calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1958'
${ noResults }
gentoo-overlay/net-mail/amavis-logwatch/files/unchecked-encrypted.patch

42 lines
2.0 KiB
Raw Permalink Blame History

From e9f83dde1b241ce449264db7a517124bb115dd99 Mon Sep 17 00:00:00 2001
From: Michael Orlitzky <michael@orlitzky.com>
Date: Wed, 6 Sep 2017 09:19:42 -0400
Subject: [PATCH 1/1] Catch mail that is passed UNCHECKED-ENCRYPTED.
Some encrypted mail can pass through the system with a log line like,
(01495-17) Passed UNCHECKED-ENCRYPTED {RelayedTaggedInbound}, ...
These were unmatched, because the "-ENCRYPTED" suffix is new. One
regular expression and a dictionary have been updated to catch those
lines and dump them into the "unchecked" bin with the rest of the
UNCHECKED lines.
---
amavis-logwatch | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/amavis-logwatch b/amavis-logwatch
index deb9146..448de3a 100644
--- a/amavis-logwatch
+++ b/amavis-logwatch
@@ -1799,6 +1799,7 @@ my %ccatmajor_to_sectkey = (
'INFECTED' => 'malware',
'BANNED' => 'bannedname',
'UNCHECKED' => 'unchecked',
+ 'UNCHECKED-ENCRYPTED' => 'unchecked',
'SPAM' => 'spam',
'SPAMMY' => 'spammy',
'BAD-HEADER' => 'badheader',
@@ -2295,7 +2296,7 @@ while (<>) {
#XXX elsif (($action, $key, $ip, $from, $to) = ( $p1 =~ /^(?:Virus found - quarantined|(?:(Passed|Blocked) )?INFECTED) \(([^\)]+)\),[A-Z .]*(?: \[($re_IP)\])?(?: \[$re_IP\])* [<(]([^>)]*)[>)] -> [(<]([^(<]+)[(>]/o ))
# the first IP is the envelope sender.
- if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
+ if ($p1 !~ /^(CLEAN|SPAM(?:MY)?|INFECTED \(.*?\)|BANNED \(.*?\)|BAD-HEADER(?:-\d)?|UNCHECKED|UNCHECKED-ENCRYPTED|MTA-BLOCKED|OVERSIZED|OTHER|TEMPFAIL)(?: \{[^}]+})?, ([^[]+ )?(?:([^<]+) )?[<(](.*?)[>)] -> ([(<].*?[)>]), (?:.*Hits: ([-+.\d]+))(?:.* size: (\d+))?(?:.* autolearn=(\w+))?/) {
inc_unmatched('passblock');
next;
}
--
2.13.0
Reference in new issue View Git Blame Copy Permalink