X-Git-Url: http://gitweb.michael.orlitzky.com/?p=amavis-logwatch.git;a=blobdiff_plain;f=amavis-logwatch;h=ac93cbcc6a667f3e2fdb609eecd83d4b66e5424a;hp=06b60c8d937846cdfcc39889a17aaf16a9559946;hb=63421f1c92403149be838c64ebb731778c148dde;hpb=15bf4096ea496a28210e2f4c1f34ab28b413566a

diff --git a/amavis-logwatch b/amavis-logwatch
index 06b60c8..ac93cbc 100644
--- a/amavis-logwatch
+++ b/amavis-logwatch
@@ -1799,6 +1799,7 @@ my %ccatmajor_to_sectkey = (
    'INFECTED'    => 'malware',
    'BANNED'      => 'bannedname',
    'UNCHECKED'   => 'unchecked',
+   'UNCHECKED-ENCRYPTED' => 'unchecked',
    'SPAM'        => 'spam',
    'SPAMMY'      => 'spammy',
    'BAD-HEADER'  => 'badheader',
@@ -2032,6 +2033,7 @@ sub create_ignore_list() {
 
    push @ignore_list_final, qr/^Inserting header field: X-Amavis-Hold: /;
    push @ignore_list_final, qr/^Decoding of .* failed, leaving it unpacked: /;
+   push @ignore_list_final, qr/^File::LibMagic::describe_filename failed on p\d+: /;
 
       # various forms of "Using ..."
       # more specific, interesting variants already captured: search "Using"
@@ -2132,6 +2134,7 @@ while (<>) {
         or ($p1 =~ /^SpamControl/)
         or ($p1 =~ /^Perl/)
         or ($p1 =~ /^ESMTP/)
+        or ($p1 =~ /^UTF8SMTP/)
         or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:FWD|SEND) from /)            # log level 4
         or ($p1 =~ /^(?:\(!+\))?(\S+ )?(?:ESMTP|FWD|SEND) via /)       # log level 4
         or ($p1 =~ /^tempdir being removed/)
@@ -2294,7 +2297,7 @@ while (<>) {
       #XXX elsif (($action, $key, $ip, $from, $to) = ( $p1 =~ /^(?:Virus found - quarantined|(?:(Passed|Blocked) )?INFECTED) \(([^\)]+)\),[A-Z .]*(?: \[($re_IP)\])?(?: \[$re_IP\])* [<(]([^>)]*)[>)] -> [(<]([^(<]+)[(>]/o ))
 
       # the first IP is the envelope sender.
-      if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
+      if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|UNCHECKED-ENCRYPTED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
          inc_unmatched('passblock');
          next;
       }