Initial commit

0.8.6/filter.d/postfix-auth-dos.local

@@ -0,0 +1,23 @@
+# Fail2Ban configuration file
+#
+# Author: Christoph Kuchenbuch
+#
+# $Revision$
+#
+
+[Definition]
+
+# Option: failregex
+# Notes.: regex to match the (successfully) login via smtp-auth. The
+#          host must be matched by a group named "host". The tag "<HOST>" can
+#          be used for standard IP/hostname matching and is only an alias for
+#          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
+# Values: TEXT
+#
+failregex = (?i): \w+: client=[-._\w]+\[<HOST>\]\, sasl_method=(?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5)+, sasl_username=\S+@\S+\.\w+\s*$
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex =