Leonardo Rodrigues Magalhães wrote: > > Cami Sardinha escreveu: >> I was thinking about this feature request. I personally greylist >> all incoming mail but i can see merit in your idea since (apparently) >> up to 95% of spam originates from windows based machines. >> >> I don't have time to write this type of functionality (it would be >> quite a bit of work to do) so if anyone is willing to take a shot >> at it, let me know. > > seems p0f integration with policyd would be VERY interesting. > Unfortunely i dont have skills for taking over the project or even this > feature. > > But i came with a question .... i dont know exactly how p0f works, > but probably it needs to see the 'real' client traffic for identifying > it or at least try it. Policyd, as we know, never talk with the real > clients. It's called from MTA (postfix in policyd case) and receives > only some minor informations about the connection: IP, hostname, sender, > recipient, etc etc. > > Question is: Would it be a policy_service the right place for p0f > integration ?? I mean, do policyd receives complete information p0f > needs for OS fingerprinting ???
The correct place to do this is inside of Policyd. P0f needs to be running on your MX machines and it builds a "list" of ip addresses + os. When a request from Postfix -> Policyd arrives, Policyd will query the p0f cache (via pipe/socket) and then apply the necessary restrictions. It's not brain surgery to do but i don't have the time to do it. Cami ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ policyd-users mailing list policyd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/policyd-users
