[Logcheck-commits] martin f. krafft: ignore.d.server/postfix: fix rule to match greylisting notices.

Fri Jun 11 11:38:21 UTC 2010

Module: logcheck
Branch: lenny-backports
Commit: 24910c4b3205ff2aa23906b6ae10326da7036b2d
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=24910c4b3205ff2aa23906b6ae10326da7036b2d

Author: martin f. krafft <madduck at debian.org>
Date:   Fri May 28 10:35:39 2010 +0200

ignore.d.server/postfix: fix rule to match greylisting notices.

Signed-off-by: martin f. krafft <madduck at debian.org>

---

 debian/changelog                        |    4 ++++
 rulefiles/linux/ignore.d.server/postfix |    2 +-
 2 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 43cd885..0f5b7b6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -19,6 +19,10 @@ logcheck (1.3.9) UNRELEASED; urgency=low
   * ignore.d.server/dovecot:
     - sieve: msgids might be followed by "(added by ...)"
 
+  [ martin f. krafft ]
+  * ignore.d.server/postfix:
+    - fix rule to match greylisting notices.
+
  -- Hannes von Haugwitz <hannes at vonhaugwitz.com>  Fri, 14 May 2010 21:56:13 +0200
 
 logcheck (1.3.8) unstable; urgency=low
diff --git a/rulefiles/linux/ignore.d.server/postfix b/rulefiles/linux/ignore.d.server/postfix
index 5d09525..801be34 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -114,7 +114,7 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: (CONNECT|RCPT) from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? Service unavailable; Client host \[([[:digit:].]{7,15}|[-._[:alnum:]]+)\] blocked using [._[:alnum:]-]+;( .+;)? (from=<[^[:space:]]*> to=<[^[:space:]]+> )?proto=E?SMTP( helo=<[^[:space:]]+>)?$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: (MAIL|RCPT) from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: (Sender|Recipient) address rejected: .+; from=<[^[:space:]]*>( to=<[^[:space:]]+>)? proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [[:digit:]]{3}( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: Relay access denied; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: Client host rejected: Greylisted( for [[:digit:]]+ (seconds|minutes))?,?( \(?see http://isg\.ee\.ethz\.ch/tools/postgrey/help/[.[:alnum:]-]+\.html\)?;)? from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: 4[[:digit:]][[:digit:]]( 4(\.[[:digit:]]){2}) <[^[:space:]]*>: Client host rejected: Greylisted( for [[:digit:]]+ (second|minute)s)?, see https?://[-_.:/[:alnum:]]+\.html?; from=<[^[:space:]]+> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? <[^[:space:]]*>: Helo command rejected: .+; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+: [45][[:digit:]][[:digit:]]( [45](\.[[:digit:]]){2})? Service unavailable; Sender address \[[^[:space:]]+\] blocked using [._[:alnum:]-]+;( .*;)? from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtpd\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: RCPT from [^[:space:]]+\[[[:digit:].]{7,15}\]: [45][[:digit:]][[:digit:]] <.+>: User unknown in local recipient table; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$


