Brian wrote: > On 1/2/07, Gary V <[EMAIL PROTECTED]> wrote: >> I installed maRBL 1.1 on a Debian system and it appears to be >> working. Oddly however the log output looks like: >> >> marbl: p0f query: %s port=%s %s %s >> marbl: p0f collect: max_wait=%.3f, %.35s... => %s >> marbl: Action for %s (%s => %s): %s >> >> As opposed to a Fedora system: >> marbl: p0f query: 127.0.0.1 port=2345 192.168.1.41 43130150 >> marbl: p0f collect: max_wait=0.050, 192.168.1.41 43130150 Windows XP/20... >> => Windows XP/2000 (RFC1323+, w+, tstamp-) [GENERIC] Signature: >> [10384:128:1:52:M1380,N,W1,N,N,S:.:Windows:?], (distance >> 0, link: GPRS, T1, FreeS/WAN) >> marbl: Action for 192.168.1.41 ([EMAIL PROTECTED] => [EMAIL PROTECTED]): >> greylisting >> >> any Perl gurus see the reason? I changed p0f from version 2.0.5 to >> 2.0.8 but that did not make a difference. >>
> I had the same problem. I am not sure where the incompatibility lies. > Since I couldnt find it, I modified maRBL so that every log method > call looks like: $self->>{net_server}->log(2, sprintf("Hit on RBLs: %s", $nicelist)); > Notice the sprintf. The manual page for Net::Server man page says you > can pass extra arguments to the log method and have them interpolated > such as: > $self->log(1, "My Message with %s in it", "Foo"); > # sends "My Message with %s in it", "Foo" to syslog > But this doesnt work on my Debian system as well. > In the end I do not suggest you use maRBL. I recently posted on the > spamassassin and Postfix mailing list as to why I was running out of > smtpd processes with maRBL. Michael Hall replied to me privately and > informed me that maRBL uses the Net::Server::Multiplex personality and > it has a tendency to block. > From the Net::Server::Multiplex man page: > This personality is designed to handle multiple connections all within > one process. It should only be used with protocols that are guaranteed > to be able to respond quickly on a packet by packet basis. If > determining a response could take a while or an unknown period of > time, all other connections established will block until the response > completes. If this condition might ever occur, this personality should > probably not be used. > Michael did give me his rewritten version which is called by the > Postfix spawn(8) daemon. I recall him saying that he wanted to make it > daemonized, but this version has been in production at my site for > some time now without any problems. > Attached is the 'greylist_rbl' that Michael gave me. In your master.cf add > # Greylist based on RBL and p0f > greylist_rbl unix - n n - - spawn > user=nobody argv=/usr/bin/perl /usr/local/sbin/greylist_rbl > and to your main.cf add > smtpd_recipient_restrictions = > ... > check_policy_service unix:private/greylist_rbl > ... > Tailor these configuration changes and the 'greylist_rbl' to your > needs. This script still requires the p0f-analyzer to be running just > like maRBL does. Thanks Michael and Brian. Do you get these also when it tries to perform RBL checks? fatal: alarm time out at /usr/local/share/perl/5.8.4/Net/RBLClient.pm line 85. Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/