Alan Chandler<a...@chandlerfamily.org.uk> wrote: > I have just moved my mail server (exim4 split config based) from one > machine to another, and in doing so started examining the logs. I am > being hit with multiple attempts to relay - several a second. They come > in bursts from one host, then come from somewhere else.
On 29/06/10 11:46, Chris Davies wrote: > Fail2ban is remarkably good at helping deter probes such as relay > attempts [...] Alan Chandler <a...@chandlerfamily.org.uk> wrote: > I suppose that I can pick up the IP addressed from > /var/log/exim4/rejectlog and then use an iptables chain [..] Actually, fail2ban does this automatically for you. It adds a DROP for the source IP address into its own fail2ban chain. (And later removes them after a configurable period of time.) Chris -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/422sf7x5pg....@news.roaima.co.uk