The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dictionary attacks, drop delay ?

Discussion in 'E-mail Discussions' started by rmf, Mar 16, 2008.

  1. rmf

    rmf Registered

    Joined:
    Dec 2, 2006
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Hi,
    My server is under dictionary attack, more than 89000 different IPs (in the last thirteen’s days) connect on Exim and send rcpt to false email address for only one domain!

    For minimize the performance impact on the server I activate “Attempt to block dictionary attacks” option, and limit the number of connection per IP.

    Exim log show me “Number of failed recipients exceeded. Come back in a few hours.”
    So how can I configure more than “few hours”?

    My exim conf:
    Thank in advance !!
     
  2. mctDarren

    mctDarren Well-Known Member

    Joined:
    Jan 6, 2004
    Messages:
    664
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    New Jersey
    cPanel Access Level:
    Root Administrator
    Try increasing the time period constant in the ratelimit statement:
    Code:
    ratelimit = 0 / [B]3h[/B] / strict / per_conn
    This should make it a longer period of time before ratelimit forgets past activities.
     
  3. rmf

    rmf Registered

    Joined:
    Dec 2, 2006
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Thank !! It work perfectly.
     
Loading...

Share This Page