Hi Mark, > Seems you are using an old version of p0f-analyzer.pl with a > newer version of amavisd. Release notes on 2.6.0 say: > > - updated p0f-analyzer.pl now supports a source port number information in > queries while preserving backwards compatibility with previous versions > of amavisd-new. Version 2.6.0 of amavisd requires a new version of > p0f-analyzer.pl (supplied in the 2.6.0 distribution) if operating system > fingerprinting is enabled. A source port number information in a query > allows p0f-analyzer.pl to locate a matching entry in its cache faster and > also more accurately when multiple connections are present from clients > behind NAT using the same IP address. The source port number is made > available to a content filter since Postfix version 2.5 (20071004);
Point taken, I installed the newer version of p0f-analyzer.pl that comes with amavisd-new, I also patched p0f using the suplied patch. > > But where does the fingerprint information is used by amavis? I set > > amavis to log level 5, but I see no mention of the fingerprint. > Did you enable it in the amavisd.conf, e.g.: > $os_fingerprint_method = 'p0f:127.0.0.1:2345'; Yes I did, and now it is showing the fingerprint response in amavisd-new log: Sep 29 08:17:19 mail amavis[6235]: (06235-01) OS_fingerprint: 203.159.32.1 -3.399 Linux 2.6, seldom 2.4 (older, 4) (up: 3100 hrs), (distance 1, link: ethernet/modem) Now it is working, it leads to another question: how the fingerprint is being used by amavisd-new? How can it be used to compute some validity of a message? Best regards, Olivier ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
