Re: [Patch] p0f and selective greylisting
Justin wrote: > When I checked the p0f process was still running. The version of perl I > am running is from Debian [testing]: > $ perl -v > This is perl, v5.8.8 built for i486-linux-gnu-thread-multi > Has anyone reported something like this before? > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl > Justin. I have been running p0f-analyzer.pl (and the patch) for 4 days on a Debian Sarge system - no problem so far. This server only sees about 3,000 messages per day however (and I don't have 127 users connected either). I see you have a much much busier box. /usr/sbin/p0f -l 'tcp dst port 25' 2>&1 | /usr/sbin/p0f-analyzer.pl 2345 & PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 2522 root 16 0 4400 2396 3400 S 0.0 0.3 0:02.00 p0f-analyzer.pl Gary V Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
When I checked the p0f process was still running. The version of perl I am running is from Debian [testing]: $ perl -v This is perl, v5.8.8 built for i486-linux-gnu-thread-multi Has anyone reported something like this before? Justin. On Tue, 9 Jan 2007, Henrik Krohns wrote: > > Was p0f process still running? Maybe it died. Or then it freaked out somehow. > > >From what I see, fd 0 is the pipe from p0f command. p0f-analyzer.pl is > >getting > lots of empty lines from there. > > Could be your perl version is buggy too. If you see that a lot, you should > ask about it in amavisd-new mailing list. > > Cheers, > Henrik > > > > On Tue, Jan 09, 2007 at 05:00:27AM -0500, Justin Piszcz wrote: > > Yes, > > > > echo "Starting p0f + p0f-analyzer..." > > nohup /usr/sbin/p0f -i eth1 -l 'tcp dst port 25' 2>&1 | > > /usr/lib/postfix/p0f-analyzer.pl 2345 & > > > > It worked fine for 2-3 days but something triggered 100% CPU utilization > > and it never stopped until the process was killed. > > > > Justin. > > > > On Tue, 9 Jan 2007, Henrik Krohns wrote: > > > > > > > > Are you using it right? > > > > > > p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 > > > > > > Cheers, > > > Henrik > > > > > > On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > > > > It is an excellent patch, however there is a problem with p0f-analyzer. > > > > > > > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > > > > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > > > > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > > > > 0.0%st > > > > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > > > > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > > > > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > > > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 > > > > p0f-analyzer.pl > > > > > > > > It has been chewing CPU for a while, this script has bugs :( > > > > > > > > A strace reveals: > > > > > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > time(NULL) = 1168162563 > > > > read(0, "", 1024) = 0 > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > > > > > > > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > > > > > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > > > > > > > It adds p0f scoring support and greylisting (to be exact, user > > > > > > defined > > > > > > postfix action) by some rules. > > > > > > > > > > Thanks. Looks very interesting. I will dive in. > > > > > > > > > > > > > > > -- > > > > > Robert Felber (PGP: 896CF30B) > > > > > Munich, Germany > > > > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Was p0f process still running? Maybe it died. Or then it freaked out somehow. >From what I see, fd 0 is the pipe from p0f command. p0f-analyzer.pl is getting lots of empty lines from there. Could be your perl version is buggy too. If you see that a lot, you should ask about it in amavisd-new mailing list. Cheers, Henrik On Tue, Jan 09, 2007 at 05:00:27AM -0500, Justin Piszcz wrote: > Yes, > > echo "Starting p0f + p0f-analyzer..." > nohup /usr/sbin/p0f -i eth1 -l 'tcp dst port 25' 2>&1 | > /usr/lib/postfix/p0f-analyzer.pl 2345 & > > It worked fine for 2-3 days but something triggered 100% CPU utilization > and it never stopped until the process was killed. > > Justin. > > On Tue, 9 Jan 2007, Henrik Krohns wrote: > > > > > Are you using it right? > > > > p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 > > > > Cheers, > > Henrik > > > > On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > > > It is an excellent patch, however there is a problem with p0f-analyzer. > > > > > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > > > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > > > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > > > 0.0%st > > > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > > > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 > > > p0f-analyzer.pl > > > > > > It has been chewing CPU for a while, this script has bugs :( > > > > > > A strace reveals: > > > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > time(NULL) = 1168162563 > > > read(0, "", 1024) = 0 > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > > > > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > > > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > > > > postfix action) by some rules. > > > > > > > > Thanks. Looks very interesting. I will dive in. > > > > > > > > > > > > -- > > > > Robert Felber (PGP: 896CF30B) > > > > Munich, Germany > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Yes, echo "Starting p0f + p0f-analyzer..." nohup /usr/sbin/p0f -i eth1 -l 'tcp dst port 25' 2>&1 | /usr/lib/postfix/p0f-analyzer.pl 2345 & It worked fine for 2-3 days but something triggered 100% CPU utilization and it never stopped until the process was killed. Justin. On Tue, 9 Jan 2007, Henrik Krohns wrote: > > Are you using it right? > > p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 > > Cheers, > Henrik > > On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > > It is an excellent patch, however there is a problem with p0f-analyzer. > > > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > > 0.0%st > > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl > > > > It has been chewing CPU for a while, this script has bugs :( > > > > A strace reveals: > > > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > time(NULL) = 1168162563 > > read(0, "", 1024) = 0 > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > > > postfix action) by some rules. > > > > > > Thanks. Looks very interesting. I will dive in. > > > > > > > > > -- > > > Robert Felber (PGP: 896CF30B) > > > Munich, Germany > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Are you using it right? p0f -l 'dst host 1.2.3.4 and tcp dst port 25' 2>&1 | p0f-analyzer.pl 2345 Cheers, Henrik On Tue, Jan 09, 2007 at 04:12:01AM -0500, Justin Piszcz wrote: > It is an excellent patch, however there is a problem with p0f-analyzer. > > top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 > Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie > Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, > 0.0%st > Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers > Swap: 8393920k total, 80k used, 8393840k free, 981784k cached > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl > > It has been chewing CPU for a while, this script has bugs :( > > A strace reveals: > > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > time(NULL) = 1168162563 > read(0, "", 1024) = 0 > select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) > > > On Tue, 9 Jan 2007, Robert Felber wrote: > > > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > > postfix action) by some rules. > > > > Thanks. Looks very interesting. I will dive in. > > > > > > -- > > Robert Felber (PGP: 896CF30B) > > Munich, Germany > > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > > > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
It is an excellent patch, however there is a problem with p0f-analyzer. top - 04:36:22 up 14:34, 127 users, load average: 1.00, 1.00, 1.00 Tasks: 408 total, 2 running, 404 sleeping, 2 stopped, 0 zombie Cpu(s): 43.4%us, 15.4%sy, 0.1%ni, 35.8%id, 5.0%wa, 0.1%hi, 0.1%si, 0.0%st Mem: 3896000k total, 1969832k used, 1926168k free,0k buffers Swap: 8393920k total, 80k used, 8393840k free, 981784k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 959 root 25 0 4676 2492 1760 R 99 0.1 871:05.39 p0f-analyzer.pl It has been chewing CPU for a while, this script has bugs :( A strace reveals: select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) time(NULL) = 1168162563 read(0, "", 1024) = 0 select(8, [0 3], NULL, NULL, NULL) = 1 (in [0]) On Tue, 9 Jan 2007, Robert Felber wrote: > On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > > > Hi, I whipped up a patch for policyd-weight-devel. > > > > It adds p0f scoring support and greylisting (to be exact, user defined > > postfix action) by some rules. > > Thanks. Looks very interesting. I will dive in. > > > -- > Robert Felber (PGP: 896CF30B) > Munich, Germany > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
On Wed, Jan 03, 2007 at 04:13:03PM +0200, Henrik Krohns wrote: > > Hi, I whipped up a patch for policyd-weight-devel. > > It adds p0f scoring support and greylisting (to be exact, user defined > postfix action) by some rules. Thanks. Looks very interesting. I will dive in. -- Robert Felber (PGP: 896CF30B) Munich, Germany Policyd-weight Mailinglist - http://www.policyd-weight.org/
***SPAM*** ***SPAM*** Re: ***SPAM*** ***SPAM*** Re: [Patch] p0f and selective greylisting
Lets hope Robert accepts the patch :) On Thu, 4 Jan 2007, Gary V wrote: > Justin wrote: > > > Yet another way to combat spam, very impressive! > > > Justin. > > > On Wed, 3 Jan 2007, Henrik Krohns wrote: > > >> > >> Hi, I whipped up a patch for policyd-weight-devel. > >> > >> It adds p0f scoring support and greylisting (to be exact, user defined > >> postfix action) by some rules. > >> > >> There are some little details missing, p0f scoring does not affect other > >> scores (maybe it would help) and greylisting decisions are not cached. I'm > >> a > >> bit too busy to check it more, so I leave it up to Robert if he wants.. > >> > >> URL: http://hege.li/policyd-weight/greylist-p0f.diff > >> > >> Cheers, > >> Henrik > >> > > So far I'm lovin' it. > > Jan 4 08:49:54 mail postfix/policydweight[3736]: weighted check: > NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 > NOT_IN_BL_NJABL=-1.5 CL_IP_NE_HELO=1.5 >RESOLVED_IP_IS_NOT_HELO=1.5 (check from: > .itripipod. - helo: .localhost. - helo-domain: .localhost.) > FROM_NOT_FAILED_HELO(DOMAIN)=3 P0F_WINXP=2 > > <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: 3.5 > > Jan 4 08:49:54 mail postfix/policydweight[3736]: decided > action=check_greylist > > Jan 4 08:49:54 mail postfix/smtpd[3733]: NOQUEUE: reject: RCPT from > ALyon-254-1-38-153.w86-193.abo.wanadoo.fr[86.193.177.153]: 450 > <[EMAIL PROTECTED]>: Recipient address rejected: >Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/example.com.html; > from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> > proto=SMTP helo= > > ~ > Jan 4 12:27:20 mail postfix/policydweight[3617]: weighted check: > NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 IN_BL_NJABL=4.25 > CL_IP_EQ_FROM_MX=-3.1 P0F_LINUX=-1 ><[EMAIL PROTECTED]> ><[EMAIL PROTECTED]>, rate: -2.85 > > Jan 4 12:27:20 mail postfix/policydweight[3617]: decided > action=check_greylist > > Gary V > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
***SPAM*** ***SPAM*** Re: [Patch] p0f and selective greylisting
Justin wrote: > Yet another way to combat spam, very impressive! > Justin. > On Wed, 3 Jan 2007, Henrik Krohns wrote: >> >> Hi, I whipped up a patch for policyd-weight-devel. >> >> It adds p0f scoring support and greylisting (to be exact, user defined >> postfix action) by some rules. >> >> There are some little details missing, p0f scoring does not affect other >> scores (maybe it would help) and greylisting decisions are not cached. I'm a >> bit too busy to check it more, so I leave it up to Robert if he wants.. >> >> URL: http://hege.li/policyd-weight/greylist-p0f.diff >> >> Cheers, >> Henrik >> So far I'm lovin' it. Jan 4 08:49:54 mail postfix/policydweight[3736]: weighted check: NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_NE_HELO=1.5 RESOLVED_IP_IS_NOT_HELO=1.5 (check from: .itripipod. - helo: .localhost. - helo-domain: .localhost.) FROM_NOT_FAILED_HELO(DOMAIN)=3 P0F_WINXP=2 <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: 3.5 Jan 4 08:49:54 mail postfix/policydweight[3736]: decided action=check_greylist Jan 4 08:49:54 mail postfix/smtpd[3733]: NOQUEUE: reject: RCPT from ALyon-254-1-38-153.w86-193.abo.wanadoo.fr[86.193.177.153]: 450 <[EMAIL PROTECTED]>: Recipient address rejected: Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/example.com.html; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=SMTP helo= ~ Jan 4 12:27:20 mail postfix/policydweight[3617]: weighted check: NOT_IN_ZEN_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 IN_BL_NJABL=4.25 CL_IP_EQ_FROM_MX=-3.1 P0F_LINUX=-1 <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>, rate: -2.85 Jan 4 12:27:20 mail postfix/policydweight[3617]: decided action=check_greylist Gary V Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: [Patch] p0f and selective greylisting
Yet another way to combat spam, very impressive! Justin. On Wed, 3 Jan 2007, Henrik Krohns wrote: > > Hi, I whipped up a patch for policyd-weight-devel. > > It adds p0f scoring support and greylisting (to be exact, user defined > postfix action) by some rules. > > There are some little details missing, p0f scoring does not affect other > scores (maybe it would help) and greylisting decisions are not cached. I'm a > bit too busy to check it more, so I leave it up to Robert if he wants.. > > URL: http://hege.li/policyd-weight/greylist-p0f.diff > > Cheers, > Henrik > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ > Policyd-weight Mailinglist - http://www.policyd-weight.org/
