--- /dev/null	2012-11-27 18:33:00.000000000 +0100
+++ config/filter.d/bsd-sendmail.conf	2012-11-27 18:32:47.000000000 +0100
@@ -0,0 +1,35 @@
+# Fail2Ban configuration file
+#
+# Source: http://www.the-art-of-web.com/system/fail2ban-sendmail
+# Contributors: Gutza, the SASL regex
+#
+# $Revision$
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+# Option:  failregex
+# Notes.:  regex to match the password failures messages in the logfile. 
+#          The host must be matched by a group named "host". 
+#          The tag "<HOST>" can be used for standard IP/hostname matching
+#          and is only an alias for (':::f{4,6}:)?(?P<host>\S+)
+# Values:  TEXT
+
+failregex = \[<HOST>\] .*to MTA
+#           \[<HOST>\] \(may be forged\)
+            \[<HOST>\], reject.*\.\.\. Relaying denied
+            (User unknown)\n* \[<HOST>\]
+            badlogin: .* \[<HOST>\] plaintext .* SASL
+            \[<HOST>\]: possible SMTP attack:
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matces, the line is ignored.
+# Values:  TEXT
+
+ignoreregex = 
+