diff options
Diffstat (limited to 'logcheck')
| -rw-r--r-- | logcheck/cracking.ignore.d/local-postfix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/logcheck/cracking.ignore.d/local-postfix b/logcheck/cracking.ignore.d/local-postfix new file mode 100644 index 0000000..6419b51 --- /dev/null +++ b/logcheck/cracking.ignore.d/local-postfix @@ -0,0 +1,4 @@ +# Suspiciously worded hostname or email address is not a security thread +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: ([[:xdigit:]]+|NOQUEUE): ([^[:space:]]+=[^[:space:]]+, )*(from|helo|message-id|to)=<[^>]*(attack|nested)[^>]*>.*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/[[:alnum:]]+\[[0-9]+\]: warning: no MX host for [^[:space:]]*(attack|nested)[^[:space:]]* has a valid A record$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp+\[[0-9]+\]: connect to [^[:space:]]*(attack|nested)[^[:space:]]*:.*$ |