Catch mail that is passed UNCHECKED-ENCRYPTED.

[amavis-logwatch.git] / amavis-logwatch

diff --git a/amavis-logwatch b/amavis-logwatch
index 06b60c8d937846cdfcc39889a17aaf16a9559946..448de3a13344ed03f2723fac44af90e054369504 100644 (file)
--- a/amavis-logwatch
+++ b/amavis-logwatch
@@ -1799,6 +1799,7 @@ my %ccatmajor_to_sectkey = (
    'INFECTED'    => 'malware',
    'BANNED'      => 'bannedname',
    'UNCHECKED'   => 'unchecked',
+   'UNCHECKED-ENCRYPTED' => 'unchecked',
    'SPAM'        => 'spam',
    'SPAMMY'      => 'spammy',
    'BAD-HEADER'  => 'badheader',
@@ -2132,6 +2133,7 @@ while (<>) {
         or ($p1 =~ /^SpamControl/)
         or ($p1 =~ /^Perl/)
         or ($p1 =~ /^ESMTP/)
+        or ($p1 =~ /^UTF8SMTP/)
         or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:FWD|SEND) from /)            # log level 4
         or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:ESMTP|FWD|SEND) via /)       # log level 4
         or ($p1 =~ /^tempdir being removed/)
@@ -2294,7 +2296,7 @@ while (<>) {
       #XXX elsif (($action, $key, $ip, $from, $to) = ( $p1 =~ /^(?:Virus found - quarantined|(?:(Passed|Blocked) )?INFECTED) \(([^\)]+)\),[A-Z .]*(?: \[($re_IP)\])?(?: \[$re_IP\])* [<(]([^>)]*)[>)] -> [(<]([^(<]+)[(>]/o ))
 
       # the first IP is the envelope sender.
-      if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
+      if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|UNCHECKED-ENCRYPTED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
          inc_unmatched('passblock');
          next;
       }