Package: logcheck
Version: 1.2.63
Severity: wishlist
Tags: patch
There are currently no rules matching couriertcpd. I have found the following
work with courier-imap-ssl <= 4.2.0-1 and courier-base <= 0.57.0-1 . It may
be worth merging these with the other courier rulesets.
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ couriertcpd: LOGIN: ip=\[[.:[:alnum:]]+\],
command=(CAPABILITY|AUTHENTICATE|LOGIN)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ couriertcpd: LOGIN: ip=\[[.:[:alnum:]]+\],
username=[._[:alnum:]-]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ couriertcpd: LOGIN, user=[._[:alnum:]-]+,
ip=\[[.:[:alnum:]]+\], port=\[[[:digit:]]+\], protocol=(POP|IMAP)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ couriertcpd: Connection,
ip=\[[.:[:alnum:]]+\]$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ couriertcpd: Disconnected,
ip=\[[.:[:alnum:]]+\], time=[0-9]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ couriertcpd: (LOGOUT|TIMEOUT|DISCONNECTED),
[EMAIL PROTECTED]:alnum:]]+, ip=\[[.:[:alnum:]]+\], headers=[0-9]+,
body=[0-9]+, rcvd=[0-9]+, sent=[0-9]+, time=[0-9]+$
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.18-xenU-xp070519 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages logcheck depends on:
ii adduser 3.105 add and remove users and groups
ii cron 3.0pl1-100 management of regular background p
ii lockfile-progs 0.1.11 Programs for locking and unlocking
ii logtail 1.2.63 Print log file lines that have not
ii mailx 1:8.1.2-0.20070424cvs-1 A simple mail user agent
ii postfix [mail-tr 2.4.5-3 High-performance mail transport ag
ii sysklogd [system 1.5-1 System Logging Daemon
Versions of packages logcheck recommends:
ii logcheck-database 1.2.63 database of system log rules for t
-- debconf information:
logcheck/changes:
* logcheck/install-note:
_______________________________________________
Logcheck-devel mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel
