Hi I know some people was searching for fail2ban filters for opensmtpd.
I had the same need, and I've created my own simple filter, I share it here if it can help. # Fail2Ban filter for opensmtpd # Author: Nicolas Repentin # [INCLUDES] # Read common prefixes. If any customizations available -- read them from # common.local before = common.conf [Definition] failregex = ^.*smtp event=connected address=<HOST>.*\n.*smtp event=failed-command command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command not supported ignoreregex = [Init] maxlines = 2 It only work actually for this example: #Aug 23 10:48:54 myserver smtpd[17412]: abc813f0c6789766 smtp event=connected address=177.135.X.X host=hidden.host.com #Aug 23 10:48:55 myserver smtpd[17412]: abc813f0c6789766 smtp event=failed-command command="AUTH LOGIN" result="503 5.5.1 Invalid command: Command not supported" Nicolas
