[Logcheck-devel] Bug#471936: spamd log message about checking mail is not filtered correctly
Michal Čihař
nijel at debian.org
Fri Mar 21 07:49:02 UTC 2008
Package: logcheck-database
Version: 1.2.63
Severity: normal
File: /etc/logcheck/ignore.d.server/spamd
Tags: patch
Hi
the filter for "processing message" from spamd is a bit inacurate as
"aka <msgid>" part can also occur after "unknown" phrase. Attached patch
fixes it.
--
Michal Čihař | http://cihar.com | http://blog.cihar.com
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22-4-vserver-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-- debconf information:
logcheck-database/rules-directories-note:
logcheck-database/standard-rename-note:
logcheck-database/conffile-cleanup: false
-------------- next part --------------
--- /tmp/spam 2008-03-21 08:46:56.000000000 +0100
+++ /etc/logcheck/ignore.d.server/spamd 2008-03-21 08:47:08.000000000 +0100
@@ -8,7 +8,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? using default config for [-._+=[:alnum:]]+(@[-._[:alnum:]]+)?: /[-./_[:alnum:]]+/\.spamassassin/user_prefs$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? creating default_prefs: /[-./_[:alnum:]]+/\.spamassassin/user_prefs$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: config: created user preferences file: /[-./_[:alnum:]]+/\.spamassassin/user_prefs$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? (process|check)ing message (<[^>]+>( aka <[^>]+>)?|\(unknown\)) for [-._+=[:alnum:]]+(@[-.[:alnum:]]+)?(:[[:digit:]]+)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? (process|check)ing message (<[^>]+>|\(unknown\))( aka <[^>]+>)? for [-._+=[:alnum:]]+(@[-.[:alnum:]]+)?(:[[:digit:]]+)?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]:( spamd:)? server pid: [[:digit:]]{1,5}$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: logger: removing stderr method$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (spamd|check|re(port|voke))\[[0-9]+\]: (spamd: )?result: [.YN] [ [:digit:]-]+ - ([._[:alnum:],]+ )?scantime=[0-9.]+,size=[0-9]+,(user=[^,]+,uid=[0-9]+,required_score=[0-9.]+,rhost=[._[:alnum:]-]+,raddr=[0-9.]+,rport=[0-9]+,)?mid=(<[^[:space:]]+>|\(unknown\))(rmid=(<[^[:space:]]+>|\(unknown\)),)?,(bayes=[.[:digit:]]+(e-[[:digit:]]+)?,)?autolearn=(ham|spam|no|disabled|unavailable) *$
More information about the Logcheck-devel
mailing list