From c578957b19c2d242814344d383dde62457a5c478 Mon Sep 17 00:00:00 2001 From: Hendrik Jäger Date: Wed, 23 Oct 2024 09:16:17 +0200 Subject: update rules --- files/etc/logcheck/ignore.d.server/local-exim | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/etc/logcheck/ignore.d.server/local-exim b/files/etc/logcheck/ignore.d.server/local-exim index f04a0bd..096151f 100644 --- a/files/etc/logcheck/ignore.d.server/local-exim +++ b/files/etc/logcheck/ignore.d.server/local-exim @@ -60,7 +60,7 @@ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? Running acl_[^[:space:]]+ for domain [[:alnum:].-]+$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? Running acl_[^[:space:]]+ for IP [[:xdigit:].:]+$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? Running acl_[^[:space:]]+ for user [[:alnum:]-]+$ -^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? Running acl_[^[:space:]]+ for MAIL FROM [^[:space:]-]+( with RCPT TO [^[:space:]]+)? from IP [[:xdigit:]:.]+$ +^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? Running acl_[^[:space:]]+ for MAIL FROM [^[:space:]]+( with RCPT TO [^[:space:]]+)? from IP [[:xdigit:]:.]+$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? SMTP connection lost after final dot H=(([^[:space:]]+ )?(\([^[:space:]]+\) )?)?\[[[:xdigit:].:]+\] I=\[[[:xdigit:].:]+\]:[[:digit:]]+ P=esmtps$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? SMTP connection lost after final dot [^[:space:]]* to @ via \[[[:xdigit:].:]+\]: tls-failed$ ^(\w{3} [ :0-9]{11}|[0-9T:.+-]{32}) [._[:alnum:]-]+ exim\[[[:digit:]]+\]:( \[1[\\/][[:digit:]]+\])?( [[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2} [[:digit:]:.]+ \[[[:digit:]]+\])?( [[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2})? <= [^[:space:]]+ H=(([^[:space:]]+ )?(\([^[:space:]]+\) )?)?\[[[:xdigit:].:]+\]:[[:digit:]]+ I=\[[[:xdigit:].:]+\]:[[:digit:]]+( U=[^[:space:]]+)? P=esmtpsa X=[^[:space:]]+ CV=(no|yes)( SNI=[^[:space:]]+)? A=(dovecot_plain|dovecot_login):[[:alnum:]:@.-]+( PRDR)? S=[[:digit:]]+ id=[^[:space:]]+ from <[^[:space:]]+> for .*$ -- cgit v1.2.3