Brian wrote:
> On 1/2/07, Gary V <[EMAIL PROTECTED]> wrote:
>> I installed maRBL 1.1 on a Debian system and it appears to be
>> working. Oddly however the log output looks like:
>>
>> marbl: p0f query: %s port=%s %s %s
>> marbl: p0f collect: max_wait=%.3f, %.35s... => %s
>> marbl: Action for %s (%s => %s): %s
>>
>> As opposed to a Fedora system:
>> marbl: p0f query: 127.0.0.1 port=2345 192.168.1.41 43130150
>> marbl: p0f collect: max_wait=0.050, 192.168.1.41 43130150 Windows XP/20...
>> => Windows XP/2000 (RFC1323+, w+, tstamp-) [GENERIC] Signature:
>> [10384:128:1:52:M1380,N,W1,N,N,S:.:Windows:?], (distance
>> 0, link: GPRS, T1, FreeS/WAN)
>> marbl: Action for 192.168.1.41 ([EMAIL PROTECTED] => [EMAIL PROTECTED]):
>> greylisting
>>
>> any Perl gurus see the reason? I changed p0f from version 2.0.5 to
>> 2.0.8 but that did not make a difference.
>>
> I had the same problem. I am not sure where the incompatibility lies.
> Since I couldnt find it, I modified maRBL so that every log method
> call looks like:
$self->>{net_server}->log(2, sprintf("Hit on RBLs: %s", $nicelist));
> Notice the sprintf. The manual page for Net::Server man page says you
> can pass extra arguments to the log method and have them interpolated
> such as:
> $self->log(1, "My Message with %s in it", "Foo");
> # sends "My Message with %s in it", "Foo" to syslog
> But this doesnt work on my Debian system as well.
> In the end I do not suggest you use maRBL. I recently posted on the
> spamassassin and Postfix mailing list as to why I was running out of
> smtpd processes with maRBL. Michael Hall replied to me privately and
> informed me that maRBL uses the Net::Server::Multiplex personality and
> it has a tendency to block.
> From the Net::Server::Multiplex man page:
> This personality is designed to handle multiple connections all within
> one process. It should only be used with protocols that are guaranteed
> to be able to respond quickly on a packet by packet basis. If
> determining a response could take a while or an unknown period of
> time, all other connections established will block until the response
> completes. If this condition might ever occur, this personality should
> probably not be used.
> Michael did give me his rewritten version which is called by the
> Postfix spawn(8) daemon. I recall him saying that he wanted to make it
> daemonized, but this version has been in production at my site for
> some time now without any problems.
> Attached is the 'greylist_rbl' that Michael gave me. In your master.cf add
> # Greylist based on RBL and p0f
> greylist_rbl unix - n n - - spawn
> user=nobody argv=/usr/bin/perl /usr/local/sbin/greylist_rbl
> and to your main.cf add
> smtpd_recipient_restrictions =
> ...
> check_policy_service unix:private/greylist_rbl
> ...
> Tailor these configuration changes and the 'greylist_rbl' to your
> needs. This script still requires the p0f-analyzer to be running just
> like maRBL does.
Thanks Michael and Brian. Do you get these also when it tries to
perform RBL checks?
fatal: alarm time out at /usr/local/share/perl/5.8.4/Net/RBLClient.pm line 85.
Gary V
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
