Reglas para fail2ban 2017

# /maillog # /secure # DOVECOT (?: pop3-login|imap-login): .*(?:Disconnected|Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P<host>\S*),.* pam.*dovecot.*(?:authentication failure).*rhost=(?:::f{4,6}:)?(?P<host>\S*) # DOVECOT-(ignoreregex) imap-login: Disconnected.*\(no auth attempts\).* # POSTFIX NOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1\s*$ NOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo=\s*$ …