[Logcheck-commits] r1590 - in logcheck/trunk/rulefiles/linux: ignore.d.server violations.ignore.d
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Thu Jun 7 15:27:42 UTC 2007
Author: madduck
Date: 2007-06-07 15:27:42 +0000 (Thu, 07 Jun 2007)
New Revision: 1590
Modified:
logcheck/trunk/rulefiles/linux/ignore.d.server/amavisd-new
logcheck/trunk/rulefiles/linux/ignore.d.server/spamd
logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-amavisd-new
Log:
filter updates, i forgot what they were
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/amavisd-new
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/amavisd-new 2007-05-22 19:55:19 UTC (rev 1589)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/amavisd-new 2007-06-07 15:27:42 UTC (rev 1590)
@@ -1,2 +1,3 @@
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) Passed CLEAN,( \[[.[:digit:]]{7,15}\]){2} <[^>]+> -> <[^>]+>, Message-ID: <[^>]+>,( Resent-Message-ID: <[^>]+>,)? mail_id: [-+[:alnum:]]+, Hits: -, queued_as: [[:xdigit:]]+, [[:digit:]]+ ms$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) NOTICE: Not sending DSN in response to bulk mail from <[^.]+> containing [[:upper:] ]+, mail intentionally dropped$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) Passed CLEAN,( \[[.:[:xdigit:]]+\]){2} <[^>]*> -> <[^>]*>, Message-ID: [^[:space:]]*,( Resent-Message-ID: [^[:space:]]*,)? mail_id: [-+[:alnum:]]+, Hits: -, queued_as: [[:xdigit:]]+, [[:digit:]]+ ms$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) Passed INFECTED \([-._[:alnum:]]+\),( \[[.:[:xdigit:]]+\]){2} <[^>]*> -> <[^>]*>, quarantine: virus-[-+[:alnum:]]+, Message-ID: [^[:space:]]*, mail_id: [-+[:alnum:]]+, Hits: -, queued_as: [[:xdigit:]]+, [[:digit:]]+ ms$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) NOTICE: Not sending DSN in response to bulk mail from <[^.]*> containing [[:upper:] ]+, mail intentionally dropped$
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/spamd
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/spamd 2007-05-22 19:55:19 UTC (rev 1589)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/spamd 2007-06-07 15:27:42 UTC (rev 1590)
@@ -9,7 +9,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? (process|check)ing message (<[^>]+>( aka <[^>]+>)?|\(unknown\)) for [-._+=[:alnum:]]+(@[-.[:alnum:]]+)?(:[[:digit:]]+)?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? server pid: [[:digit:]]{1,5}$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: logger: removing stderr method$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: (spamd: )?result: [.YN] [ [:digit:]-]+ -( [._[:alnum:],]+)? scantime=[0-9.]+,size=[0-9]+,(user=[^,]+,uid=[0-9]+,required_score=[0-9.]+,rhost=[._[:alnum:]-]+,raddr=[0-9.]+,rport=[0-9]+,)?mid=<[^[:space:]]+>(,rmid=<[^[:space:]]+>)?,(bayes=[.[:digit:]]+(e-[[:digit:]]+)?,)?autolearn=(ham|spam|no|disabled)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: (spamd: )?result: [.YN] [ [:digit:]-]+ -( [._[:alnum:],]+)? scantime=[0-9.]+,size=[0-9]+,(user=[^,]+,uid=[0-9]+,required_score=[0-9.]+,rhost=[._[:alnum:]-]+,raddr=[0-9.]+,rport=[0-9]+,)?mid=(<[^[:space:]]+>|\(unknown\))(,rmid=(<[^[:space:]]+>|\(unknown\)))?,(bayes=[.[:digit:]]+(e-[[:digit:]]+)?,)?autolearn=(ham|spam|no|disabled|unavailable)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: FuzzyOcr: FuzzyOcr stopped, message got [[:digit:]]+ points by other FuzzyOcr tests \([.[:digit:]]+>[.[:digit:]]+\)\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: (spamd: )?Tell: Setting (local|remote|local,remote) for [-._+=[:alnum:]]+(@[-.[:alnum:]]+)?(:[[:digit:]]+)? in [.[:digit:]]+ seconds, [[:digit:]]+ bytes$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: (spamd: )?Tell: Did nothing for [-._+=[:alnum:]]+(@[-.[:alnum:]]+)?(:[[:digit:]]+)? in [.[:digit:]]+ seconds, [[:digit:]]+ bytes$
Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-amavisd-new
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-amavisd-new 2007-05-22 19:55:19 UTC (rev 1589)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-amavisd-new 2007-06-07 15:27:42 UTC (rev 1590)
@@ -1 +1 @@
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) (Blocked|Passed) BAD-HEADER,( \[[.[:digit:]]{7,15}\]){2} <[^>]+> -> <[^>]+>, quarantine: badh-[[:alnum:]]+, Message-ID: <[^>]+>, mail_id: [-+[:alnum:]]+, Hits: -, queued_as: [[:xdigit:]]+, [[:digit:]]+ ms$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ amavis\[[[:digit:]]+\]: \([-[:digit:]]+\) (Blocked|Passed) BAD-HEADER,( \[[.:[:xdigit:]]+\]){2} <[^>]*> -> <[^>]*>, quarantine: badh-[-+[:alnum:]]+, Message-ID: [^[:space:]]*, mail_id: [-+[:alnum:]]+, Hits: -, queued_as: [[:xdigit:]]+, [[:digit:]]+ ms$
More information about the Logcheck-commits
mailing list