Constantly in the exim log I see this error:
535 Incorrect authentication data (set_id = xxx)
I think it is an attack against the mail server, in the fail2ban, I see that there is no maxretry = … neither in exim nor dovecot.
What do you recommend? I put maxretry and also findtime and bantime or do you already use the one that has recurrence?
What configuration do you advise me to harden fail2ban for exim and dovecot?