diff --git a/logcheck_ignore b/logcheck_ignore
index 2d4b1d0..36c45d3 100644
--- a/logcheck_ignore
+++ b/logcheck_ignore
@@ -7,7 +7,7 @@
 # Mar 23 19:49:48 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petter@lidberg.se rhost=187.131.22.215
 # Mar 24 18:13:26 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=fredmiranda@mc-cabe.com uid=0 euid=0 tty=dovecot ruser=fredmiranda@mc-cabe.com rhost=41.105.13.141
 # Mar 24 18:13:26 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=fredmiranda@mc-cabe.com rhost=41.105.13.141
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ auth: pam_(krb5|unix)\(dovecot:auth\): authentication failure\; logname=([-.@[:alnum:]]+)? uid=[[:digit:]]+ euid=[[:digit:]]+ tty=dovecot ruser=[-.@[:alnum:]]+ rhost=[.:[:xdigit:]]+
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ auth: pam_(krb5|unix)\((dovecot)?:auth\): authentication failure\; logname=([-.@[:alnum:]]+)? uid=[[:digit:]]+ euid=[[:digit:]]+ tty=(dovecot)? ruser=([-.@[:alnum:]]+)? rhost=([.:[:xdigit:]]+)?
 
 # Mar 23 19:49:48 nada auth: pam_unix(dovecot:auth): check pass; user unknown
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ auth: pam_unix\(dovecot:auth\): check pass; user unknown
@@ -225,8 +225,16 @@
 
 #Mar 11 16:25:32 nada saslauthd[1732]: do_auth         : auth failure: [user=no-reply] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
 #Mar 11 16:27:11 nada saslauthd[1732]: do_auth         : auth failure: [user=Dr_Gonzo] [service=smtp] [realm=Challenge-UK.com] [mech=shadow] [reason=Unknown]
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ saslauthd\[[[:digit:]]+\]: do_auth[[:blank:]]+: auth failure: \[user=([-_.@[:alnum:]]+)?\] \[service=smtp\] \[realm=([-_.@[:alnum:]]+)?\] \[mech=shadow\] \[reason=Unknown\]
+#Apr 13 09:42:29 kvarnen saslauthd[620]: do_auth         : auth failure: [user=test] [service=] [realm=] [mech=pam] [reason=PAM auth error]
+#Apr 15 19:27:33 nada saslauthd[1732]: do_auth         : auth failure: [user=backuppc ] [service=smtp] [realm=wahlberg.se] [mech=shadow] [reason=Unknown]
 
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ saslauthd\[[[:digit:]]+\]: do_auth[[:blank:]]+: auth failure: \[user=([ -_.@[:alnum:]]+)?\] \[service=(smtp)?\] \[realm=([-_.@[:alnum:]]+)?\] \[mech=(pam|shadow)\] \[reason=(Unknown|PAM auth error)\]
+
+#Apr 13 09:42:28 kvarnen saslauthd[620]: pam_unix(:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ saslauthd\[[[:digit:]]+\]: pam_(krb5|unix)\((dovecot)?:auth\): authentication failure\; logname=([-.@[:alnum:]]+)? uid=[[:digit:]]+ euid=[[:digit:]]+ tty=(dovecot)? ruser=([-.@[:alnum:]]+)? rhost=([.:[:xdigit:]]+)?
+
+#Apr 13 09:42:28 kvarnen saslauthd[620]: pam_unix(:auth): check pass; user unknown
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ saslauthd\[[[:digit:]]+\]: pam_unix\(:auth\): check pass; user unknown
 
 
 #
@@ -240,7 +248,8 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (sendmail|sm-(mta|msp|que))\[[0-9]+\]: [[:alnum:]]+: ruleset=check_rcpt, arg1=(<)?[-_.@[:alnum:]]+(>)?, relay=[-.[:alnum:]]+ \[[.:[:digit:]]+\] \(may be forged\), reject=550 5.7.1 (<)?[-_.@[:alnum:]]+(>)?... Relaying denied. IP name possibly forged \[[.:[:digit:]]+\]
 
 #Mar  9 07:33:07 nada sm-mta[24033]: u296N4QZ024033: collect: premature EOM: Connection reset by [208.87.25.77]
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (sendmail|sm-(mta|msp|que))\[[0-9]+\]: [[:alnum:]]+: collect: premature EOM: Connection reset by \[[.:[:digit:]]+\]
+#Apr 15 17:29:00 nada sm-mta[687]: u3FFSq2F000687: collect: premature EOM: Connection reset by 99-198-26-191.cust.wildblue.net
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (sendmail|sm-(mta|msp|que))\[[0-9]+\]: [[:alnum:]]+: collect: premature EOM: Connection reset by (\[)?[-.:[:alnum:]]+(\])?
 
 #Mar  9 07:33:07 nada sm-mta[24033]: u296N4QZ024033: SYSERR(root): collect: I/O error on connection from [208.87.25.77], from=<noc@newwiiindows.com>
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ (sendmail|sm-(mta|msp|que))\[[0-9]+\]: [[:alnum:]]+: SYSERR\(root\): collect: I\/O error on connection from \[[.:[:digit:]]+\], from=<[-_.@[:alnum:]]+>
@@ -283,7 +292,11 @@
 #Apr  9 09:51:26 nada sm-mta[6169]: u397pP13006169: rejecting commands from [113.240.250.156] [113.240.250.156] due to pre-greeting traffic after 1 seconds
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sm-mta\[[0-9]+\]: [[:alnum:]]+: rejecting commands from \[[.[:digit:]]+\] \[[.[:digit:]]+\] due to pre-greeting traffic after [[:digit:]]+ seconds
 
+#Apr 15 10:25:06 nada sm-mta[23906]: u3F8P26J023665: u3F8P66I023906: DSN: Service unavailable
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sm-mta\[[0-9]+\]: [[:alnum:]]+: [[:alnum:]]+: DSN: Service unavailable
 
+#Apr 14 11:05:05 nada sm-mta[15662]: u3E955KV015662: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET http://www.ipip.net/ HTTP/1.1\r\n
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sm-mta\[[0-9]+\]: [[:alnum:]]+: [-.[:alnum:]]+ \[[.[:digit:]]+\]: probable open proxy: command=GET http://www.ipip.net/ HTTP/1.1\\r\\n
 
 #
 #  SPAMD