Ignore oidentd failing to locate non-existing user - also for non-numeric hosts. Ignore remote smtp servers referring to authorized relays.

1 files changed, 2 insertions, 2 deletions

diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local
index 068c626..f40e250 100644
--- a/logcheck/violations.ignore.d/local
+++ b/logcheck/violations.ignore.d/local
@@ -41,7 +41,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ netsaint: HOST ALERT:.*;DOWN;SOFT;.*;CRITICAL.*
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ netsaint: HOST ALERT:.*;UP;SOFT;.*;PING OK.*
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ netsaint: Successfully shutdown\.\.\. \(PID=[0-9]+\) $
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: \[[\.0-9]+\] [0-9]+ , 25 : ERROR : NO-USER$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ oidentd\[[0-9]+\]: \[[^[:space:]]+\] [0-9]+ , 25 : ERROR : NO-USER$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ pmud\[[0-9]+\]: Sleep for this PMU unsupported: will shutdown the machine on sleep request$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(local|smtpd)\[[0-9]+\]: warning: [\.0-9]+: hostname [^[:space:]]+ verification failed: Host (name has no address|not found(, try again)?)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/(local|smtpd)\[[0-9]+\]: warning: reject: ETRN [^[:space:]]+\.\.\. from [^[:space:]]+\[[\.0-9]+\]$
@@ -60,7 +60,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?421 Fork failed +\(port 25\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?450 <[^[:space:]]+>: Client host rejected: may not be mail exchanger +\(port 25\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?521 [^[:space:]]+ access denied +\(port 25\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: Blocked|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)) +\(port 25\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: (Blocked|Use an authorized relay)|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)) +\(port 25\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (([\.0-9]+ )?<[^[:space:]]+>: Client host rejected: (No mail accepted from you|Reject Dynamic ip)|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+) +\(port 25\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: ([^[:space:]]+ 550 ERROR: Mail Refused - [\.0-9]+ - See http://security.rr.com/mail_blocks.htm\)|550 Host [\.0-9]+ is reject as in dynamic reject list \(dynamic.reject\))$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: ([^[:space:]]+ 550 ERROR: Mail Refused - [\.0-9]+ - See http://security.rr.com/mail_blocks.htm|550 Host [\.0-9]+ is reject as in dynamic reject list \(dynamic.reject\)|554 <[^[:space:]]+\[[\.0-9]+\]>: Client host rejected: No mail accepted from you)$