then use an iptables chain [..]
Actually, fail2ban does this automatically for you. It adds a DROP for
the source IP address into its own fail2ban chain. (And later removes
them after a configurable period of time.)
Chris
Reply to: