diff --git a/mail_failed_login.sh b/mail_failed_login.sh
new file mode 100755
index 0000000..b1ac7cf
--- /dev/null
+++ b/mail_failed_login.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+# Author:  Oliver Ladner <oli@lugh.ch>
+# License: LGPL
+#
+# Displays a summary of failed IMAP login attempts by country
+
+postfix_logfile='/var/log/mail.log'
+
+for ip in $(grep 'auth failed' $postfix_logfile | awk {'print $17'} | sed 's/,//' | awk -F'=' {'print $2'} | sort -n | uniq); do geoiplookup $ip; done | sort | uniq -c | sort -n | tail -10