HEX
Server: Apache
System: Linux clpupre 5.4.0-90-generic #101-Ubuntu SMP Fri Oct 15 20:00:55 UTC 2021 x86_64
User: undanet (1000)
PHP: 7.4.3
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /etc/fail2ban/filter.d/
Upload Files
File: //etc/fail2ban/filter.d/sendmail-auth.conf
# Fail2Ban filter for sendmail authentication failures
#

[INCLUDES]

before = common.conf

[Definition]

_daemon = (?:sendmail|sm-(?:mta|acceptingconnections))
__prefix_line = %(known/__prefix_line)s(?:\w{14,20}: )?

# "w{14,20}" will give support for IDs from 14 up to 20 characters long
failregex = ^%(__prefix_line)s(\S+ )?\[(?:IPv6:<IP6>|<IP4>)\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$

ignoreregex =

journalmatch = _SYSTEMD_UNIT=sendmail.service

# DEV Notes:
#
# Author: Daniel Black
@ Telegram