Logcheck filters - help!
Things like this work:
kernel: OUT-internet:IN= OUT=eth0
su.*: \+ pts\/0 username-root
imaplogin:
But I want to suppress all my smtpd messages (relay denied, user unknown). I'm trying to do it this way, but it's not working:
postfix\/smtpd.*:
Here's an example of two of the messages I want to ignore; I get stuff like this all day long:
Feb 1 15:29:54 srv1 postfix/smtpd[23803]: reject: RCPT from unknown[210.122.212.121]: 550 <khickerson@gednet.com>: User unknown; from= <maryellenhorton_3@manairport.co.uk>to= <khickerson@gednet.com>Feb 2 00:54:25 srv1 postfix/smtpd[30508]: reject: RCPT from unknown[222.101.92.125]: 554 <smtphunter66@daum.net>: Recipient address rejected: Relay access denied; from= <smtphunter15@yahoo.co.kr>to=<smtphunter66@daum.net></smtphunter66@daum.net></smtphunter15@yahoo.co.kr></smtphunter66@daum.net></khickerson@gednet.com></maryellenhorton_3@manairport.co.uk></khickerson@gednet.com>
Do I have some kind of regex problem I'm not seeing? I thought it might be the that I'm escaping the / character ("\/") after postfix but it seems to be needed on the su line I'm using.
I've also tried just using "Relay access denied" and others but to no avail.
Any help would be really appreciated.
?