[Logcheck-users] Postfix rule that doesn't works?
Benjamí Villoslada
benjami at gmail.com
Thu Oct 12 17:03:58 UTC 2006
Hi,
In /etc/logcheck/violations.ignore.d/logcheck-postfix have this rule:
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+\[[0-9.]{7,14}\]: [45][0-9][0-9] <.+>: User
unknown in
local recipient table; from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|
SMTP) helo=<[^[:space:]]+>$
Seems that should filter messages like this:
Oct 12 02:23:10 localhost postfix/smtpd[20827]: NOQUEUE: reject: RCPT from
mxhub02.xxx.net[212.9.65.112]: 550 5.1.1 <Johnie.Call at xxx.net>: Recipient
address rejected: User unknown in local recipient table; from=<>
to=<Johnie.Call at xxx.net> proto=ESMTP helo=<mailhub02a.xxx.net>
but those messages come in. Any solution? --I'm sorry, I'm not skilled with
regexp (and english) O:)
Regards,
--
Benjamí
http://blog.bitassa.cat
.
More information about the Logcheck-users
mailing list