X-Git-Url: http://gitweb.michael.orlitzky.com/?a=blobdiff_plain;f=amavis-logwatch;h=6d06793fd721abd5ffded56ce9a1a869ba92f645;hb=a93ee5d433308d2cac76ac9502e34c953ff96337;hp=1aab7871d2b7e83bb2cf067f5c11a693d65a499d;hpb=02cf771776d2f1ad9d7872f3959e41a548adfab9;p=amavis-logwatch.git

diff --git a/amavis-logwatch b/amavis-logwatch
index 1aab787..6d06793 100644
--- a/amavis-logwatch
+++ b/amavis-logwatch
@@ -1799,6 +1799,7 @@ my %ccatmajor_to_sectkey = (
    'INFECTED'    => 'malware',
    'BANNED'      => 'bannedname',
    'UNCHECKED'   => 'unchecked',
+   'UNCHECKED-ENCRYPTED' => 'unchecked',
    'SPAM'        => 'spam',
    'SPAMMY'      => 'spammy',
    'BAD-HEADER'  => 'badheader',
@@ -1957,6 +1958,7 @@ sub create_ignore_list() {
    push @ignore_list_final, qr/^fish_out_ip_from_received: /;
    push @ignore_list_final, qr/^Waiting for the process \S+ to terminate/;
    push @ignore_list_final, qr/^Valid PID file \(younger than sys uptime/;
+   push @ignore_list_final, qr/^no \$pid_file configured, not checking it/;
    push @ignore_list_final, qr/^Sending SIG\S+ to amavisd/;
    push @ignore_list_final, qr/^Can't send SIG\S+ to process/;
    push @ignore_list_final, qr/^killing process/;
@@ -2032,6 +2034,7 @@ sub create_ignore_list() {
 
    push @ignore_list_final, qr/^Inserting header field: X-Amavis-Hold: /;
    push @ignore_list_final, qr/^Decoding of .* failed, leaving it unpacked: /;
+   push @ignore_list_final, qr/^File::LibMagic::describe_filename failed on p\d+: /;
 
       # various forms of "Using ..."
       # more specific, interesting variants already captured: search "Using"
@@ -2044,6 +2047,11 @@ sub create_ignore_list() {
         # unanchored
    push @ignore_list_final, qr/\bRUSAGE\b/;
    push @ignore_list_final, qr/: Sending .* to UNIX socket/;
+
+   # Lines beginning with "sd_notify:" or "sd_notify (no socket):"
+   # describe what is being sent to the systemd notification socket,
+   # if one exists.
+   push @ignore_list_final, qr/^sd_notify( \(no socket\))?:/;
 }
 
 # Notes:
@@ -2130,6 +2138,7 @@ while (<>) {
         or ($p1 =~ /^SpamControl/)
         or ($p1 =~ /^Perl/)
         or ($p1 =~ /^ESMTP/)
+        or ($p1 =~ /^UTF8SMTP/)
         or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:FWD|SEND) from /)            # log level 4
         or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:ESMTP|FWD|SEND) via /)       # log level 4
         or ($p1 =~ /^tempdir being removed/)
@@ -2292,7 +2301,7 @@ while (<>) {
       #XXX elsif (($action, $key, $ip, $from, $to) = ( $p1 =~ /^(?:Virus found - quarantined|(?:(Passed|Blocked) )?INFECTED) \(([^\)]+)\),[A-Z .]*(?: \[($re_IP)\])?(?: \[$re_IP\])* [<(]([^>)]*)[>)] -> [(<]([^(<]+)[(>]/o ))
 
       # the first IP is the envelope sender.
-      if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
+      if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|UNCHECKED-ENCRYPTED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
          inc_unmatched('passblock');
          next;
       }