<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hi<br>
<br>
Same as I told Exim devs: we finally opted for enabling Exim
support in fail2ban. This gives better result for all brute-force
attempts as they're soon cut off and don't waste bandwidth.<br>
<br>
Thanks for your feedback :)<br>
</p>
<br>
<div class="moz-cite-prefix">At 05/11/17 18:59, Marc Haber wrote:<br>
</div>
<blockquote type="cite"
cite="mid:20171105175952.fivrtrru4b6zj3on@torres.zugschlus.de">
<pre wrap="">On Sun, Nov 05, 2017 at 04:09:37PM +0100, Andreas Metzler wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I do not see the attacker gain, the same information can be extracted by
trying out RCPT TO *@omega-software.com with FROM <a class="moz-txt-link-abbreviated" href="mailto:attacker@gmail.com">attacker@gmail.com</a>.
</pre>
</blockquote>
<pre wrap="">
Additionally, we are desperately trying to stay close to the upstream
configuration. If this is really an issue, then all non-Debian exim
installations are vulnerable as well.
What I am trying to say is, this issue should be reported and
discussed with upstream _before_ we make this change. Paul, can you do
that to make your point there?
Greetings
Marc
</pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
Paul Graham<br>
Development Dept.<br>
<a href="http://Omega-Software.com/">http://Omega-Software.com/</a><br>
<br>
<img src="cid:part2.030D5B9A.F7E3F069@omega-software.com"
alt="Omega Software" height="65" width="72">
</div>
</body>
</html>