diff --git a/How-to-ban-something-other-as-host-(IP-address),-like-user-or-e-mail,-etc..md b/How-to-ban-something-other-as-host-(IP-address),-like-user-or-e-mail,-etc..md
new file mode 100644
index 0000000..e84bdb2
--- /dev/null
+++ b/How-to-ban-something-other-as-host-(IP-address),-like-user-or-e-mail,-etc..md
@@ -0,0 +1,77 @@
+**[Q]** Can I ban something other as host (IP-address), like user or e-mail, etc.
+**[A]** Yes, it is theoretically possible with fail2ban, since no-host banning was implemented (v. 0.9.5 or 0.10). See [fail2ban/gh-1454](https://github.com/fail2ban/fail2ban/pull/1454) for more implementation details.
+
+* You should create your own `action` and specify there which command(s) should be executed by ban/unban
+* Version 0.10 allows you to define failure-ID in `failregex`:
+ - use `` for failure-ID as no-space tag (equivalent to `(?P\S+)`), example:
+ ```
+ failregex = ^authentication failure; login=
+ ```
+ - use `...` for own regex contains failure-ID (equivalent to `(?P...)`), example:
+ ```
+ failregex = ^authentication failure; login=[^@]+@\S+
+ ```
+* In version 0.9 you should use `(?P...)` to define failure-ID and implicitly reset all host-related features (e. g. dns resolving) for this jail, so define `usedns = raw`, `ignoreip =`, `ignorecommand =`
+
+Example for test jail to ban users, config `jail.local`:
+```bash
+[test]
+# don't use dns, because host group is not hostname (and not resolvable ip):
+usedns = raw
+ignoreip =
+ignorecommand =
+# if used some filter:
+#filter = no-host-filter[HOST=(?P\S+)]
+#
+# if used failregex:
+filter =
+# v. 0.10:
+failregex = ^\s*(?:\S+\s+)?(?:[^:]+:auth\[\d+\]:\s+)?pam_unix(?:\(\S+\))?:?\s+authentication failure; login=
+# action that bans users
+banaction = test-ban-user[name=%(__name__)s]
+#
+logpath = %(syslog_authpriv)s
+enabled = true
+```
+For fail2ban version 0.9, you should define `failregex` like below:
+```bash
+[test]
+...
+# v. 0.9.5:
+failregex = ^\s*(?:\S+\s+)?(?:[^:]+:auth\[\d+\]:\s+)?pam_unix(?:\(\S+\))?:?\s+authentication failure; login=(?P\S+)
+```
+
+Action config file `action.d/test-ban-user.local`:
+``` bash
+[Definition]
+actionstart =
+actionstop =
+actioncheck =
+actionban = echo 'ban f2b- --user '
+actionunban = echo 'unban f2b- --user '
+```
+
+To test, the user "xxx" will be banned, just execute following commands (3 times if `maxretry = 3` for this jail):
+``` bash
+logger -t 'test:auth' -i -p auth.info "pam_unix(test:auth): authentication failure; login=xxx"
+logger -t 'test:auth' -i -p auth.info "pam_unix(test:auth): authentication failure; login=xxx"
+logger -t 'test:auth' -i -p auth.info "pam_unix(test:auth): authentication failure; login=xxx"
+```
+
+To test regular expression, use new option `--raw` or `-r`, to prevent dns resolving errors:
+
+``` bash
+# v. 0.10:
+fail2ban-regex --raw /var/log/auth.log '^\s*(?:\S+\s+)?(?:[^:]+:auth\[\d+\]:\s+)?pam_unix(?:\(\S+\))?:?\s+authentication failure; login='
+# v. 0.9.5:
+fail2ban-regex --raw /var/log/auth.log '^\s*(?:\S+\s+)?(?:[^:]+:auth\[\d+\]:\s+)?pam_unix(?:\(\S+\))?:?\s+authentication failure; login=(?P\S+)'
+```
+
+**[Q]** I don't have any failure-ID in the log-entry, can I nevertheless configure the fail2ban, that it should simply execute some command if some message will be found in observed log-file
+**[A]** Yes, if you've no failure-id at all (no user-id, e-mail or something other), but you'll that fail2ban execute some shell script after failure occurrence, you should additionally:
+* set empty or something other as match for failure-id (still `` in 0.9th-branch) in `failregex`;
+* set `maxretry = 1` and `findtime = 1` (ban after first occurrence in 1 seconds);
+* set small `bantime` (e. g. 1 second) to this "jail" (otherwise no "ban" action will be executed in this time, because "already banned" occurs), e. g. `bantime = 1`
+* you need to specify only `actionban` parameter in your custom action file (`actionban = /user/bin/command.sh`);
+* `actionban` script will be executed as root (or with user, fail2ban running), so use `su` if other/restricted user needed;
+- set `usedns`, `ignoreip`, `ignorecommand` as suggested above, otherwise you can get error by comparison with empty/illegal host (that will be found by "failure");