From af3c68f9f38701507be6c8cef2d99137ceaf94e7 Mon Sep 17 00:00:00 2001
From: Azhinu <ari@ariellab.tk>
Date: Wed, 26 Aug 2020 09:49:31 +0300
Subject: [PATCH] Mark NOQUEUE as QUEUEID

---
 postfix.grok              | 4 ++--
 test/postscreen_0027.yaml | 1 +
 test/postscreen_0028.yaml | 1 +
 test/smtpd_0004.yaml      | 1 +
 test/smtpd_0008.yaml      | 1 +
 test/smtpd_0009.yaml      | 1 +
 test/smtpd_0017.yaml      | 1 +
 test/smtpd_0018.yaml      | 1 +
 test/smtpd_0026.yaml      | 1 +
 test/smtpd_0027.yaml      | 1 +
 10 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/postfix.grok b/postfix.grok
index 119c921..ad384de 100644
--- a/postfix.grok
+++ b/postfix.grok
@@ -1,5 +1,5 @@
 # common postfix patterns
-POSTFIX_QUEUEID ([0-9A-F]{6,}|[0-9a-zA-Z]{12,})
+POSTFIX_QUEUEID ([0-9A-F]{6,}|[0-9a-zA-Z]{12,}|NOQUEUE)
 POSTFIX_CLIENT_INFO %{HOSTNAME:postfix_client_hostname}?\[%{IP:postfix_client_ip}\](:%{INT:postfix_client_port})?
 POSTFIX_RELAY_INFO %{HOSTNAME:postfix_relay_hostname}?\[(%{IP:postfix_relay_ip}|%{DATA:postfix_relay_service})\](:%{INT:postfix_relay_port})?|%{WORD:postfix_relay_service}
 POSTFIX_SMTP_STAGE (CONNECT|HELO|EHLO|STARTTLS|AUTH|MAIL( FROM)?|RCPT( TO)?|(end of )?DATA|RSET|UNKNOWN|END-OF-MESSAGE|VRFY|\.)
@@ -38,7 +38,7 @@ POSTFIX_WARNING %{POSTFIX_WARNING_WITH_KV}|%{POSTFIX_WARNING_WITHOUT_KV}
 POSTFIX_SMTPD_CONNECT connect from %{POSTFIX_CLIENT_INFO}
 POSTFIX_SMTPD_DISCONNECT disconnect from %{POSTFIX_CLIENT_INFO}( %{GREEDYDATA:postfix_command_counter_data})?
 POSTFIX_SMTPD_LOSTCONN %{POSTFIX_LOSTCONN:postfix_smtpd_lostconn_data}( after %{POSTFIX_SMTP_STAGE:postfix_smtp_stage}( \(%{INT} bytes\))?)? from %{POSTFIX_CLIENT_INFO}(: %{GREEDYDATA:postfix_smtpd_lostconn_reason})?
-POSTFIX_SMTPD_NOQUEUE NOQUEUE: %{POSTFIX_ACTION:postfix_action}: %{POSTFIX_SMTP_STAGE:postfix_smtp_stage} from %{POSTFIX_CLIENT_INFO}:( %{POSTFIX_STATUS_CODE:postfix_status_code} %{POSTFIX_STATUS_CODE_ENHANCED:postfix_status_code_enhanced})?( <%{DATA:postfix_status_data}>:)? (%{POSTFIX_DNSBL_MESSAGE}|%{GREEDYDATA:postfix_status_message};) %{POSTFIX_KEYVALUE_DATA:postfix_keyvalue_data}
+POSTFIX_SMTPD_NOQUEUE %{POSTFIX_QUEUEID:postfix_queueid}: %{POSTFIX_ACTION:postfix_action}: %{POSTFIX_SMTP_STAGE:postfix_smtp_stage} from %{POSTFIX_CLIENT_INFO}:( %{POSTFIX_STATUS_CODE:postfix_status_code} %{POSTFIX_STATUS_CODE_ENHANCED:postfix_status_code_enhanced})?( <%{DATA:postfix_status_data}>:)? (%{POSTFIX_DNSBL_MESSAGE}|%{GREEDYDATA:postfix_status_message};) %{POSTFIX_KEYVALUE_DATA:postfix_keyvalue_data}
 POSTFIX_SMTPD_PIPELINING improper command pipelining after %{POSTFIX_SMTP_STAGE:postfix_smtp_stage} from %{POSTFIX_CLIENT_INFO}: %{GREEDYDATA:postfix_improper_pipelining_data}
 POSTFIX_SMTPD_PROXY proxy-%{POSTFIX_ACTION:postfix_proxy_result}: (%{POSTFIX_SMTP_STAGE:postfix_proxy_smtp_stage}): %{POSTFIX_PROXY_MESSAGE:postfix_proxy_message}; %{POSTFIX_KEYVALUE_DATA:postfix_keyvalue_data}
 
diff --git a/test/postscreen_0027.yaml b/test/postscreen_0027.yaml
index 353297d..a9e0e93 100644
--- a/test/postscreen_0027.yaml
+++ b/test/postscreen_0027.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_POSTSCREEN}$
 data: "NOQUEUE: reject: RCPT from [182.98.255.184]:2413: 550 5.5.1 Protocol error; from=<lvtowxfdp@yahoo.com>, to=<tom@example.com>, proto=SMTP, helo=<mx32.usaindiamunish.net>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: RCPT
     postfix_client_ip: 182.98.255.184
diff --git a/test/postscreen_0028.yaml b/test/postscreen_0028.yaml
index f365ed0..20c69e4 100644
--- a/test/postscreen_0028.yaml
+++ b/test/postscreen_0028.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_POSTSCREEN}$
 data: "NOQUEUE: reject: RCPT from [27.157.200.233]:4984: 550 5.7.1 Service unavailable; client [27.157.200.233] blocked using zen.spamhaus.org; from=<hcdvbnm@qhhn.com>, to=<4ECEA00F.9040306@example.com>, proto=ESMTP, helo=<qhhn.com>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: RCPT
     postfix_client_ip: 27.157.200.233
diff --git a/test/smtpd_0004.yaml b/test/smtpd_0004.yaml
index 829deb5..179dbd9 100644
--- a/test/smtpd_0004.yaml
+++ b/test/smtpd_0004.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: reject: RCPT from 061238241086.static.ctinets.com[61.238.241.86]: 550 5.1.1 <toernooicommissie@example.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<wumt5@cchfdc.com> to=<toernooicommissie@example.com> proto=ESMTP helo=<ecsolved.com>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: RCPT
     postfix_client_hostname: 061238241086.static.ctinets.com
diff --git a/test/smtpd_0008.yaml b/test/smtpd_0008.yaml
index f0ee11d..c71ec92 100644
--- a/test/smtpd_0008.yaml
+++ b/test/smtpd_0008.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: reject: RCPT from unknown[2001:980:cfb1:1:82f:f74e:a45c:3033]: 504 5.5.2 <aap@henk>: Sender address rejected: need fully-qualified address; from=<aap@henk> to=<user@example.com> proto=SMTP helo=<test>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: RCPT
     postfix_client_hostname: unknown
diff --git a/test/smtpd_0009.yaml b/test/smtpd_0009.yaml
index d34006a..7dbb0bf 100644
--- a/test/smtpd_0009.yaml
+++ b/test/smtpd_0009.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: reject: RCPT from news.zihan-promo.com[192.36.205.58]: 554 5.7.1 Service unavailable; Helo command [news.zihan-promo.com] blocked using dbl.spamhaus.org; http://www.spamhaus.org/query/dbl?domain=zihan-promo.com; from=<mark.alexander@zihan-promo.com> to=<tom@example.com> proto=ESMTP helo=<news.zihan-promo.com>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: RCPT
     postfix_client_hostname: news.zihan-promo.com
diff --git a/test/smtpd_0017.yaml b/test/smtpd_0017.yaml
index 496718d..fb78504 100644
--- a/test/smtpd_0017.yaml
+++ b/test/smtpd_0017.yaml
@@ -3,6 +3,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: reject: VRFY from unknown[2001:968:9999:20:88b:9b7d:2a54:2bd2]: 454 4.7.1 <aap@henk.com>: Relay access denied; to=<aap@henk.com> proto=SMTP helo=<me>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: VRFY
     postfix_client_hostname: unknown
diff --git a/test/smtpd_0018.yaml b/test/smtpd_0018.yaml
index 204b263..53956e1 100644
--- a/test/smtpd_0018.yaml
+++ b/test/smtpd_0018.yaml
@@ -3,6 +3,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: reject: VRFY from unknown[2001:968:9999:20:88b:9b7d:2a54:2bd2]: 550 5.1.1 <does-not-exist@example.com>: Recipient address rejected: User unknown in virtual mailbox table; to=<does-not-exist@example.com> proto=SMTP helo=<me>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: reject
     postfix_smtp_stage: VRFY
     postfix_client_hostname: unknown
diff --git a/test/smtpd_0026.yaml b/test/smtpd_0026.yaml
index 4699a25..24c22d8 100644
--- a/test/smtpd_0026.yaml
+++ b/test/smtpd_0026.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: discard: MAIL from ccm231.constantcontact.com[208.75.123.231]: <bsdbdsfbw==_4343_sdfbddw==@in.constantcontact.com>: Sender address SPAM; from=<bsdbdsfbw==_4343_sdfbddw==@in.constantcontact.com> proto=ESMTP helo=<ccm231.constantcontact.com>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: discard
     postfix_smtp_stage: MAIL
     postfix_client_hostname: ccm231.constantcontact.com
diff --git a/test/smtpd_0027.yaml b/test/smtpd_0027.yaml
index c985f70..ed6c5bc 100644
--- a/test/smtpd_0027.yaml
+++ b/test/smtpd_0027.yaml
@@ -1,6 +1,7 @@
 pattern: ^%{POSTFIX_SMTPD}$
 data: "NOQUEUE: filter: RCPT from unknown[85.25.255.255]: <mail@sender.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<mail@sender.com> to=<user@domain.com> proto=ESMTP helo=<plutoapp.biz>"
 results:
+    postfix_queueid: NOQUEUE
     postfix_action: filter
     postfix_smtp_stage: RCPT
     postfix_client_hostname: unknown