[Logcheck-commits] r1498 - in logcheck/trunk: debian rulefiles/linux/violations.ignore.d

[madduck at users.alioth.debian.org]

Author: madduck
Date: 2007-02-10 17:53:03 +0100 (Sat, 10 Feb 2007)
New Revision: 1498

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
Log:
* violations.ignore.d/logcheck-postfix:
  - ignore sender verification rejects after MAIL (in case they are not
  delayed).
  - ignore RBL rejects after successful reverse DNS resolution.

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2007-02-10 16:50:39 UTC (rev 1497)
+++ logcheck/trunk/debian/changelog	2007-02-10 16:53:03 UTC (rev 1498)
@@ -18,10 +18,12 @@
   * ignore.d.server/kernel: ignore more initialisation messages from SCSI
     subsystem.
 
-  * violations.ignore.d/logcheck-postfix: ignore sender verification rejects
-    after MAIL (in case they are not delayed).
+  * violations.ignore.d/logcheck-postfix:
+    - ignore sender verification rejects after MAIL (in case they are not
+    delayed).
+    - ignore RBL rejects after successful reverse DNS resolution.
 
- -- martin f. krafft <madduck at debian.org>  Sat, 10 Feb 2007 16:50:04 +0000
+ -- martin f. krafft <madduck at debian.org>  Sat, 10 Feb 2007 16:52:08 +0000
 
 logcheck (1.2.54) unstable; urgency=low
 

Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix	2007-02-10 16:50:39 UTC (rev 1497)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-postfix	2007-02-10 16:53:03 UTC (rev 1498)
@@ -4,7 +4,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})? <[^[:space:]]+>: Helo command rejected: .+; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [0-9]{3}( [45](\.[[:digit:]]){2})? <[^[:space:]]+>: Relay access denied; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})? Service unavailable; Sender address \[[^[:space:]]+\] blocked using [._[:alnum:]-]+;( .*;)? from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})? Service unavailable; Client host \[[0-9.]{7,15}\] blocked using [._[:alnum:]-]+;( .*;)? from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( [45](\.[[:digit:]]){2})? Service unavailable; Client host \[([0-9.]{7,15}|[-._[:alnum:]]+)\] blocked using [._[:alnum:]-]+;( .+;)? from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+: reject: RCPT from [^[:space:]]+\[[0-9.]{7,14}\]: [45][0-9][0-9] <.+>: User unknown in local recipient table; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: (NOQUEUE|[[:xdigit:]]+): reject: HELO from [^[:space:]]+\[[0-9.]{7,15}\]: [45][0-9]{2}( [45](\.[0-9]){2})? <[^[:space:]]+>: Helo command rejected: .+; proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: smtpd_peer_init: [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+: hostname [^[:space:]]+ verification failed: (Temporary failure in name resolution|Name or service not known|No address associated with hostname)$