[Logcheck-commits] r1164 - in logcheck/trunk: debian
rulefiles/linux/ignore.d.server
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Tue Jul 11 11:24:47 UTC 2006
Author: madduck
Date: 2006-07-11 11:24:46 +0000 (Tue, 11 Jul 2006)
New Revision: 1164
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
Log:
* ignore.d.server/postfix: improved filters for postfix 2.3 lmtp
connections.
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2006-07-11 11:21:18 UTC (rev 1163)
+++ logcheck/trunk/debian/changelog 2006-07-11 11:24:46 UTC (rev 1164)
@@ -17,8 +17,10 @@
[ martin f. krafft ]
* violations.ignore.d/logcheck-ssh: ignoring "Connection reset by peer"
messages.
+ * ignore.d.server/postfix: improved filters for postfix 2.3 lmtp
+ connections.
- -- martin f. krafft <madduck at debian.org> Tue, 11 Jul 2006 13:20:54 +0200
+ -- martin f. krafft <madduck at debian.org> Tue, 11 Jul 2006 13:24:27 +0200
logcheck (1.2.46) unstable; urgency=low
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/postfix 2006-07-11 11:21:18 UTC (rev 1163)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/postfix 2006-07-11 11:24:46 UTC (rev 1164)
@@ -66,7 +66,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: Illegal address syntax from [._[:alnum:]-]+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\] in MAIL command: .*$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: SSL_accept error from [._[:alnum:]-]+\[[0-9a-f.:]{3,39}\]: -1$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: smtpd_spf_result: unknown SPF result 4 \(unknown\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/lmtp\[[0-9]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+, delay=[.0-9]+,( delays=[.0-9/]+, dsn=[0-9.]+,)? status=sent \(250 [0-9.]+ Ok((, id=[-0-9]+, from MTA: 250 ([0-9.]+ )?Ok: queued as [0-9A-F]+|, discarded, UBE, id=[-0-9]+))*\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/lmtp\[[0-9]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.0-9]+,( delays=[.0-9/]+, dsn=[0-9.]+,)? status=sent \(250 [0-9.]+ Ok((, id=[-0-9]+, from MTA: 250 ([0-9.]+ )?Ok: queued as [0-9A-F]+|, discarded, UBE, id=[-0-9]+))*\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/local\[[0-9]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=local, delay=[0-9]+, status=sent \(delivered to command: exec /usr/bin/procmail\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policy-spf\[[0-9]+\]: : SPF pass: smtp_comment=.*: [.[:alnum:]]+ MX [.[:alnum:]]+ A [0-9a-f.:]+, header_comment=[.[:alnum:]+: domain of [%[:punct:][:alnum:]]+@[.[:alnum:]]+ designates [0-9a-f.:]{3,39} as permitted sender$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/anvil\[[0-9]+\]: statistics: max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for \(([.[:digit:]]{1,16}:)?(smtp(s)?|587):[.[:digit:]]+\) at \w{3} [ :0-9]{11}$
More information about the Logcheck-commits
mailing list