exim drop external smtp request from ONE specific email address

[sptech]

Hi,

I have been getting a LOT of external smtp requests/attempts using only ONE non-existent user email address on my domain. Let's name it [email protected]. This triggers cPHulk and I get an email about it and the smtp failure is always coming from a different IP address! I am now getting about 50 notifications a day from cPHulk!

Since the email address they continue to use does not exist on my domain it will always fail and cPHulk will do it's job.

Is there an ACL I can setup in exim to drop any smtp request using the credentials from this ONE non-existent email address - [email protected] - which will NOT trigger cPHulk?


Thanks!

 

[Infopro]

Not the perfect idea, but you can disable those email notifications.

Home »Security Center »cPHulk Brute Force Protection, bottom of page:
"Send a notification when the system detects a brute force user"

 

[sptech]

Thanks for your reply!

Yes I would prefer to get my notifications so I won't turn them off. It's crazy that this can go on and on like this with no apparent reason other than to bug me *lol*

 

[Infopro]

It's crazy that this can go on and on like this with no apparent reason

Welcome to the wonderful world of Web Hosting.