From e7a479b33775f5411f3eba6ef772de8e0fbf726e Mon Sep 17 00:00:00 2001
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Mon, 14 Oct 2019 21:24:38 +0100
Subject: [PATCH] fail2ban: (strictly) ban hosts that are well over the
 ratelimit

Signed-off-by: Adam D. Barratt <adam@adam-barratt.org.uk>
---
 modules/fail2ban/files/filter/dsa-exim-strict.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/fail2ban/files/filter/dsa-exim-strict.conf b/modules/fail2ban/files/filter/dsa-exim-strict.conf
index 2dcdfb1bd..02eeb0680 100644
--- a/modules/fail2ban/files/filter/dsa-exim-strict.conf
+++ b/modules/fail2ban/files/filter/dsa-exim-strict.conf
@@ -5,3 +5,4 @@ before = exim-common.conf
 
 [Definition]
 failregex = (?i)^%(pid)s SMTP protocol error in "AUTH LOGIN" %(host_info)sAUTH command used when not advertised$
+            ^%(pid)s %(host_info)sWarning: Sender rate \d{3,}.\d / [^ ]+ \(limit: \d\d?\)
-- 
2.20.1