[*] Would change file [/etc/fail2ban/filter.d/dovecot.conf]:
    -# Fail2Ban configuration file for dovcot
    -#
    -# Author: Martin Waschbuesch
    -#
    -# $Revision: $
    -#
    +## ------------------------------------------
    +## Generated by MetaConfig
    +##
    +## THIS FILE IS AUTOMATICALLY GENERATED.
    +## DO NOT EDIT. ALL CHANGES WILL BE LOST.
    +## ------------------------------------------
    +
    +[INCLUDES]
    +
    +before = common.conf

     [Definition]

    -# Option:  failregex
    -# Notes.:  regex to match the password failures messages in the logfile. The
    -#          host must be matched by a group named "host". The tag "<HOST>" can
    -#          be used for standard IP/hostname matching and is only an alias for
    -#          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
    -# Values:  TEXT
    -#
    -failregex = .*(?:pop3-login|imap-login):.*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P<host>\S*),.*
    -
    -# Option:  ignoreregex
    -# Notes.:  regex to ignore. If this regex matches, the line is ignored.
    -# Values:  TEXT
    -#
    +_daemon = dovecot
    +
    +failregex = ^%(__prefix_line)sauth\(default\): sql\(.+,<HOST>\): (Password mismatch|unknown user)
    +
     ignoreregex =