[Logcheck-devel] Bug#368318: logcheck-database: update for postfix violations ignore rule
Martin Lohmeier
martin at mein-horde.de
Sun May 21 12:09:15 UTC 2006
Package: logcheck-database
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
there is little problem with one rule in violations.ignore.d/logcheck-postfix.
The rule is only for the host sythos.net and the delay need to be variable (it's
possible that the retry happen before 300 seconds are over).
I don't have an example because on my site only recipients are greylisted.
The attached patch is against the latest cvs version.
bye, Martin
- -- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (900, 'testing'), (100, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.1
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEcFhrOvJj+wS6JuIRAo4lAKCptk4LGmgBi4sldoHqyxiB0gidJwCfVyGr
an2SJNS0VoSUFylSa75z1XQ=
=ORmv
-----END PGP SIGNATURE-----
-------------- next part --------------
Index: logcheck-postfix
===================================================================
RCS file: /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-postfix,v
retrieving revision 1.23
diff -u -r1.23 logcheck-postfix
--- logcheck-postfix 11 Jul 2005 14:41:26 -0000 1.23
+++ logcheck-postfix 21 May 2006 12:05:55 -0000
@@ -22,6 +22,6 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: certificate verification failed for [^[:space:]]+: num=27:certificate not trusted$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: certificate peer name verification failed for [^[:space:]]+: [[:digit:]]+ dNSNames in certificate found, but none matches
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: certificate peer name verification failed for [^[:space:]]+: CommonName mis-match:( [._[:alnum:]-]+)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9] <[^[:space:]]+>: Client host rejected: Greylisted for 300 seconds \(see http://isg.ee.ethz.ch/tools/postgrey/help/sythos.net.html\); from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9] <[^[:space:]]+>: Client host rejected: Greylisted for [0-9]+ seconds \(see http://isg.ee.ethz.ch/tools/postgrey/help/.*.html\); from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [[:alnum:]]+: from=<([^[:space:]]+|)>, size=[0-9]+, nrcpt=[0-9]+ \(queue active\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/local\[[0-9]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=local, delay=[0-9]+, status=sent \(delivered to command: /var/lib/mailman/mail/mailman admin [._[:alnum:]-]+\)$
More information about the Logcheck-devel
mailing list