hello, this is my first attempt at writing my own regex.  im not a programmer, so i of course dont understand what im doing wrong, but im hoping that my log example and regex below will allow someone to point me in the right direction.
my goal, is to iptables block smtp server that send me virus and smtp servers that trip the blacklist, of MailScanner.  so far, i have this:
[root@centos64 ~]# cat /etc/fail2ban/filter.d/postfix.conf
failregex =  reject: Infected message .* came from <HOST>
                   reject: Message .* from <HOST> (.*) to .* is spam (blacklisted)
ignoreregex =
[root@centos64 ~]# cat /etc/fail2ban/jail.conf
ignoreip =
bantime  = 30
findtime  = 608400
maxretry = 1
backend = auto
usedns = warn
enabled  = true
filter   = postfix
action   = iptables[name=POSTFIX, port=smtp, protocol=tcp]
logpath  = /var/log/maillog

the log for these items would look like this:
Jul 18 13:15:59 centos64 MailScanner[29234]: Infected message 2063A2580.A4155 came from
Jul 18 15:42:03 centos64 MailScanner[1629]: Message BB346257B.A5072 from (premiumgarciniacambogia@choostie.me) to mydomain.com is spam (blacklisted)
so far fail2ban seems to be running error free, but looking back 7 days thru the maillog should have already found tons of hits, but so far i have nothing in my iptables, so my first impression is that my regex isnt correct.  can someone look this over and give me a recommendation?
many thanks,