projects / ossec-hids.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
new upstream release (3.3.0); modify package compatibility for Stretch
[ossec-hids.git] / etc / rules / postfix_rules.xml
diff --git a/etc/rules/postfix_rules.xml b/etc/rules/postfix_rules.xml
old mode 100755 (executable)
new mode 100644 (file)
index fe82aeb..44f9e13
--- a/etc/rules/postfix_rules.xml
+++ b/etc/rules/postfix_rules.xml
@@ -1,4 +1,5 @@
-<!-- @(#) $Id: postfix_rules.xml,v 1.17 2008/04/21 17:32:11 dcid Exp $
+<!-- @(#) $Id: ./etc/rules/postfix_rules.xml, 2011/09/08 dcid Exp $
+
   -  Official postfix rules for OSSEC.
   -  Author: Ahmet Ozturk
   -  Author: Daniel B. Cid
@@ -48,7 +49,7 @@
   <rule id="3305" level="5">
     <if_sid>3300</if_sid>
     <id>^504$</id>
-    <description>Receipent address must contain FQDN </description>
+    <description>Recipient address must contain FQDN </description>
     <description>(504: Command parameter not implemented).</description>
     <group>spam,</group>
   </rule>
@@ -56,7 +57,7 @@
   <rule id="3306" level="6">
     <if_sid>3301, 3302</if_sid>
     <match> blocked using </match>
-    <description>IP Address black-listed by anti-spam (blocked).</description>
+    <description>IP Address deny-listed by anti-spam (blocked).</description>
     <group>spam,</group>
   </rule>
   
@@ -86,7 +87,20 @@
     <description>Postfix insufficient disk space error.</description>
     <group>service_availability,</group>
   </rule>
-            
+
+  <rule id="3334" level="3">
+    <if_sid>3320</if_sid>
+    <match>^daemon started </match>
+    <description>Postfix started.</description>
+  </rule>
+
+  <rule id="3333" level="7">
+    <if_sid>3320</if_sid>
+    <match>^terminating on signal</match>
+    <description>Postfix stopped.</description>
+    <group>service_availability,</group>
+  </rule>
+
   <rule id="3351" level="6" frequency="$POSTFIX_FREQ" timeframe="90">
     <if_matched_sid>3301</if_matched_sid>
     <same_source_ip />
@@ -130,7 +144,7 @@
     <if_matched_sid>3306</if_matched_sid>
     <same_source_ip />
     <description>Multiple attempts to send e-mail from </description>
-    <description>black-listed IP address (blocked).</description>
+    <description>deny-listed IP address (blocked).</description>
     <group>multiple_spam,</group>
   </rule>
 
ossec-hids