[Logcheck-commits] Frédéric Brière : ignore.d.server/postfix: removing wildcard "reject: (RCPT|MAIL)" rule

Fri Aug 21 15:09:00 UTC 2009

Module: logcheck
Branch: master
Commit: 6c780e7694438a4da00460ef02437438972245b1
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=6c780e7694438a4da00460ef02437438972245b1

Author: Frédéric Brière <fbriere at fbriere.net>
Date:   Fri Aug 21 11:07:26 2009 -0400

ignore.d.server/postfix: removing wildcard "reject: (RCPT|MAIL)" rule

---

 debian/changelog                        |    1 +
 rulefiles/linux/ignore.d.server/postfix |    1 -
 2 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index afe0d30..e8c27a6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -38,6 +38,7 @@ logcheck (1.3.4) experimental; urgency=low
     - recognize "Trusted TLS connection established"
   * ignore.d.server/postfix:
     - allow <> as MAIL FROM in various messages
+    - removing wildcard "reject: (RCPT|MAIL)" rule
   * ignore.d.server/innd:
     - added "no_read"/"no_post" rule (closes: #533487)
   * ignore.d.server/bind:
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 1a0c385..a9efd0f 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -116,7 +116,6 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:alnum:]]+: reject: (CONNECT|RCPT) from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [[:digit:]]\.[[:digit:]]\.[[:digit:]])? Client host rejected: cannot find your hostname, [^[:space:]]+; (from=[^[:space:]]+ to=[^[:space:]]+ )?proto=E?SMTP( helo=[^[:space:]]+)?$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: (CONNECT|RCPT) from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? Service unavailable; Client host \[([[:digit:].]{7,15}|[-._[:alnum:]]+)\] blocked using [._[:alnum:]-]+;( .+;)? (from=<[^[:space:]]*> to=<[^[:space:]]+> )?proto=E?SMTP( helo=<[^[:space:]]+>)?$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: (MAIL|RCPT) from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: (Sender|Recipient) address rejected: .+; from=<[^[:space:]]*>( to=<[^[:space:]]+>)? proto=E?SMTP helo=<[^[:space:]]+>$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: (RCPT|MAIL) from [._[:alnum:]-]+\[[[:xdigit:].:]{3,39}\]: [45][[:digit:]][[:digit:]] .*$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [[:digit:]]{3}( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: Relay access denied; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: Client host rejected: Greylisted( for [[:digit:]]+ (seconds|minutes))?,?( \(?see http://isg\.ee\.ethz\.ch/tools/postgrey/help/[.[:alnum:]-]+\.html\)?;)? from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: Helo command rejected: .+; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$


