Update another rr.com smtp refusal on failed reverse lookup.

author: Jonas Smedegaard <dr@jones.dk> 2006-04-22 09:27:34 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2006-04-22 09:27:34 +0000
commit: e3b83d99a8bd114f8a93435c896a8e2029b176b0 (patch)
tree: 7ee118392319bce47e3492f0cfab83e2db37ec2f /logcheck
parent: 5a16cc5c700bd46376966e1da64e48c1c5a19f9b (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local
index 0bccbe9..41a74c0 100644
--- a/logcheck/violations.ignore.d/local
+++ b/logcheck/violations.ignore.d/local
@@ -53,7 +53,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 ([\.0-9]+ )?<[^[:space:]]+>: Client host rejected: (Access denied|No mail accepted from you|Reject Dynamic ip|spam source) +\(port 25\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (Access denied|Client host rejected: cannot find your hostname .*|Transaction Failed Listed in deny list\.|Unwelcome connection rejected\.|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+) +\(port 25\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: ([^[:space:]]+ 550 ERROR: Mail Refused - [\.0-9]+ - See http://security.rr.com/cgi-bin/block_lookup\?[\.0-9]+  \)|550 Host [\.0-9]+ is reject as in dynamic reject list \(dynamic.reject\))$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 Access denied  \)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (Access denied|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+)  \)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: ([^[:space:]]+ 550 ERROR: Mail Refused - [\.0-9]+ - See http://security.rr.com/mail_blocks.htm|550 Host [\.0-9]+ is reject as in dynamic reject list \(dynamic.reject\)|554 <[^[:space:]]+\[[\.0-9]+\]>: Client host rejected: No mail accepted from you)$
 
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+: host [^[:space:]]+\[[\.0-9]+\] said: 450 <[^[:space:]]+>: (Recipient|Sender) address rejected: .* \(in reply to RCPT TO command\)$
diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix
index ba4ef55..d3f6a06 100644
--- a/logcheck/violations.ignore.d/postfix
+++ b/logcheck/violations.ignore.d/postfix
@@ -25,7 +25,7 @@
 # Ignore blacklisting due to being dynamic - or without explaining/hinting at all
 ## Grr - could've been a single rule if only logcheck supported custom classes
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: ([^[:space:]]+ 550 ERROR: Mail Refused - [\.0-9]+ - See http://security.rr.com/cgi-bin/block_lookup\?[\.0-9]+  \)|550 Host [\.0-9]+ is reject as in dynamic reject list \(dynamic.reject\))$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 Access denied  \)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/qmgr\[[0-9]+\]: [^[:space:]]+: to=<[^>]*>, relay=none, delay=[0-9]+, status=deferred \(delivery temporarily suspended: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (Access denied|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+)  \)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+: host [^[:space:]]+\[[\.0-9]+\] refused to talk to me: ([^[:space:]]+ 550 ERROR: Mail Refused - [\.0-9]+ - See http://security.rr.com/mail_blocks.htm|550 Host [\.0-9]+ is reject as in dynamic reject list \(dynamic.reject\)|554 <[^[:space:]]+\[[\.0-9]+\]>: Client host rejected: No mail accepted from you)$
 
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: [^[:space:]]+: host [^[:space:]]+\[[\.0-9]+\] said: 450 <[^[:space:]]+>: (Recipient|Sender) address rejected: .* \(in reply to RCPT TO command\)$
author	Jonas Smedegaard <dr@jones.dk>	2006-04-22 09:27:34 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2006-04-22 09:27:34 +0000
commit	e3b83d99a8bd114f8a93435c896a8e2029b176b0 (patch)
tree	7ee118392319bce47e3492f0cfab83e2db37ec2f /logcheck
parent	5a16cc5c700bd46376966e1da64e48c1c5a19f9b (diff)