Ignore suspicious-sounding smtpd addresses also when tagged as NOQUEUE.

author: Jonas Smedegaard <dr@jones.dk> 2006-08-06 13:11:33 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2006-08-06 13:11:33 +0000
commit: 3433c5d5b203df938e4e382276a2f61adadf82f5 (patch)
tree: 44e17780914b2fe98ac16ad8cf4b16d987891b13 /logcheck/violations.ignore.d/postfix
parent: 4d109e847534b3dc02043cf68f103d15d9585cff (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix
index 2f7bebc..ed5ec2b 100644
--- a/logcheck/violations.ignore.d/postfix
+++ b/logcheck/violations.ignore.d/postfix
@@ -17,5 +17,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:xdigit:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: .*$
 
 # Suspiciously worded hostname or email address is not a security thread
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: [[:xdigit:]]+: ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|promisc|refused)[^>]*>.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([[:xdigit:]]+|NOQUEUE): ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|promisc|refused)[^>]*>.*$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|BAD|debug|denied|deny|error|expn|promisc|refused)[^[:space:]]* has a valid A record$
author	Jonas Smedegaard <dr@jones.dk>	2006-08-06 13:11:33 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2006-08-06 13:11:33 +0000
commit	3433c5d5b203df938e4e382276a2f61adadf82f5 (patch)
tree	44e17780914b2fe98ac16ad8cf4b16d987891b13 /logcheck/violations.ignore.d/postfix
parent	4d109e847534b3dc02043cf68f103d15d9585cff (diff)