$os_fingerprint_method and multiple servers

btb listsb-amavis at bitrate.net
Mon Jul 14 22:30:02 CEST 2014

On 2014.07.11 07.36, Mark Martinec wrote:
> If you supply an asterisk '*' in place of an IP address
> in the setting of $os_fingerprint_method, it will be
> replaced by an IP address from which a connection
> to amavisd was received, i.e. your MX MTA. So the
> p0f query from amavisd will connect to a p0f service
> on your MTA which supplied the message currently being
> processed.

thanks for this.  if set the following:

my $p0f_analyzer_port = '10032';
$os_fingerprint_method = "p0f:*:$p0f_analyzer_port";

amavis logs this message:

Jul 14 15:56:34 mfa amavis[5329]: (05329-04) (!!)TROUBLE in check_mail: 
os_fingerprint FAILED: Fingerprint bad IP address: ::ffff: at 
(eval 137) line 45, <GEN43> line 40.

mail arrives from and

if i set:

$os_fingerprint_method = "p0f:$p0f_analyzer_port";

amavis seems to work as expected, and with tshark i see traffic arriving 
at, so i believe the other bits are working properly.

i know that ::ffff: is an ipv4 mapped ipv6 address, but how can 
i troubleshoot this further?


More information about the amavis-users mailing list