The "from" address is "logcheck system account".

Terminology and naming

filters, patterns and rules The logcheck documentation uses "filter", "pattern" and "rule" interchangeably, applying them to directories, files and individual regular expressions.

...

On this WIKI page, only "filter" is used. It is used only to mean a single filter (a line in a file). On this page, a file of filters is called a "filter file".

...

server and workstation are filtering levels, not computer roles. From README.logcheck:
- "ignore.d.server; as the name implies, this is intended to cut out the routine messages ..."
- "ignore.d.workstation. "... is only appropriate for relatively sheltered, non-critical machines"
Filter file names The filter file for generic messages is called "logcheck". The rest of the filter files are named after a Debian package and contain filters for messages generated by software in the package.

logcheck emails

...