Package: logcheck-database
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
there is little problem with one rule in violations.ignore.d/logcheck-postfix.
The rule is only for the host sythos.net and the delay need to be variable (it's
possible that the retry happen before 300 seconds are over).
I don't have an example because on my site only recipients are greylisted.
The attached patch is against the latest cvs version.
bye, Martin
- -- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (900, 'testing'), (100, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.1
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEcFhrOvJj+wS6JuIRAo4lAKCptk4LGmgBi4sldoHqyxiB0gidJwCfVyGr
an2SJNS0VoSUFylSa75z1XQ=
=ORmv
-----END PGP SIGNATURE-----
Index: logcheck-postfix
===================================================================
RCS file:
/cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-postfix,v
retrieving revision 1.23
diff -u -r1.23 logcheck-postfix
--- logcheck-postfix 11 Jul 2005 14:41:26 -0000 1.23
+++ logcheck-postfix 21 May 2006 12:05:55 -0000
@@ -22,6 +22,6 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: certificate
verification failed for [^[:space:]]+: num=27:certificate not trusted$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: certificate peer
name verification failed for [^[:space:]]+: [[:digit:]]+ dNSNames in
certificate found, but none matches
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: certificate peer
name verification failed for [^[:space:]]+: CommonName mis-match:(
[._[:alnum:]-]+)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9] <[^[:space:]]+>: Client host
rejected: Greylisted for 300 seconds \(see
http://isg.ee.ethz.ch/tools/postgrey/help/sythos.net.html\);
from=<[^[:space:]]*> to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:upper:]0-9]+:
reject: RCPT from [^[:space:]]+: [45][0-9][0-9] <[^[:space:]]+>: Client host
rejected: Greylisted for [0-9]+ seconds \(see
http://isg.ee.ethz.ch/tools/postgrey/help/.*.html\); from=<[^[:space:]]*>
to=<[^[:space:]]+> proto=(ESMTP|SMTP) helo=<[^[:space:]]+>$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [[:alnum:]]+:
from=<([^[:space:]]+|)>, size=[0-9]+, nrcpt=[0-9]+ \(queue active\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/local\[[0-9]+\]:
[[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)*
relay=local, delay=[0-9]+, status=sent \(delivered to command:
/var/lib/mailman/mail/mailman admin [._[:alnum:]-]+\)$
