Re: [Patch] p0f and selective greylisting
Justin wrote: > When I checked the p0f process was still running. The version of perl I > am running is from Debian [testing]: > $ perl -v > This is perl, v5.8.8 built for i486-linux-gnu-thread-multi > Has anyone reported something like this before? > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl > Justin. I have been running p0f-analyzer.pl (and the patch) for 4 days on a Debian Sarge system - no problem so far. This server only sees about 3,000 messages per day however (and I don't have 127 users connected either). I see you have a much much busier box. /usr/sbin/p0f -l 'tcp dst port 25' 2>&1 | /usr/sbin/p0f-analyzer.pl 2345 & PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 2522 root 16 0 4400 2396 3400 S 0.0 0.3 0:02.00 p0f-analyzer.pl Gary V Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
When I checked the p0f process was still running. The version of perl I am running is from Debian [testing]: $ perl -v This is perl, v5.8.8 built for i486-linux-gnu-thread-multi Has anyone reported something like this before? Justin. On Tue, 9 Jan 2007, Henrik Krohns wrote: > > Was p0f process still running? Maybe it died. Or then it freaked out somehow. > > >From what I see, fd 0 is the pipe from p0f command. p0f-analyzer.pl is > >getting > lots of empty lines from there. > > Could be your perl version is buggy too. If you see that a lot, you should > ask about it in amavisd-new mailing list. > > Cheers, > Henrik > > > > On Tue, Jan 09, 2007 at 05:00:27AM -0500, Justin Piszcz wrote: > > Yes, > > > > echo "Starting p0f + p0f-analyzer..." > > nohup /usr/sbin/p0f -i eth1 -l 'tcp dst port 25' 2>&1 | > > /usr/lib/postfix/p0f-analyzer.pl 2345 & > > > > It worked fine for 2-3 days but something triggered 100% CPU utilization > > and it never stopped until the process was killed. > > > > Justin. > > > > On Tue, 9 Jan 2007, Henrik Krohns wrote: > > > > > > > > Are you using it right? > > > > > > p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 > > > > > > Cheers, > > > Henrik > > > > > > On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > > > > It is an excellent patch, however there is a problem with p0f-analyzer. > > > > > > > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > > > > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > > > > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > > > > 0.0%st > > > > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > > > > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > > > > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > > > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 > > > > p0f-analyzer.pl > > > > > > > > It has been chewing CPU for a while, this script has bugs :( > > > > > > > > A strace reveals: > > > > > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > > > > > > > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > > > > > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > > > > > > > It adds p0f scoring support and greylisting (to be exact, user > > > > > > defined > > > > > > postfix action) by some rules. > > > > > > > > > > Thanks. Looks very interesting. I will dive in. > > > > > > > > > > > > > > > -- > > > > > Robert Felber (PGP: 896CF30B) > > > > > Munich, Germany > > > > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Was p0f process still running? Maybe it died. Or then it freaked out somehow. >From what I see, fd 0 is the pipe from p0f command. p0f-analyzer.pl is getting lots of empty lines from there. Could be your perl version is buggy too. If you see that a lot, you should ask about it in amavisd-new mailing list. Cheers, Henrik On Tue, Jan 09, 2007 at 05:00:27AM -0500, Justin Piszcz wrote: > Yes, > > echo "Starting p0f + p0f-analyzer..." > nohup /usr/sbin/p0f -i eth1 -l 'tcp dst port 25' 2>&1 | > /usr/lib/postfix/p0f-analyzer.pl 2345 & > > It worked fine for 2-3 days but something triggered 100% CPU utilization > and it never stopped until the process was killed. > > Justin. > > On Tue, 9 Jan 2007, Henrik Krohns wrote: > > > > > Are you using it right? > > > > p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 > > > > Cheers, > > Henrik > > > > On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > > > It is an excellent patch, however there is a problem with p0f-analyzer. > > > > > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > > > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > > > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > > > 0.0%st > > > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > > > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 > > > p0f-analyzer.pl > > > > > > It has been chewing CPU for a while, this script has bugs :( > > > > > > A strace reveals: > > > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > > > > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > > > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > > > > postfix action) by some rules. > > > > > > > > Thanks. Looks very interesting. I will dive in. > > > > > > > > > > > > -- > > > > Robert Felber (PGP: 896CF30B) > > > > Munich, Germany > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Yes, echo "Starting p0f + p0f-analyzer..." nohup /usr/sbin/p0f -i eth1 -l 'tcp dst port 25' 2>&1 | /usr/lib/postfix/p0f-analyzer.pl 2345 & It worked fine for 2-3 days but something triggered 100% CPU utilization and it never stopped until the process was killed. Justin. On Tue, 9 Jan 2007, Henrik Krohns wrote: > > Are you using it right? > > p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 > > Cheers, > Henrik > > On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > > It is an excellent patch, however there is a problem with p0f-analyzer. > > > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > > 0.0%st > > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl > > > > It has been chewing CPU for a while, this script has bugs :( > > > > A strace reveals: > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > > > postfix action) by some rules. > > > > > > Thanks. Looks very interesting. I will dive in. > > > > > > > > > -- > > > Robert Felber (PGP: 896CF30B) > > > Munich, Germany > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Are you using it right? p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 Cheers, Henrik On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > It is an excellent patch, however there is a problem with p0f-analyzer. > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > 0.0%st > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl > > It has been chewing CPU for a while, this script has bugs :( > > A strace reveals: > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > > postfix action) by some rules. > > > > Thanks. Looks very interesting. I will dive in. > > > > > > -- > > Robert Felber (PGP: 896CF30B) > > Munich, Germany > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
It is an excellent patch, however there is a problem with p0f-analyzer. top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, 0.0%st Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers Swap: 8393920k total, 80k used, 8393840k free, 981784k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl It has been chewing CPU for a while, this script has bugs :( A strace reveals: select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) On Tue, 9 Jan 2007, Robert Felber wrote: > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > postfix action) by some rules. > > Thanks. Looks very interesting. I will dive in. > > > -- > Robert Felber (PGP: 896CF30B) > Munich, Germany > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > Hi, I whipped up a patch for policyd-weight-devel. > > It adds p0f scoring support and greylisting (to be exact, user defined > postfix action) by some rules. Thanks. Looks very interesting. I will dive in. -- Robert Felber (PGP: 896CF30B) Munich, Germany Policyd-weight Mailinglist - http://www.policyd-weight.org/
***SPAM*** ***SPAM*** Re: ***SPAM*** ***SPAM*** Re: [Patch] p0f and selective greylisting
Lets hope Robert accepts the patch :) On Thu, 4 Jan 2007, Gary V wrote: > Justin wrote: > > > Yet another way to combat spam, very impressive! > > > Justin. > > > On Wed, 3 Jan 2007, Henrik Krohns wrote: > > >> > >> Hi, I whipped up a patch for policyd-weight-devel. > >> > >> It adds p0f scoring support and greylisting (to be exact, user defined > >> postfix action) by some rules. > >> > >> There are some little details missing, p0f scoring does not affect other > >> scores (maybe it would help) and greylisting decisions are not cached. I'm > >> a > >> bit too busy to check it more, so I leave it up to Robert if he wants.. > >> > >> URL: http://hege.li/policyd-weight/greylist-p0f.diff > >> > >> Cheers, > >> Henrik > >> > > So far I'm lovin' it. > > Jan 4 08:49:54 mail postfix/policydweight[3736]: weighted check: > NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 > NOT_IN_BL_NJABL=-1.5 CL_IP_NE_HELO=1.5 >RESOLVED_IP_IS_NOT_HELO=1.5 (check from: > .itripipod. - helo: .localhost. - helo-domain: .localhost.) > FROM_NOT_FAILED_HELO(DOMAIN)=3 P0F_WINXP=2 > > <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: 3.5 > > Jan 4 08:49:54 mail postfix/policydweight[3736]: decided > action=check_greylist > > Jan 4 08:49:54 mail postfix/smtpd[3733]: NOQUEUE: reject: RCPT from > ALyon-254-1-38-153.w86-193.abo.wanadoo.fr[86.193.177.153]: 450 > <[EMAIL PROTECTED]>: Recipient address rejected: >Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/example.com.html; > from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> > proto=SMTP helo= > > ~ > Jan 4 12:27:20 mail postfix/policydweight[3617]: weighted check: > NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 IN_BL_NJABL=4.25 > CL_IP_EQ_FROM_MX=-3.1 P0F_LINUX=-1 ><[EMAIL PROTECTED]> ><[EMAIL PROTECTED]>, rate: -2.85 > > Jan 4 12:27:20 mail postfix/policydweight[3617]: decided > action=check_greylist > > Gary V > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
***SPAM*** ***SPAM*** Re: [Patch] p0f and selective greylisting
Justin wrote: > Yet another way to combat spam, very impressive! > Justin. > On Wed, 3 Jan 2007, Henrik Krohns wrote: >> >> Hi, I whipped up a patch for policyd-weight-devel. >> >> It adds p0f scoring support and greylisting (to be exact, user defined >> postfix action) by some rules. >> >> There are some little details missing, p0f scoring does not affect other >> scores (maybe it would help) and greylisting decisions are not cached. I'm a >> bit too busy to check it more, so I leave it up to Robert if he wants.. >> >> URL: http://hege.li/policyd-weight/greylist-p0f.diff >> >> Cheers, >> Henrik >> So far I'm lovin' it. Jan 4 08:49:54 mail postfix/policydweight[3736]: weighted check: NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_NE_HELO=1.5 RESOLVED_IP_IS_NOT_HELO=1.5 (check from: .itripipod. - helo: .localhost. - helo-domain: .localhost.) FROM_NOT_FAILED_HELO(DOMAIN)=3 P0F_WINXP=2 <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: 3.5 Jan 4 08:49:54 mail postfix/policydweight[3736]: decided action=check_greylist Jan 4 08:49:54 mail postfix/smtpd[3733]: NOQUEUE: reject: RCPT from ALyon-254-1-38-153.w86-193.abo.wanadoo.fr[86.193.177.153]: 450 <[EMAIL PROTECTED]>: Recipient address rejected: Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/example.com.html; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=SMTP helo= ~ Jan 4 12:27:20 mail postfix/policydweight[3617]: weighted check: NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 IN_BL_NJABL=4.25 CL_IP_EQ_FROM_MX=-3.1 P0F_LINUX=-1 <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: -2.85 Jan 4 12:27:20 mail postfix/policydweight[3617]: decided action=check_greylist Gary V Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Yet another way to combat spam, very impressive! Justin. On Wed, 3 Jan 2007, Henrik Krohns wrote: > > Hi, I whipped up a patch for policyd-weight-devel. > > It adds p0f scoring support and greylisting (to be exact, user defined > postfix action) by some rules. > > There are some little details missing, p0f scoring does not affect other > scores (maybe it would help) and greylisting decisions are not cached. I'm a > bit too busy to check it more, so I leave it up to Robert if he wants.. > > URL: http://hege.li/policyd-weight/greylist-p0f.diff > > Cheers, > Henrik > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
[Patch] p0f and selective greylisting
Hi, I whipped up a patch for policyd-weight-devel. It adds p0f scoring support and greylisting (to be exact, user defined postfix action) by some rules. There are some little details missing, p0f scoring does not affect other scores (maybe it would help) and greylisting decisions are not cached. I'm a bit too busy to check it more, so I leave it up to Robert if he wants.. URL: http://hege.li/policyd-weight/greylist-p0f.diff Cheers, Henrik Policyd-weight Mailinglist - http://www.policyd-weight.org/
