diff --git a/config/filter.d/sendmail-spam.conf b/config/filter.d/sendmail-spam.conf
index 6268db2b..1ccd37a0 100644
--- a/config/filter.d/sendmail-spam.conf
+++ b/config/filter.d/sendmail-spam.conf
@@ -21,8 +21,7 @@ before = common.conf
 
 _daemon = (?:sm-(mta|acceptingconnections))
 
-failregex = ^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=(?P<email>(<\S+@\S+>)?), relay=(\S+ )?\[<HOST>\]( \(may be forged\))?, reject=550 5\.7\.1 (?P=email)\.\.\. Relaying denied\. (IP name possibly forged \[(\d+\.){3}\d+\]|Proper authentication required\.)$
-            ^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=, relay=(\S+ )?\[<HOST>\]( \(may be forged\))?, reject=(553 5\.1\.8 \.\.\. Domain of sender address \S+ does not exist|550 5\.7\.1 \.\.\. Rejected: .*)$
+failregex = ^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=(?P<email><\S+@\S+>), relay=(\S+ )?\[<HOST>\]( \(may be forged\))?, reject=(550 5\.7\.1 (?P=email)\.\.\. Relaying denied\. (IP name possibly forged \[(\d+\.){3}\d+\]|Proper authentication required\.)|553 5\.1\.8 (?P=email)\.\.\. Domain of sender address \S+ does not exist|550 5\.7\.1 (?P=email)\.\.\. Rejected: .*)$
             ^%(__prefix_line)sruleset=check_relay, arg1=(?P<dom>\S+), arg2=<HOST>, relay=(?P=dom) \[(\d+\.){3}\d+\]( \(may be forged\))?, reject=421 4\.3\.2 Connection rate limit exceeded\.$
 
 
diff --git a/testcases/files/logs/sendmail-spam b/testcases/files/logs/sendmail-spam
index 4aad3b25..2992725d 100644
--- a/testcases/files/logs/sendmail-spam
+++ b/testcases/files/logs/sendmail-spam
@@ -1,5 +1,5 @@
 # failJSON: { "time": "2005-02-25T03:01:10", "match": true , "host": "128.68.136.133" }
-Feb 25 03:01:10 kismet sm-acceptingconnections[27713]: s1P819mk027713: ruleset=check_rcpt, arg1=, relay=128-68-136-133.broadband.corbina.ru [128.68.136.133], reject=550 5.7.1 ... Relaying denied. Proper authentication required.
+Feb 25 03:01:10 kismet sm-acceptingconnections[27713]: s1P819mk027713: ruleset=check_rcpt, arg1=<asservnew@freemailhost.ru>, relay=128-68-136-133.broadband.corbina.ru [128.68.136.133], reject=550 5.7.1 <asservnew@freemailhost.ru>... Relaying denied. Proper authentication required.
 
 # failJSON: { "time": "2005-02-23T21:36:14", "match": true , "host": "80.253.155.119" }
 Feb 23 21:36:14 petermurray sm-mta[22248]: s1NLaDQT022248: ruleset=check_rcpt, arg1=<dautareuk2@hotmail.it>, relay=int0.client.access.azadnet.net [80.253.155.119] (may be forged), reject=550 5.7.1 <dautareuk2@hotmail.it>... Relaying denied. IP name possibly forged [80.253.155.119]
@@ -8,25 +8,25 @@ Feb 23 21:36:14 petermurray sm-mta[22248]: s1NLaDQT022248: ruleset=check_rcpt, a
 Feb 24 07:33:59 petermurray sm-mta[21134]: s1O7XtZJ021134: ruleset=check_rcpt, arg1=<sanjinn232@yahoo.com.tw>, relay=118-161-66-57.dynamic.hinet.net [118.161.66.57], reject=550 5.7.1 <sanjinn232@yahoo.com.tw>... Relaying denied. Proper authentication required.
 
 # failJSON: { "time": "2005-02-23T07:57:28", "match": true , "host": "2.180.185.27" }
-Feb 23 07:57:28 petermurray sm-mta[6519]: s1N7vR47006519: ruleset=check_rcpt, arg1=, relay=[2.180.185.27], reject=553 5.1.8 ... Domain of sender address camila.pinto@andrewweitzman.com does not exist
+Feb 23 07:57:28 petermurray sm-mta[6519]: s1N7vR47006519: ruleset=check_rcpt, arg1=<camila.pinto@camilopinto.pt>, relay=[2.180.185.27], reject=553 5.1.8 <camila.pinto@camilopinto.pt>... Domain of sender address camila.pinto@andrewweitzman.com does not exist
 
 # failJSON: { "time": "2005-02-23T14:13:08", "match": true , "host": "85.60.238.161" }
-Feb 23 14:13:08 petermurray sm-mta[17126]: s1NED81M017126: ruleset=check_rcpt, arg1=, relay=161.pool85-60-238.dynamic.orange.es [85.60.238.161], reject=553 5.1.8 ... Domain of sender address anabelaalvesd@dsldevice.lan does not exist
+Feb 23 14:13:08 petermurray sm-mta[17126]: s1NED81M017126: ruleset=check_rcpt, arg1=<anabelaalvesd@camilopinto.pt>, relay=161.pool85-60-238.dynamic.orange.es [85.60.238.161], reject=553 5.1.8 <anabelaalvesd@camilopinto.pt>... Domain of sender address anabelaalvesd@dsldevice.lan does not exist
 
 # failJSON: { "time": "2005-02-24T05:07:40", "match": true , "host": "202.53.73.138" }
-Feb 24 05:07:40 petermurray sm-mta[716]: s1O57c6H000716: ruleset=check_rcpt, arg1=, relay=202.53.73.138.nettlinx.com [202.53.73.138] (may be forged), reject=553 5.1.8 ... Domain of sender address root@srv.montserv.com does not exist
+Feb 24 05:07:40 petermurray sm-mta[716]: s1O57c6H000716: ruleset=check_rcpt, arg1=<camilo_pinto@camilopinto.pt>, relay=202.53.73.138.nettlinx.com [202.53.73.138] (may be forged), reject=553 5.1.8 <camilo_pinto@camilopinto.pt>... Domain of sender address root@srv.montserv.com does not exist
 
 # failJSON: { "time": "2005-02-23T07:00:08", "match": true , "host": "151.232.63.226" }
-Feb 23 07:00:08 petermurray sm-mta[3992]: s1N706jo003992: ruleset=check_rcpt, arg1=, relay=[151.232.63.226], reject=550 5.7.1 ... Rejected: 151.232.63.226 listed at sbl-xbl.spamhaus.org
+Feb 23 07:00:08 petermurray sm-mta[3992]: s1N706jo003992: ruleset=check_rcpt, arg1=<joaofr@camilopinto.pt>, relay=[151.232.63.226], reject=550 5.7.1 <joaofr@camilopinto.pt>... Rejected: 151.232.63.226 listed at sbl-xbl.spamhaus.org
 
 # failJSON: { "time": "2005-02-23T04:36:21", "match": true , "host": "74.137.127.206" }
-Feb 23 04:36:21 kismet sm-acceptingconnections[12603]: s1N9aKAw012603: ruleset=check_rcpt, arg1=, relay=74-137-127-206.dhcp.insightbb.com [74.137.127.206], reject=550 5.7.1 ... Rejected: IP in SpamCop blacklist, see: http://spamcop.net/bl.shtml?74.137.127.206
+Feb 23 04:36:21 kismet sm-acceptingconnections[12603]: s1N9aKAw012603: ruleset=check_rcpt, arg1=<user@host.com>, relay=74-137-127-206.dhcp.insightbb.com [74.137.127.206], reject=550 5.7.1 <user@host.com>... Rejected: IP in SpamCop blacklist, see: http://spamcop.net/bl.shtml?74.137.127.206
 
 # failJSON: { "time": "2005-02-23T04:38:57", "match": true , "host": "203.229.186.250" }
-Feb 23 04:38:57 kismet sm-acceptingconnections[16772]: s1N9csSZ016772: ruleset=check_rcpt, arg1=, relay=[203.229.186.250], reject=550 5.7.1 ... Rejected: IP in Barracuda RBL, see: http://www.barracudacentral.org/reputation?ip=203.229.186.250
+Feb 23 04:38:57 kismet sm-acceptingconnections[16772]: s1N9csSZ016772: ruleset=check_rcpt, arg1=<user@host.com>, relay=[203.229.186.250], reject=550 5.7.1 <user@host.com>... Rejected: IP in Barracuda RBL, see: http://www.barracudacentral.org/reputation?ip=203.229.186.250
 
 # failJSON: { "time": "2005-02-23T06:06:04", "match": true , "host": "186.54.117.93" }
-Feb 23 06:06:04 kismet sm-acceptingconnections[18622]: s1NB63Bp018622: ruleset=check_rcpt, arg1=, relay=r186-54-117-93.dialup.adsl.anteldata.net.uy [186.54.117.93], reject=550 5.7.1 ... Rejected: IP in SpamHaus PBL, see http://www.spamhaus.org/query/bl?ip=186.54.117.93
+Feb 23 06:06:04 kismet sm-acceptingconnections[18622]: s1NB63Bp018622: ruleset=check_rcpt, arg1=<user@host.com>, relay=r186-54-117-93.dialup.adsl.anteldata.net.uy [186.54.117.93], reject=550 5.7.1 <user@host.com>... Rejected: IP in SpamHaus PBL, see http://www.spamhaus.org/query/bl?ip=186.54.117.93
 
 # failJSON: { "time": "2005-02-24T01:46:44", "match": true , "host": "217.21.54.82" }
 Feb 24 01:46:44 petermurray sm-mta[24422]: ruleset=check_relay, arg1=leased-line-54-82.telecom.by, arg2=217.21.54.82, relay=leased-line-54-82.telecom.by [217.21.54.82], reject=421 4.3.2 Connection rate limit exceeded.