1
# Fail2Ban configuration file
2
# for Anti-Spam SMTP Proxy Server also known as ASSP
3
# Honmepage: http://www.magicvillage.de/~Fritz_Borgstedt/assp/0003D91C-8000001C/
4
# ProjektSite: http://sourceforge.net/projects/assp/?source=directory
6
# Author: Enrico Labedzki (enrico.labedzki@deiwos.de)
12
# Notes.: regex to match the SMTP failure messages in the logfile. The
13
# host must be matched by a group named "host". The tag "<HOST>" can
14
# be used for standard IP/hostname matching and is only an alias for
15
# (?:::f{4,6}:)?(?P<host>\S+)
18
# Examples: Apr-27-13 02:33:09 Blocking 217.194.197.97 - too much AUTH errors (41);
19
# Dec-29-12 17:10:31 [SSL-out] 200.247.87.82 SSL negotiation with client failed: SSL accept attempt failed with unknown errorerror:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol;
20
# Dec-30-12 04:01:47 [SSL-out] 81.82.232.66 max sender authentication errors (5) exceeded
21
__assp_actions = (dropping|refusing)
23
failregex = <HOST> max sender authentication errors \(\d{,3}\) exceeded -- %(__assp_actions)s connection - after reply: \d{3} \d{1}\.\d{1}.\d{1} Error: authentication failed: [a-zA-Z0-9]+;$
24
<HOST> SSL negotiation with client failed: SSL accept attempt failed with unknown error.*:unknown protocol;$
25
Blocking <HOST> - too much AUTH errors \(\d{,3}\);$
29
# Notes.: regex to ignore. If this regex matches, the line is ignored.