[Logcheck-commits] r1636 - in logcheck/trunk: debian rulefiles/linux/ignore.d.server rulefiles/linux/violations.ignore.d
madduck at users.alioth.debian.org
madduck at users.alioth.debian.org
Wed Aug 15 08:36:17 UTC 2007
Author: madduck
Date: 2007-08-15 08:36:17 +0000 (Wed, 15 Aug 2007)
New Revision: 1636
Modified:
logcheck/trunk/debian/changelog
logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
Log:
- ignore temporary milter failures (due to clamav-milter socket timeouts).
- ignore timeouts on clamav-milter socket.
*
Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog 2007-08-15 08:36:15 UTC (rev 1635)
+++ logcheck/trunk/debian/changelog 2007-08-15 08:36:17 UTC (rev 1636)
@@ -11,14 +11,17 @@
[ martin f. krafft ]
* violations.ignore.d/logcheck-postfix:
- ignore milter-reject virus rejection notices.
+ - ignore temporary milter failures (due to clamav-milter socket timeouts).
* ignore.d.server/postfix:
- ignore warnings about not being able to resolve (sender) MX hosts.
+ - ignore timeouts on clamav-milter socket.
* ignore.d.server/spamassassin:
- ignore more runtime, informational messages.
+ *
- -- martin f. krafft <madduck at debian.org> Wed, 15 Aug 2007 10:28:49 +0200
+ -- martin f. krafft <madduck at debian.org> Wed, 15 Aug 2007 10:35:12 +0200
logcheck (1.2.59) experimental; urgency=low
Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/postfix 2007-08-15 08:36:15 UTC (rev 1635)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/postfix 2007-08-15 08:36:17 UTC (rev 1636)
@@ -118,3 +118,6 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: decided action=(450 |550) (Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs(; (in [^[:space:]]+|MTA helo: [^[:space:]]+, MTA hostname: [^[:space:]]+ \(helo/hostname mismatch\)))*|Your MTA is listed in too many DNSBLs; check [^[:space:]]+)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: (weighted check|decided action=PREPEND X-policyd-weight): ([_[:alpha:]]+=((-)?[[:digit:].]+|ERR) )+(\(check from: [^[:space:]]+ - helo: [^[:space:]]+ - helo-domain: [^[:space:]]+\) ([\()/_[:alpha:]]+=(-)?[[:digit:].]+ )+)*<client=[^[:space:]]+> <helo=[^[:space:]]+> <from=[^[:space:]]+> <to=[^[:space:]]+>, rate: (-)?[[:digit:].]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policyd-weight\[[[:digit:]]+\]: cache: (purged|deleted) [^[:space:]]+ from HAM cache$
+# clamav-milter
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: milter unix:/var/run/clamav/clamav-milter\.ctl: can't read SMFIC_MAIL reply packet header: Connection timed out$
+
Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix 2007-08-15 08:36:15 UTC (rev 1635)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix 2007-08-15 08:36:17 UTC (rev 1636)
@@ -44,3 +44,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/cleanup\[[0-9]+\]: [[:alnum:]]+: (resent-|)message-id=<?[^>]+>?( \(added by [^[:space:]]+\))?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/pickup\[[0-9]+\]: [[:alnum:]]+: uid=[[:digit:]]+ from=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/cleanup\[[0-9]+\]: [[:xdigit:]]+: milter-reject: END-OF-MESSAGE from [-._[:alnum:]]+\[[.[:digit:]]+\]: [45]\.7\.1 virus [-._/[:alnum:]]+ detected by ClamAV - http://www\.clamav\.net; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: NOQUEUE: milter-reject: MAIL from [-._[:alnum:]]+\[[.[:digit:]]+\]: 451 4\.7\.1 Service unavailable - try again later; proto=E?SMTP helo=<[^[:space:]]+>$
More information about the Logcheck-commits
mailing list