reassign 319547 sendmail-base thanks! Hey Rainer,
On 24 Jul 2005, at 12:11, Rainer Zocholl wrote:
[EMAIL PROTECTED](maximilian attems) 23.07.05 17:48On Sat, 23 Jul 2005, Rainer Zocholl wrote:from time to time i get such (false) "Security Event".Seems to become common practice :-( Again an "security event", i assume "promiscuous" in msgid triggered. Jul 23 14:46:26 host sm-mta[25759]: j6NCkQTS025759: from=<[EMAIL PROTECTED]>, size=16186, class=0, nrcpts=1, msgid=<[EMAIL PROTECTED]>, proto=ESMTP, daemon=MTA, relay=...
<snip snip>
sorry in that case you have to craft your own rules in local-sm-mta inside of violations.ignore.d. guess we can close that "bug" unless other evidence appears.No, most other such message are suppressed(see rule above) Only if the addresse, message IDs etc. contians "violation trigger words" a -false- security event is generated. That would allow a third party to generate any amount of false security events or annoy the postmaster with false positives. I assume that will be a possible problem with exim, postfix MTA too, as long as logcheck scan these logs. Maybe it should be assigned as a sendmail bug?
The sendmail rules for logcheck are provided by the sendmail-base package. I'm reassigning.
Thanks, -j
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Logcheck-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel
