Andreas Beckmann
2008-Mar-13 16:46 UTC
[Logcheck-devel] Bug#470779: logcheck: postfix false positives on email adresses/msgid containing 'attack'
Package: logcheck Version: 1.2.63 Severity: normal Hi, logcheck creates false positive "Security Alerts" reports on postfix logfiles with lines with email adresses or message ids containing 'attack', e.g.: Mar 13 16:29:10 server postfix/cleanup[28061]: 7C8AE11F87E4: message-id=<02c223fd$75b78c81$39dd45be at attackersbxw> Mar 13 16:29:10 server postfix/qmgr[3318]: 7C8AE11F87E4: from=<attackersbxw at westcosthomes.com>, size=2988, nrcpt=1 (queue active) Andreas -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (300, 'unstable'), (130, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
martin f krafft
2008-Mar-13 19:52 UTC
[Logcheck-devel] Bug#470779: Bug#470779: logcheck: postfix false positives on email adresses/msgid containing 'attack'
wontfix 470779 thanks also sprach Andreas Beckmann <debian at abeckmann.de> [2008.03.13.1746 +0100]:> logcheck creates false positive "Security Alerts" reports on > postfix logfiles with lines with email adresses or message ids > containing 'attack', e.g.:This is a design limitation in postfix. We might fix this by removing the security alerts layer completely, but this problem won't get fixed by itself. Sorry. -- .''`. martin f. krafft <madduck at debian.org> : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature (see http://martin-krafft.net/gpg/) Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20080313/978b5744/attachment.pgp
Debian Bug Tracking System
2009-Aug-18 13:09 UTC
[Logcheck-devel] Bug#470779: marked as done (logcheck: postfix false positives on email adresses/msgid containing 'attack')
Your message dated Tue, 18 Aug 2009 08:59:10 -0400 with message-id <20090818125910.GA11565 at toroia.fbriere.dyndns.org> and subject line Re: Bug#470779: [Logcheck-devel] Bug#470779: logcheck: postfix false positives on email adresses/msgid containing 'attack' has caused the Debian Bug report #470779, regarding logcheck: postfix false positives on email adresses/msgid containing 'attack' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner at bugs.debian.org immediately.) -- 470779: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=470779 Debian Bug Tracking System Contact owner at bugs.debian.org with problems -------------- next part -------------- An embedded message was scrubbed... From: Andreas Beckmann <debian at abeckmann.de> Subject: logcheck: postfix false positives on email adresses/msgid containing 'attack' Date: Thu, 13 Mar 2008 17:46:00 +0100 Size: 2063 URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20090818/2c28a4d3/attachment.eml> -------------- next part -------------- An embedded message was scrubbed... From: =?iso-8859-1?B?RnLpZOlyaWMgQnJp6HJl?= <fbriere at fbriere.net> Subject: Re: Bug#470779: [Logcheck-devel] Bug#470779: logcheck: postfix false positives on email adresses/msgid containing 'attack' Date: Tue, 18 Aug 2009 08:59:10 -0400 Size: 2387 URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20090818/2c28a4d3/attachment-0001.eml>