Mercury Suggestions
Drop & blacklist on multiple AUTH failures

Would be nice if this was available in the server modules to thwart dictionary attacks like so:

17:43:14.765: >> AUTH LOGIN<cr><lf>
17:43:14.792: << 334 VXNlcm5hbWU6<cr><lf>
17:43:15.613: >> d2VibWFzdGVy<cr><lf>
17:43:15.613: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:16.425: >> IUAjJCVeJio=<cr><lf>
17:43:16.425: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:17.378: >> AUTH LOGIN<cr><lf>
17:43:17.404: << 334 VXNlcm5hbWU6<cr><lf>
17:43:18.213: >> d2VibWFzdGVy<cr><lf>
17:43:18.213: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:18.028: >> OTEx<cr><lf>
17:43:18.028: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:19.835: >> AUTH LOGIN<cr><lf>
17:43:19.839: << 334 VXNlcm5hbWU6<cr><lf>
17:43:20.643: >> d2VibWFzdGVy<cr><lf>
17:43:20.643: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:21.447: >> OTEx<cr><lf>
17:43:21.447: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:22.478: >> AUTH LOGIN<cr><lf>
17:43:22.567: << 334 VXNlcm5hbWU6<cr><lf>
17:43:23.369: >> d2VibWFzdGVy<cr><lf>
17:43:23.369: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:24.191: >> OTExMTE=<cr><lf>
17:43:24.191: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:24.998: >> AUTH LOGIN<cr><lf>
17:43:24.000: << 334 VXNlcm5hbWU6<cr><lf>
17:43:25.810: >> d2VibWFzdGVy<cr><lf>
17:43:25.810: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:26.610: >> OTExMTE=<cr><lf>
17:43:26.610: << 501 Authentication failed - bad user or password.<cr><lf>

 

and it is still going!

Have added the ip to the Connection Control list but an automatic option would be nice!

 

&lt;p&gt;Would be nice if this was available in the server modules to thwart dictionary attacks like so:&lt;/p&gt;&lt;p&gt;17:43:14.765: &amp;gt;&amp;gt; AUTH LOGIN&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:14.792: &amp;lt;&amp;lt; 334 VXNlcm5hbWU6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:15.613: &amp;gt;&amp;gt; d2VibWFzdGVy&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:15.613: &amp;lt;&amp;lt; 334 UGFzc3dvcmQ6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:16.425: &amp;gt;&amp;gt; IUAjJCVeJio=&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:16.425: &amp;lt;&amp;lt; 501 Authentication failed - bad user or password.&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:17.378: &amp;gt;&amp;gt; AUTH LOGIN&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:17.404: &amp;lt;&amp;lt; 334 VXNlcm5hbWU6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:18.213: &amp;gt;&amp;gt; d2VibWFzdGVy&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:18.213: &amp;lt;&amp;lt; 334 UGFzc3dvcmQ6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:18.028: &amp;gt;&amp;gt; OTEx&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:18.028: &amp;lt;&amp;lt; 501 Authentication failed - bad user or password.&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:19.835: &amp;gt;&amp;gt; AUTH LOGIN&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:19.839: &amp;lt;&amp;lt; 334 VXNlcm5hbWU6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:20.643: &amp;gt;&amp;gt; d2VibWFzdGVy&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:20.643: &amp;lt;&amp;lt; 334 UGFzc3dvcmQ6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:21.447: &amp;gt;&amp;gt; OTEx&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:21.447: &amp;lt;&amp;lt; 501 Authentication failed - bad user or password.&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:22.478: &amp;gt;&amp;gt; AUTH LOGIN&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:22.567: &amp;lt;&amp;lt; 334 VXNlcm5hbWU6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:23.369: &amp;gt;&amp;gt; d2VibWFzdGVy&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:23.369: &amp;lt;&amp;lt; 334 UGFzc3dvcmQ6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:24.191: &amp;gt;&amp;gt; OTExMTE=&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:24.191: &amp;lt;&amp;lt; 501 Authentication failed - bad user or password.&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:24.998: &amp;gt;&amp;gt; AUTH LOGIN&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:24.000: &amp;lt;&amp;lt; 334 VXNlcm5hbWU6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:25.810: &amp;gt;&amp;gt; d2VibWFzdGVy&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:25.810: &amp;lt;&amp;lt; 334 UGFzc3dvcmQ6&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:26.610: &amp;gt;&amp;gt; OTExMTE=&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt; 17:43:26.610: &amp;lt;&amp;lt; 501 Authentication failed - bad user or password.&amp;lt;cr&amp;gt;&amp;lt;lf&amp;gt;&lt;/p&gt;&lt;p&gt;&amp;nbsp;&lt;/p&gt;&lt;p&gt;and it is still going!&lt;/p&gt;&lt;p&gt;Have added the ip to the Connection Control list but an automatic option would be nice! &amp;nbsp;&lt;/p&gt;

Has been implemented in MercuryS, MercuryP and MercuryI modules of the upcoming v4.6x release, looks like

554 Too many failed RCPT commands - terminating connection.
&lt;P&gt;Has been implemented in MercuryS, MercuryP and MercuryI modules of the upcoming v4.6x release, looks like&lt;/P&gt;&lt;PRE&gt;554 Too many failed RCPT commands - terminating connection. &lt;/PRE&gt;
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Cancel
Delete
Pending draft ... Click to resume editing
Discard draft