diff --git a/conf/fail2ban/postfix-sasl.conf b/conf/fail2ban/postfix-sasl.conf
new file mode 100644
index 000000000..a9f470782
--- /dev/null
+++ b/conf/fail2ban/postfix-sasl.conf
@@ -0,0 +1,6 @@
+# Fail2Ban filter for postfix authentication failures
+[INCLUDES]
+before = common.conf
+[Definition]
+_daemon = postfix/smtpd
+failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$