Package: logcheck-database
Version: 1.2.54
Severity: wishlist
Tags: patch
The patch would be even uglier if the patterns were united some more;
in particular "hello command rejected". (Actually, that part of this
patch isn't actually for delay_reject=no).
--- /tmp/logcheck-postfix.orig 2007-05-22 19:20:37.577656308 -0400
+++ /etc/logcheck/violations.ignore.d/logcheck-postfix 2007-05-22
19:22:53.794204546 -0400
@@ -1,12 +1,12 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning:
[.[:digit:]]+: hostname [^[:space:]]+ verification failed: (Host not found|Host
name has no address|Name or service not known|Temporary failure in name
resolution)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [0-9]\.[0-9]\.[0-9])? Client
host rejected: cannot find your hostname, [^[:space:]]+; from=[^[:space:]]+
to=[^[:space:]]+ proto=(ESMTP|SMTP) helo=[^[:space:]]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})?
<[^[:space:]]+>: (Sender|Recipient) address rejected: .+; from=<[^[:space:]]*>(
to=<[^[:space:]]+>)? proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+:
reject: (CONNECT|RCPT) from [^[:space:]]+: [45][0-9][0-9](
[0-9]\.[0-9]\.[0-9])? Client host rejected: cannot find your hostname,
[^[:space:]]+; (from=[^[:space:]]+ to=[^[:space:]]+ )?proto=(ESMTP|SMTP)(
helo=[^[:space:]]+)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: (MAIL|RCPT) from [^[:space:]]+: [45][0-9][0-9](
[45](\.[[:digit:]]){2})? <[^[:space:]]+>: (Sender|Recipient) address rejected:
.+; from=<[^[:space:]]*>( to=<[^[:space:]]+>)? proto=(ESMTP|SMTP)
helo=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})?
<[^[:space:]]+>: Helo command rejected: .+; from=<[^[:space:]]*>
to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [0-9]{3}( [45](\.[[:digit:]]){2})?
<[^[:space:]]+>: Relay access denied; from=<[^[:space:]]*> to=<[^[:space:]]+>
proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})?
Service unavailable; Sender address \[[^[:space:]]+\] blocked using
[._[:alnum:]-]+;( .*;)? from=<[^[:space:]]*> to=<[^[:space:]]+>
proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})?
Service unavailable; Client host \[[0-9.]{7,15}\] blocked using
[._[:alnum:]-]+;( .*;)? from=<[^[:space:]]*> to=<[^[:space:]]+>
proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: (CONNECT|RCPT) from [^[:space:]]+: [45][0-9][0-9](
[45](\.[[:digit:]]){2})? Service unavailable; Client host \[[0-9.]{7,15}\]
blocked using [._[:alnum:]-]+;( .*;)? (from=<[^[:space:]]*> to=<[^[:space:]]+>
)?proto=(ESMTP|SMTP)( helo=<[^[:space:]]+>)?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+\[[0-9.]{7,14}\]: [45][0-9][0-9] <.+>: User
unknown in local recipient table; from=<[^[:space:]]*> to=<[^[:space:]]+>
proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]:
(NOQUEUE|[[:xdigit:]]+): reject: HELO from [^[:space:]]+\[[0-9.]{7,15}\]:
[45][0-9]{2}( [45](\.[0-9]){2})? <[^[:space:]]+>: Helo command rejected: .+;
proto=E?SMTP helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]:
(NOQUEUE|[[:xdigit:]]+): reject: (HE|EH)LO from [^[:space:]]+\[[0-9.]{7,15}\]:
[45][0-9]{2}( [45](\.[0-9]){2})? <[^[:space:]]+>: Helo command rejected: .+;
proto=E?SMTP helo=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning:
smtpd_peer_init: [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+: hostname [^[:space:]]+
verification failed: (Temporary failure in name resolution|Name or service not
known|No address associated with hostname)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: Peer verification:
CommonName in certificate does not match: [._*[:alnum:]-]+ != [._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+:
host [^[:space:]]+ said: [45][0-9][0-9] .* \(in reply to (HELO|EHLO|MAIL
FROM|RCPT TO|(end of )?DATA) command\)$
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
