[Logcheck-commits] r1477 - in logcheck/trunk: debian rulefiles/linux/ignore.d.server

Sun Jan 28 20:23:00 CET 2007

Author: madduck
Date: 2007-01-28 20:23:00 +0100 (Sun, 28 Jan 2007)
New Revision: 1477

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/ignore.d.server/spamd
Log:
* ignore.d.server/spamd: improve rules for corner cases, thanks to Armin
  Berres for his help.

Modified: logcheck/trunk/debian/changelog
===================================================================

--- logcheck/trunk/debian/changelog	2007-01-28 19:21:34 UTC (rev 1476)
+++ logcheck/trunk/debian/changelog	2007-01-28 19:23:00 UTC (rev 1477)
@@ -1,4 +1,4 @@
-logcheck (1.2.54~unreleased.4) unstable; urgency=low
+logcheck (1.2.54~unreleased.5) unstable; urgency=low
 
   * ignore.d.server/dovecot: also ignore local logins, which are "secured",
     not "TLS". Thanks to Marco Nenciarini for the patch (closes: #407642).
@@ -33,6 +33,9 @@
   * ignore.d.server/epmd: ignore information output from erlang-base daemon
     epmd; thanks Armin Berres for the patch (closes: #408559).
 
+  * ignore.d.server/spamd: improve rules for corner cases, thanks to Armin
+    Berres for his help.
+
   * Added Galician debconf translation by Jacobo Tarrio (closes: #408123).
 
   * Updated Czech debconf translation; thanks Miroslav Kure (closes: #407830).

Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/spamd
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/spamd	2007-01-28 19:21:34 UTC (rev 1476)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/spamd	2007-01-28 19:23:00 UTC (rev 1477)
@@ -1,8 +1,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? connection from [._[:alnum:]-]+ \[[\.[:digit:]]+\] at port [0-9]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? (info: )?setuid to [[:alnum:]-]+ succeeded$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? clean message \([0-9.-]+/[0-9.]+\) for [-._+=[:alnum:]]+@[-.[:alnum:]]+:[[:digit:]]+ in [0-9.]+ seconds, [0-9]+ bytes\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? identified spam \([0-9.-]+/[0-9.]+\) for [-._+=[:alnum:]]+@[-.[:alnum:]]+:[[:digit:]]+ in [0-9.]+ seconds, [0-9]+ bytes\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: prefork: child states: [A-Z]$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? (clean message|identified spam) \([0-9.-]+/[0-9.]+\) for [-._+=[:alnum:]]+(@[-.[:alnum:]]+)?(:[[:digit:]]+)? in [0-9.]+ seconds, [0-9]+ bytes\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: prefork: child states: [[:upper:]]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? got connection over [/[:alnum:]]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? handled cleanup of child pid [0-9]+ due to SIGCHLD$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? server successfully spawned child process, pid [0-9]+$
@@ -10,3 +9,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? (process|check)ing message <[^>]+>( aka <[^>]+>)? for [-._+=[:alnum:]]+(@[-.[:alnum:]]+:[[:digit:]]+|:[[:digit:]]+)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]:( spamd:)? server pid: [[:digit:]]{1,5}$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: logger: removing stderr method$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: (spamd: )?result: [.YN] [ [:digit:]-]+ - [._[:alnum:],]+ scantime=[0-9.]+,size=[0-9]+,(user=[^,]+,uid=[0-9]+,required_score=[0-9.]+,rhost=[._[:alnum:]-]+,raddr=[0-9.]+,rport=[0-9]+,)?mid=<[^[:space:]]+>,(bayes=[.[:digit:]]+(e-[[:digit:]]+)?,)?autolearn=(ham|spam|no)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: FuzzyOcr: FuzzyOcr stopped, message got [[:digit:]]+ points by other FuzzyOcr tests \([.[:digit:]]+>[.[:digit:]]+\)\.$


