From 41c2e3ecfa15f8d7c812e8be7c49287caa53bdcf Mon Sep 17 00:00:00 2001
From: Oliver Ladner <waste@lugh.ch>
Date: Thu, 29 Mar 2012 20:04:17 +0200
Subject: [PATCH] new regex to match denied spf senders

---
 tumgreyspf.conf | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/tumgreyspf.conf b/tumgreyspf.conf
index fc00ab1..b58b8ad 100644
--- a/tumgreyspf.conf
+++ b/tumgreyspf.conf
@@ -1,14 +1,11 @@
 # Fail2Ban configuration file
 #
-# Author: Cyril Jaquier
-#
-# $Revision: 728 $
-#
+# Author: Oliver Ladner
 
 [Definition]
 
 # Option:  failregex
-# Notes.:  regex to match the password failure messages in the logfile. The
+# Notes.:  regex to match hosts not correctly configured for SPF.
 #          host must be matched by a group named "host". The tag "<HOST>" can
 #          be used for standard IP/hostname matching and is only an alias for
 #          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
@@ -16,6 +13,8 @@
 #
 failregex = domain owner discourages use of this host': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
             SPF fail - not authorized': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
+            Sender domain not allowed from this host. Please see http://www.openspf.org/.*': QUEUE_ID=""; identity=mailfrom; client-ip=<HOST>;
+
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.