From 61d43608ae4d6a142469c91ec4c0611cf117a08d Mon Sep 17 00:00:00 2001
From: Daniel Black <grooverdan@users.sourceforge.net>
Date: Mon, 19 Aug 2013 18:32:07 +1000
Subject: [PATCH] ENH: filter.d/postfix - add filter for VRFY. Closes gh-322

---
 ChangeLog                    | 3 +++
 config/filter.d/postfix.conf | 1 +
 testcases/files/logs/postfix | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 237ef672..0252e9fd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -63,6 +63,9 @@ ver. 0.8.11 (2013/XX/XXX) - loves-unittests
      regex impovements
    * IMPORTANT: 'lighttpd-fastcgi' filter has been renamed to 'suhosin', which
      will require changing in jail.{conf,local} if using this filter.
+  Zurd
+   * filter.d/postfix - add filter for VRFY failures. closes gh-322.
+
 
 ver. 0.8.10 (2013/06/12) - wanna-be-secure
 -----------
diff --git a/config/filter.d/postfix.conf b/config/filter.d/postfix.conf
index b70f0377..da981733 100644
--- a/config/filter.d/postfix.conf
+++ b/config/filter.d/postfix.conf
@@ -24,6 +24,7 @@ _daemon = postfix/smtpd
 #
 failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .*$
             ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo= *$
+            ^%(__prefix_line)sNOQUEUE: reject: VRFY from \S+\[<HOST>\]: 550 5\.1\.1 .*$
 
 # Option:  ignoreregex
 # Notes.:  regex to ignore. If this regex matches, the line is ignored.
diff --git a/testcases/files/logs/postfix b/testcases/files/logs/postfix
index 172bfca4..122ad8e5 100644
--- a/testcases/files/logs/postfix
+++ b/testcases/files/logs/postfix
@@ -8,3 +8,5 @@ Jul 12 07:47:48 saturn postfix/smtpd[8738]: NOQUEUE: reject: RCPT from 1-2-3-4-e
 Jul 18 23:12:56 xxx postfix/smtpd[8738]: NOQUEUE: reject: RCPT from foo[192.51.100.65]: 554 5.7.1 <bad.domain>: Helo command rejected: match bad.domain; from=<foo@good.domain> to=<foo@porcupine.org> proto=SMTP helo=<bad.domain>
 # failJSON: { "time": "2005-07-18T23:12:56", "match": true , "host": "192.51.100.43" }
 Jul 18 23:12:56 xxx postfix/smtpd[8738]: NOQUEUE: reject: RCPT from foo[192.51.100.43]: 554 5.7.1 <foo@bad.domain>: Sender address rejected: match bad.domain; from=<foo@bad.domain> to=<foo@porcupine.org> proto=SMTP helo=<192.51.100.43>
+# failJSON: { "time": "2005-08-10T10:55:38", "match": true , "host": "72.53.132.234" }
+Aug 10 10:55:38 f-vanier-bourgeois postfix/smtpd[2162]: NOQUEUE: reject: VRFY from 72-53-132-234.cpe.distributel.net[72.53.132.234]: 550 5.1.1 : Recipient address rejected: User unknown in local recipient tab