logcheck: Misc additions.

6 files changed, 12 insertions, 7 deletions

diff --git a/logcheck/ignore.d.server/local b/logcheck/ignore.d.server/local
index 0c978b9..a73f1d5 100644
--- a/logcheck/ignore.d.server/local
+++ b/logcheck/ignore.d.server/local
@@ -135,7 +135,7 @@ murasaki\.(usb|net)\[[0-9]+\]: Execuing "net" "(stop|start)"
 murasaki\.(usb|net)\[[0-9]+\]: execute if(up|down) (eth|(i)?ppp|irda)[0-9]
 murasaki\.usb\[[0-9]+\]: (MATCH\(audio\) -> match_flags:[[:alnum:]]+ )?vendor:[[:alnum:]]+ product:[[:alnum:]]+ Dclass:[[:alnum:]]+ Dsubclass:[[:alnum:]]+ Dprotocol:[[:alnum:]]+ Iclass:[[:alnum:]]+ Isubclass:[[:alnum:]]+ Iprotocol:[[:alnum:]]+
 ### ignore.d.server/nagios
-netsaint: Auto-save of retention data completed successfully\.
+nagios: Auto-save of retention data completed successfully\.
 ### ignore.d.server/netatalk.changes
 afpd\[[0-9]+\]: CNID DB initialized using Sleepycat Software: Berkeley DB
 afpd\[[0-9]+\]: removed [^[:space:]]+/net[\.0-9]+node[0-9]+
@@ -212,6 +212,7 @@ postfix/smtpd\[[0-9]+\]: (lost connection|timeout) after [^ ]+ from [^[:space:]]
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+ sent (message header|mail content) instead of SMTP command:
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: address not listed for hostname [^[:space:]]+
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: hostname [^[:space:]]+ verification failed: Host (name has no address|not found)
+postfix/smtpd\[[0-9]+\]: warning: numeric domain name in resource data of MX record for [^[:space:]]+: [\.0-9]+
 ### ignore.d.server/postgresql
 postgres\[[0-9]+\]: \[[0-9-]+\] \^ICPU .* sec elapsed .* sec\.
 postgres\[[0-9]+\]: \[[0-9-]+\] \^ITotal CPU .* sec elapsed .* sec\.
@@ -359,7 +360,7 @@ ucd-snmp\[[0-9]+\]: Connection from .*
 i(map|pop(2|3))d\[[0-9]+\]: (Broken pipe|Command stream end of file|Connection (reset by peer|timed out))(,)? while (reading (authentication|line|literal|char)|writing text) (user=.* )?host=(([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
 i(map|pop3)d\[[0-9]+\]: (Login|Auth|Authenticated|Logout|Autologout) user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
 i(map|pop3)d\[[0-9]+\]: Killed \(lost mailbox lock\) user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
-i(map|pop3)d\[[0-9]+\]: Moved [0-9]+ bytes of new mail to [^[:space:]]+ from [^[:space:]]+ host= (([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
+i(map|pop3)d\[[0-9]+\]: Moved [0-9]+ bytes of new mail to [^[:space:]]+ from [^[:space:]]+ host= (([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
 imapd\[[0-9]+\]: (port 143|imap|imaps SSL) service init from
 imapd\[[0-9]+\]: No route to host, while reading line user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
 ipop3d\[[0-9]+\]: Error opening or locking INBOX user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
diff --git a/logcheck/ignore.d.server/postfix b/logcheck/ignore.d.server/postfix
index 6215d90..45fd165 100644
--- a/logcheck/ignore.d.server/postfix
+++ b/logcheck/ignore.d.server/postfix
@@ -18,3 +18,4 @@ postfix/smtpd\[[0-9]+\]: (lost connection|timeout) after [^ ]+ from [^[:space:]]
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+ sent (message header|mail content) instead of SMTP command:
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: address not listed for hostname [^[:space:]]+
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: hostname [^[:space:]]+ verification failed: Host (name has no address|not found)
+postfix/smtpd\[[0-9]+\]: warning: numeric domain name in resource data of MX record for [^[:space:]]+: [\.0-9]+
diff --git a/logcheck/ignore.d.server/uw-imap.changes b/logcheck/ignore.d.server/uw-imap.changes
index e0da381..f09e6bd 100644
--- a/logcheck/ignore.d.server/uw-imap.changes
+++ b/logcheck/ignore.d.server/uw-imap.changes
@@ -1,7 +1,7 @@
 i(map|pop(2|3))d\[[0-9]+\]: (Broken pipe|Command stream end of file|Connection (reset by peer|timed out))(,)? while (reading (authentication|line|literal|char)|writing text) (user=.* )?host=(([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
 i(map|pop3)d\[[0-9]+\]: (Login|Auth|Authenticated|Logout|Autologout) user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
 i(map|pop3)d\[[0-9]+\]: Killed \(lost mailbox lock\) user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
-i(map|pop3)d\[[0-9]+\]: Moved [0-9]+ bytes of new mail to [^[:space:]]+ from [^[:space:]]+ host= (([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
+i(map|pop3)d\[[0-9]+\]: Moved [0-9]+ bytes of new mail to [^[:space:]]+ from [^[:space:]]+ host= (([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
 imapd\[[0-9]+\]: (port 143|imap|imaps SSL) service init from
 imapd\[[0-9]+\]: No route to host, while reading line user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
 ipop3d\[[0-9]+\]: Error opening or locking INBOX user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
diff --git a/logcheck/ignore.d.workstation/local b/logcheck/ignore.d.workstation/local
index f06a2c3..220b67b 100644
--- a/logcheck/ignore.d.workstation/local
+++ b/logcheck/ignore.d.workstation/local
@@ -135,7 +135,7 @@ murasaki\.(usb|net)\[[0-9]+\]: Execuing "net" "(stop|start)"
 murasaki\.(usb|net)\[[0-9]+\]: execute if(up|down) (eth|(i)?ppp|irda)[0-9]
 murasaki\.usb\[[0-9]+\]: (MATCH\(audio\) -> match_flags:[[:alnum:]]+ )?vendor:[[:alnum:]]+ product:[[:alnum:]]+ Dclass:[[:alnum:]]+ Dsubclass:[[:alnum:]]+ Dprotocol:[[:alnum:]]+ Iclass:[[:alnum:]]+ Isubclass:[[:alnum:]]+ Iprotocol:[[:alnum:]]+
 ### ignore.d.server/nagios
-netsaint: Auto-save of retention data completed successfully\.
+nagios: Auto-save of retention data completed successfully\.
 ### ignore.d.server/netatalk.changes
 afpd\[[0-9]+\]: CNID DB initialized using Sleepycat Software: Berkeley DB
 afpd\[[0-9]+\]: removed [^[:space:]]+/net[\.0-9]+node[0-9]+
@@ -212,6 +212,7 @@ postfix/smtpd\[[0-9]+\]: (lost connection|timeout) after [^ ]+ from [^[:space:]]
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+ sent (message header|mail content) instead of SMTP command:
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: address not listed for hostname [^[:space:]]+
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: hostname [^[:space:]]+ verification failed: Host (name has no address|not found)
+postfix/smtpd\[[0-9]+\]: warning: numeric domain name in resource data of MX record for [^[:space:]]+: [\.0-9]+
 ### ignore.d.server/postgresql
 postgres\[[0-9]+\]: \[[0-9-]+\] \^ICPU .* sec elapsed .* sec\.
 postgres\[[0-9]+\]: \[[0-9-]+\] \^ITotal CPU .* sec elapsed .* sec\.
@@ -359,7 +360,7 @@ ucd-snmp\[[0-9]+\]: Connection from .*
 i(map|pop(2|3))d\[[0-9]+\]: (Broken pipe|Command stream end of file|Connection (reset by peer|timed out))(,)? while (reading (authentication|line|literal|char)|writing text) (user=.* )?host=(([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
 i(map|pop3)d\[[0-9]+\]: (Login|Auth|Authenticated|Logout|Autologout) user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
 i(map|pop3)d\[[0-9]+\]: Killed \(lost mailbox lock\) user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
-i(map|pop3)d\[[0-9]+\]: Moved [0-9]+ bytes of new mail to [^[:space:]]+ from [^[:space:]]+ host= (([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
+i(map|pop3)d\[[0-9]+\]: Moved [0-9]+ bytes of new mail to [^[:space:]]+ from [^[:space:]]+ host= (([^[:space:]]+ )?\[[\.0-9]+\]|NON-IPv4|UNKNOWN)
 imapd\[[0-9]+\]: (port 143|imap|imaps SSL) service init from
 imapd\[[0-9]+\]: No route to host, while reading line user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
 ipop3d\[[0-9]+\]: Error opening or locking INBOX user=.* host=(([^[:space:]]+ )?\[[\.0-9]+\]|UNKNOWN)
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local
index 7d45325..1e4229e 100644
--- a/logcheck/violations.ignore.d/local
+++ b/logcheck/violations.ignore.d/local
@@ -47,8 +47,9 @@ postfix/smtp\[[0-9]+\]: .* status=deferred \(host [^[:space:]]+\[[\.0-9]+\] said
 postfix/smtp\[[0-9]+\]: .* status=deferred \(host [^[:space:]]+\[[\.0-9]+\] said: 451 Transaction failed.\)
 postfix/smtp\[[0-9]+\]: [A-Z0-9]+: to=<[^[:space:]]+>, relay=127\.0\.0\.1\[127\.0\.0\.1\], delay=[0-9]+, status=bounced \(host 127\.0\.0\.1\[127\.0\.0\.1\] said: 550 Message content rejected, id=[^[:space:]]+\)
 postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection refused|server refused mail service) \(port 25\)
+postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 504 <[^[:space:]]+>: Recipient address rejected: need fully-qualified address; from=<[^[:space:]]+> to=<[^[:space:]]+>
 postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 550 <[^[:space:]]+>: User unknown; from=<[^[:space:]]+> to=<[^[:space:]]+>
-postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 554 <[^[:space:]]+>: (Recipient address rejected: )?(Relay a|A)ccess denied; from=<[^[:space:]]+> to=<[^[:space:]]+>
+postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 554 <[^[:space:]]+>: (Recipient address rejected: )?(Relay a|A)ccess denied; from=<[^[:space:]]*> to=<[^[:space:]]+>
 postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 554 Service unavailable; .* blocked using .*; from=<[^[:space:]]+> to=<[^[:space:]]+>
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: hostname [\.[:alnum:]-]+ verification failed: Host (name has no address|not found)
 ### violations.ignore.d/proftpd
diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix
index 3bb359d..1965032 100644
--- a/logcheck/violations.ignore.d/postfix
+++ b/logcheck/violations.ignore.d/postfix
@@ -13,7 +13,8 @@ postfix/smtp\[[0-9]+\]: .* status=deferred \(host [^[:space:]]+\[[\.0-9]+\] said
 postfix/smtp\[[0-9]+\]: .* status=deferred \(host [^[:space:]]+\[[\.0-9]+\] said: 451 Transaction failed.\)
 postfix/smtp\[[0-9]+\]: [A-Z0-9]+: to=<[^[:space:]]+>, relay=127\.0\.0\.1\[127\.0\.0\.1\], delay=[0-9]+, status=bounced \(host 127\.0\.0\.1\[127\.0\.0\.1\] said: 550 Message content rejected, id=[^[:space:]]+\)
 postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: (Connection refused|server refused mail service) \(port 25\)
+postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 504 <[^[:space:]]+>: Recipient address rejected: need fully-qualified address; from=<[^[:space:]]+> to=<[^[:space:]]+>
 postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 550 <[^[:space:]]+>: User unknown; from=<[^[:space:]]+> to=<[^[:space:]]+>
-postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 554 <[^[:space:]]+>: (Recipient address rejected: )?(Relay a|A)ccess denied; from=<[^[:space:]]+> to=<[^[:space:]]+>
+postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 554 <[^[:space:]]+>: (Recipient address rejected: )?(Relay a|A)ccess denied; from=<[^[:space:]]*> to=<[^[:space:]]+>
 postfix/smtpd\[[0-9]+\]: reject: RCPT from [^[:space:]]+\[[\.0-9]+\]: 554 Service unavailable; .* blocked using .*; from=<[^[:space:]]+> to=<[^[:space:]]+>
 postfix/smtpd\[[0-9]+\]: warning: [^[:space:]]+: hostname [\.[:alnum:]-]+ verification failed: Host (name has no address|not found)