fail2ban/config/filter.d/courier-auth.conf

20 lines
393 B
Plaintext
Raw Normal View History

# Fail2Ban filter for courier authentication failures
#
[INCLUDES]
# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf
[Definition]
_daemon = (?:courier)?(?:imapd?|pop3d?)(?:login)?(?:-ssl)?
failregex = ^%(__prefix_line)sLOGIN FAILED, user=.*, ip=\[<HOST>\]$
ignoreregex =
# Author: Christoph Haas
# Modified by: Cyril Jaquier