BFM found wrong IP if from LAN

Version 1.402


2012-01-26 10:58:32 SMTP call from ([]) [] dropped: too many nonmail commands (last was "AUTH") 2012-01-26 10:58:34 login authenticator failed for ([]) []: 535 Incorrect authentication data (set_id=1234) Brute-Force Attack detected in service log from IP(s) Today at 07:29 Changed the template/brute_filter.list to be: exim1=ip_after=]) [&ip_until=]&text=login authenticator failed for&user_after=(set_id%3D&user_until=) exim2=ip_after=[&ip_until=]&text=login authenticator failed for&user_after=(set_id%3D&user_until=) basically, moving exim1 to be exim2. Added exim1, and just change: ip_after=[ to be: ip_after=]) [ For most cases, exim1 will fail () will hold the hostname of the computer, instead of the ([ip]), so exim2 will be the new common filter match for exim login failures.

Interested to try DirectAdmin? Get a 30-day Free Trial!