David D. Kilzer
2006-Dec-24 17:32 UTC
[Logcheck-devel] Bug#404422: logcheck-database: postfix/lmtp messages not ignored by ignore.d.server/postfix
Package: logcheck-database
Version: 1.2.51
Severity: normal
Messages such as these are no longer being filtered by logcheck
('hostname' used to replace actual hostname; 'hostname.com' used
to
replace actual domain):
Dec 23 12:02:58 hostname postfix/lmtp[5047]: 38BE4C21ED: to=<root at
hostname.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.1,
delays=2/0.16/0.05/1.8, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=03852-07, from
MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 86403C21FC)
Dec 23 12:03:00 hostname postfix/lmtp[5047]: E8CD1C21ED: to=<root at
hostname.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024,
delay=2, delays=0.17/0.01/0.15/1.7, dsn=2.6.0, status=sent (250 2.6.0 Ok,
id=04093-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7D190C21FC)
Such messages are common when using amavisd-new with lmtp to do spam and
virus scanning with postfix. I believe this rule will prevent these
messages, but I have not tested it yet (modified from a previous version
of the same rule that used to be included in ignore.d.server/postfix in
the logcheck-database package):
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/lmtp\[[0-9]+\]:
[[:upper:][:digit:]]+: to=<[^[:space:]]+>,(
orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+ [^[:space:]]+,(
conn_use=[[:digit:]]+,)? delay=[.0-9]+,( delays=[.0-9/]+, dsn=[0-9.]+,)?
status=sent \(250 [0-9.]+ Ok((, id=[-0-9]+, from MTA\([^[:space:]]+\): 250
([0-9.]+ )?Ok: queued as [0-9A-F]+|, discarded, UBE, id=[-0-9]+))*\)$
Dave
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.20-ben7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages logcheck-database depends on:
ii debconf [debconf-2.0] 1.5.3 Debian configuration management sy
logcheck-database recommends no packages.
-- debconf information:
* logcheck-database/rules-directories-note:
logcheck-database/standard-rename-note:
logcheck-database/conffile-cleanup: false
Maybe Matching Threads
- mails delivered to the wrong user when using lmtp_proxy and reject_unverified_recipient
- Deliver all addresses to the same mdbox:?
- question on lmtp logged message
- Bug#407777: postfix message not chatched by rules
- Converting to 2.0 and LMTP have userdb and auth-worker complaints
Wisdom of the Ancients
