Package: logcheck-database
Version: 1.2.39
Severity: normal
postfix configuration (master.cf) allows the administrator to specify a
machine name/IP before the "smtp" keyword. For example, I have :
1.2.3.4:smtp inet n - n - - smtpd
In this case, when remote server 4.5.6.7 connects too fast, anvil logs
look like :
Oct 17 06:27:33 red postfix/anvil[10531]: statistics: max connection rate 1/60s
for (1.2.3.4:smtp:4.5.6.7) at Oct 17 06:09:23
Because of the "1.2.3.4:" before "smtp", the current regexp in
/etc/logcheck/ignore.d.server/postfix does not match.
I suggest it to be changed to:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/anvil\[[0-9]+\]: statistics: max
connection (count|rate) [/[:digit:]s]+ for
\(([.[:alnum:]-]+:)?smtp(s)?:[.:[:digit:]]+\) at \w{3} [ :0-9]{11}$
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages logcheck-database depends on:
ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
