diff --git a/ChangeLog b/ChangeLog
index f54b4a71..74c3b172 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -35,7 +35,9 @@ ver. 0.10.4-dev-1 (20??/??/??) - development edition
 -----------
 
 ### Fixes
-* `filter.d/dovecot.conf`: failregex enhancement to catch sql password mismatch errors (gh-2153);
+* `filter.d/dovecot.conf`: 
+  - failregex enhancement to catch sql password mismatch errors (gh-2153);
+  - disconnected with "proxy dest auth failed" (gh-2184);
 * `action.d/hostsdeny.conf`: fix parameter in config (dynamic parameters stating with '_' are protected 
   and don't allowed in command-actions), see gh-2114;
 * decoding stability fix by wrong encoded characters like utf-8 surrogate pairs, etc (gh-2171):
diff --git a/config/filter.d/dovecot.conf b/config/filter.d/dovecot.conf
index daea2ff3..f0481e06 100644
--- a/config/filter.d/dovecot.conf
+++ b/config/filter.d/dovecot.conf
@@ -13,7 +13,7 @@ _daemon = (?:dovecot(?:-auth)?|auth)
 prefregex = ^%(__prefix_line)s(?:%(_auth_worker)s(?:\([^\)]+\))?: )?(?:%(__pam_auth)s(?:\(dovecot:auth\))?: |(?:pop3|imap)-login: )?(?:Info: )?<F-CONTENT>.+</F-CONTENT>$
 
 failregex = ^authentication failure; logname=<F-ALT_USER1>\S*</F-ALT_USER1> uid=\S* euid=\S* tty=dovecot ruser=<F-USER>\S*</F-USER> rhost=<HOST>(?:\s+user=<F-ALT_USER>\S*</F-ALT_USER>)?\s*$
-            ^(?:Aborted login|Disconnected)(?::(?: [^ \(]+)+)? \((?:auth failed, \d+ attempts(?: in \d+ secs)?|tried to use (?:disabled|disallowed) \S+ auth)\):(?: user=<<F-USER>[^>]*</F-USER>>,)?(?: method=\S+,)? rip=<HOST>(?:[^>]*(?:, session=<\S+>)?)\s*$
+            ^(?:Aborted login|Disconnected)(?::(?: [^ \(]+)+)? \((?:auth failed, \d+ attempts(?: in \d+ secs)?|tried to use (?:disabled|disallowed) \S+ auth|proxy dest auth failed)\):(?: user=<<F-USER>[^>]*</F-USER>>,)?(?: method=\S+,)? rip=<HOST>(?:[^>]*(?:, session=<\S+>)?)\s*$
             ^pam\(\S+,<HOST>(?:,\S*)?\): pam_authenticate\(\) failed: (?:User not known to the underlying authentication module: \d+ Time\(s\)|Authentication failure \(password mismatch\?\)|Permission denied)\s*$
             ^[a-z\-]{3,15}\(\S*,<HOST>(?:,\S*)?\): (?:unknown user|invalid credentials|Password mismatch)\s*$
             <mdre-<mode>>
diff --git a/fail2ban/tests/files/logs/dovecot b/fail2ban/tests/files/logs/dovecot
index 16d40c47..dfa6199e 100644
--- a/fail2ban/tests/files/logs/dovecot
+++ b/fail2ban/tests/files/logs/dovecot
@@ -83,6 +83,9 @@ Jul 02 13:49:32 hostname dovecot[442]: pop3-login: Disconnected (no auth attempt
 # failJSON: { "time": "2005-03-23T06:10:52", "match": true , "host": "52.37.139.121" }
 Mar 23 06:10:52 auth: Info: ldap(dog,52.37.139.121,): invalid credentials
 
+# failJSON: { "time": "2005-07-17T09:21:22", "match": true , "host": "192.0.2.4", "desc": "proxy dest auth failed, gh-2184"}
+Jul 17 09:21:22 mailproxy dovecot: imap-login: Disconnected (proxy dest auth failed): user=<rtomes@acenet.com.au>, method=PLAIN, rip=192.0.2.4, lip=192.168.1.2, session=<NTI4FiZxcQCSud4G>
+
 # failJSON: { "time": "2005-07-26T11:11:21", "match": true , "host": "192.0.2.1" }
 Jul 26 11:11:21 hostname dovecot: imap-login: Disconnected: Too many invalid commands (tried to use disallowed plaintext auth): user=<test>, rip=192.0.2.1, lip=192.168.1.1, session=<S5dIdTFCDKUWWMbU>
 # failJSON: { "time": "2005-07-26T11:12:19", "match": true , "host": "192.0.2.2" }