Bug#267587: [Logcheck-devel] Bug#267587: logcheck-database: Additional rule needed for postfix
maks attems
debian at sternwelten.at
Mon Aug 23 20:16:33 UTC 2004
tags 267587 pending
thanks
On Mon, 23 Aug 2004, Russell Coker wrote:
> Package: logcheck-database
> Version: 1.2.25
> Severity: normal
>
> postfix/smtpd\[[0-9]+\]: lost connection after (CONNECT|DATA|RCPT|RSET|EHLO|HELO|MAIL) from
>
> Please include the above line in the ignore.d/server/postfix file. That
> catches messages that occur very often on busy Postfix servers.
well there is already quite a similar rule in aboves file:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: lost
connection after (AUTH|CONNECT|DATA|HELO|MAIL|RCPT) from
unknown\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]$
changed in cvs the unknown to match domainnames:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: lost
connection after (AUTH|CONNECT|DATA|HELO|MAIL|RCPT) from
[._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]$
had already made a similar substitution in that rulefile,
but have overseen to more unknown.
please report back if aboves rule works for you.
thanks for your bug report.
--
maks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040823/6e583f5d/attachment.pgp
More information about the Logcheck-devel
mailing list