diff options
Diffstat (limited to 'logcheck/violations.ignore.d/postfix')
| -rw-r--r-- | logcheck/violations.ignore.d/postfix | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/logcheck/violations.ignore.d/postfix b/logcheck/violations.ignore.d/postfix index af23cc2..e33dbc0 100644 --- a/logcheck/violations.ignore.d/postfix +++ b/logcheck/violations.ignore.d/postfix @@ -19,9 +19,11 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?450 Client host rejected: cannot find your hostname, \[[\.0-9]+\] +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?450 <[^[:space:]]+>: Client host rejected: may not be mail exchanger +\(port 25\)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?521 [^[:space:]]+ access denied +\(port 25\)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: (Blocked|Use an authorized relay)|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)|This system is configured to reject mail from [^[:space:]]+ \[[\.0-9]+\] \((DNS reverse lookup failed|Host blacklisted - Found on Realtime Black List server '[^[:space:]]+')\)) +\(port 25\)$ +#^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: (Blocked|Use an authorized relay)|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)|This system is configured to reject mail from [^[:space:]]+ \[[\.0-9]+\] \((DNS reverse lookup failed|Host blacklisted - Found on Realtime Black List server '[^[:space:]]+')\)) +\(port 25\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?550 (<[^[:space:]]+>: Client host rejected: (Blocked|Use an authorized relay)|[\.0-9]+, Sorry access denied to you|ERROR: Mail Refused - [\.0-9]+ - See [^[:space:]]+|Host [\.0-9]+ is reject as in dynamic reject list \(dynamic\.reject\)|This system is configured to reject mail from [^[:space:]]+ \[[\.0-9]+\] \((DNS reverse lookup failed|Host blacklisted - Found on Realtime Black List server '[^[:space:]]+')\))$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 ([\.0-9]+ )?<[^[:space:]]+>: Client host rejected: (Access denied|No mail accepted from you|Reject Dynamic ip|spam source) +\(port 25\)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (Access denied|Client host rejected: cannot find your hostname.*|(IP|Unwelcome) connection rejected\.|Transaction Failed( Listed in deny list\.)?|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+) +\(port 25\)$ +#^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (Access denied|Client host rejected: cannot find your hostname.*|(IP|Unwelcome) connection rejected\.|Transaction Failed( Listed in deny list\.)?|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+) +\(port 25\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+\[[\.0-9]+\]: server refused to talk to me: ([^[:space:]]+ +)?554 (Access denied|Client host rejected: cannot find your hostname.*|(IP|Unwelcome) connection rejected\.|Transaction Failed( Listed in deny list\.)?|#5\.5\.4 Relaying denied\. IP name lookup failed for [\.0-9]+)$ # Ignore blacklisting due to being dynamic - or without explaining/hinting at all ## Grr - could've been a single rule if only logcheck supported custom classes |