[Logcheck-commits] r1518 - in logcheck/trunk: debian rulefiles/linux/ignore.d.server

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Wed Feb 28 12:12:56 CET 2007 

Author: madduck
Date: 2007-02-28 12:12:56 +0100 (Wed, 28 Feb 2007)
New Revision: 1518

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
Log:
  - improve filters for messages relating to deferred mail.

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2007-02-28 11:09:49 UTC (rev 1517)
+++ logcheck/trunk/debian/changelog	2007-02-28 11:12:56 UTC (rev 1518)
@@ -42,6 +42,7 @@
     - more policyd-weight rules by Armin Berres (closes: #410416).
     - ignore messages related to RBL DNS lookup errors.
     - ignore messages on successful delivery to Sendmail.
+    - improve filters for messages relating to deferred mail.
 
   * ignore.d.server/spamd:
     - ignore init messages with scores in SQL (closes: #411111).
@@ -60,7 +61,7 @@
   * debconf translation updates:
     - Portuguese by Pedro Ribeiro (closes: #410734).
 
- -- martin f. krafft <madduck at debian.org>  Wed, 28 Feb 2007 11:51:14 +0100
+ -- martin f. krafft <madduck at debian.org>  Wed, 28 Feb 2007 12:12:27 +0100
 
 logcheck (1.2.54) unstable; urgency=low
 

Modified: logcheck/trunk/rulefiles/linux/ignore.d.server/postfix
===================================================================
--- logcheck/trunk/rulefiles/linux/ignore.d.server/postfix	2007-02-28 11:09:49 UTC (rev 1517)
+++ logcheck/trunk/rulefiles/linux/ignore.d.server/postfix	2007-02-28 11:12:56 UTC (rev 1518)
@@ -3,10 +3,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: from=<.*>, status=expired, returned to sender$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: message-id=(<?[^[:space:]]+>?)?( \(added by [^[:space:]]+\))?$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: removed$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: Host or domain name not found. Name service error for name=[^[:space:]]+ type=MX: Host not found, try again\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=4\.[0-9]\.[0-9],)? status=deferred \(delivery temporarily suspended: lost connection with [^[:space:]]+ while sending [[:alnum:]]+( [[:alnum:]]+)?\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=4\.[0-9]\.[0-9],)? status=deferred \(delivery temporarily suspended: conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending end of data -- message may be sent more than once)\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=4\.[0-9]\.[0-9],)? status=deferred \(delivery temporarily suspended: (lost connection with [^[:space:]]+ while sending [[:alnum:]]+( [[:alnum:]]+)?|conversation with [^[:space:]]+ timed out while (receiving the initial server greeting|sending end of data -- message may be sent more than once)|connect to [^[:space:]]+: (Connection timed out|read timeout|Connection refused)|Host or domain name not found. Name service error for name=[^[:space:]]+ type=MX: Host not found, try again)\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/n?qmgr\[[0-9]+\]: [[:alnum:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)? relay=none,( conn_use=[0-9]+,)? delay=[0-9.]+,( delays=[0-9./]+,)?( dsn=[45]\.[0-9]\.[0-9],)? status=bounced \(bad address syntax\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: unable to open Berkeley db /etc/sasldb: No such file or directory$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: verify error:num=10:certificate has expired$

More information about the Logcheck-commits mailing list