fail2ban/config/filter.d/uwimap-auth.conf

# Fail2Ban configuration file
#
# Author: Amir Caspi
#
[INCLUDES]

before = common.conf

[Definition]

_daemon = (?:ipop3d|imapd)

failregex = ^%(__prefix_line)sLogin (?:failed|excessive login failures|disabled|SYSTEM BREAK-IN ATTEMPT) user=\S* auth=\S* host=.*\[<HOST>\]\s*$ 
            ^%(__prefix_line)sFailed .* override of user=.* host=.*\[<HOST>\]\s*$

ignoreregex =
ENH: filter.d/uwimap-auth added. Closes #18 2013-09-29 08:06:27 +00:00			`# Fail2Ban configuration file`
			`#`
			`# Author: Amir Caspi`
			`#`
			`[INCLUDES]`

			`before = common.conf`

			`[Definition]`

			`_daemon = (?:ipop3d\|imapd)`

ENH: filter.d/uwimap-auth - add "disabled" to regex 2013-10-01 12:10:33 +00:00			`failregex = ^%(__prefix_line)sLogin (?:failed\|excessive login failures\|disabled\|SYSTEM BREAK-IN ATTEMPT) user=\S* auth=\S* host=.\[<HOST>\]\s$`
ENH: filter.d/uwimap-auth - failure of an admin override to regex 2013-10-01 12:32:57 +00:00			`^%(__prefix_line)sFailed .* override of user=.* host=.\[<HOST>\]\s$`
ENH: filter.d/uwimap-auth added. Closes #18 2013-09-29 08:06:27 +00:00
			`ignoreregex =`