Vincent, > > If using p0f-analyzer, please switch soon to a version of > > p0f-analyzer.pl as supplied with 2.4.5-pre2 (or later). > > It fixes an endless-loop in p0f-analyzer.pl which happens > > if a p0f daemon crashes (piped to stdin of p0f-analyzer) > > or is manually terminated without also terminating p0f-analyzer. > > The fixed p0f-analyzer.pl may be (and should be) used > > even with earlier versions of amavisd. Additionally, > > it binds only to a loopback interface by default > > (as some marginal security improvement).
> I run p0f-analyzer.pl on my MX host and amavisd-new on another host, is > this a security problem because p0f-analyzer does not bind to loopback > interface? No, it is not a security problem, just nice to have. There is already a restriction in p0f-analyzer.pl (the list @inet_acl) which discards all requests not coming from 127.0.0.1 (or whatever IP addresses are listed in @inet_acl). What is important is that p0f-analyzer.pl does not enter a tight loop (unnecessarily wasting resources) if it happens that a p0f program (piped to it) would crash or is manually killed. Mark ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
