Regex Needed - no MAIL in SMTP connection

1 post Page 1 of 1
twofus
Junior Member
Posts: 2
Joined: 14 Feb 2019, 15:07


Can someone assist putting together a custom regex for CSF? Log files below of the issue (IP used is arbitrary). CENTOS 7 server.

Log directory:
/var/log/exim_mainlog

2019-02-13 18:51:46.727 [32754] no MAIL in SMTP connection from [180.119.68.17]:53797 I=[xx.xx.xx.xx]:25 D=10s
2019-02-13 18:51:57.453 [32756] no MAIL in SMTP connection from [180.119.68.17]:57662 I=[xx.xx.xx.xx]:25 D=10s
2019-02-13 18:52:08.176 [307] no MAIL in SMTP connection from [180.119.68.17]:62178 I=[xx.xx.xx.xx]:25 D=10s
2019-02-13 18:52:18.922 [315] no MAIL in SMTP connection from [180.119.68.17]:51659 I=[xx.xx.xx.xx]:25 D=10s

I would like to trigger a block after 5 connections in 1 second.

Thanks for any assistance
1 post Page 1 of 1