mirror of https://github.com/fail2ban/fail2ban
19 lines
330 B
Plaintext
19 lines
330 B
Plaintext
# Fail2Ban filter for sendmail authentication failures
|
|
#
|
|
|
|
[INCLUDES]
|
|
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
|
|
_daemon = (?:sm-(mta|acceptingconnections))
|
|
|
|
failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[<HOST>\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$
|
|
|
|
ignoreregex =
|
|
|
|
# DEV Notes:
|
|
#
|
|
# Author: Daniel Black
|