I'm having a hard time achieving that delay. As you can see it comes
back with the same IP every 10 seconds. Delay is not imposed on
condition as it is dropped already.
2016-08-10 09:13:01 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
2016-08-10 09:13:12 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
2016-08-10 09:13:23 H=(ylmf-pc) [201.217.51.46] I=[216.240.133.65]:25
rejected EHLO or HELO ylmf-pc: HELO/EHLO - HELO on heloblocks Blocklist
Don't you have to record the current time stamp, in order to calculate
elapsed time for subsequent delays.
Accept the greeting, but if we previously generated a message in say
$acl_c1, stall the sender until 180 seconds has elapsed.
On 8/10/16 8:52 AM, Daryl Richards wrote:
On 10/08/2016 11:47 AM, [email protected] wrote:
Is it possible to implement delay of say 3 minutes on the ip in a helo
acl? Anyone can show an example?
Just add a line with delay = 180s to the config shown....
On 8/10/16 6:46 AM, Daryl Richards wrote:
This doesn't block the IP, it just drops the connection. Trivial to
add a call to add the sender IP to a file or directly to iptables...
acl_check_helo:
...
drop
message = Crack-bot
log_message = Common crack-bot host name
condition = ${if eq{$sender_helo_name}{ylmf-pc}}
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
