Browse Source

new regex to match denied spf senders

Oliver Ladner 8 years ago
parent
commit
41c2e3ecfa
1 changed files with 4 additions and 5 deletions
  1. 4 5
      tumgreyspf.conf

+ 4 - 5
tumgreyspf.conf

@@ -1,14 +1,11 @@
 # Fail2Ban configuration file
 #
-# Author: Cyril Jaquier
-#
-# $Revision: 728 $
-#
+# Author: Oliver Ladner
 
 [Definition]
 
 # Option:  failregex
-# Notes.:  regex to match the password failure messages in the logfile. The
+# Notes.:  regex to match hosts not correctly configured for SPF.
 #          host must be matched by a group named "host". The tag "<HOST>" can
 #          be used for standard IP/hostname matching and is only an alias for
 #          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
@@ -16,6 +13,8 @@
 #
 failregex = domain owner discourages use of this host': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
             SPF fail - not authorized': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
+            Sender domain not allowed from this host. Please see http://www.openspf.org/.*': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
+
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.