Exim Dictionary Attack ACL for cPanel

myusername

Well-Known Member
PartnerNOC
Mar 6, 2003
693
1
168
chown -R us.*yourbase*
cPanel Access Level
DataCenter Provider
Twitter
chirpy said:
4 non-authenticated sends in a row
Chirpy, to clarify:

Does that mean 4 non-authenticated sends to local, non-existent email addresses, or just 4 non-authenticated sends in a row?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess
The latter. They do have to be part of the same SMTP connection, so typically, it will be users who have 4 or more outgoing emails in their outbox and they then connect and send without POPing. In such cases I'd recommend a client uses SMTP AUTH.
 

MediaServe

Well-Known Member
PartnerNOC
Apr 9, 2004
138
2
168
Nashville, TN USA
cPanel Access Level
DataCenter Provider
Twitter
Another issue I'm experiencing with the latest version of this script is that it isn't cleaning out /etc/exim_deny. I'm not a perl coder, so I don't know what in the code may be wrong, but nothing added to /etc/exim_deny is ever being removed.

/etc/exim_deny.pl is scheduled as an hourly cron (via symlink in /etc/cron.hourly, and I've run it at the command line as well. No errors, but no removal of IPs either.

Any ideas Chirpy?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess
If you run the perl script twice it should empty out the file. If it doesn't, make sure that your /tmp partition isn't full and is chmod 1777.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess
No, it should indeed trim it and I've not seen a problem with it not doing so unless there were issues with the ownership of the /tmp/exim_lock.txt file or the permissions on /tmp.