David D. Kilzer
2006-Dec-24 17:32 UTC
[Logcheck-devel] Bug#404422: logcheck-database: postfix/lmtp messages not ignored by ignore.d.server/postfix
Package: logcheck-database Version: 1.2.51 Severity: normal Messages such as these are no longer being filtered by logcheck ('hostname' used to replace actual hostname; 'hostname.com' used to replace actual domain): Dec 23 12:02:58 hostname postfix/lmtp[5047]: 38BE4C21ED: to=<root at hostname.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.1, delays=2/0.16/0.05/1.8, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=03852-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 86403C21FC) Dec 23 12:03:00 hostname postfix/lmtp[5047]: E8CD1C21ED: to=<root at hostname.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=2, delays=0.17/0.01/0.15/1.7, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=04093-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7D190C21FC) Such messages are common when using amavisd-new with lmtp to do spam and virus scanning with postfix. I believe this rule will prevent these messages, but I have not tested it yet (modified from a previous version of the same rule that used to be included in ignore.d.server/postfix in the logcheck-database package): ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/lmtp\[[0-9]+\]: [[:upper:][:digit:]]+: to=<[^[:space:]]+>,( orig_to=<[^[:space:]]+>,)* relay=[^[:space:]]+ [^[:space:]]+,( conn_use=[[:digit:]]+,)? delay=[.0-9]+,( delays=[.0-9/]+, dsn=[0-9.]+,)? status=sent \(250 [0-9.]+ Ok((, id=[-0-9]+, from MTA\([^[:space:]]+\): 250 ([0-9.]+ )?Ok: queued as [0-9A-F]+|, discarded, UBE, id=[-0-9]+))*\)$ Dave -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: powerpc (ppc) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.20-ben7 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages logcheck-database depends on: ii debconf [debconf-2.0] 1.5.3 Debian configuration management sy logcheck-database recommends no packages. -- debconf information: * logcheck-database/rules-directories-note: logcheck-database/standard-rename-note: logcheck-database/conffile-cleanup: false
Seemingly Similar Threads
- mails delivered to the wrong user when using lmtp_proxy and reject_unverified_recipient
- Deliver all addresses to the same mdbox:?
- question on lmtp logged message
- Bug#407777: postfix message not chatched by rules
- Converting to 2.0 and LMTP have userdb and auth-worker complaints