$os_fingerprint_method and multiple servers
btb
listsb-amavis at bitrate.net
Mon Jul 14 22:30:02 CEST 2014
On 2014.07.11 07.36, Mark Martinec wrote:
> If you supply an asterisk '*' in place of an IP address
> in the setting of $os_fingerprint_method, it will be
> replaced by an IP address from which a connection
> to amavisd was received, i.e. your MX MTA. So the
> p0f query from amavisd will connect to a p0f service
> on your MTA which supplied the message currently being
> processed.
thanks for this. if set the following:
my $p0f_analyzer_port = '10032';
$os_fingerprint_method = "p0f:*:$p0f_analyzer_port";
amavis logs this message:
Jul 14 15:56:34 mfa amavis[5329]: (05329-04) (!!)TROUBLE in check_mail:
os_fingerprint FAILED: Fingerprint bad IP address: ::ffff:10.3.70.5 at
(eval 137) line 45, <GEN43> line 40.
mail arrives from 10.3.70.5 and 10.3.70.6.
if i set:
$os_fingerprint_method = "p0f:10.3.70.5:$p0f_analyzer_port";
amavis seems to work as expected, and with tshark i see traffic arriving
at 10.3.70.5, so i believe the other bits are working properly.
i know that ::ffff:10.3.70.5 is an ipv4 mapped ipv6 address, but how can
i troubleshoot this further?
-ben
More information about the amavis-users
mailing list