ACZoom

I run Kerio mailserver as my main email gateway. I'm trying to parse the log files for failed logins, and have it parse by Blockhosts. I've removed my domain since it's still active, and would rather not get -more- spam. I've also removed a large chunk of standard configuration expressions to save space.

Sample log entry:

[03/Sep/2011 18:42:01] Failed POP3 login from 245.26.9.176, user admin@.

Calculated regex:

"pop3-brute"
r'[\d\d/.../\d\d\d\d \d\d:\d\d:\d\d] Failed POP3 login from {HOST_IP},.*',

When I try and do a dry-run...

blockhosts.py --debug --dry-run
ERROR:  Config file Error: invalid line or value found:
    ALL_REGEXS = { # NOTE: see ENABLE_RULES definition also, not all rules enabled
"sshd-Invalid":
r'{LOG_PREFIX{sshd}} (Invalid|Illegal) user .* from {HOST_IP}',

. . . v Standard Config Lines ^

"postfix-smtpdNonSMTPCommand":
r'{LOG_PREFIX{postfix/smtpd}} warning: non-SMTP command from .*\[{HOST_IP}]: Subject:',
"pop3-brute"
r'[\d\d/.../\d\d\d\d \d\d:\d\d:\d\d] Failed POP3 login from {HOST_IP},.*',
}
Traceback (most recent call last):
  File "/usr/bin/blockhosts.py", line 2101, in 
    sys.exit(main())
  File "/usr/bin/blockhosts.py", line 1957, in main
    config.add_section(BlockHostsConfig())
  File "/usr/bin/blockhosts.py", line 428, in add_section
    self._load_configfile(section.NAME)
  File "/usr/bin/blockhosts.py", line 486, in _load_configfile
    self._config[key] = eval(allitems[key])
  File "", line 43
    }
    ^
SyntaxError: invalid syntax