[Logcheck-devel] Bug#405786: logcheck-database: extended DSN status missing in postfix ignore lines

Jefferson Cowart jeff at cowart.net
Sun Jan 7 02:18:18 UTC 2007 

tags 405786 + patch
thanks

martin f krafft wrote:
> It would be a great help if you could submit a proper patch against
> the SVN version:
> 
>   svn co svn://svn.debian.org/logcheck/logcheck/trunk/rulefiles/linux
> 
> Thanks,

# svn diff
Index: violations.ignore.d/logcheck-postfix
===================================================================
--- violations.ignore.d/logcheck-postfix        (revision 1421)
+++ violations.ignore.d/logcheck-postfix        (working copy)
@@ -1,5 +1,5 @@
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: warning: 
[.[:digit:]]+: hostname [^[:space:]]+ verification failed: (Host not 
found|Host name has no address|Name or service not known|Temporary 
failure in name resolution)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
[[:alnum:]]+: reject: RCPT from [^[:space:]]+: [0-9]+ Client host 
rejected: cannot find your hostname, [^[:space:]]+; from=[^[:space:]]+ 
to=[^[:space:]]+ proto=(ESMTP|SMTP) helo=[^[:space:]]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
[[:alnum:]]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( 
[0-9]\.[0-9]\.[0-9])? Client host rejected: cannot find your hostname, 
[^[:space:]]+; from=[^[:space:]]+ to=[^[:space:]]+ proto=(ESMTP|SMTP) 
helo=[^[:space:]]+$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
[[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( 
[45](\.[[:digit:]]){2})? <[^[:space:]]+>: (Sender|Recipient) address 
rejected: .+; from=<[^[:space:]]*>( to=<[^[:space:]]+>)? 
proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
[[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( 
[45](\.[[:digit:]]){2})? <[^[:space:]]+>: Helo command rejected: .+; 
from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) 
helo=<[^[:space:]]+>$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
[[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [0-9]{3}( 
[45](\.[[:digit:]]){2})? <[^[:space:]]+>: Relay access denied; 
from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) 
helo=<[^[:space:]]+>$
@@ -28,7 +28,7 @@
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
[[:upper:]0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9]( 
[45](\.[[:digit:]]){2})? <[^[:space:]]+>: Client host rejected: 
Greylisted for [0-9]+ (seconds|minutes)( \(see 
http://isg.ee.ethz.ch/tools/postgrey/help/[.[:alnum:]-]+.html\))?; 
from=<[^[:space:]]+> to=<[^[:space:]]+> proto=(ESMTP|SMTP) 
helo=<[^[:space:]]+>$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: 
[[:alnum:]]+: from=<[^[:space:]]*>, size=[0-9]+, nrcpt=[0-9]+ \(queue 
active\)$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/local\[[0-9]+\]: 
[[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* 
relay=local, delay=[0-9]+, status=sent \(delivered to command: 
/var/lib/mailman/mail/mailman admin [._[:alnum:]-]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: NOQUEUE: 
reject: [[:upper:]]+ from [^[:space:]]+: 554 <[^[:space:]]+>: Client 
host rejected: Access denied;( from=<[^[:space:]]*> to=<[^[:space:]]+>)? 
proto=E?SMTP( helo=<[^[:space:]]+>)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: NOQUEUE: 
reject: [[:upper:]]+ from [^[:space:]]+: 554( [0-9]\.[0-9]\.[0-9])? 
<[^[:space:]]+>: Client host rejected: Access denied;( 
from=<[^[:space:]]*> to=<[^[:space:]]+>)? proto=E?SMTP( 
helo=<[^[:space:]]+>)?$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: NOQUEUE: 
reject: [[:upper:]]+ from [^[:space:]]+: 554( 5\.7\.1)? <[^[:space:]]+>: 
Relay access denied;( from=<[^[:space:]]*> to=<[^[:space:]]+>)? 
proto=E?SMTP( helo=<[^[:space:]]+>)?$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: 
(NOQUEUE|[[:xdigit:]]+): reject: [[:upper:]]+ from [^[:space:]]+: 550( 
5\.1\.[01])? <[^[:space:]]+>: (Sender|Recipient) address rejected: User 
unknown in (local|relay) recipient table;( from=<[^[:space:]]*> 
to=<[^[:space:]]+>)? proto=E?SMTP( helo=<[^[:space:]]+>)?$
  ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[ls]mtp\[[0-9]+\]: 
[[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* 
relay=[^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.0-9]+,( 
delays=[.0-9/]+, dsn=[0-9.]+,)? status=sent \(250 [0-9.]+ Ok(, 
id=[-0-9]+, from MTA(\([^[:space:]]+\))?: 250 ([0-9.]+ )?Ok: queued as 
[0-9A-F]+|, discarded, UBE, id=[-0-9]+|, DSN sent \(.+\))?$


================
Thanks
Jefferson Cowart
jeff at cowart.net

More information about the Logcheck-devel mailing list