$$divisor == $Totals{$keyname} ? 100.00 : $Totals{$keyname} * 100 / $$divisor;
}
else {
- push @{$lines[$cur_level]},
- sprintf "$fmt %-23s $extra\n", $total, $desc, commify ($Totals{$keyname});
+ my $new_line;
+ if ($extra eq '') {
+ $new_line = sprintf("$fmt %-23s \n", $total, $desc);
+ }
+ else {
+ $new_line = sprintf("$fmt %-23s $extra\n",
+ $total,
+ $desc,
+ commify ($Totals{$keyname}));
+ }
+ push @{$lines[$cur_level]}, $new_line
}
}
}
'INFECTED' => 'malware',
'BANNED' => 'bannedname',
'UNCHECKED' => 'unchecked',
+ 'UNCHECKED-ENCRYPTED' => 'unchecked',
'SPAM' => 'spam',
'SPAMMY' => 'spammy',
'BAD-HEADER' => 'badheader',
push @ignore_list_final, qr/^fish_out_ip_from_received: /;
push @ignore_list_final, qr/^Waiting for the process \S+ to terminate/;
push @ignore_list_final, qr/^Valid PID file \(younger than sys uptime/;
+ push @ignore_list_final, qr/^no \$pid_file configured, not checking it/;
push @ignore_list_final, qr/^Sending SIG\S+ to amavisd/;
push @ignore_list_final, qr/^Can't send SIG\S+ to process/;
push @ignore_list_final, qr/^killing process/;
push @ignore_list_final, qr/^address modified \(/;
push @ignore_list_final, qr/^Request: AM\.PDP /;
push @ignore_list_final, qr/^DSPAM result: /;
- push @ignore_list_final, qr/^bind to \//;
+ push @ignore_list_final, qr/^(will )?bind to \//;
push @ignore_list_final, qr/^ZMQ enabled: /;
push @ignore_list_final, qr/^Inserting header field: X-Amavis-Hold: /;
push @ignore_list_final, qr/^Decoding of .* failed, leaving it unpacked: /;
+ push @ignore_list_final, qr/^File::LibMagic::describe_filename failed on p\d+: /;
# various forms of "Using ..."
# more specific, interesting variants already captured: search "Using"
# unanchored
push @ignore_list_final, qr/\bRUSAGE\b/;
push @ignore_list_final, qr/: Sending .* to UNIX socket/;
+
+ # Lines beginning with "sd_notify:" or "sd_notify (no socket):"
+ # describe what is being sent to the systemd notification socket,
+ # if one exists.
+ push @ignore_list_final, qr/^sd_notify( \(no socket\))?:/;
}
# Notes:
or ($p1 =~ /^SpamControl/)
or ($p1 =~ /^Perl/)
or ($p1 =~ /^ESMTP/)
+ or ($p1 =~ /^UTF8SMTP/)
or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:FWD|SEND) from /) # log level 4
or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:ESMTP|FWD|SEND) via /) # log level 4
or ($p1 =~ /^tempdir being removed/)
#XXX elsif (($action, $key, $ip, $from, $to) = ( $p1 =~ /^(?:Virus found - quarantined|(?:(Passed|Blocked) )?INFECTED) \(([^\)]+)\),[A-Z .]*(?: \[($re_IP)\])?(?: \[$re_IP\])* [<(]([^>)]*)[>)] -> [(<]([^(<]+)[(>]/o ))
# the first IP is the envelope sender.
- if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: {[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
+ if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|UNCHECKED-ENCRYPTED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
inc_unmatched('passblock');
next;
}