Results 1 to 4 of 4
  1. #1

    exim and bruteforce attempts

    I've been checking my exim rejectlog and I've noticed the same IP address trying to do something on my mailserver. It looks like they aren't getting anywhere, but is there a way to respond back to their attempts on the server that would cause their process to just give up?

    2005-05-22 03:59:21 H=(tbe7hh1md7ydttl) [] F=<[email protected]> rejected RCPT <[email protected]>: authentication required

    I have the exim.conf that was modified by Jeff Lasman over at, and it seems to be working well. Just wish I could get this address to give up.



  2. #2
    route add reject
    Datums Internet Solutions, LLC
    Systems Engineering & Managed Hosting Services
    Complex Hosting Consultants

  3. #3
    Join Date
    Sep 2002
    Top Secret
    if you add the ip address to /etc/virtual/blacklist_domains you should be just fine. Since you mentioned you're using the nobaloney setup for exim.conf, I assume you're using DA, as I don't think he's setup that system for CPanel yet.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Linux Problems? WHMCS Issues? +1-866-546-8914 (linux-14) or @whmcsguru on twitter!

  4. #4

    Thanks for the response. So do I just add the ip address in the blacklist_domains file or is there some syntax that I need to use? I just added the IP address in that file and restarted exim, but it doesn't seem to stop them. Still seeing them popup in my rejectlog.

    I am using DA with exim.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts