Logcheck devel - Jun 2010 - [PATCH] i.d.s/postfix: fixed policyd-weight patterns

At least the policyd-weight in lenny seems to generate quite different
patterns. For example the 'rate' is output multiple times in some
situations, the 'check from' is omited sometimes and somehow those log
messages have a trailing blank.

With those patterns logcheck stays silent again.

Signed-off-by: Mathias Krause <minipli at googlemail.com>
---
 rulefiles/linux/ignore.d.server/postfix |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/rulefiles/linux/ignore.d.server/postfix
b/rulefiles/linux/ignore.d.server/postfix
index be14415..2a6b554 100644
--- a/rulefiles/linux/ignore.d.server/postfix
+++ b/rulefiles/linux/ignore.d.server/postfix
@@ -29,10 +29,10 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/policy-spf\[[[:digit:]]+\]: :
SPF pass: smtp_comment=.*: [.[:alnum:]]+ MX [.[:alnum:]]+ A [[:digit:]a-f.:]+,
header_comment=[.[:alnum:]]+: domain of [%[:punct:][:alnum:]]+@[.[:alnum:]]+
designates [[:xdigit:].:]{3,39} as permitted sender$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/policy-spf\[[[:digit:]]+\]:
decided action=DUNNO$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/policy-spf\[[[:digit:]]+\]:
handler sender_permitted_from: DUNNO$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: (weighted check|decided action=PREPEND
X-policyd-weight):  ([_[:alpha:]]+=((-)?[[:digit:].]+|ERR) )+(\(check from:
[^[:space:]]+ - helo: [^[:space:]]+ - helo-domain: [^[:space:]]+\) 
([\()/_[:alnum:]]+=(-)?[[:digit:].]+ )+)*<client=[^[:space:]]+>
<helo=[^[:space:]]+> <from=[^[:space:]]+> <to=[^[:space:]]+>,
rate: (-)?[[:digit:].]+(; delay: [[:digit:]]+s)?$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: cache: (purged|deleted) [^[:space:]]+
from HAM cache$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: decided action=(450 |550) (Mail appeared
to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX
settings or to get removed from DNSBLs(; (in [^[:space:]]+|MTA helo:
[^[:space:]]+, MTA hostname: [^[:space:]]+ \(helo/hostname mismatch\)|please
relay via your ISP \([._[:alnum:]-]+\)))*|Your MTA is listed in too many DNSBLs;
check [^[:space:]]+|temporarily blocked because of previous errors - retrying
too fast\. penalty: [[:digit:]]+ seconds x [[:digit:]]+ retries\.)(
\(multirecipient mail\))?(; delay: [[:digit:]]+s)?$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: decided action=PREPEND X-policyd-weight:
using cached result; rate:(hard:)? (-)?[[:digit:].]+(; delay: [[:digit:]]+s)?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: (weighted check|decided action=PREPEND
X-policyd-weight):  ([_[:alpha:]]+=((-)?[[:digit:].]+|ERR) ?)+(\(check from:
[^[:space:]]+ - helo: [^[:space:]]+ - helo-domain: [^[:space:]]+\) 
([\()/_[:alnum:]]+=(-)?[[:digit:].]+ ?)+)?(; rate: (-)?[[:digit:].]+)?;
*<client=[^[:space:]]+> <helo=[^[:space:]]+>
<from=[^[:space:]]+> <to=[^[:space:]]+>(; rate:
(-)?[[:digit:].]+)?(; delay: [[:digit:]]+s)? ?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: cache: (purged|deleted) [^[:space:]]+
from HAM cache ?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: decided action=(450 |550) (Mail appeared
to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX
settings or to get removed from DNSBLs(; (in [^[:space:]]+|MTA helo:
[^[:space:]]+, MTA hostname: [^[:space:]]+ \(helo/hostname mismatch\)|please
relay via your ISP \([._[:alnum:]-]+\)))*|Your MTA is listed in too many DNSBLs;
check [^[:space:]]+|temporarily blocked because of previous errors - retrying
too fast\. penalty: [[:digit:]]+ seconds x [[:digit:]]+ retries\.)(
\(multirecipient mail\))?(; delay: [[:digit:]]+s)? ?$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
postfix/policyd-weight\[[[:digit:]]+\]: decided action=PREPEND X-policyd-weight:
using cached result; rate:(hard:)? (-)?[[:digit:].]+(;
*<client=[^[:space:]]+> <helo=[^[:space:]]+>
<from=[^[:space:]]+> <to=[^[:space:]]+>)?(; delay: [[:digit:]]+s)?
?$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/postfix-script: refreshing the
Postfix mail system$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/postsuper\[[[:digit:]]+\]:
Deleted: [[:digit:]]+ messages?$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/qmgr\[[[:digit:]]+\]:
[[:alnum:]]+: from=<[^[:space:]]*>, size=[[:digit:]]+, nrcpt=[[:digit:]]+
\(queue active\)$
-- 
1.5.6.5