Hey, here is an updated patch.
There is still one problem with the patch, i can't figure out how to make it drop these messages. Oct 6 22:06:57 Carbon postfix/policyd-weight[2991]: weighted check: IN_DYN_PBL_SPAMHAUS=3.25 NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_IP=-2 HELO_SEEMS_DIALUP=4.5 (check from: .web. - helo: .bwn108.internetdsl.tpnet. - helo-domain: .tpnet.) FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1.812 CLIENT_NOT_MX/A_FROM_DOMAIN=4.75 CLIENT/24_NOT_MX/A_FROM_DOMAIN=4.75 <client=83.18.221.108> <helo=bwn108.internetdsl.tpnet.pl> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: 12.562 Regards, -- Sami Haahtinen <[EMAIL PROTECTED]>
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 5e9f33b..f4a6176 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -117,9 +117,9 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: sql plugin doing query select password from [_[:alnum:]]+ where [_[:alnum:]]+='[EMAIL PROTECTED]:alnum:]-]+';?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: sql plugin Parse the username [^[:space:]]+$
# policyd-weight
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: decided action=PREPEND X-policyd-weight: using cached result; rate: (-)?[[:digit:].]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: decided action=(450 |550) (Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs(; (in [^[:space:]]+|MTA helo: [^[:space:]]+, MTA hostname: [^[:space:]]+ \(helo/hostname mismatch\)))*|Your MTA is listed in too many DNSBLs; check [^[:space:]]+)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: (weighted check|decided action=PREPEND X-policyd-weight): ([_[:alpha:]]+=((-)?[[:digit:].]+|ERR) )+(\(check from: [^[:space:]]+ - helo: [^[:space:]]+ - helo-domain: [^[:space:]]+\) ([\()/_[:alpha:]]+=(-)?[[:digit:].]+ )+)*<client=[^[:space:]]+> <helo=[^[:space:]]+> <from=[^[:space:]]+> <to=[^[:space:]]+>, rate: (-)?[[:digit:].]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: decided action=PREPEND X-policyd-weight: using cached result; rate:(hard:)? (-)?[[:digit:].]+; delay: [[:digit:]]+s$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: decided action=(450 |550) (Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs(; (in [^[:space:]]+|MTA helo: [^[:space:]]+, MTA hostname: [^[:space:]]+ \(helo/hostname mismatch\)|please relay via your ISP \([^[:space:]]+\)|Please use DynDNS))*|Your MTA is listed in too many DNSBLs; check [^[:space:]]+|temporarily blocked because of previous errors - retrying too fast. penalty: [[:digit:]]+ seconds x [[:digit:]]+ retries.)( \(multirecipient mail\))?; delay: [[:digit:]]+s$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: (weighted check|decided action=PREPEND X-policyd-weight): ([_[:alpha:]]+=((-)?[[:digit:].]+|ERR) ?)+(\(check from: [^[:space:]]+ - helo: [^[:space:]]+ - helo-domain: [^[:space:]]+\) ([\()/_[:alpha:]]+=(-)?[[:digit:].]+ )+)*(<client=[^[:space:]]+> <helo=[^[:space:]]+> <from=[^[:space:]]+> <to=[^[:space:]]+>)?, rate: (-)?[[:digit:].]+(; delay: [[:digit:]]+s)?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: cache: (purged|deleted) [^[:space:]]+ from HAM cache$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: milter unix:/var/run/clamav/clamav-milter\.ctl: can't read SMFIC_MAIL reply packet header: Connection timed out$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: TLS library problem: [[:digit:]]+:error:[[:xdigit:]]+:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt\.c:[[:digit:]]+:SSL alert number 10:$
signature.asc
Description: This is a digitally signed message part
