if I have a alert rule as below in hobbit-alerts.cfg, every alerts will match the GROUP rule, plus EXGROUP doesn't seem to be effective either. Such behavior was observed from the real email received as well as by the insightful "bbcmd hobbitd_alert --test".
Only one group is defined. GROUP=junkgroup MAIL junkgroup at my.domain color=red HOST=* EXGROUP=junkgroup MAIL realdeal at my.domain color=yellow
It is the same case if the group named in hobbit-alerts.cfg is bogus, aka, not defined in hobbit-clients.cfg.
Only one group is defined in hobbit-clients.cfg, as listed below: log /tmp/junkgroup.log %(?-i)USER-ID:|EXCEPTION: IGNORE=kilobyte group=junkgroup
In case it matters, this is the only Hobbit server running on CentOS 4.3/i386. Version==4.2RC1-20060712