API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 22nd, 2025
61
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.70 KB | None | 0 0
raw download clone embed print report
  1. echo '2025-01-23T00:26:19+00:00 POSTFIX_SERVER postfix/smtpd[3308]: NOQUEUE: reject: RCPT from unknown[99.99.99.99]: 450 4.7.1 <discwji.sfhiwho>: Helo command reje
  2. cted: Host not found; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<discwji.sfhiwho>' | cscli explain -f- --type syslog
  3. WARN Line 0/1 is missing evt.StrTime. It is most likely a mistake as it will prevent your logs to be processed in time-machine/forensic mode.
  4. line: 2025-01-23T00:26:19+00:00 POSTFIX_SERVER postfix/smtpd[3308]: NOQUEUE: reject: RCPT from unknown[99.99.99.99]: 450 4.7.1 <discwji.sfhiwho>: Helo command rejected: Host not found; from=<isih
  5. [email protected]> to=<[email protected]> proto=SMTP helo=<discwji.sfhiwho>
  6.        ├ s00-raw
  7.        |       ├ 🔴 crowdsecurity/syslog-logs
  8.        |       └ 🔴 crowdsecurity/non-syslog
  9.        └-------- parser failure 🔴/
  10.  
  11. Remove the `_` in the server name
  12.  
  13. echo '2025-01-23T00:26:19+00:00 POSTFIXSERVER postfix/smtpd[3308]: NOQUEUE: reject: RCPT from unknown[99.99.99.99]: 450 4.7.1 <discwji.sfhiwho>: Helo command rejec
  14. ted: Host not found; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<discwji.sfhiwho>' | cscli explain -f- --type syslog
  15. line: 2025-01-23T00:26:19+00:00 POSTFIXSERVER postfix/smtpd[3308]: NOQUEUE: reject: RCPT from unknown[99.99.99.99]: 450 4.7.1 <discwji.sfhiwho>: Helo command rejected: Host not found; from=<isihf
  16. [email protected]> to=<[email protected]> proto=SMTP helo=<discwji.sfhiwho>
  17.        ├ s00-raw
  18.        |       └ 🟢 crowdsecurity/syslog-logs (+12 ~9)
  19.        ├ s01-parse
  20.        |       ├ 🔴 crowdsecurity/appsec-logs
  21.        |       ├ 🔴 laurencejjones/dovecot-pam
  22.        |       ├ 🔴 crowdsecurity/dovecot-logs
  23.        |       ├ 🔴 crowdsecurity/endlessh-logs
  24.        |       ├ 🔴 baudneo/gotify-logs
  25.        |       ├ 🔴 crowdsecurity/iptables-logs
  26.        |       ├ 🔴 crowdsecurity/nginx-logs
  27.        |       └ 🟢 crowdsecurity/postfix-logs (+17 ~1)
  28.        ├ s02-enrich
  29.        |       ├ 🟢 crowdsecurity/dateparse-enrich (+2 ~2)
  30.        |       ├ 🟢 crowdsecurity/geoip-enrich (+13)
  31.        |       ├ 🔴 crowdsecurity/http-logs
  32.        |       ├ 🟢 my/whitelists (unchanged)
  33.        |       └ 🟢 crowdsecurity/whitelists (unchanged)
  34.        ├-------- parser success 🟢/
  35.        ├ Scenarios
  36.                ├ 🟢 crowdsecurity/postfix-helo-rejected
  37.                └ 🟢 crowdsecurity/postfix-spam
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!