Tomasz wrote: > I made a amavisd-new setup to work with p0f.
> I can see amavis uses it properly - here is a log extract when amavisd > is started in debug mode: > OS_Fingerprint code loaded > (...) > Fingerprint query: 192.168.12.6 port=2345 192.168.15.67 zcNaO8fjDked > (...) > Fingerprint collect: max_wait=0.021, 192.168.16.67 zcNaO8fjDked Window... =>> Windows 2000 SP4, XP SP1+, (distance 1, link: ethernet/modem) > (...) > OS_fingerprint: 192.168.16.67 3.148 MYNETWORKS > Email was sent from a PC running Windows XP SP2 via telnet, and as we > see, it was recognized correctly. > My /etc/mail/spamassassin/local.cf contains - note the increased scores > for Windows OS I made: > header L_P0F_WXP X-Amavis-OS-Fingerprint =~ /^Windows XP/ > score L_P0F_WXP 5.5 > header L_P0F_W X-Amavis-OS-Fingerprint =~ /^Windows(?! XP)/ > score L_P0F_W 5.7 > Despite of these settings, that email got just about 3 points: > X-Spam-Status: No, score=3.148 required=4.9 tests=[ALL_TRUSTED=-1.8, > BAYES_50=0.001, DSPAM_SPAM=0.5, MISSING_HB_SEP=2.5, > MISSING_SUBJECT=1.816, TO_CC_NONE=0.131] > According to the settings from local.cf, it should have at least above 5. > Why isn't p0f working for me? I get nothing when testing from within MYNETWORKS, but when mail is sent from another network I see results. I assume you have read: http://marc.theaimsgroup.com/?l=amavis-user&m=114454159313908 Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
