diff options
| author | Hendrik Jäger <gitcommit@henk.geekmail.org> | 2023-09-19 21:47:03 +0200 |
|---|---|---|
| committer | Hendrik Jäger <gitcommit@henk.geekmail.org> | 2023-09-20 09:19:10 +0200 |
| commit | 7dfc98cd0f74b08264eda135d54dfbd5b53d6844 (patch) | |
| tree | 4fedff17ebd72cb94bc6e9c102d31e490ffd31cc | |
| parent | 07a23248de4b0744e628610d2b53188d21dd1c7b (diff) | |
update rules
| -rw-r--r-- | files/etc/logcheck/ignore.d.server/local-dovecot | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/files/etc/logcheck/ignore.d.server/local-dovecot b/files/etc/logcheck/ignore.d.server/local-dovecot index 992fc28..09bb390 100644 --- a/files/etc/logcheck/ignore.d.server/local-dovecot +++ b/files/etc/logcheck/ignore.d.server/local-dovecot @@ -32,13 +32,13 @@ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: lda\([[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: sieve: msgid=<[[:alnum:]":<>{}@?=+/.,_!&\$%#~-]+>: stored mail into mailbox '[^[:space:]]+'$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: lda\([[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: sieve: msgid=unspecified: fileinto action: stored mail into mailbox '[^[:space:]]+'$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: lda\([[:alnum:]]+\)(<[[:digit:]]+><[[:alnum:]+/]+>)?: sieve: msgid=unspecified: stored mail into mailbox '[^[:space:]]+'$ -^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Aborted login by logging out \(.*\): user=<>, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)(: Connection closed)?(, session=<[[:alnum:]/+]+>)?$ +^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Aborted login by logging out \(.*\): user=<[[:alnum:]*_.-]*>(, method=[[:alnum:]-]+)?, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)(: Connection closed)?(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed: read\(size=[[:digit:]]+\) failed: Connection reset by peer \(.*\): user=<>, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed: read\(size=[[:digit:]]+\) failed: Connection reset by peer \(.*\): user=<>, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)( handshaking)?:? read\(size=[[:digit:]]+\) failed: Connection reset by peer(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed: (SSL_accept|SSL_read)\(?\)? failed: .*$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed \(.*\): user=<[[:alnum:]@_.-]*>, method=[[:alnum:]-]+, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed \(.*\): user=<[[:alnum:]@_.-]*>, method=[[:alnum:]-]+, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)(, session=<[[:alnum:]/+]+>)?$ -^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed \(.*\): user=<>, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)( handshaking)?:? Connection closed(, session=<[[:alnum:]/+]+>)?$ +^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed \(.*\): user=<[[:alnum:]@_.-]*>(, method=[[:alnum:]-]+)?, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)( handshaking)?:? Connection closed(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Connection closed \(.*\): user=<>, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+(, (TLS|SSL))?(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Inactivity during authentication \(.*\): user=<[[:alnum:]@_.-]*>, method=[[:alnum:]-]+, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)( handshaking)?:? Connection closed(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected): Inactivity during authentication \(.*\): user=<[[:alnum:]@_.-]*>, method=[[:alnum:]-]+, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)( handshaking)?:? Disconnected(, session=<[[:alnum:]/+]+>)?$ @@ -70,3 +70,4 @@ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: (Aborted login|Disconnected) \(.*\):( user=<[[:alnum:]@_.-]*>,)?( method=[[:alnum:]-]+,)? rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, (TLS|SSL)(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: Login: user=<[[:alnum:]@_.-]+>, method=[[:alnum:]-]+, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, mpid=[[:digit:]]+, (TLS|SSL)( handshaking)?:? read\(size=[[:digit:]]+\) failed: Connection reset by peer(, session=<[[:alnum:]/+]+>)?$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ dovecot: (pop3|imap|managesieve)-login: Login: user=<[[:alnum:]@_.-]+>, method=[[:alnum:]-]+, rip=[[:xdigit:]:.]+, lip=[[:xdigit:]:.]+, mpid=[[:digit:]]+, (TLS|SSL)( handshaking)?:?(, session=<[[:alnum:]/+]+>)?$ + |