thr3ads.net - Logcheck devel - [Logcheck-devel] Bug#689418: logcheck-database: refine sendmail STARTTLS rule [Oct 2012]

If this information is useful, please help other people find it:
Share via:

Stefan Froehlich

2012-Oct-02 12:28 UTC

[Logcheck-devel] Bug#689418: logcheck-database: refine sendmail STARTTLS rule

Package: logcheck-database
Version: 1.3.13
Severity: minor


With sendmail, self-signed certificates trigger a warning like:

| Oct  2 13:02:07 hostname sm-mta[24652]: STARTTLS=client, relay=host.example.,
version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256

There is a logcheck rule for this case (which can be safely ignored),
however it states:

| ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (sendmail|sm-(mta|msp|que))\[[0-9]+\]:
STARTTLS=(server|client), .* verify=(OK|NO)

This should be changed into:

| ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (sendmail|sm-(mta|msp|que))\[[0-9]+\]:
STARTTLS=(server|client), .* verify=(OK|NO|FAIL)


-- System Information:
Debian Release: 6.0.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-- Configuration Files:
/etc/logcheck/ignore.d.server/kernel changed [not included]

-- no debconf information

Logcheck devel - Oct 2012 - Bug#689418: logcheck-database: refine sendmail STARTTLS rule

[Logcheck-devel] Bug#689418: logcheck-database: refine sendmail STARTTLS rule