Expand postfix badword-exclusion to include all single-word entries of the logcheck inclusion.

author: Jonas Smedegaard <dr@jones.dk> 2007-01-23 18:56:32 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2007-01-23 18:56:32 +0000
commit: c7cca9df06e8b42ea93c8f1067b5f06393af9cf8 (patch)
tree: 4900d0ab8ce8c48ae4edac73669ece2920e27f97 /logcheck
parent: 8004a59f8dc0fc6ac8ca83ae9fd73f3c0ed422b9 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix
index 724e3f0..27c47cc 100644
--- a/logcheck/violations.ignore.d/postfix
+++ b/logcheck/violations.ignore.d/postfix
@@ -17,6 +17,6 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [[:xdigit:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: .*$
 
 # Suspiciously worded hostname or email address is not a security thread
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([[:xdigit:]]+|NOQUEUE): ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message-id|to)=<[^>]*(attack|BAD|debug|denied|deny|error|expn|promisc|refused)[^>]*>.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|BAD|debug|denied|deny|error|expn|promisc|refused)[^[:space:]]* has a valid A record$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp+\[[0-9]+\]: connect to [^[:space:]]*(attack|BAD|debug|denied|deny|error|expn|promisc|refused)[^[:space:]]*:.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([[:xdigit:]]+|NOQUEUE): ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message-id|to)=<[^>]*(DEBUG|ERROR|EXPN|FAILURE|Failed|ILLEGAL|PERMITTED|REFUSED|VRFY|BAD|debug|denied|deny|expn|failed|failure|illegal|permitted|promisc|reject|rexec|rshd|securityalert|setsender|shutdown|smrsh|sucked|unapproved|unauthorized|vrfy)[^>]*>.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(DEBUG|ERROR|EXPN|FAILURE|Failed|ILLEGAL|PERMITTED|REFUSED|VRFY|BAD|debug|denied|deny|expn|failed|failure|illegal|permitted|promisc|reject|rexec|rshd|securityalert|setsender|shutdown|smrsh|sucked|unapproved|unauthorized|vrfy)[^[:space:]]* has a valid A record$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp+\[[0-9]+\]: connect to [^[:space:]]*(DEBUG|ERROR|EXPN|FAILURE|Failed|ILLEGAL|PERMITTED|REFUSED|VRFY|BAD|debug|denied|deny|expn|failed|failure|illegal|permitted|promisc|reject|rexec|rshd|securityalert|setsender|shutdown|smrsh|sucked|unapproved|unauthorized|vrfy)[^[:space:]]*:.*$
author	Jonas Smedegaard <dr@jones.dk>	2007-01-23 18:56:32 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2007-01-23 18:56:32 +0000
commit	c7cca9df06e8b42ea93c8f1067b5f06393af9cf8 (patch)
tree	4900d0ab8ce8c48ae4edac73669ece2920e27f97 /logcheck
parent	8004a59f8dc0fc6ac8ca83ae9fd73f3c0ed422b9 (diff)