use fail2ban to block some abusive smtp clients on our MXs (re: RT#7515)

[mirror/dsa-puppet.git] / modules / fail2ban / files / filter / dsa-exim.conf

diff --git a/modules/fail2ban/files/filter/dsa-exim.conf b/modules/fail2ban/files/filter/dsa-exim.conf
new file mode 100644 (file)
index 0000000..7e43af9
--- /dev/null
+++ b/modules/fail2ban/files/filter/dsa-exim.conf
@@ -0,0 +1,7 @@
+#
+
+[INCLUDES]
+before = exim-common.conf
+
+[Definition]
+failregex = ^%(pid)s SMTP protocol error in "AUTH LOGIN" .* \[<HOST>\] AUTH command used when not advertised$