[Logcheck-devel] Bug#368313: logcheck-database: new postfix violations ignore rule

Martin Lohmeier martin at mein-horde.de
Sun May 21 11:45:36 UTC 2006 

Package: logcheck-database
Version: 1.2.39
Severity: wishlist

Hi,

I'd like to add the following rule to /etc/logcheck/violations.ignore.d/logcheck-postfix :

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: NOQUEUE: reject: RCPT from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]: 554 <[._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\]>: Client host rejected: Access denied; from=<.*> to=<.*> proto=(SMTP|ESMTP) helo=<.*>$

The attached file contain a few line that should be ignored.

bye, Martin

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.14.1
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages logcheck-database depends on:
ii  debconf [debconf-2.0]         1.4.30.13  Debian configuration management sy

-- debconf information:
  logcheck-database/rules-directories-note:
  logcheck-database/standard-rename-note:
  logcheck-database/conffile-cleanup: false
-------------- next part --------------
May 18 16:26:07 djinn01 postfix/smtpd[6276]: NOQUEUE: reject: RCPT from pool-71-250-116-27.nwrknj.east.verizon.net[71.250.116.27]: 554 <pool-71-250-116-27.nwrknj.east.verizon.net[71.250.116.27]>: Client host rejected: Access denied; from=<kev917ybv at earthlink.net> to=<sebastian at feltel.de> proto=SMTP helo=<earthlink.net>
May 18 19:31:33 djinn01 postfix/smtpd[18576]: NOQUEUE: reject: RCPT from pool-71-254-6-64.burl.east.verizon.net[71.254.6.64]: 554 <pool-71-254-6-64.burl.east.verizon.net[71.254.6.64]>: Client host rejected: Access denied; from=<nicholas at paramed.biz> to=<sebastian at monochromata.de> proto=ESMTP helo=<friend>
May 18 20:45:49 djinn01 postfix/smtpd[23435]: NOQUEUE: reject: RCPT from pool-70-20-124-238.pitt.east.verizon.net[70.20.124.238]: 554 <pool-70-20-124-238.pitt.east.verizon.net[70.20.124.238]>: Client host rejected: Access denied; from=<alexander at e-standard.biz> to=<blackm at ferris.dyndns.info> proto=ESMTP helo=<friend>

More information about the Logcheck-devel mailing list