fail2ban/config/filter.d/sieve.conf

19 lines
371 B
Plaintext

# Fail2Ban filter for sieve authentication failures
#
[INCLUDES]
# Read common prefixes. If any customizations available -- read them from
# common.local
before = common.conf
[Definition]
_deamon = (?:cyrus/)?(?:tim)?sieved?
failregex = ^%(__prefix_line)sbadlogin: \S+ ?\[<HOST>\] \S+ authentication failure$
ignoreregex =
# Author: Jan Wagner <waja@cyconet.org>