On Mon, Apr 27, 2009 at 02:55:41PM -0600, Jacob Anawalt wrote:
> When I look at my mail.warn file (log level warn or greater), or grep
> mail.log for warning messages, I am presented with a flood of 'Name or
> service not known', 'address not listed for hostname', and 'numeric
> hostname' messages. I run a small site yet mail.warn log has 16k lines
> since yesterday and 14k of them are one of the those messages.
SMTP server warnings I typically ignore when reporting unusual log events:
$tmp = join("|",
q{Illegal address syntax from },
q{TLS library problem: \d+:error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number:},
q{TLS library problem: \d+:error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 alert bad certificate:},
q{TLS library problem: \d+:error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:},
q{Unable to look up (?:MX|NS) host \S+ for Sender address },
q{Unable to look up (?:MX|NS) host for \S+:},
q{[\d.]+: address not listed for hostname \S+},
q{[\d.]+: hostname \S+ verification failed: },
q{\w+: queue file size limit exceeded},
q{malformed domain name in resource data of (?:MX|NS|CNAME) record for
\S+:},
q{network_biopair_interop: error reading \d+ bytes from the network:
Connection reset by peer},
q{network_biopair_interop: error writing \d+ bytes to the network:
(?:Connection reset by peer|Broken pipe)},
q{non-SMTP command from \S+:},
q{numeric domain name in resource data of (?:MX|NS) record for \S+:},
q{numeric hostname: },
q{valid_hostname: empty hostname},
q{valid_hostname: invalid character \S+:},
q{valid_hostname: misplaced delimiter:},
q{valid_hostname: numeric hostname: },
);
my $smtpdok = qr{$tmp};
SMTP client warnings I typically ignore when reporting unusual log events:
$tmp = join("|",
q{TLS library problem: \d+:error:140770FC:SSL
routines:SSL23_GET_SERVER_HELLO:unknown protocol:},
q{TLS library problem: \d+:error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:},
q{malformed domain name in resource data of (?:MX|CNAME) record for
\S+:},
q{network_biopair_interop: error reading \d+ bytes from the network:
Connection reset by peer},
q{network_biopair_interop: error writing \d+ bytes to the network:
(?:Connection reset by peer|Broken pipe)},
q{no MX host for \S+ has a valid address record},
q{numeric domain name in resource data of MX record for \S+:},
q{tls_text_name: \S+ peer certificate has no (?:subject CN|issuer
Organization)},
q{valid_hostname: empty hostname},
q{valid_hostname: invalid character \S+:},
q{valid_hostname: misplaced delimiter:},
q{valid_hostname: numeric hostname: },
q{host \S+\[(?:0\.0\.0\.0|127\.0\.0\.1)\]:25}.
q{ (?:greeted me|replied to HELO/EHLO) with my own hostname},
);
my $smtpok = qr{$tmp};
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
