ENH/BF: exim improvements with sample

ChangeLog

@@ -15,6 +15,8 @@ ver. 0.8.11 (2013/XX/XXX) - wanna-be-released
 - New Features:
   
 - Enhancements:
+  Daniel Black and Georgiy Mernov
+   * filter.d/exim -- update regex for new exim fail log message with sample
   
 
 ver. 0.8.10 (2013/06/12) - wanna-be-secure

THANKS

@@ -18,6 +18,7 @@ Daniel Black
 David Nutter
 Eric Gerbier
 Enrico Labedzki
+Georgiy Mernov
 Guillaume Delvit
 Hanno 'Rince' Wagner
 Iain Lea

config/filter.d/exim.conf

@@ -14,7 +14,7 @@
 # Values:  TEXT
 #
 failregex = \[<HOST>\] .*(?:rejected by local_scan|Unrouteable address)
-             login authenticator failed for .* \[<HOST>\]: 535 Incorrect authentication data \(set_id=.*\)\s*$
+             ^ login authenticator failed for ([^\s\(]+\s)?\([^)]*\) \[<HOST>\]: 535 Incorrect authentication data( \(set_id=.*\)|: \d+ Time\(s\))\s*$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.

testcases/files/logs/exim

@@ -1,2 +1,4 @@
 # From IRC 2013-01-04
 2013-01-04 17:03:46 login authenticator failed for rrcs-24-106-174-74.se.biz.rr.com ([192.168.2.33]) [24.106.174.74]: 535 Incorrect authentication data (set_id=brian)
+# From IRC 2013-06-13 XATRIX (Georgiy Mernov)
+2013-06-12 03:57:58 login authenticator failed for (ylmf-pc) [120.196.140.45]: 535 Incorrect authentication data: 1 Time(s)