[Logcheck-devel] Bug#578415: logcheck-database: Patch to improve dspam rules
Julien Valroff
julien at kirya.net
Mon Apr 19 17:36:16 UTC 2010
Package: logcheck-database
Severity: wishlist
Tags: ipv6 patch
Hi,
please find below a patch to improve the rules defined for dspam, so that they take
into account ipv6 addresses and adding rules for 2 current cases (mail over the limit
set by the administrator and mail rejected as flagged as infected by clamav).
diff -urN logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dspam logcheck-1.3.8/rulefiles/linux/ignore.d.server/dspam
--- logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dspam 2008-03-05 09:10:47.000000000 +0100
+++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dspam 2010-04-19 19:33:16.483402478 +0200
@@ -1,2 +1,4 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dspam\[[0-9]+\]: spam detected from [.0-9]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dspam\[[0-9]+\]: innocent message from [.0-9]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dspam\[[0-9]+\]: infected message from ([.0-9]{7,15}|[0-9a-fA-F:.]{4,39})$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dspam\[[0-9]+\]: spam detected from ([.0-9]{7,15}|[0-9a-fA-F:.]{4,39})$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dspam\[[0-9]+\]: innocent message from ([.0-9]{7,15}|[0-9a-fA-F:.]{4,39})$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dspam\[[0-9]+\]: message too big, delivering$
Cheers,
Julien
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (150, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the Logcheck-devel
mailing list