--- pop3~ 2012-03-27 06:04:56.000000000 +0300
+++ pop3 2012-04-01 04:28:48.000000000 +0300
@@ -60,7 +60,7 @@
($ThisLine =~ /^maildrop: can't read message$/) or
($ThisLine =~ /^mailbox: mailbox content has been changed$/) or
($ThisLine =~ /^(sktbuff|maildrop): write: Connection reset by peer$/) or
- ($ThisLine =~ /^(sktbuff|maildrop): write: Connection timed out$/) or ($ThisLine =~ /^mailspool_build_index.*: skipping c-client metadata$/) or
+ ($ThisLine =~ /^(sktbuff|maildrop|couriertls): (write|read): Connection timed out$/) or ($ThisLine =~ /^mailspool_build_index.*: skipping c-client metadata$/) or
($ThisLine =~ /^open: Permission denied$/) or
($ThisLine =~ /^read: Broken pipe$/) or
($ThisLine =~ /^read: Connection reset by peer$/) or
@@ -71,14 +71,15 @@
($ThisLine =~ /tpop3d startup succeeded$/) or
($ThisLine =~ /^disconnected, user=/i) or
($ThisLine =~ /^timeout, user=/i) or
- ($ThisLine =~ /^connection, ip=/i)
- or ($ThisLine =~ /^Connection, ip=/o)
+ ($ThisLine =~ /^connection, ip=/i) or
+ ($ThisLine =~ /Connection, ip=/) or
+ ($ThisLine =~ /digascii: [a-f0-9]*, response: /)
) {
# Don't care about these...
} elsif (
(($User, $Host) = ( $ThisLine =~ /^user (.*?) authenticated - (.*)$/ )) or
(($User, $Host) = ( $ThisLine =~ /^fork_child: \[\d\].*\((.*)\): began session for `(.*)' with .*; child PID is \d+$/ ))
- or (($User, $Host) = ( $ThisLine =~ /^LOGIN, user=(.*?), ip=\[(.*)\]$/ ))
+ or (($User, $Host) = ( $ThisLine =~ /LOGIN, user=(.*?), ip=\[(.*)\]$/ ))
) {
$Login{$User}{$Host}++;
} elsif ( ($User,$Downloaded,$DownloadSize,$Left,$LeftSize) = ( $ThisLine =~ /^Stats: (.*?) (.*?) (.*?) (.*?) (.*?)$/) ) {
@@ -103,7 +104,7 @@
$Logout{$User}{$Host}++;
$Logout2{$User}++;
$Connection{$Host}++;
- } elsif (($dummy, $User, $Host, $DownloadSize1, $DownloadSize2) = ( $ThisLine =~ /^(LOGOUT|TIMEOUT|DISCONNECTED), user=(.*?), ip=\[(.*)\], top=(\d+), retr=(\d+)/o)) {
+ } elsif (($dummy, $User, $Host, $DownloadSize1, $DownloadSize2) = ( $ThisLine =~ /(LOGOUT|TIMEOUT|DISCONNECTED), user=(.*?), ip=\[(.*)\], top=(\d+), retr=(\d+)/o)) {
$DownloadedMessagesSize{$User} += $DownloadSize1 + $DownloadSize2;
$Logout{$User}{$Host}++;
$Logout2{$User}++;
@@ -120,6 +121,8 @@
$LoginFailed{"$Host ($User)"}++;
} elsif ( ($User,$Host) = ( $ThisLine =~ /^authentication failed: no such user: (.*?) - (.*)/ ) ) {
$LoginFailed{"$Host (UNKNOWN: $User)"}++;
+ } elsif ( ($Host) = ( $ThisLine =~ /LOGIN FAILED, ip=\[(.*)\]/ ) ) {
+ $LoginFailed{"$Host"}++;
} elsif ( ($User) = ( $ThisLine =~ /^auth_pam_new_user_pass: pam_authenticate\((.*)\): Authentication failure/) ){
$LoginFailed{$User}++;
} elsif ( ($User) = ( $ThisLine =~ /^authcontext_new_user_pass: rejecting login attempt by `(.*)' with empty password$/) ) {