Bug#994725: fail2ban: Fail2ban 0.11.2 exim failregexs don't match logs from Debian's exim 4.94.2

Hi Diane, > Wont match > "2021-10-24 00:28:54 SMTP protocol error in "AUTH LOGIN" H=(User) ... Hmm, my log lines look the same and here they do match. Maybe we can first compare output to find out what is the difference. What output do you get for the following command: $ fail2ban-regex -v

Bug#994725: fail2ban: Fail2ban 0.11.2 exim failregexs don't match logs from Debian's exim 4.94.2

Hm. Those are fair comments I do think I added the LOGIN line because of my specific installation. And there's are fundamental problems with using regular expressions for log parsing. I hadd also found this write up with a similar patch to what I'd proposed. https://systemadminspro.com/fail2ban

Bug#994725: fail2ban: Fail2ban 0.11.2 exim failregexs don't match logs from Debian's exim 4.94.2

Hi Diane and Sylvestre, Sorry to drop in, but I was also looking into this and am actually not sure about Diane's patch. I found some completely different reasons for why some log lines get missed. I am also using fail2ban 0.11.2 with exim 4.94.2. Yes, I also see it misses some lines, but I also

Bug#994725: fail2ban: Fail2ban 0.11.2 exim failregexs don't match logs from Debian's exim 4.94.2

Hello Could you please resend the patch as attachement? The content is broken as the lines aren't correct formatted. Thanks Sylvestre Le 20/09/2021 à 00:16, Diane Trout a écrit : > Package: fail2ban > Version: fail2ban > Severity: normal > Tags: patch > > Dear Maintainer, > > After activating

Bug#994725: fail2ban: Fail2ban 0.11.2 exim failregexs don't match logs from Debian's exim 4.94.2

Package: fail2ban Version: fail2ban Severity: normal Tags: patch Dear Maintainer, After activating the exim jail in fail2ban I noticed many failed login attempts continuing to clutter up my logs. Eventually I figured out the current failregex includ a pattern for the %(pid)s that my current exim