https://github.com/fail2ban/fail2ban/issues/3800

commit 93810fff75640ddfe4c248e670ed80b5d225bf10
Author: Serg G. Brester <info@sebres.de>
Date:   Fri Jul 26 19:25:09 2024 +0200

    consider CONNECT and other rejected commands as a valid `_pref`;
    closes gh-3800

--- a/config/filter.d/postfix.conf
+++ b/config/filter.d/postfix.conf
@@ -12,7 +12,7 @@
 
 _daemon = postfix(-\w+)?/[^/\[:\s]+(?:/smtp[ds])?
 _port = (?::\d+)?
-_pref = [A-Z]{4}
+_pref = [A-Z]{4,}
 
 prefregex = ^%(__prefix_line)s<mdpr-<mode>> <F-CONTENT>.+</F-CONTENT>$
 
--- a/fail2ban/tests/files/logs/postfix
+++ b/fail2ban/tests/files/logs/postfix
@@ -70,6 +70,9 @@
 # failJSON: { "time": "2005-05-05T15:51:11", "match": true , "host": "216.245.194.173", "desc": "postfix postscreen / gh-1764" }
 May  5 15:51:11 xxx postfix/postscreen[1148]: NOQUEUE: reject: RCPT from [216.245.194.173]:60591: 550 5.7.1 Service unavailable; client [216.245.194.173] blocked using rbl.example.com; from=<spammer@example.com>, to=<goodguy@example.com>, proto=ESMTP, helo=<badguy.example.com>
 
+# failJSON: { "time": "2005-06-01T19:00:55", "match": true , "host": "192.0.2.114", "desc": "postfix client restriction / gh-3800" }
+Jun  1 19:00:55 mail postfix/smtpd[7749]: NOQUEUE: reject: CONNECT from unknown[192.0.2.114]: 450 4.7.25 Client host rejected: cannot find your hostname, [178.215.236.114]; proto=SMTP
+
 # failJSON: { "time": "2005-06-03T06:25:43", "match": true , "host": "192.0.2.11", "desc": "too many errors / gh-2439" }
 Jun  3 06:25:43 srv postfix/smtpd[29306]: too many errors after RCPT from example.com[192.0.2.11]