[Logcheck-commits] r1731 - in logcheck/trunk: debian rulefiles/linux/violations.ignore.d

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Thu Aug 23 10:40:13 UTC 2007 

Author: madduck
Date: 2007-08-23 10:40:13 +0000 (Thu, 23 Aug 2007)
New Revision: 1731

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
Log:
  - fix authentication failure messages related to SASL (closes: #437886).



Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2007-08-23 10:40:10 UTC (rev 1730)
+++ logcheck/trunk/debian/changelog	2007-08-23 10:40:13 UTC (rev 1731)
@@ -20,6 +20,7 @@
   * violations.ignore.d/logcheck-postfix:
     - ignore milter-reject virus rejection notices.
     - ignore temporary milter failures (due to clamav-milter socket timeouts).
+    - fix authentication failure messages related to SASL (closes: #437886).
 
   * ignore.d.server/postfix:
     - ignore warnings about not being able to resolve (sender) MX hosts.
@@ -56,7 +57,7 @@
   * ignore.d.server/bind, violations.ignore.d/logcheck-bind:
     - also ignore unresolved RCODE 15 in warning messages (closes: #437891).
 
- -- martin f. krafft <madduck at debian.org>  Thu, 23 Aug 2007 09:50:55 +0200
+ -- martin f. krafft <madduck at debian.org>  Thu, 23 Aug 2007 09:53:16 +0200
 
 logcheck (1.2.58) unstable; urgency=low
 

Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix	2007-08-23 10:40:10 UTC (rev 1730)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix	2007-08-23 10:40:13 UTC (rev 1731)
@@ -11,7 +11,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning:( smtpd_peer_init:)? [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+: hostname [^[:space:]]+ verification failed: (Temporary failure in name resolution|Name or service not known|No address associated with hostname)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: Peer verification: CommonName in certificate does not match: [._*[:alnum:]-]+ != [._[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: host [^[:space:]]+ said: [45][0-9][0-9][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|(end of )?DATA) command\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: to=<[^[:space:]]+>(, orig_to=<[^[:space:]]+>)?, relay=[._[:alnum:]-]+\[[0-9.]{7,15}\](:[[:digit:]]{1,5})?,( conn_use=[0-9]+,)? delay=[.0-9]+(, delays=([.0-9]+/){3}[.0-9]+)?(, dsn=[45](\.[0-9]+){2})?, status=(deferred|bounced|undeliverable|SOFTBOUNCE) \(host [._[:alnum:]-]+\[[0-9.]{7,15}\] said: [45][0-9][0-9][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: to=<[^[:space:]]+>(, orig_to=<[^[:space:]]+>)?, relay=[._[:alnum:]-]+\[[0-9.]{7,15}\](:[[:digit:]]{1,5})?,( conn_use=[0-9]+,)? delay=[.0-9]+(, delays=([.0-9]+/){3}[.0-9]+)?(, dsn=[45](\.[0-9]+){2})?, status=(deferred|bounced|undeliverable) \(host [._[:alnum:]-]+\[[0-9.]{7,15}\] said: [45][0-9][0-9][- ]+.* \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:upper:]0-9]+: to=<[^[:space:]]+>, relay=[._[:alnum:]-]+\[[0-9.]{7,15}\](:[[:digit:]]{1,5})?, delay=[.0-9]+(, delays=([.0-9]+/){3}[.0-9]+)?(, dsn=2(\.[0-9]+){2})?, status=deliverable \(2[0-9][0-9] .*\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [A-Z0-9]+: to=<[^[:space:]]+>, relay=[^[:space:]]+, delay=[0-9]+, status=deferred \(host [^[:space:]]+ refused to talk to me: [^[:space:]]+ 554 Access denied\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [A-Z0-9]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,) relay=[^[:space:]]+, delay=[0-9]+, status=deferred \(host [^[:space:]]+ said: [45][0-9]{2} <[^[:space:]]+>: Recipient address rejected: Greylisted for [0-9]+ (seconds|minutes)( \(see http://isg.ee.ethz.ch/tools/postgrey/help/[.[:alnum:]-]+.html\))? \(in reply to (HELO|EHLO|MAIL FROM|RCPT TO|end of DATA) command\)\)$
@@ -45,4 +45,3 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/pickup\[[0-9]+\]: [[:alnum:]]+: uid=[[:digit:]]+ from=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/cleanup\[[0-9]+\]: [[:xdigit:]]+: milter-reject: END-OF-MESSAGE from [-._[:alnum:]]+\[[.[:digit:]]+\]: [45]\.7\.1 virus [-._/[:alnum:]]+ detected by ClamAV - http://www\.clamav\.net; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: NOQUEUE: milter-reject: MAIL from [-._[:alnum:]]+\[[.[:digit:]]+\]: 451 4\.7\.1 Service unavailable - try again later; proto=E?SMTP helo=<[^[:space:]]+>$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: reject: ETRN [._[:alnum:]-]+\.\.\. from [._[:alnum:]-]+\[[0-9.]{7,15}\]$

More information about the Logcheck-commits mailing list