20 lines
464 B
Plaintext
20 lines
464 B
Plaintext
# Fail2Ban filter for postfix authentication failures
|
|
|
|
[INCLUDES]
|
|
|
|
before = common.conf
|
|
|
|
[Definition]
|
|
|
|
_daemon = postfix(-\w+)?/(?:submission/|smtps/)?smtp[ds]
|
|
|
|
failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(:[ A-Za-z0-9+/:]*={0,2})?\s*$
|
|
|
|
ignoreregex = authentication failed: Connection lost to authentication server$
|
|
|
|
[Init]
|
|
|
|
journalmatch = _SYSTEMD_UNIT=postfix.service
|
|
|
|
ignoreregex =
|