p0f not working with MTA filter

This is a discussion on p0f not working with MTA filter within the Amavis User forums, part of the Anti-Spam and Anti-Virus Related Forums category; It appears the the p0f checking is only pulling the IP address of the last MTA to touch the message. ...


Go Back   Usenet Forums > Anti-Spam and Anti-Virus Related Forums > Amavis User

Reload this Page p0f not working with MTA filter

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 04-15-2006
bcrumrin@gmail.com
 
Posts: n/a
Default p0f not working with MTA filter
It appears the the p0f checking is only pulling the IP address of the
last MTA to touch the message. In my case 127.0.0.1 as I am using an
MTA filter in front of Postfix.

Is there an easy way to get amavisd-new to skip to subsequent host if
it gets is localhost?

Sample message header - MTA filter (MessageWall recieves message from
external host, passes to Postfix on 127.0.0.1, then LMTP to
amavisd-new, then back to Postfix for final destination...).
Amavisd-new's p0f check is querying 127.0.0.1 instead of the
123.123.123.123 IP.
....
Received: from localhost (localhost.localdomain [127.0.0.1])
by mx8.domain.us (Postfix) with ESMTP id B93DDD58B7D
for <brian@domain.com>; Fri, 14 Apr 2006 21:16:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at domain.us
Received: from mx8.domain.us ([127.0.0.1])
by localhost (domain.com [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id gG0kBzQ9y24B for <brian@domain.com>;
Fri, 14 Apr 2006 21:16:38 -0700 (PDT)
Received: from mx8.domain.us (localhost.localdomain [127.0.0.1])
by mx8.domain.us (Postfix) with ESMTP id 60ACFD58B7C
for <brian@crumrine.net>; Fri, 14 Apr 2006 21:16:38 -0700 (PDT)
X-MessageWall-Score: 0 (mx8.domain.us)
Received: from [123.123.123.123] by mx8.domain.us (MessageWall 1.0.8)
with SMTP; 15 Apr 2006 04:16:38 -0000
Received: from domain.net ([127.0.0.9]) by domain.com for
<brian@domain.net>; Fri, 14 Apr 2006 21:15:17 -0700
Message-Id: <1145074517.26548@domain.net>

Sample of the debug from amavisd-new:
Apr 14 21:15:26 southbay amavis[1556]: (01556-01-40) Fingerprint
collect: max_wait=0.000, 127.0.0.1 QzrH+8hVX6fS \r\n... =>
Apr 14 21:15:28 southbay amavis[1557]: (01557-01-5) Fingerprint
collect: max_wait=0.000, 127.0.0.1 hNT+t9KWKK1S \r\n... =>
Apr 14 21:15:28 southbay amavis[1557]: (01557-01-6) Fingerprint
collect: max_wait=0.000, 127.0.0.1 ucxyDkYx3uqp \r\n... =>
Apr 14 21:15:31 southbay amavis[1561]: (01561-01) Fingerprint collect:
max_wait=0.000, 127.0.0.1 zQfv9Aa6Ldw4 \r\n... =>
Apr 14 21:15:32 southbay amavis[1557]: (01557-01-7) Fingerprint
collect: max_wait=0.000, 127.0.0.1 5b+PEBn5ZT9x \r\n... =>

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 09:10 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0