[Logcheck-devel] Bug#335021: logcheck-database: Spamd rule broken

Ryszard Lach rla at debian.org
Fri Oct 21 13:52:01 UTC 2005 

Package: logcheck-database
Version: 1.2.41
Severity: normal


spamd's configurations do not match my log entries, I suppose that
logcheck files should be fixed. See a couple of lines not-ignored by
ignore.d.server/spamd:

Oct 21 13:02:07 localhost spamd[5468]: spamd: connection from localhost [127.0.0.1] at port 56544
Oct 21 13:06:02 localhost spamd[5468]: spamd: connection from localhost [127.0.0.1] at port 49771
Oct 21 13:06:02 localhost spamd[5468]: spamd: processing message (unknown) for siaco:1000
Oct 21 13:06:07 localhost spamd[5468]: spamd: identified spam (18.1/5.0) for siaco:1000 in 5.6 seconds, 30599 bytes.

And ignore.d.server/spamd contains:

^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: connection from [._[:alnum:]-]+ \[[\.[:digit:]]+\] at port [0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: info: setuid to [[:alnum:]-]+ succeeded$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: (checking|processing) message .* for [._[:alnum:]-]+:[0-9]+\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: clean message \([0-9.-]+/[0-9.]+\) for [._[:alnum:]-]+:[0-9]+ in [0-9.]+ seconds, [0-9]+ bytes\.$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd\[[0-9]+\]: identified spam \([0-9.-]+/[0-9.]+\) for [._[:alnum:]-]+:[0-9]+ in [0-9.]+ seconds, [0-9]
+ bytes\.$

It seems that item 'spamd:' after process name[pid] is missing.

Sometimes at this position occurs also item 'prefork:'

Regards,

Richard.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.13-mm3
Locale: LANG=en_US, LC_CTYPE=pl_PL (charmap=ISO-8859-2)

Versions of packages logcheck-database depends on:
ii  debconf [debconf-2.0]         1.4.58     Debian configuration management sy

logcheck-database recommends no packages.

-- debconf information:
  logcheck-database/conffile-cleanup: false
  logcheck-database/rules-directories-note:
  logcheck-database/standard-rename-note:

More information about the Logcheck-devel mailing list