[Dovecot] Account lockout option?
Bill Landry
bill at inetmsg.com
Thu Mar 19 23:30:17 EET 2009
Ed W wrote:
> failregex = : warning: [-._\w]+\[<HOST>\]: SASL
> (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed$
> failregex = dovecot: auth.*\(.*,<HOST>\): (unknown user|password mismatch)$
Ed, have you found that both failregex lines are actually being used
here, as in my experience, only the first failregex line is used?
Maybe this has changed in the most recent version of fail2ban, but I
have found that I had to create a separate filter file if I wanted to
used a second failregex against the same log file and also add a second
jail.conf entry.
Bill
More information about the dovecot
mailing list