[Logcheck-commits] martin f. krafft: ignore all data related to untrusted certificate issuers.

Martin F. Krafft madduck at alioth.debian.org
Wed Aug 27 18:02:13 UTC 2008 

Module: logcheck
Branch: viol-merge
Commit: 73f44405c887a655a9eb3d529779f0785d30bb1c
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=73f44405c887a655a9eb3d529779f0785d30bb1c

Author: martin f. krafft <madduck at debian.org>
Date:   Wed Aug 27 15:09:00 2008 +0100

ignore all data related to untrusted certificate issuers.

---

 debian/changelog                        |    1 +
 rulefiles/linux/ignore.d.server/postfix |    2 +-
 2 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 640b675..b3a6f4d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -27,6 +27,7 @@ logcheck (1.3) unstable; urgency=low
     - ignore milter-reject messages after RCPT which include the recipient.
     - ignore multiple PIX workaround messages.
     - ignore anvil connection rate statistics for unknown DNS hosts.
+    - ignore all data related to untrusted certificate issuers.
   * ignore.d.server/ssh:
     - ignore authentication failures with new PAM format.
   * ignore.d.server/kernel:
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index ef10496..d450c71 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -86,7 +86,7 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: certificate verification failed for [^[:space:]]+: (num=24:)?invalid CA certificate$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: certificate verification failed for [^[:space:]]+: (num=26:)?unsupported certificate purpose$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: certificate verification failed for [^[:space:]]+: (num=27:)?certificate not trusted$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: certificate verification failed for [^[:space:]]+: untrusted issuer [-&@(),._/=[:space:][:alnum:]]+$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: certificate verification failed for [^[:space:]]+: untrusted issuer /.+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: initializing the server-side TLS engine$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: issuer=[[:space:]]*/O=.*$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: setting up TLS connection (to|from) [._[:alnum:]-]+(\[[[:digit:]a-f.:]{3,39}\])?$

More information about the Logcheck-commits mailing list