Helmut, > acoording to the previous thread I set up p0f. It works fine so far. > > Now, I read the RELEASE_NOTES and stumbled over > "smtp_send_xforward_command". I tried with and without but I cannot find > any difference: > > X-Spam-Status: No, score=-2.417 tagged_above=-9999 required=6.3 > tests=[AWL=0.183, BAYES_00=-2.599, SPF_PASS=-0.001] > X-Amavis-OS-Fingerprint: Linux 2.6, seldom 2.4 (older, 4) (up: 4305 hrs), > (distance 15, link: ethernet/modem), [213.165.64.20] > > This header is produced with and without "smtp_send_xforward_command" so I > am curious what it is for (I know what it is for on postfix, but should I > see any difference within the header produced by amavis 2.4.3)?
If amavisd did not receive client IP address through XFORWARD (or through AM.PDP/milter), it would not query p0f-analyzer. At log level 4 or above you can see incoming SMTP session, which could confirm the use of XFORWARD by Postfix, e.g.: (45158-08) SMTP< LHLO mail.ijs.si\r\n (45158-08) switch_to_my_time 480 s, SMTP LHLO received (45158-08) LMTP> 250-[127.0.0.1] (45158-08) LMTP> 250-VRFY (45158-08) LMTP> 250-PIPELINING (45158-08) LMTP> 250-SIZE (45158-08) LMTP> 250-ENHANCEDSTATUSCODES (45158-08) LMTP> 250-8BITMIME (45158-08) LMTP> 250-DSN (45158-08) LMTP> 250 XFORWARD NAME ADDR PROTO HELO (45158-08) switch_to_client_time 180 s, smtp response sent (45158-08) idle_proc, 6: was busy, 3.0 ms, total idle 210.268 s, busy 75.770 s (45158-08) idle_proc, 5: was idle, 0.2 ms, total idle 210.268 s, busy 75.770 s (45158-08) LMTP< XFORWARD NAME=unknown ADDR=222.120.248.124\r\n (45158-08) switch_to_my_time 480 s, SMTP XFORWARD received (45158-08) LMTP> 250 2.5.0 Ok XFORWARD (45158-08) switch_to_client_time 180 s, smtp response sent (45158-08) idle_proc, 6: was busy, 0.6 ms, total idle 210.268 s, busy 75.770 s (45158-08) idle_proc, 5: was idle, 0.2 ms, total idle 210.268 s, busy 75.770 s (45158-08) LMTP< XFORWARD PROTO=SMTP HELO=193.2.4.66\r\n > I'm using before-queue content filtering. Don't know. Maybe you have the option set in main.cf (or in master.cf, which is more usual). Mark ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
