[Logcheck-commits] r1728 - in logcheck/trunk: debian rulefiles/linux/ignore.d.server

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Thu Aug 23 10:40:05 UTC 2007 

Author: madduck
Date: 2007-08-23 10:40:05 +0000 (Thu, 23 Aug 2007)
New Revision: 1728

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
Log:
  - do not require unknown_*_domain filters to include "valid_hostname"
    (closes: #437752).



Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2007-08-23 10:40:03 UTC (rev 1727)
+++ logcheck/trunk/debian/changelog	2007-08-23 10:40:05 UTC (rev 1728)
@@ -28,6 +28,8 @@
     - ignore lost connection message in stage with two words (e.g. MAIL FROM).
     - ignore timeout messages after all kinds of SMTP commands, incl. UNKNOWN.
     - ignore pickup messages.
+    - do not require unknown_*_domain filters to include "valid_hostname"
+      (closes: #437752).
 
   * ignore.d.server/spamd:
     - ignore more runtime, informational messages.
@@ -50,7 +52,7 @@
   * ignore.d.server/pdns:
     - ignore warning about zero-sized packet from remote.
 
- -- martin f. krafft <madduck at debian.org>  Wed, 15 Aug 2007 11:39:11 +0200
+ -- martin f. krafft <madduck at debian.org>  Thu, 23 Aug 2007 09:48:05 +0200
 
 logcheck (1.2.58) unstable; urgency=low
 

Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/postfix	2007-08-23 10:40:03 UTC (rev 1727)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/postfix	2007-08-23 10:40:05 UTC (rev 1728)
@@ -3,8 +3,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: from=<.*>, status=expired, returned to sender$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: message-id=(<?[^[:space:]]+>?)?( \(added by [^[:space:]]+\))?$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: removed$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(error|n?qmgr|smtp)\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=4\.[0-9]\.[0-9],)? status=(deferred|undeliverable) \((delivery temporarily suspended: )?(lost connection with [^[:space:]]+ while (sending [[:alnum:]]+( [[:alnum:]]+)?|performing the HELO handshake)|conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending [[:alnum:]]+( [/[:alnum:]]+)?|sending end of data -- message may be sent more than once)|connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)|Host or domain name not found. Name service error for name=[^[:space:]]+ type=MX: Host not found, try again)\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:alnum:]]+: conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|performing the (EHLO|HELO) handshake)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(error|n?qmgr|smtp)\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=4\.[0-9]\.[0-9],)? status=(deferred|undeliverable) \((delivery temporarily suspended: )?(lost connection with [^[:space:]]+ while (sending [[:alnum:]]+( [[:alnum:]]+)?|performing the HELO handshake)|conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending [[:alnum:]]+( [[:alnum:]]+)?|sending end of data -- message may be sent more than once)|connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)|Host or domain name not found. Name service error for name=[^[:space:]]+ type=MX: Host not found, try again)\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=[45]\.[0-9]\.[0-9],)? status=bounced \(bad address syntax\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: unable to open Berkeley db /etc/sasldb: No such file or directory$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: verify error:num=10:certificate has expired$
@@ -47,7 +46,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: host [^[:space:]]+ said: .* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: no MX host for [^[:space:]]+ has a valid (A|address) record$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: Unable to look up MX host for [._[:alnum:]-]+: Host not found(, try again)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: Unable to look up MX host [._[:alnum:]-]+ for Sender address [^[:space:]]+: (Name or service not known|No address associated with hostname)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: Unable to look up MX host [._[:alnum:]-]+ for Sender address [^[:space:]]+: Name or service not known$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: host [^[:space:]]+ greeted me with my own hostname [._[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: host [^[:space:]]+ replied to HELO/EHLO with my own hostname [._[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/policy-spf\[[0-9]+\]: decided action=DUNNO$
@@ -67,7 +66,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: warning: mailer loop: best MX for [^[:space:]]+ is local$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: enabling PIX <CRLF>\.<CRLF> workaround for .*$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: malformed domain name in resource data of (MX|CNAME) record for [^[:space:]]+:.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: timeout after [-[:upper:]]+ from [^[:space:]]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: timeout after [[:upper:]]+ from [^[:space:]]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+: client=[^[:space:]]+, sasl_sender=.*$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+: client=[^[:space:]]+, sasl_method=[-[:alnum:]]+, sasl_username=[-_.@[:alnum:]]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+: client=[._[:alnum:]-]+\[[0-9a-f.:]{3,39}\]$
@@ -93,7 +92,7 @@
 # postfix 2.2
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:xdigit:]]+: replace: header [-[:alnum:]]+: .+: [-[:alnum:]]+: .+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: Peer verification: [[:digit:]]+ dNSNames in certificate found, but no one does match [-_.[:alnum:]]+$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: warning: peer certificate has no (subject CN|issuer Organization)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd?\[[[:digit:]]+\]: warning: peer certificate has no subject CN$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: warning: non-SMTP command from [^[:space:]]+\[[0-9a-f.:]{3,39}\]: .+$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/local\[[[:digit:]]+\]: warning: perhaps you need to create the maildirs in advance$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/trivial-rewrite\[[[:digit:]]+\]: warning: valid_ipv4_hostaddr: invalid octet count: ?$
@@ -105,7 +104,6 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: ([-._[:alnum:]]+): RBL lookup error: Host or domain name not found\. Name service error for name=\1 type=A: Host not found, try again$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: Connection concurrency limit exceeded: [[:digit:]]+ from [-._[:alnum:]]+\[[.[:digit:]]{7,15}\] for service smtp$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/bounce\[[0-9]+\]: [[:xdigit:]]+: sender delivery status notification: [[:xdigit:]]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[0-9.]{7,15}\](:[[:digit:]]{1,5})?, (conn_use=[[:digit:]]+, )?delay=[.0-9]+(, delays=([.0-9]+/){3}[.0-9]+)?(, dsn=2(\.[0-9]+){2})?, status=deliverable \(250 Ok\)$
 # mysql
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: commit transaction$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: sql plugin: no result found$

More information about the Logcheck-commits mailing list