[Logcheck-commits] martin f. krafft: allow port 587 in regexps whereever port 25 is used.
Martin F. Krafft
madduck at alioth.debian.org
Sun Aug 31 19:24:20 UTC 2008
Module: logcheck
Branch: master
Commit: 07831c038a1b9733460dbf3ad54b63498ed33c14
URL: http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=07831c038a1b9733460dbf3ad54b63498ed33c14
Author: martin f. krafft <madduck at debian.org>
Date: Sun Aug 31 19:14:09 2008 +0100
allow port 587 in regexps whereever port 25 is used.
---
debian/changelog | 1 +
rulefiles/linux/ignore.d.server/postfix | 14 +++++++-------
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 575c5fc..a96ad83 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -15,6 +15,7 @@ logcheck (1.3) unstable; urgency=low
- ignore closed connection messages also when connection is reset by peer.
* ignore.d.server/postfix:
- fix most regexps to support IPv6 addresses.
+ - allow port 587 in regexps whereever port 25 is used.
- ignore messages about untrusted cert issuers that have any of &(), in
their name.
- ignore "NOQUEUE: milter-reject" messages.
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index b752d2d..e714e8a 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -1,5 +1,5 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/(error|n?qmgr)\[[[:digit:]]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[[:digit:]]+,)? delay=[[:digit:].]+,( delays=[[:digit:]./]+,)?( dsn=[45]\.[[:digit:]]\.[[:digit:]],)? status=bounced \(bad address syntax\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/(error|n?qmgr|smtp)\[[[:digit:]]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=(none|[^[:space:]]+\[[[:digit:].]{7,15}\]:25),( conn_use=[[:digit:]]+,)? delay=[[:digit:].]+,( delays=[[:digit:]./]+,)?( dsn=4\.[[:digit:]]\.[[:digit:]],)? status=(deferred|undeliverable) \((delivery temporarily suspended: )?(lost connection with [^[:space:]]+ while (sending [[:alnum:]]+( [[:alnum:]]+)?|performing the HELO handshake)|conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending [[:alnum:]]+( [/[:alnum:]]+)?|sending end of data -- message may be sent more than once)|connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)|Host or domain name not found. Name service error for name=[^[:space:]]+ type=MX: Host not found, try again)\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/(error|n?qmgr|smtp)\[[[:digit:]]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=(none|[^[:space:]]+\[[[:digit:].]{7,15}\]:(25|587)),( conn_use=[[:digit:]]+,)? delay=[[:digit:].]+,( delays=[[:digit:]./]+,)?( dsn=4\.[[:digit:]]\.[[:digit:]],)? status=(deferred|undeliverable) \((delivery temporarily suspended: )?(lost connection with [^[:space:]]+ while (sending [[:alnum:]]+( [[:alnum:]]+)?|performing the HELO handshake)|conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending [[:alnum:]]+( [/[:alnum:]]+)?|sending end of data -- message may be sent more than once)|connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)|Host or domain name not found. Name service error for name=[^[:space:]]+ type=MX: Host not found, try again)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?, (conn_use=[[:digit:]]+, )?delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=2(\.[[:digit:]]+){2})?, status=sent \(2[[:digit:]][[:digit:]] .+\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?, (conn_use=[[:digit:]]+, )?delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=[45](\.[[:digit:]]+){2})?, status=(deferred|bounced|undeliverable) \(host [._[:alnum:]-]+\[[[:digit:].]{7,15}\] said: [45][[:digit:]][[:digit:]] .+ \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.[:digit:]]+,( delays=[.[:digit:]/]+, dsn=[[:digit:].]+,)? status=sent \(250 Ok: queued as [[:digit:]A-F]+\)$
@@ -59,14 +59,14 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>(, orig_to=<[^[:space:]]+>)?, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?,( conn_use=[[:digit:]]+,)? delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=[45](\.[[:digit:]]+){2})?, status=(deferred|bounced|undeliverable|SOFTBOUNCE) \(host [._[:alnum:]-]+\[[[:digit:].]{7,15}\] said: [45][[:digit:]][[:digit:]][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|DATA|end of DATA) command\)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?, (conn_use=[[:digit:]]+, )?delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=2(\.[[:digit:]]+){2})?, status=deliverable \(250 Ok\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[[:digit:].]{7,15}\](:[[:digit:]]{1,5})?, delay=[.[:digit:]]+(, delays=([.[:digit:]]+/){3}[.[:digit:]]+)?(, dsn=2(\.[[:digit:]]+){2})?, status=deliverable \(2[[:digit:]][[:digit:]] .*\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ ?\[[[:xdigit:].:]{3,39}\]: read timeout \(port 25\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ ?\[[[:xdigit:].:]{3,39}\]: read timeout \(port (25|587)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ Connection (refused|timed out) \(port [[:digit:]]+\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ Network is unreachable \(port 25\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ No route to host \(port 25\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ server dropped connection without sending the initial SMTP greeting \(port 25\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ server refused mail service \(port 25\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ Network is unreachable \(port (25|587)\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ No route to host \(port (25|587)\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ server dropped connection without sending the initial SMTP greeting \(port (25|587)\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+ server refused mail service \(port (25|587)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+: server dropped connection without sending the initial greeting \(port 25\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: connect to [^[:space:]]+: server dropped connection without sending the initial greeting \(port (25|587)\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: host [^[:space:]]+ greeted me with my own hostname [._[:alnum:]-]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: host [^[:space:]]+ replied to HELO/EHLO with my own hostname [._[:alnum:]-]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: mailer loop: best MX for [^[:space:]]+ is local$
More information about the Logcheck-commits
mailing list