From c314dd4420a58cadb5b3b7fb46d056a8333f6b29 Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Sat, 31 Jul 2004 16:10:13 +0000
Subject: Yet another tweak to ignoring bad words in email addresses.

---
 logcheck/violations.ignore.d/local | 4 ++--
 logcheck/violations.ignore.d/temp  | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local
index 57a0d66..b4da2a2 100644
--- a/logcheck/violations.ignore.d/local
+++ b/logcheck/violations.ignore.d/local
@@ -84,5 +84,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: reject: .*: 554 <[^[:space:]]*>: Recipient address rejected: User unknown; .*
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: spp_http_decode: IIS Unicode attack detected:
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postgres\[[0-9]+\]: \[[0-9-]+\] DEBUG: .*
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ amavis\[[0-9]+\]: .*<[^[:space:]]*(attack|debug|expn|refused)[^[:space:]]*>.*
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix.*\[[0-9]+\]: .* (from|message\-id|to)=<[^[:space:]]*(attack|debug|expn|refused)[^[:space:]]*>.*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ amavis\[[0-9]+\]: .*<[^[:space:]]*(attack|debug|deny|expn|refused)[^[:space:]]*>.*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix.*\[[0-9]+\]: .* (from|message\-id|to)=<[^[:space:]]*(attack|debug|deny|expn|refused)[^[:space:]]*>.*
diff --git a/logcheck/violations.ignore.d/temp b/logcheck/violations.ignore.d/temp
index 00f2afb..c669588 100644
--- a/logcheck/violations.ignore.d/temp
+++ b/logcheck/violations.ignore.d/temp
@@ -24,5 +24,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: spp_http_decode: IIS Unicode attack detected:
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postgres\[[0-9]+\]: \[[0-9-]+\] DEBUG: .*
 # Suspicious words within email addresses are ok
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ amavis\[[0-9]+\]: .*<[^[:space:]]*(attack|debug|expn|refused)[^[:space:]]*>.*
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix.*\[[0-9]+\]: .* (from|message\-id|to)=<[^[:space:]]*(attack|debug|expn|refused)[^[:space:]]*>.*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ amavis\[[0-9]+\]: .*<[^[:space:]]*(attack|debug|deny|expn|refused)[^[:space:]]*>.*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix.*\[[0-9]+\]: .* (from|message\-id|to)=<[^[:space:]]*(attack|debug|deny|expn|refused)[^[:space:]]*>.*
-- 
cgit v1.2.3